From 2e6d31388697ded45bcf263a98a18a625457d94a Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Thu, 27 Feb 2025 12:35:25 +0000
Subject: T7204: Container add capability MKNOD

---
 interface-definitions/container.xml.in | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'interface-definitions')

diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in
index 65ac99e12..5c320e8c6 100644
--- a/interface-definitions/container.xml.in
+++ b/interface-definitions/container.xml.in
@@ -31,7 +31,7 @@
             <properties>
               <help>Grant individual Linux capability to container instance</help>
               <completionHelp>
-                <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-nice sys-time</list>
+                <list>net-admin net-bind-service net-raw mknod setpcap sys-admin sys-module sys-nice sys-time</list>
               </completionHelp>
               <valueHelp>
                 <format>net-admin</format>
@@ -45,6 +45,10 @@
                 <format>net-raw</format>
                 <description>Permission to create raw network sockets</description>
               </valueHelp>
+              <valueHelp>
+                <format>mknod</format>
+                <description>Permission to create special files</description>
+              </valueHelp>
               <valueHelp>
                 <format>setpcap</format>
                 <description>Capability sets (from bounded or inherited set)</description>
@@ -66,7 +70,7 @@
                 <description>Permission to set system clock</description>
               </valueHelp>
               <constraint>
-                <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-nice|sys-time)</regex>
+                <regex>(net-admin|net-bind-service|net-raw|mknod|setpcap|sys-admin|sys-module|sys-nice|sys-time)</regex>
               </constraint>
               <multi/>
             </properties>
-- 
cgit v1.2.3