2014-07-10 22:11:35 +00:00
|
|
|
package execdriver
|
|
|
|
|
2014-07-10 22:31:01 +00:00
|
|
|
import (
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/docker/libcontainer/security/capabilities"
|
|
|
|
"github.com/dotcloud/docker/utils"
|
|
|
|
)
|
2014-07-10 22:11:35 +00:00
|
|
|
|
|
|
|
func TweakCapabilities(basics, adds, drops []string) []string {
|
|
|
|
var caps []string
|
2014-07-10 23:02:39 +00:00
|
|
|
|
|
|
|
if utils.StringsContainsNoCase(adds, "all") {
|
|
|
|
basics = capabilities.GetAllCapabilities()
|
|
|
|
}
|
|
|
|
|
2014-07-10 22:31:01 +00:00
|
|
|
if !utils.StringsContainsNoCase(drops, "all") {
|
|
|
|
for _, cap := range basics {
|
|
|
|
if !utils.StringsContainsNoCase(drops, cap) {
|
|
|
|
caps = append(caps, cap)
|
|
|
|
}
|
2014-07-10 22:11:35 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, cap := range adds {
|
2014-07-10 22:31:01 +00:00
|
|
|
if strings.ToLower(cap) == "all" {
|
2014-07-10 23:02:39 +00:00
|
|
|
continue
|
2014-07-10 22:31:01 +00:00
|
|
|
}
|
|
|
|
if !utils.StringsContainsNoCase(caps, cap) {
|
2014-07-10 22:11:35 +00:00
|
|
|
caps = append(caps, cap)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return caps
|
|
|
|
}
|