From 58c4c120a883e998e0981ebe678b67aaa0902b6e Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn <github@gone.nl> Date: Sat, 19 Sep 2020 14:52:32 +0200 Subject: [PATCH] oci/caps: simplify, and remove types that were not needed The `CapabilityMapping` and `Capabilities` types appeared to be only used locally, and added unneeded complexity. This patch removes those types, and simplifies the logic to use a map that maps names to `capability.Cap`s Signed-off-by: Sebastiaan van Stijn <github@gone.nl> --- oci/caps/utils.go | 36 +++++++++++------------------------- 1 file changed, 11 insertions(+), 25 deletions(-) diff --git a/oci/caps/utils.go b/oci/caps/utils.go index 8e25ae9274..8e71bf3840 100644 --- a/oci/caps/utils.go +++ b/oci/caps/utils.go @@ -9,15 +9,22 @@ import ( ) var ( - allCaps []string - capabilityList Capabilities + allCaps []string + + // capabilityList maps linux capability name to its value of capability.Cap + // type. This list contains nil entries for capabilities that are known, but + // not supported by the current kernel. + // Capabilities is one of the security systems in Linux Security Module (LSM) + // framework provided by the kernel. + // For more details on capabilities, see http://man7.org/linux/man-pages/man7/capabilities.7.html + capabilityList map[string]*capability.Cap ) func init() { last := capability.CAP_LAST_CAP rawCaps := capability.List() allCaps = make([]string, min(int(last+1), len(rawCaps))) - capabilityList = make(Capabilities, min(int(last+1), len(rawCaps))) + capabilityList = make(map[string]*capability.Cap, len(rawCaps)) for i, c := range rawCaps { capName := "CAP_" + strings.ToUpper(c.String()) if c > last { @@ -25,10 +32,7 @@ func init() { continue } allCaps[i] = capName - capabilityList[capName] = &CapabilityMapping{ - Key: capName, - Value: c, - } + capabilityList[capName] = &c } } @@ -39,24 +43,6 @@ func min(a, b int) int { return b } -type ( - // CapabilityMapping maps linux capability name to its value of capability.Cap type - // Capabilities is one of the security systems in Linux Security Module (LSM) - // framework provided by the kernel. - // For more details on capabilities, see http://man7.org/linux/man-pages/man7/capabilities.7.html - CapabilityMapping struct { - Key string `json:"key,omitempty"` - Value capability.Cap `json:"value,omitempty"` - } - // Capabilities contains all CapabilityMapping - Capabilities map[string]*CapabilityMapping -) - -// String returns <key> of CapabilityMapping -func (c *CapabilityMapping) String() string { - return c.Key -} - // GetAllCapabilities returns all of the capabilities func GetAllCapabilities() []string { return allCaps