Adding linux capabilities via CDI specification #243
Comments
|
I believe the discussion in #55 is related, |
|
Yes this is exactly it. I somehow missed that. I will join the discussion there. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I would like to give a container access to some host resource. And I am thinking about modeling this as a CDI resource as I think it is a very good fit to manage this exclusive access resources. I think with the environment variables and the mounts I have most of what is needed. The only thing missing is that I need to also give the container an additional capability (NET_RAW) which is not available by default in podman. I could provide it to the runtime as a separate parameter, but this means I need to know that I need to add the capability when assigning the CDI resource to a container.
I was thinking if it makes sense to also specify required capabilities in a CDI spec file. So, the container runtime can automatically assign them if permitted by the host runtime.
The text was updated successfully, but these errors were encountered: