sbrl/docker-images
sbrl/docker-images
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

gossa/run.sh: fix setcap error

Browse source 
Exact error message was `setpriv: libcap-ng is too old for "all" caps`

Ref https://github.com/SinusBot/docker/pull/40
This commit is contained in:
Starbeamrainbowlabs 2021-04-02 02:35:38 +01:00
parent e3e5ea068a
commit 19856f4f69
Signed by: sbrl
GPG key ID: 1BE5172E637709C2
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
images/gossa/run.sh
View file

@ -18,6 +18,13 @@ echo "[core] Running as uid = ${GOSSA_UID} gid = ${GOSSA_GID} port = ${NOMAD_POR
cd "/mnt" || { echo "Failed to cd into /mnt"; exit 1; };
setpriv --inh-caps=-all --reuid "${GOSSA_UID}" --clear-groups --regid "${GOSSA_GID}" /usr/local/bin/gossa -h '[::]' -p "${NOMAD_PORT_GOSSA}" /mnt;
# Ref https://github.com/SinusBot/docker/pull/40
# WORKAROUND for `setpriv: libcap-ng is too old for "all" caps`, previously "-all" was used here
# create a list to drop all capabilities supported by current kernel
cap_prefix="-cap_";
caps="$cap_prefix$(seq -s ",$cap_prefix" 0 "$(cat /proc/sys/kernel/cap_last_cap)")";
setpriv --inh-caps="${caps}" --reuid "${GOSSA_UID}" --clear-groups --regid "${GOSSA_GID}" /usr/local/bin/gossa -h '[::]' -p "${NOMAD_PORT_GOSSA}" /mnt;
echo "[core] Ending";