Browse Source

explicitly add container capablilities

main
sose 1 month ago
parent
commit
4267e56c71
  1. 14
      new_image.sh

14
new_image.sh

@ -50,7 +50,19 @@ docker build \
rm image/pubkey
echo "Starting container..."
container_id="$(docker run -p $user_sshd_port:$user_sshd_port -h slbr -d "slbr:$username")"
container_id="$(
docker run \
--cap-drop ALL \
--cap-add AUDIT_WRITE \
--cap-add CHOWN \
--cap-add SETGID \
--cap-add SETPCAP \
--cap-add SETUID \
--cap-add SYS_CHROOT \
-p $user_sshd_port:$user_sshd_port \
-h slbr \
-d "slbr:$username"
)"
container_ip="$(
docker container inspect "$container_id" \
| jq '.[0].NetworkSettings.Networks.bridge.IPAddress'

Loading…
Cancel
Save