explicitly add container capablilities
This commit is contained in:
parent
18ffc84379
commit
4267e56c71
14
new_image.sh
14
new_image.sh
|
@ -50,7 +50,19 @@ docker build \
|
||||||
|
|
||||||
rm image/pubkey
|
rm image/pubkey
|
||||||
echo "Starting container..."
|
echo "Starting container..."
|
||||||
container_id="$(docker run -p $user_sshd_port:$user_sshd_port -h slbr -d "slbr:$username")"
|
container_id="$(
|
||||||
|
docker run \
|
||||||
|
--cap-drop ALL \
|
||||||
|
--cap-add AUDIT_WRITE \
|
||||||
|
--cap-add CHOWN \
|
||||||
|
--cap-add SETGID \
|
||||||
|
--cap-add SETPCAP \
|
||||||
|
--cap-add SETUID \
|
||||||
|
--cap-add SYS_CHROOT \
|
||||||
|
-p $user_sshd_port:$user_sshd_port \
|
||||||
|
-h slbr \
|
||||||
|
-d "slbr:$username"
|
||||||
|
)"
|
||||||
container_ip="$(
|
container_ip="$(
|
||||||
docker container inspect "$container_id" \
|
docker container inspect "$container_id" \
|
||||||
| jq '.[0].NetworkSettings.Networks.bridge.IPAddress'
|
| jq '.[0].NetworkSettings.Networks.bridge.IPAddress'
|
||||||
|
|
Loading…
Reference in New Issue