diff --git a/drivers/shared/capabilities/defaults.go b/drivers/shared/capabilities/defaults.go index bca4cc6ca258..6323590a7a89 100644 --- a/drivers/shared/capabilities/defaults.go +++ b/drivers/shared/capabilities/defaults.go @@ -7,7 +7,7 @@ import ( "fmt" "regexp" - "github.com/syndtr/gocapability/capability" + "github.com/moby/sys/capability" ) const ( @@ -40,18 +40,9 @@ func NomadDefaults() *Set { func Supported() *Set { s := New(nil) - last := capability.CAP_LAST_CAP - - // workaround for RHEL6 which has no /proc/sys/kernel/cap_last_cap - if last == capability.Cap(63) { - last = capability.CAP_BLOCK_SUSPEND - } - + list, _ := capability.ListSupported() // accumulate every capability supported by this system - for _, c := range capability.List() { - if c > last { - continue - } + for _, c := range list { s.Add(c.String()) } diff --git a/drivers/shared/executor/executor.go b/drivers/shared/executor/executor.go index 6f24226607c6..e7d409d981ca 100644 --- a/drivers/shared/executor/executor.go +++ b/drivers/shared/executor/executor.go @@ -27,7 +27,7 @@ import ( cstructs "github.com/hashicorp/nomad/client/structs" "github.com/hashicorp/nomad/drivers/shared/executor/procstats" "github.com/hashicorp/nomad/plugins/drivers" - "github.com/syndtr/gocapability/capability" + "github.com/moby/sys/capability" ) const ( @@ -778,15 +778,8 @@ func makeExecutable(binPath string) error { // SupportedCaps returns a list of all supported capabilities in kernel. func SupportedCaps(allowNetRaw bool) []string { var allCaps []string - last := capability.CAP_LAST_CAP - // workaround for RHEL6 which has no /proc/sys/kernel/cap_last_cap - if last == capability.Cap(63) { - last = capability.CAP_BLOCK_SUSPEND - } - for _, cap := range capability.List() { - if cap > last { - continue - } + list, _ := capability.ListSupported() + for _, cap := range list { if !allowNetRaw && cap == capability.CAP_NET_RAW { continue } diff --git a/go.mod b/go.mod index 822fa49058fe..63b391767d02 100644 --- a/go.mod +++ b/go.mod @@ -105,6 +105,7 @@ require ( github.com/mitchellh/mapstructure v1.5.0 github.com/mitchellh/pointerstructure v1.2.1 github.com/mitchellh/reflectwalk v1.0.2 + github.com/moby/sys/capability v0.3.0 github.com/moby/sys/mount v0.3.3 github.com/moby/sys/mountinfo v0.7.1 github.com/moby/term v0.5.0 @@ -123,7 +124,6 @@ require ( github.com/shoenig/go-m1cpu v0.1.6 github.com/shoenig/test v1.11.0 github.com/stretchr/testify v1.9.0 - github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 github.com/zclconf/go-cty v1.13.0 github.com/zclconf/go-cty-yaml v1.0.3 go.etcd.io/bbolt v1.3.9 @@ -277,6 +277,7 @@ require ( github.com/softlayer/softlayer-go v0.0.0-20180806151055-260589d94c7d // indirect github.com/spf13/cast v1.5.0 // indirect github.com/stretchr/objx v0.5.2 // indirect + github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect github.com/tencentcloud/tencentcloud-sdk-go v1.0.162 // indirect github.com/tj/go-spin v1.1.0 // indirect github.com/tklauser/go-sysconf v0.3.12 // indirect diff --git a/go.sum b/go.sum index 904101d4a336..5d699e1d1a48 100644 --- a/go.sum +++ b/go.sum @@ -901,6 +901,8 @@ github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zx github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= +github.com/moby/sys/capability v0.3.0 h1:kEP+y6te0gEXIaeQhIi0s7vKs/w0RPoH1qPa6jROcVg= +github.com/moby/sys/capability v0.3.0/go.mod h1:4g9IK291rVkms3LKCDOoYlnV8xKwoDTpIrNEE35Wq0I= github.com/moby/sys/mount v0.3.3 h1:fX1SVkXFJ47XWDoeFW4Sq7PdQJnV2QIDZAqjNqgEjUs= github.com/moby/sys/mount v0.3.3/go.mod h1:PBaEorSNTLG5t/+4EgukEQVlAvVEc6ZjTySwKdqp5K0= github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI=