Skip to content

v0.8.0: File capability fixup
Compare
Choose a tag to compare
@antheas antheas released this 04 Aug 21:42
· 35 commits to master since this release
v0.8.0
a667778
This commit was signed with the committer’s verified signature.
antheas Antheas Kapenekakis
GPG key ID: EF34000BBBE32D2A
Verified
Learn about vigilant mode.

Turns out there is a loss of file capabilities from the base image. This makes e.g., podman rootless unable to run.

Manually quirk those bins until we figure out the source of this.

It seems programs installed through the container maintain their file capabilities though.

bash-5.2# getcap /usr/bin/*         
/usr/bin/gamescope cap_sys_nice=eip

Full Changelog: v0.7.4...v0.8.0

Assets 2
Loading