libcontainer/capabilities_linux: Drop os.Getpid() call

gocapability has supported 0 as "the current PID" since syndtr/gocapability@5e7cce49 (Allow to use the zero value for pid to operate with the current task, 2015-01-15, syndtr/gocapability#2). libcontainer was ported to that approach in 444cc298 (namespaces: allow to use pid namespace without mount namespace, 2015-01-27, docker/libcontainer#358), but the change was clobbered by 22df5551 (Merge branch 'master' into api, 2015-02-19, docker/libcontainer#388) which landed via 5b73860e (Merge pull request #388 from docker/api, 2015-02-19, docker/libcontainer#388). This commit restores the changes from 444cc298. Signed-off-by: W. Trevor King <wking@tremily.us>
2018-02-19 15:23:56 -08:00 · 2018-02-19 15:23:56 -08:00 · 50dc7ee96c
parent a618ab5a01
commit 50dc7ee96c
2 changed files with 2 additions and 3 deletions
--- a/libcontainer/capabilities_linux.go
+++ b/libcontainer/capabilities_linux.go
@ -4,7 +4,6 @@ package libcontainer
 import (
 	"fmt"
 	"os"
 	"strings"
 	"github.com/opencontainers/runc/libcontainer/configs"
@ -72,7 +71,7 @@ func newContainerCapList(capConfig *configs.Capabilities) (*containerCapabilitie
 		}
 		ambient = append(ambient, v)
 	}
-	pid, err := capability.NewPid(os.Getpid())
+	pid, err := capability.NewPid(0)
 	if err != nil {
 		return nil, err
 	}
--- a/libcontainer/container_linux.go
+++ b/libcontainer/container_linux.go
@ -1804,7 +1804,7 @@ func (c *linuxContainer) bootstrapData(cloneFlags uintptr, nsMaps map[configs.Na
 			// The following only applies if we are root.
 			if !c.config.Rootless {
 				// check if we have CAP_SETGID to setgroup properly
-				pid, err := capability.NewPid(os.Getpid())
+				pid, err := capability.NewPid(0)
 				if err != nil {
 					return nil, err
 				}