refactor(libcontainer): rename to CapabilitiesMask

The Capabilities field on libcontainer is actually used as a mask. Rename the field so that this is more clear. Docker-DCO-1.1-Signed-off-by: Brandon Philips <brandon.philips@coreos.com> (github: philips)
2014-03-17 10:16:34 -07:00 · 2014-03-17 10:16:34 -07:00 · 823b293164
parent d20dc11cbe
commit 823b293164
4 changed files with 19 additions and 19 deletions
--- a/README.md
+++ b/README.md
@ -40,7 +40,7 @@ Sample `container.json` file:
      "HOSTNAME=11bb30683fb0",
      "TERM=xterm"
   ],
-   "capabilities" : [
+   "capabilities_mask" : [
      "SETPCAP",
      "SYS_MODULE",
      "SYS_RAWIO",
--- a/capabilities/capabilities.go
+++ b/capabilities/capabilities.go
@ -9,7 +9,7 @@ import (
 // DropCapabilities drops capabilities for the current process based
 // on the container's configuration.
 func DropCapabilities(container *libcontainer.Container) error {
-	if drop := getCapabilities(container); len(drop) > 0 {
+	if drop := getCapabilitiesMask(container); len(drop) > 0 {
 		c, err := capability.NewPid(os.Getpid())
 		if err != nil {
 			return err
@ -23,10 +23,10 @@ func DropCapabilities(container *libcontainer.Container) error {
 	return nil
 }

-// getCapabilities returns the specific cap values for the libcontainer types
-func getCapabilities(container *libcontainer.Container) []capability.Cap {
+// getCapabilitiesMask returns the specific cap mask values for the libcontainer types
+func getCapabilitiesMask(container *libcontainer.Container) []capability.Cap {
 	drop := []capability.Cap{}
-	for _, c := range container.Capabilities {
+	for _, c := range container.CapabilitiesMask {
 		drop = append(drop, c.Value)
 	}
 	return drop
--- a/container.go
+++ b/container.go
@ -19,7 +19,7 @@ type Container struct {
 	Env              []string        `json:"environment,omitempty"`       // environment to set
 	Tty              bool            `json:"tty,omitempty"`               // setup a proper tty or not
 	Namespaces       Namespaces      `json:"namespaces,omitempty"`        // namespaces to apply
-	Capabilities Capabilities    `json:"capabilities,omitempty"`  // capabilities to drop
+	CapabilitiesMask Capabilities    `json:"capabilities_mask,omitempty"` // capabilities to drop
 	Networks         []*Network      `json:"networks,omitempty"`          // nil for host's network stack
 	Cgroups          *cgroups.Cgroup `json:"cgroups,omitempty"`           // cgroups
 	Context          Context         `json:"context,omitempty"`           // generic context for specific options (apparmor, selinux)
--- a/container.json
+++ b/container.json
@ -14,7 +14,7 @@
        "NEWUTS",
        "NEWNET"
    ],
-    "capabilities": [
+    "capabilities_mask": [
        "SETPCAP",
        "SYS_MODULE",
        "SYS_RAWIO",