Repository: mesos Updated Branches: refs/heads/master 71e2821ef -> 4e8a23411
Added support for reading out the bounding capability set. Review: https://reviews.apache.org/r/51043/ Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/4e8a2341 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/4e8a2341 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/4e8a2341 Branch: refs/heads/master Commit: 4e8a234114dffb2618d8d6131a9e6d2f7a13117f Parents: 71e2821 Author: Benjamin Bannier <benjamin.bann...@mesosphere.io> Authored: Thu Aug 25 13:19:56 2016 -0700 Committer: Jie Yu <yujie....@gmail.com> Committed: Thu Aug 25 13:19:56 2016 -0700 ---------------------------------------------------------------------- src/linux/capabilities.cpp | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/4e8a2341/src/linux/capabilities.cpp ---------------------------------------------------------------------- diff --git a/src/linux/capabilities.cpp b/src/linux/capabilities.cpp index 4faad16..67ade40 100644 --- a/src/linux/capabilities.cpp +++ b/src/linux/capabilities.cpp @@ -223,7 +223,17 @@ Try<ProcessCapabilities> Capabilities::get() const capabilities.set(PERMITTED, toCapabilitySet(payload.permitted())); capabilities.set(INHERITABLE, toCapabilitySet(payload.inheritable())); - // TODO(jojy): Add support for BOUNDING capabilities. + Set<Capability> bounding; + + // TODO(bbannier): Parse bounding set from the `CapBnd` entry in + // `/proc/self/status`. + for (int i = 0; i <= lastCap; i++) { + if (prctl(PR_CAPBSET_READ, i) == 1) { + bounding.insert(Capability(i)); + } + } + + capabilities.set(BOUNDING, bounding); return capabilities; }
