mirror of
https://github.com/opencontainers/runc.git
synced 2025-10-25 08:33:02 +08:00
049a5f76cf
In runtime-spec, capabilities property is optional, but libcontainer/capabilities panics when New(nil) is called. Because of this, there's a kludge in finalizeNamespace to ensure capabilities.New is not called with nil argument, and there's a TestProcessEmptyCaps to ensure runc won't panic. Let's fix this at the source, allowing libct/cap to work with nil capabilities. (The caller is fixed by the next commit.) Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>