kas-docker: Podman: Update podman flags to make isar builds working

The --permissive and --cap-add options are conflicting for podman. --permissive tells podman to enable all capabilities so additional --cap-add options are not allowed / supported. Signed-off-by: Florian Bezdeka <florian@bezdeka.de> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2020-07-14 18:20:32 +02:00 · 2020-07-14 18:20:32 +02:00 · 7ac9debaff
commit 7ac9debaff
parent 1688d60177
1 changed files with 11 additions and 4 deletions
--- a/15
+++ b/15
@ -106,12 +106,19 @@ while [ $# -gt 0 ]; do
 	case "$1" in
 	--isar)
 		DOCKER_IMAGE="$(echo "${DOCKER_IMAGE}" | sed 's|kasproject/kas|kasproject/kas-isar|g')"
-		ISAR_ARGS="--cap-add=SYS_ADMIN --cap-add=MKNOD --privileged"
+		ISAR_ARGS="--privileged"

-		# sudo is needed for a privileged podman container
-		if [ "${KAS_DOCKER_ENGINE}" = "podman" ]; then
+		case "${KAS_DOCKER_ENGINE}" in
+		docker)
+			ISAR_ARGS="${ISAR_ARGS} --cap-add=SYS_ADMIN"
+			ISAR_ARGS="${ISAR_ARGS} --cap-add=MKNOD"
+			;;
+		podman)
+			# sudo is needed for a privileged podman container
 			DOCKER_COMMAND="sudo ${DOCKER_COMMAND}"
-		fi
+			;;
+		esac
+
 		shift 1
 		;;
 	--with-loop-dev)