Skip to content
This repository has been archived by the owner on Mar 22, 2024. It is now read-only.

Failed to run the elf file after change capability #5

Open
fripSide opened this issue Aug 11, 2022 · 0 comments
Open

Failed to run the elf file after change capability #5

fripSide opened this issue Aug 11, 2022 · 0 comments

Comments

@fripSide
Copy link

fripSide commented Aug 11, 2022
edited
Loading

Hi, after change the capability, I cannot execute the binary anymore.
It seems that we cannot set the capabiltities lager than the bash and init process of the docker?
Does anything go wrong?

Here is my detailed operations.
Change the capability of the elf for dockerfile:

FROM ubuntu:20.04

RUN mkdir -p /work/
COPY setcap /bin/
COPY getcap /bin/
COPY elf_test /work/
WORKDIR /work/
RUN setcap cap_sys_admin+ep elf_test

Run the docker:

docker build -t dev:v1 .
docker run --rm -it --name dev_test dev:v1 bash 
root@9156b2c0ce2d:/work# getcap elf_test
elf_test = cap_sys_admin+ep
root@9156b2c0ce2d:/work# ./elf_test
bash: ./elf_test: Operation not permitted
@fripSide fripSide changed the title Failed to launch elf after change capability Failed to run the elf file after change capability Aug 11, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fripSide