slimtoolkit / slim

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

Apache License 2.0

19.32k stars 724 forks source link

how to pass or preserve network capabilities on files from original docker image ? #676

Closed batilak closed 4 months ago

batilak commented 5 months ago

Expected Behavior

Files copied into slim image must retain network capabilities set in source image

Actual Behavior

The app runs fine with source image

With target slim image it gives belwo error

"caps error: capset failure: Operation not permitted (os error 1)"

Steps to Reproduce the Problem

using debian 11

RUN setcap 'cap_net_raw,cap_setpcap=p' "/appdir/app" USER=1000

Specifications

Version:
Platform: amd64 Debian11 bullseye-clim (base image)

batilak commented 4 months ago

the things worked for me after deleting the sensor volume

kcq commented 4 months ago

@batilak what version are you using? and just to double check... was it the sensor docker volume for the older version of the app or was it the current version you were using or did you delete all versions of the sensor volume?