Code Review
/
ta
/
caas-security.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
| inline |
side by side
Capability update
[ta/caas-security.git]
/
rbac_manifests
/
caas-infra-psp.yaml
diff --git
a/rbac_manifests/caas-infra-psp.yaml
b/rbac_manifests/caas-infra-psp.yaml
index
8392e87
..
96105ac
100644
(file)
--- a/
rbac_manifests/caas-infra-psp.yaml
+++ b/
rbac_manifests/caas-infra-psp.yaml
@@
-41,6
+41,8
@@
spec:
rule: RunAsAny
allowedCapabilities:
- NET_BIND_SERVICE
+ - SETGID
+ - SETUID
- ALL
- IPC_LOCK
- SYS_RESOURCE