Don't set capabilities in priviledge mode

When priviledge mode is set, don't add any capabilities as they are included. Use 1.6.4 podman because 2.0.5 rootless doesn't work with systemd [1] Disable Selinux on host. [1] https://github.com/containers/podman/issues/8965 Closes-Bug: #1910970 Change-Id: I73ac1c405e8a3539937a5578bb003cba0b935d94
2021-01-14 12:50:11 +02:00
parent 0f6207f9df
commit c90b0ea4e6
20 changed files with 11 additions and 46 deletions
--- a/tripleo_ansible/roles/tripleo_ovs_dpdk/molecule/default/molecule.yml
+++ b/tripleo_ansible/roles/tripleo_ovs_dpdk/molecule/default/molecule.yml
@@ -16,8 +16,6 @@ platforms:
      http_proxy: "{{ lookup('env', 'http_proxy') }}"
      https_proxy: "{{ lookup('env', 'https_proxy') }}"
    command: /sbin/init
-    capabilities:
-      - ALL
    volumes:
      - /run/udev:/run/udev:ro
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
@@ -36,8 +34,6 @@ platforms:
      http_proxy: "{{ lookup('env', 'http_proxy') }}"
      https_proxy: "{{ lookup('env', 'https_proxy') }}"
    command: /sbin/init
-    capabilities:
-      - ALL
    volumes:
      - /run/udev:/run/udev:ro
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
--- a/tripleo_ansible/roles/tripleo_ovs_dpdk/molecule/positive/molecule.yml
+++ b/tripleo_ansible/roles/tripleo_ovs_dpdk/molecule/positive/molecule.yml
@@ -16,8 +16,6 @@ platforms:
      http_proxy: "{{ lookup('env', 'http_proxy') }}"
      https_proxy: "{{ lookup('env', 'https_proxy') }}"
    command: /sbin/init
-    capabilities:
-      - ALL
    volumes:
      - /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
    privileged: true
@@ -33,8 +31,6 @@ platforms:
      http_proxy: "{{ lookup('env', 'http_proxy') }}"
      https_proxy: "{{ lookup('env', 'https_proxy') }}"
    command: /sbin/init
-    capabilities:
-      - ALL
    volumes:
      - /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
    privileged: true