Update libcontainerd to use containerd 1.0

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>

1 files changed, 10 insertions, 4 deletions

diff --git a/daemon/exec_linux.go b/daemon/exec_linux.go
index bb11c11e44..525ce01050 100644
--- a/daemon/exec_linux.go
+++ b/daemon/exec_linux.go
@@ -4,25 +4,30 @@ import (
 	"github.com/docker/docker/container"
 	"github.com/docker/docker/daemon/caps"
 	"github.com/docker/docker/daemon/exec"
-	"github.com/docker/docker/libcontainerd"
 	"github.com/opencontainers/runc/libcontainer/apparmor"
 	"github.com/opencontainers/runtime-spec/specs-go"
 )
 
-func execSetPlatformOpt(c *container.Container, ec *exec.Config, p *libcontainerd.Process) error {
+func (daemon *Daemon) execSetPlatformOpt(c *container.Container, ec *exec.Config, p *specs.Process) error {
 	if len(ec.User) > 0 {
 		uid, gid, additionalGids, err := getUser(c, ec.User)
 		if err != nil {
 			return err
 		}
-		p.User = &specs.User{
+		p.User = specs.User{
 			UID:            uid,
 			GID:            gid,
 			AdditionalGids: additionalGids,
 		}
 	}
 	if ec.Privileged {
-		p.Capabilities = caps.GetAllCapabilities()
+		if p.Capabilities == nil {
+			p.Capabilities = &specs.LinuxCapabilities{}
+		}
+		p.Capabilities.Bounding = caps.GetAllCapabilities()
+		p.Capabilities.Permitted = p.Capabilities.Bounding
+		p.Capabilities.Inheritable = p.Capabilities.Bounding
+		p.Capabilities.Effective = p.Capabilities.Bounding
 	}
 	if apparmor.IsEnabled() {
 		var appArmorProfile string
@@ -46,5 +51,6 @@ func execSetPlatformOpt(c *container.Container, ec *exec.Config, p *libcontainer
 			}
 		}
 	}
+	daemon.setRlimits(&specs.Spec{Process: p}, c)
 	return nil
 }