From 73b2df436a36d22fe484a7fc28ff79472278941e Mon Sep 17 00:00:00 2001 From: Felipe Santos Date: Mon, 24 Apr 2023 17:36:38 -0300 Subject: [PATCH] Add support for CAP_BPF and CAP_PERFMON privileges --- supervisor/addons/utils.py | 2 ++ supervisor/docker/const.py | 2 ++ 2 files changed, 4 insertions(+) diff --git a/supervisor/addons/utils.py b/supervisor/addons/utils.py index d8edef4a466..8538fdf991b 100644 --- a/supervisor/addons/utils.py +++ b/supervisor/addons/utils.py @@ -50,6 +50,8 @@ def rating_security(addon: AddonModel) -> int: Capabilities.SYS_RAWIO, Capabilities.SYS_PTRACE, Capabilities.SYS_MODULE, + Capabilities.CAP_BPF, + Capabilities.CAP_PERFMON, Capabilities.DAC_READ_SEARCH, ) ) diff --git a/supervisor/docker/const.py b/supervisor/docker/const.py index fcdc205f292..24fcec6efe3 100644 --- a/supervisor/docker/const.py +++ b/supervisor/docker/const.py @@ -5,6 +5,8 @@ class Capabilities(str, Enum): """Linux Capabilities.""" + CAP_BPF = "CAP_BPF" + CAP_PERFMON = "CAP_PERFMON" DAC_READ_SEARCH = "DAC_READ_SEARCH" IPC_LOCK = "IPC_LOCK" NET_ADMIN = "NET_ADMIN"