container: improve capability handling

This cleans up preserving caps for expansion and correctly sets privileged caps. Signed-off-by: Ophestra <cat@gensokyo.uk>
2026-05-07 14:14:06 +09:00
parent 4aba014eac
commit bad66facbc
3 changed files with 36 additions and 26 deletions
--- a/container/container_test.go
+++ b/container/container_test.go
@@ -537,7 +537,6 @@ func testContainerCancel(
 	containerExtra func(c *container.Container),
 	waitCheck func(ps *os.ProcessState, waitErr error),
 ) {
-	t.Parallel()
 	ctx, cancel := context.WithCancel(t.Context())

 	c := helperNewContainer(ctx, "block")