From 27f5145a94e7b59f7b8e991ef9396f6be2170645 Mon Sep 17 00:00:00 2001
From: Matus Marhefka <mmarhefk@redhat.com>
Date: Fri, 22 Jan 2021 14:50:44 +0100
Subject: [PATCH] Add cap_audit_write to be able to run sshd in containers

Podman drops `cap_audit_write` which causes that it is not possible
run sshd by default. Therefore, we need to add the capability.

For more details see:
https://github.com/containers/podman/issues/3651
---
 tests/ssg_test_suite/test_env.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/tests/ssg_test_suite/test_env.py b/tests/ssg_test_suite/test_env.py
index 3bf239944c9e..c46189460ee2 100644
--- a/tests/ssg_test_suite/test_env.py
+++ b/tests/ssg_test_suite/test_env.py
@@ -447,7 +447,10 @@ def _commit(self, container, image):
 
     def _new_container_from_image(self, image_name, container_name):
         long_name = "{0}_{1}".format(self._name_stem, container_name)
+        # Podman drops cap_audit_write which causes that it is not possible
+        # run sshd by default. Therefore, we need to add the capability.
         podman_cmd = ["podman", "run", "--name", long_name,
+                      "--cap-add=cap_audit_write",
                       "--publish", "{}".format(self.internal_ssh_port), "--detach", image_name,
                       "/usr/sbin/sshd", "-p", "{}".format(self.internal_ssh_port), "-D"]
         try: