From 7ab606bac58d4b75f5e00b71859910e18d95a398 Mon Sep 17 00:00:00 2001
From: Guillaume Abrioux <gabrioux@redhat.com>
Date: Mon, 30 Nov 2020 14:55:16 +0100
Subject: [PATCH] iscsigw: remove `--cap-add=all` from `podman run` cmd

As of podman `2.0.5`, `--cap-add` and `--privileged` are exclusive
options.

```
Nov 30 13:56:30 magna089 podman[171677]: Error: invalid config provided: CapAdd and privileged are mutually exclusive options
```

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1902149

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit d40dd764e004f9765e5d4e12507cdf3c707a3271)
---
 roles/ceph-iscsi-gw/templates/rbd-target-api.service.j2 | 1 -
 roles/ceph-iscsi-gw/templates/rbd-target-gw.service.j2  | 1 -
 roles/ceph-iscsi-gw/templates/tcmu-runner.service.j2    | 1 -
 3 files changed, 3 deletions(-)

diff --git a/roles/ceph-iscsi-gw/templates/rbd-target-api.service.j2 b/roles/ceph-iscsi-gw/templates/rbd-target-api.service.j2
index 48d02be0f..484b0f93e 100644
--- a/roles/ceph-iscsi-gw/templates/rbd-target-api.service.j2
+++ b/roles/ceph-iscsi-gw/templates/rbd-target-api.service.j2
@@ -24,7 +24,6 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm \
   --cpus={{ ceph_rbd_target_api_docker_cpu_limit }} \
   -v /etc/localtime:/etc/localtime:ro \
   --privileged \
-  --cap-add=ALL \
   --net=host \
   -v /dev:/dev \
   -v /dev/log:/dev/log \
diff --git a/roles/ceph-iscsi-gw/templates/rbd-target-gw.service.j2 b/roles/ceph-iscsi-gw/templates/rbd-target-gw.service.j2
index 96d51eb31..b6baf8c32 100644
--- a/roles/ceph-iscsi-gw/templates/rbd-target-gw.service.j2
+++ b/roles/ceph-iscsi-gw/templates/rbd-target-gw.service.j2
@@ -24,7 +24,6 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm \
   --cpus={{ ceph_rbd_target_gw_docker_cpu_limit }} \
   -v /etc/localtime:/etc/localtime:ro \
   --privileged \
-  --cap-add=ALL \
   --net=host \
   -v /dev:/dev \
   -v /dev/log:/dev/log \
diff --git a/roles/ceph-iscsi-gw/templates/tcmu-runner.service.j2 b/roles/ceph-iscsi-gw/templates/tcmu-runner.service.j2
index d42506df0..5809ed356 100644
--- a/roles/ceph-iscsi-gw/templates/tcmu-runner.service.j2
+++ b/roles/ceph-iscsi-gw/templates/tcmu-runner.service.j2
@@ -25,7 +25,6 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm \
   -v /etc/localtime:/etc/localtime:ro \
   --privileged \
   --net=host \
-  --cap-add=ALL \
   -v /dev:/dev \
   -v /lib/modules:/lib/modules \
   -v /etc/ceph:/etc/ceph \