From ada2d88d022ed771aa3a7940719dae978f91d001 Mon Sep 17 00:00:00 2001
From: Mai Bui <maibui@microsoft.com>
Date: Tue, 3 Oct 2023 18:58:17 -0400
Subject: [PATCH] [docker-mux] limit privileged flag for mux container (#16562)

### Why I did it
HLD implementation: Container Hardening (https://github.com/sonic-net/SONiC/pull/1364)
##### Work item tracking
- Microsoft ADO **(number only)**: 14807420

#### How I did it
Reduce linux capabilities in privileged flag
---
 rules/docker-mux.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/docker-mux.mk b/rules/docker-mux.mk
index 8295200b7b..3af7baa004 100644
--- a/rules/docker-mux.mk
+++ b/rules/docker-mux.mk
@@ -30,7 +30,7 @@ SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_MUX_DBG)
 endif
 
 $(DOCKER_MUX)_CONTAINER_NAME = mux
-$(DOCKER_MUX)_RUN_OPT += --privileged -t
+$(DOCKER_MUX)_RUN_OPT += -t
 $(DOCKER_MUX)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
 $(DOCKER_MUX)_RUN_OPT += -v /etc/timezone:/etc/timezone:ro 
 $(DOCKER_MUX)_FILES += $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT)