From cb5f45cdcea89822a65b91f4e5a2bcd180ee2aed Mon Sep 17 00:00:00 2001
From: Andrew Jeddeloh <andrew.jeddeloh@coreos.com>
Date: Thu, 13 Jun 2019 10:52:42 -0700
Subject: [PATCH] bottlecap: use kvm device instead of --privileged

---
 bottlecap | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bottlecap b/bottlecap
index e93acb5b3..bfca98996 100755
--- a/bottlecap
+++ b/bottlecap
@@ -101,4 +101,4 @@ fi
 
 # we actually want work splitting here since $volumes is multiple args
 # shellcheck disable=SC2086
-$runtime run --rm -ti --privileged --userns=host $volumes --workdir /srv $entrypoint "$container" "$@"
+$runtime run --rm -ti --device '/dev/kvm' $volumes --workdir /srv $entrypoint "$container" "$@"