| Name |
Last commit
|
Last update |
|---|---|---|
| .. | ||
| include | ||
| lua-lxc | ||
| lxc | ||
| python-lxc | ||
| tests | ||
| Makefile.am |
Commit 0af683cf added clearing of capabilities to lxc-init, but only after lxc_setup_fs() was done, likely so that the mounting done in that routine wouldn't fail. However, in my testing lxc_caps_reset() wasn't really effective anyway since it did not clear the bounding set. Adding prctl PR_CAPBSET_DROP in a loop from 0 to CAP_LAST_CAP would fix this, but I don't think its necessary to forcefully clear all capabilities since users can now specify lxc.cap.keep = none to drop all capabilities. Signed-off-by:Dwight Engen <dwight.engen@oracle.com> Acked-by:
Serge E. Hallyn <serge.hallyn@ubuntu.com>
| Name |
Last commit
|
Last update |
|---|---|---|
| .. | ||
| include | Loading commit data... | |
| lua-lxc | Loading commit data... | |
| lxc | Loading commit data... | |
| python-lxc | Loading commit data... | |
| tests | Loading commit data... | |
| Makefile.am | Loading commit data... |