On 02/01/2012 05:12 PM, Christian Seiler wrote:
> Hi,
>
> I've attached patches that improve capability handling in LXC. I stumbled
> upon the issue that I wanted to deactivate "dmesg" from inside containers
> with a fairly recent kernel. Instead of dropping CAP_SYS_ADMIN, as it was
> the case with
Hi,
I've attached patches that improve capability handling in LXC. I stumbled
upon the issue that I wanted to deactivate "dmesg" from inside containers
with a fairly recent kernel. Instead of dropping CAP_SYS_ADMIN, as it was
the case with previous kernel versions, one is now supposed to drop
CAP_
