Quoting J. Xiao (j...@linux.vnet.ibm.com):
> I checked all the capabilities are up before opening shmmax file.
> If I seteuid to 0, the open succeeds. There seems to be a difference
> between having a root euid and a regular user having root capabilities
> in terms of writing to shmmax file.
Yup
I checked all the capabilities are up before opening shmmax file.
If I seteuid to 0, the open succeeds. There seems to be a difference
between having a root euid and a regular user having root capabilities
in terms of writing to shmmax file.
On 7/5/2012 4:49 PM, Stéphane Graber wrote:
> On 07/05
On 07/05/2012 04:41 PM, J. Xiao wrote:
> Thanks Stephane for your answer.
>
> However, I am running on RedHat, is there a similar file on RedHat I can
> check?
I don't know RedHat but as far as I know Ubuntu is the only distro
currently restricting access to /proc in containers. RedHat uses SELin
Thanks Stephane for your answer.
However, I am running on RedHat, is there a similar file on RedHat I can
check?
On 7/5/2012 4:26 PM, Stéphane Graber wrote:
> On 07/05/2012 06:41 AM, J. Xiao wrote:
>> Hi,
>>
>> I am trying to add lxc.shmmax as a configuration option for lxc-execute,
>> so the co
On 07/05/2012 06:41 AM, J. Xiao wrote:
> Hi,
>
> I am trying to add lxc.shmmax as a configuration option for lxc-execute,
> so the container would have desired shmmax setting.
> I run lxc-execute as a regular user and setuid root. When trying to open
> /proc/sys/kernel/shmmax for write in lxc_se
Hi,
I am trying to add lxc.shmmax as a configuration option for lxc-execute,
so the container would have desired shmmax setting.
I run lxc-execute as a regular user and setuid root. When trying to open
/proc/sys/kernel/shmmax for write in lxc_setup(), I got "permission
denied". I checked that a
Hi,
I am trying to add lxc.shmmax as a configuration option for lxc-execute,
so the container would have desired shmmax setting.
I run lxc-execute as a regular user and setuid root. When trying to open
/proc/sys/kernel/shmmax for write in lxc_setup(), I got "permission
denied". I checked that a
