> -----Original Message----- > From: libvir-list-bounces@xxxxxxxxxx [mailto:libvir-list-bounces@xxxxxxxxxx] > On Behalf Of Cédric Bosdonnat > Sent: Friday, July 18, 2014 4:02 PM > To: libvir-list@xxxxxxxxxx > Cc: Cédric Bosdonnat > Subject: [PATCHv4 1/2] lxc: allow to keep or drop capabilities > > Added <capabilities> in the <features> section of LXC domains > configuration. This section can contain elements named after the > capabilities like: > > <mknod state="on"/>, keep CAP_MKNOD capability > <sys_chroot state="off"/> drop CAP_SYS_CHROOT capability > > Users can restrict or give more capabilities than the default using > this mechanism. > --- Reviewed-by: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list