[PATCH 0/3] Misc fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,

Here are a few patches without strong connection together. The first one
only allows us not to package virt-login-shell even with lxc driver
enabled. The other ones are related to mounts security.

I'm wondering if changing the default dropped capabilities in the lxc
driver is acceptable... dropping sys_admin makes sense, but it can
introduce incompatibilities for users needing it as they will need to
explicitely enable it.

Cédric Bosdonnat (3):
  Allow building lxc without virt-login-shell
  virt-aa-helper: don't deny writes to readonly mounts
  lxc: drop sys_admin caps by default

 configure.ac                  | 14 ++++++++++++++
 src/lxc/lxc_container.c       |  1 +
 src/security/virt-aa-helper.c |  5 ++++-
 tools/Makefile.am             | 12 ++++++------
 4 files changed, 25 insertions(+), 7 deletions(-)

-- 
2.1.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]