> > Unfortunately, it doesn't work and needed modules are not loaded > > from container but only from host. I realized there is no #define > > CAP_SYS_MODULE > > in /usr/lib/modules/4.1.2-2-ARCH/build/include/linux/capability.h. Look at /usr/include/linux/capability.h (linux-api-headers) instead. > It was moved to include/uapi/linux/capability.h recentlyish. Not really, more like December 2012, with kernel 3.7. > As for your actual issue, SYS_CAP_MODULE isn't listed in the valid > capabilities for --capability in the systemd-nspawn manpage. Are you > perhaps confusing options? Looking at the manpage it doesn't say "valid", it's just a list of default capabilities. --byte
Attachment:
pgp8ePz8WGyDy.pgp
Description: Digitale Signatur von OpenPGP
