On Mon, Oct 12, 2009 at 10:03 AM, Serge E. Hallyn <serue@xxxxxxxxxx> wrote: > Quoting Dwight Schauer (dschauer@xxxxxxxxx): > > 4) In a opensuse container when I execute "halt" it is not just the > > container that halts, but the controlling host as well that shuts down. > > Make sure that the container is launched with CAP_SYS_BOOT removed from > the capability bounding set. > Ok, well it turns out any container can halt the whole system. If I do: capsh --drop="cap_sys_boot" -- -c "lxc-start -n arch-test0" Then do a halt within the container, the halt still works. A "reboot" within a container does not reboot the controlling host, the container runs the shutdown scripts and then idles. However, if on the controlling host I do: capsh --drop="cap_kill" -c "bash --login -i" Then the subsequent shell can't use kill which I have verified. Well, these performed on the controlling host: capsh --drop="cap_sys_boot" -- -c "halt" capsh --drop="cap_sys_boot" -- -c "reboot" Still halt and reboot my system. So I know that capabilities are working, I just have not figured out yet how to prevent containers from being able to halt the controlling host (short of simply not executing "halt" within a container or renaming/removing "halt" and "shutdown" but then "init 0" would still work). CAP_SYS_BOOT seems to control reboot, which has not been an issue, I've not gotten a container to reboot the controlling host. Dwight _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
