Hi, I'm trying to devise a scheme where I need to give an unpriviliged user the ability to add ip addresses to a blocklist used by iptables. Sudo is not an option in this case. I have understood that I should be able to do this with the CAP_NET_ADMIN capability but so far during my testing with ipset 4.5 I have not been successful. Could anyone please tell me if these utilities are in fact capabilities aware and if not, if there are any plans to implement it? Cheers, /Mikael -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
