On Tue, May 15, 2007 at 08:52:18PM +0900, Masatake YAMATO wrote:
> Hi,
>
> I'm writing a command that installs all src.rpms in a ISO
> images to a system. I'd like to make the command require
> fewer privilege as possible.
>
> loop back mounting emits two system calls: mount and mlockall.
> mount is obviously needed. mlockall is needed for encryption.
> As the result both CAP_SYS_ADMIN and CAP_IPC_LOCK are needed
> to do loopback mounting.
>
> The problem is that CAP_IPC_LOCK is always needed through my
> command doesn't need encryption.
>
> With the following patch, mount calls mlockall only when
> encryption is needed. Could you introduce this patch?
Yes, I'll commit your patch ASAP. Thanks.
Karel
--
Karel Zak <kzak@xxxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
