mount command does not seem to support the cap_sys_admin capability. In fact the command fails when the mount system call would succeeds for operation permitted to users (e.g. bind mounts in user-namespaces) For example using userbindmount https://github.com/rd235/userbindmount $ userbindmount -s -- $ mount --bind /tmp/resolv.conf /etc/resolv.conf mount: only root can use "--bind" option $ busybox mount --bind /tmp/resolv.conf /etc/resolv.conf $ As it can be seen from the example above, busybox mount succeeds on the same command where mount(1) fails. "Mount" erroneously checks that the effective user is root and returns an error prior to invoke the system call mount(2), forbidding in this way permitted operations. thank you renzo -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
