Hi All! I have noticed that a container's root user is unable to modify the capabilities of a root-owned file in the container.
For example: setcap cap_net_raw=ep /bin/ping returns: Failed to set capabilities on file `ping' (Operation not permitted) It is possible to set this capability as root from the host, operating on the container's file. Can someone please explain this behavior? What am I doing wrong? When is root in the container not root in the container? This is on gentoo. Have I overlooked an obscure kernel config? Thanks! _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
