On 02/12/19 11:07, Dr. David Alan Gilbert wrote:
> * Paolo Bonzini (pbonz...@redhat.com) wrote:
>> Il ven 29 nov 2019, 19:54 Dr. David Alan Gilbert ha
>> scritto:
>>
Yes, it's per thread. The state can be built from
capng_clear/capng_get_caps_process + capng_update, and left in there
>>
* Paolo Bonzini (pbonz...@redhat.com) wrote:
> Il ven 29 nov 2019, 19:54 Dr. David Alan Gilbert ha
> scritto:
>
> > > Yes, it's per thread. The state can be built from
> > > capng_clear/capng_get_caps_process + capng_update, and left in there
> > > forever. There is also capng_save_state/capng_
Il ven 29 nov 2019, 19:54 Dr. David Alan Gilbert ha
scritto:
> > Yes, it's per thread. The state can be built from
> > capng_clear/capng_get_caps_process + capng_update, and left in there
> > forever. There is also capng_save_state/capng_restore_state which, as
> > far as I can see from the sou
* Paolo Bonzini (pbonz...@redhat.com) wrote:
> On 29/11/19 19:20, Dr. David Alan Gilbert wrote:
> > * Paolo Bonzini (pbonz...@redhat.com) wrote:
> >> On 29/11/19 19:01, Dr. David Alan Gilbert wrote:
> It's not entirely trivial because fsdev-proxy-helper wants to keep the
> effective set a
On 29/11/19 19:20, Dr. David Alan Gilbert wrote:
> * Paolo Bonzini (pbonz...@redhat.com) wrote:
>> On 29/11/19 19:01, Dr. David Alan Gilbert wrote:
It's not entirely trivial because fsdev-proxy-helper wants to keep the
effective set and clear the permitted set; in libcap-ng you can only
>
* Paolo Bonzini (pbonz...@redhat.com) wrote:
> On 29/11/19 19:01, Dr. David Alan Gilbert wrote:
> >> It's not entirely trivial because fsdev-proxy-helper wants to keep the
> >> effective set and clear the permitted set; in libcap-ng you can only
> ^
>
> (Wrong, this is "mo
On 29/11/19 19:01, Dr. David Alan Gilbert wrote:
>> It's not entirely trivial because fsdev-proxy-helper wants to keep the
>> effective set and clear the permitted set; in libcap-ng you can only
^
(Wrong, this is "modify" the permitted set. The permitted set is
already cl
* Paolo Bonzini (pbonz...@redhat.com) wrote:
> On 29/11/19 10:34, Daniel P. Berrangé wrote:
> >> y) Should we flip over to only using one or the other - what
> >> are the advantages?
> > In libvirt we use libcap-ng. We picked this originally as its API
> > design allows you do write simpler
* Paolo Bonzini (pbonz...@redhat.com) wrote:
> On 29/11/19 10:34, Daniel P. Berrangé wrote:
> >> y) Should we flip over to only using one or the other - what
> >> are the advantages?
> > In libvirt we use libcap-ng. We picked this originally as its API
> > design allows you do write simpler
On 29/11/19 10:34, Daniel P. Berrangé wrote:
>> y) Should we flip over to only using one or the other - what
>> are the advantages?
> In libvirt we use libcap-ng. We picked this originally as its API
> design allows you do write simpler code than libcap in some cases
> You can see some docs
On Thu, Nov 28, 2019 at 07:04:08PM +, Dr. David Alan Gilbert wrote:
> Hi,
> We seem to have a bit of a mess with libcap and libcap-ng; and I'm not
> sure if we should try and untangle it.
>
> a) Our configure script has tests for both libcap and libcap-ng
> for libcap it says $cap, for lib
Hi,
We seem to have a bit of a mess with libcap and libcap-ng; and I'm not
sure if we should try and untangle it.
a) Our configure script has tests for both libcap and libcap-ng
for libcap it says $cap, for libcap-ng it says $cap_ng (ok)
If $cap is set - nothing happens?
If $cap_ng is set
12 matches
Mail list logo
