[lxc-devel] [patch 1/5] Add capability interface
Daniel Lezcano
dlezcano at fr.ibm.com
Tue Jan 5 21:04:33 UTC 2010
Andrian Nord wrote:
>> As you mentioned it at the beginning, I think it is better to just drop
>> the capabilities without any default, except for the shutdown
>> capability. That will make the code simpler, because we won't have to
>> handle the "keep" case.
>>
>> And we let the admin to configure itself the capabilities to drop
>> (sys_module, time, etc ...), no ?
>
>
> Oh, ok. I'll look into it sometime after. I'm a bit swamped with daily
> work currently, so maybe tomorrow.
>
> Still, I personally think, that 'keep' case is useful enough if you are
> using common configs - you may drop common capabilities, but then revert
> this in container that needs this capabilities. I'm using it very often.
> But if you reject idea of included configs, keep case has no much sense,
> yes.
The advantage of the 'keep' option I see is, like you did, a lot of
capabilities removed for the container by default, but with the option
to keep it if it's too restrictive.
drop only : admin has to write the right configuration each time
drop / keep : default capabilities are dropped but they can be kept by
configuration
On the otherhand, lxc is a low level component supposed to be used with
automated script which can generate the right configuration.
Ok, I don't know :)
I will comment your patchset and propose some simplifications, may be a
good reason to have or to not have the 'keep' option will appear during
the review.
More information about the lxc-devel
mailing list