[lxc-devel] [PATCH] Add CAP_AUDIT_READ
Christian Brauner
christianvanbrauner at gmail.com
Sun Sep 27 10:16:54 UTC 2015
CAP_AUDIT_READ (since Linux 3.16)
Allow reading the audit log via a multicast netlink socket.
Signed-off-by: Christian Brauner <christianvanbrauner at gmail.com>
---
src/lxc/conf.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 1b71795..6665546 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -284,6 +284,9 @@ static struct caps_opt caps_opt[] = {
{ "sys_tty_config", CAP_SYS_TTY_CONFIG },
{ "mknod", CAP_MKNOD },
{ "lease", CAP_LEASE },
+#ifdef CAP_AUDIT_READ
+ { "audit_read", CAP_AUDIT_READ },
+#endif
#ifdef CAP_AUDIT_WRITE
{ "audit_write", CAP_AUDIT_WRITE },
#endif
--
2.5.3
More information about the lxc-devel
mailing list