[lxc-devel] [PATCH] Add CAP_AUDIT_READ
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Sep 28 03:56:31 UTC 2015
Quoting Christian Brauner (christianvanbrauner at gmail.com):
> CAP_AUDIT_READ (since Linux 3.16)
> Allow reading the audit log via a multicast netlink socket.
>
> Signed-off-by: Christian Brauner <christianvanbrauner at gmail.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> ---
> src/lxc/conf.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index 1b71795..6665546 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -284,6 +284,9 @@ static struct caps_opt caps_opt[] = {
> { "sys_tty_config", CAP_SYS_TTY_CONFIG },
> { "mknod", CAP_MKNOD },
> { "lease", CAP_LEASE },
> +#ifdef CAP_AUDIT_READ
> + { "audit_read", CAP_AUDIT_READ },
> +#endif
> #ifdef CAP_AUDIT_WRITE
> { "audit_write", CAP_AUDIT_WRITE },
> #endif
> --
> 2.5.3
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list