[lxc-users] change lxc.cap.drop without container restart
Andrey Repin
anrdaemon at yandex.ru
Tue Dec 13 12:29:18 UTC 2016
Greetings, Dmitry Melekhov!
> I run lxc 1.0.8 on centos 7 host.
> And I need to change lxc.cap.drop , namely remove setfcap, for some
> containers.
> Is it possible to do this on running containers , without restarting them?
AFAIK, you can't regain privileges once dropped.
You'll have to create a new security profile and restart containers that use
it.
--
With best regards,
Andrey Repin
Tuesday, December 13, 2016 15:28:02
Sorry for my terrible english...
More information about the lxc-users
mailing list