[lxc-users] setcap capabilities
Mark Constable
markc at renta.net
Thu Feb 18 23:09:47 UTC 2016
On 19/02/16 02:32, Serge Hallyn wrote:
>>>> but inside a container I get...
>>>>
>>>> ~ /sbin/setcap cap_net_bind_service=+ep /usr/bin/caddy
>>>> Failed to set capabilities on file `/usr/bin/caddy' (Invalid argument)
>>>
>>> If not in a user namespace, ... well it works for me, but you may
>>> have to edit the files under /usr/share/lxc which get lxc.include'd
>>> to make sure they're not dropping CAP_SETFCAP, and check your
>>> apparmor/selinux policy. I'm not going more into detail on that until
>>> we're sure you're not in a user namespace :)
>>
>> xenial host with a xenial lxd 2.0.0~beta2 unprivileged container
lxd 2.0.0~beta3 now. Can you spare a moment for a little more detail please?
More information about the lxc-users
mailing list