[lxc-users] setcap does not work in unprivileged container
Tamas Papp
tompos at martos.bme.hu
Fri Feb 26 07:42:26 UTC 2016
On 02/25/2016 08:56 PM, Serge Hallyn wrote:
> Quoting Tamas Papp (tompos at martos.bme.hu):
>>
>> On 02/25/2016 05:51 PM, Serge Hallyn wrote:
>>> Quoting Tamas Papp (tompos at martos.bme.hu):
>>>> hi All,
>>>>
>>>>
>>>> # /sbin/setcap 'cap_net_bind_service=+ep' /usr/bin/nodejs
>>>> Failed to set capabilities on file `/usr/bin/nodejs' (Invalid argument)
>>>> The value of the capability argument is not permitted for a file. Or
>>>> the file is not a regular (non-symlink) file
>>>>
>>>>
>>>> Can we somehow make it work?
>>> Hopefully in the next month or two I'll get time to get that
>>> working in the kernel. Which means a few more months before
>>> it'd be really available.
>> Can we expect it to be backported to Xenial?
> No, but the HWE and such kernels will have it. They are just as well
> (really, better) supported so that should be no big deal.
OK, thanks!
t
More information about the lxc-users
mailing list