Allow preserving capabilities when changing user namespace of a process

Hello, A process which changes its user namespace (unshare or setns), or a process that is created by clone with the CLONE_NEWUSER flag has all capabilities inside the new namespace, and loses all its capabilities in the parent/previous user namespace. This poses an issue because some operations

Re: Capabilities are list when creating a user namespace

Hello, sorry for duplicating the previous email, forgot to send it to the mailing lists as well. Did you miss my email? Idan Yadgar. On Fri, May 29, 2020 at 5:48 PM Idan Yadgar wrote: > > Hello, did you miss my mail? > > בתאריך יום א׳, 24 במאי 2020, 15:32, מאת Idan Yadgar ‏:

Capabilities are list when creating a user namespace

Hello, A process which changes its user namespace (unshare or setns), or a process that is created by clone with the CLONE_NEWUSER flag has all capabilities inside the new namespace, and loses all its capabilities in the parent/previous user namespace. This poses an issue because some operations