[Bug 850687] Re: Should disable cap_module by default

2011-11-29 Thread Serge Hallyn
This is fixed as of 0.7.5-3ubuntu2. ** Changed in: lxc (Ubuntu) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/850687 Title: Should disable

[Bug 850687] Re: Should disable cap_module by default

2011-11-29 Thread Serge Hallyn
This is fixed as of 0.7.5-3ubuntu2. ** Changed in: lxc (Ubuntu) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/850687 Title: Should disable cap_module by

[Bug 850687] Re: Should disable cap_module by default

2011-09-15 Thread Soren Hansen
Well, or use libvirt which already does this. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/850687 Title: Should disable cap_module by default To manage notifications about this bug

[Bug 850687] Re: Should disable cap_module by default

2011-09-15 Thread Serge Hallyn
** Changed in: lxc (Ubuntu) Importance: Undecided = Wishlist -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/850687 Title: Should disable cap_module by default To manage

[Bug 850687] Re: Should disable cap_module by default

2011-09-15 Thread Serge Hallyn
Thanks for the suggestion, Soren. This was just mentioned in irc as well. As there is no pretense of security against root in the container right now, this isn't particularly important, so I'll send a patch upstream, but we may just wait for upstream to take the patch. If we are able to start

[Bug 850687] Re: Should disable cap_module by default

2011-09-15 Thread Serge Hallyn
Patch sent upstream. It also disables mac_admin and mac_override. ** Changed in: lxc (Ubuntu) Status: Confirmed = Triaged -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/850687

[Bug 850687] Re: Should disable cap_module by default

2011-09-15 Thread Soren Hansen
Well, or use libvirt which already does this. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/850687 Title: Should disable cap_module by default To manage notifications about this bug go to:

[Bug 850687] Re: Should disable cap_module by default

2011-09-15 Thread Serge Hallyn
** Changed in: lxc (Ubuntu) Importance: Undecided = Wishlist -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/850687 Title: Should disable cap_module by default To manage notifications about this

[Bug 850687] Re: Should disable cap_module by default

2011-09-15 Thread Serge Hallyn
Thanks for the suggestion, Soren. This was just mentioned in irc as well. As there is no pretense of security against root in the container right now, this isn't particularly important, so I'll send a patch upstream, but we may just wait for upstream to take the patch. If we are able to start

[Bug 850687] Re: Should disable cap_module by default

2011-09-15 Thread Serge Hallyn
Patch sent upstream. It also disables mac_admin and mac_override. ** Changed in: lxc (Ubuntu) Status: Confirmed = Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/850687 Title: Should