On Wed, 24.07.13 18:41, Gerardo Exequiel Pozzi (vmlinuz...@yahoo.com.ar) wrote:
We generally try to make conditions specific to a feature rather than an execution environment. Containers should run without CAP_MKMNOD, and as udev originally was in the business of creating device nodes we hence bound it to this capability. Now, since very recently udev doesn'#t create a single device node anymore (it's all done by the kernel in devtmpfs/container manager and tmpfiles now), so it probably would make sense to change the capability check, but certainly not remove it. (I'd vote by replacing it by ConditionPathIsReadWrite=/sys since sane container managers mount that read-only.) Anyway, I don't get what you are trying to achieve by your patch please elaborate. > Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz...@yahoo.com.ar> > --- > units/systemd-udev-settle.service.in | 1 - > units/systemd-udev-trigger.service.in | 1 - > units/systemd-udevd-control.socket | 1 - > units/systemd-udevd-kernel.socket | 1 - > 4 files changed, 4 deletions(-) > > diff --git a/units/systemd-udev-settle.service.in > b/units/systemd-udev-settle.service.in > index 037dd9a..148aa9d 100644 > --- a/units/systemd-udev-settle.service.in > +++ b/units/systemd-udev-settle.service.in > @@ -16,7 +16,6 @@ DefaultDependencies=no > Wants=systemd-udevd.service > After=systemd-udev-trigger.service > Before=sysinit.target > -ConditionCapability=CAP_MKNOD > > [Service] > Type=oneshot > diff --git a/units/systemd-udev-trigger.service.in > b/units/systemd-udev-trigger.service.in > index 604c369..ea3cb62 100644 > --- a/units/systemd-udev-trigger.service.in > +++ b/units/systemd-udev-trigger.service.in > @@ -12,7 +12,6 @@ DefaultDependencies=no > Wants=systemd-udevd.service > After=systemd-udevd-kernel.socket systemd-udevd-control.socket > Before=sysinit.target > -ConditionCapability=CAP_MKNOD > > [Service] > Type=oneshot > diff --git a/units/systemd-udevd-control.socket > b/units/systemd-udevd-control.socket > index ca17102..12a66d2 100644 > --- a/units/systemd-udevd-control.socket > +++ b/units/systemd-udevd-control.socket > @@ -10,7 +10,6 @@ Description=udev Control Socket > Documentation=man:systemd-udevd.service(8) man:udev(7) > DefaultDependencies=no > Before=sockets.target > -ConditionCapability=CAP_MKNOD > > [Socket] > Service=systemd-udevd.service > diff --git a/units/systemd-udevd-kernel.socket > b/units/systemd-udevd-kernel.socket > index 4b8a5b0..64e6f63 100644 > --- a/units/systemd-udevd-kernel.socket > +++ b/units/systemd-udevd-kernel.socket > @@ -10,7 +10,6 @@ Description=udev Kernel Socket > Documentation=man:systemd-udevd.service(8) man:udev(7) > DefaultDependencies=no > Before=sockets.target > -ConditionCapability=CAP_MKNOD > > [Socket] > Service=systemd-udevd.service Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
