Gary Johnson <lambdatro...@disroot.org> writes: > $ guix shell -CN iproute2 -- ip route add 12.34.56.78 dev wls6 > RTNETLINK answers: Operation not permitted
What I think would be useful is a way to give a container certain Linux capabilities. I think this is a missing feature, and one that I suspect may be the "right solution" for your use-case. Then you could give your container the NET_ADMIN capability, or whatever is required, without having to give the container root privileges. I'm also interested in a solution to your problem: I have the same use-case as you, but I work around it by doing a two-pass setup: first invoke a root container, and then invoke a non-root container. /Simon
signature.asc
Description: PGP signature
