On Thu, Feb 28, 2019 at 11:27:38AM -0800, Dmitry Torokhov wrote: > Hi Eric, > > Currently, unless caller has CAP_SETGID in parent namespace, we can > only map effective group id in the new user namespace. Would it be > possible to relax this rule to also allow mapping of supplemental > groups (1:1) of the caller? > > Thanks. > > -- > Dmitry
Hi, Is there a use case where adding those to /etc/subgid is onerous? (There probably is, just would like to see yours) thanks, -serge
