I want to run a command in a container with lxc-execute, and its not something that does setuid, setgid itself, it expects to be run as a non-root user.
Am I correct that the expected way to do this is to run lxc-setcap so I can run lxc-execute as the user, and then make sure the container config has lxc.cap.drop = dac_override fowner setpcap net_admin net_raw sys_chroot sys_admin so I drop all the capabilities again? It seems slightly more error prone than being able to set a uid and gid in the config directly, but maybe its just me adjusting to using capabilities... thanks Justin ------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
