On Thu, May 23, 2019 at 01:25:08PM +0300, Amir Goldstein wrote:
...
> > > > Interesting. When do you think the gate can be removed?
> > >
> > > Nobody is working on this AFAIK.
> > > What I posted was a simple POC, but I have no use case for this.
> > > In the patchwork link above, Jan has listed
On Thu, May 23, 2019 at 5:40 PM Jan Kara wrote:
>
> On Thu 23-05-19 15:35:18, Christian Brauner wrote:
> > So let's say the user tells me:
> > - When the "/A/B/C/target" file appears on the host filesystem,
> > please give me access to "target" in the container at a path I tell
> > you.
> > Wh
On Thu, May 23, 2019 at 04:40:50PM +0200, Jan Kara wrote:
> On Thu 23-05-19 15:35:18, Christian Brauner wrote:
> > So let's say the user tells me:
> > - When the "/A/B/C/target" file appears on the host filesystem,
> > please give me access to "target" in the container at a path I tell
> > you.
On Thu 23-05-19 15:35:18, Christian Brauner wrote:
> So let's say the user tells me:
> - When the "/A/B/C/target" file appears on the host filesystem,
> please give me access to "target" in the container at a path I tell
> you.
> What I do right now is listen for the creation of the "target" fi
On Thu, May 23, 2019 at 04:16:24PM +0300, Amir Goldstein wrote:
> On Thu, May 23, 2019 at 2:58 PM Christian Brauner
> wrote:
> >
> > On Thu, May 23, 2019 at 02:40:39PM +0300, Amir Goldstein wrote:
> > > On Thu, May 23, 2019 at 1:42 PM Christian Brauner
> > > wrote:
> > > >
> > > > On Thu, May 2
On Thu, May 23, 2019 at 2:58 PM Christian Brauner wrote:
>
> On Thu, May 23, 2019 at 02:40:39PM +0300, Amir Goldstein wrote:
> > On Thu, May 23, 2019 at 1:42 PM Christian Brauner
> > wrote:
> > >
> > > On Thu, May 23, 2019 at 01:25:08PM +0300, Amir Goldstein wrote:
> > > > On Thu, May 23, 2019 a
On Thu, May 23, 2019 at 02:40:39PM +0300, Amir Goldstein wrote:
> On Thu, May 23, 2019 at 1:42 PM Christian Brauner
> wrote:
> >
> > On Thu, May 23, 2019 at 01:25:08PM +0300, Amir Goldstein wrote:
> > > On Thu, May 23, 2019 at 12:55 PM Christian Brauner
> > > wrote:
> > > >
> > > > On Wed, May
On Thu, May 23, 2019 at 1:42 PM Christian Brauner wrote:
>
> On Thu, May 23, 2019 at 01:25:08PM +0300, Amir Goldstein wrote:
> > On Thu, May 23, 2019 at 12:55 PM Christian Brauner
> > wrote:
> > >
> > > On Wed, May 22, 2019 at 11:00:22PM +0300, Amir Goldstein wrote:
> > > > On Wed, May 22, 2019
On Thu, May 23, 2019 at 01:25:08PM +0300, Amir Goldstein wrote:
> On Thu, May 23, 2019 at 12:55 PM Christian Brauner
> wrote:
> >
> > On Wed, May 22, 2019 at 11:00:22PM +0300, Amir Goldstein wrote:
> > > On Wed, May 22, 2019 at 9:57 PM Christian Brauner
> > > wrote:
> > > >
> > > > On May 22, 2
On Thu, May 23, 2019 at 12:55 PM Christian Brauner wrote:
>
> On Wed, May 22, 2019 at 11:00:22PM +0300, Amir Goldstein wrote:
> > On Wed, May 22, 2019 at 9:57 PM Christian Brauner
> > wrote:
> > >
> > > On May 22, 2019 8:29:37 PM GMT+02:00, Amir Goldstein
> > > wrote:
> > > >On Wed, May 22, 20
On Wed, May 22, 2019 at 11:00:22PM +0300, Amir Goldstein wrote:
> On Wed, May 22, 2019 at 9:57 PM Christian Brauner
> wrote:
> >
> > On May 22, 2019 8:29:37 PM GMT+02:00, Amir Goldstein
> > wrote:
> > >On Wed, May 22, 2019 at 7:32 PM Christian Brauner
> > > wrote:
> > >>
> > >> This removes two
On Wed, May 22, 2019 at 9:57 PM Christian Brauner wrote:
>
> On May 22, 2019 8:29:37 PM GMT+02:00, Amir Goldstein
> wrote:
> >On Wed, May 22, 2019 at 7:32 PM Christian Brauner
> > wrote:
> >>
> >> This removes two redundant capable(CAP_SYS_ADMIN) checks from
> >> fanotify_init().
> >> fanotify_i
On May 22, 2019 8:29:37 PM GMT+02:00, Amir Goldstein wrote:
>On Wed, May 22, 2019 at 7:32 PM Christian Brauner
> wrote:
>>
>> This removes two redundant capable(CAP_SYS_ADMIN) checks from
>> fanotify_init().
>> fanotify_init() guards the whole syscall with capable(CAP_SYS_ADMIN)
>at the
>> beginni
On Wed, May 22, 2019 at 7:32 PM Christian Brauner wrote:
>
> This removes two redundant capable(CAP_SYS_ADMIN) checks from
> fanotify_init().
> fanotify_init() guards the whole syscall with capable(CAP_SYS_ADMIN) at the
> beginning. So the other two capable(CAP_SYS_ADMIN) checks are not needed.
I
This removes two redundant capable(CAP_SYS_ADMIN) checks from
fanotify_init().
fanotify_init() guards the whole syscall with capable(CAP_SYS_ADMIN) at the
beginning. So the other two capable(CAP_SYS_ADMIN) checks are not needed.
Fixes: 5dd03f55fd2 ("fanotify: allow userspace to override max queue
15 matches
Mail list logo