Hi,
On Fri, Oct 09, 2015 at 11:43:22AM +0800, Hillf Danton wrote:
> > @@ -730,15 +730,21 @@ static void kdbus_meta_export_caps(struct
> > kdbus_meta_caps *out,
> >
> > /*
> > * This translates the effective capabilities of 'cred' into the given
> > -* user-namespace. If the given
Hi,
On Fri, Oct 09, 2015 at 11:43:22AM +0800, Hillf Danton wrote:
> > @@ -730,15 +730,21 @@ static void kdbus_meta_export_caps(struct
> > kdbus_meta_caps *out,
> >
> > /*
> > * This translates the effective capabilities of 'cred' into the given
> > -* user-namespace. If the given
> @@ -730,15 +730,21 @@ static void kdbus_meta_export_caps(struct
> kdbus_meta_caps *out,
>
> /*
>* This translates the effective capabilities of 'cred' into the given
> - * user-namespace. If the given user-namespace is a child-namespace of
> - * the user-namespace of
Update the comment to keep it in sync with the algorithm. The current
one lacks words on that in order to have all capabilities in the owned
user namespace the process must stay in the parent of that namespace.
Also (obvious, but should be mentioned for completeness) the mask is
copied verbatim if
Update the comment to keep it in sync with the algorithm. The current
one lacks words on that in order to have all capabilities in the owned
user namespace the process must stay in the parent of that namespace.
Also (obvious, but should be mentioned for completeness) the mask is
copied verbatim if
> @@ -730,15 +730,21 @@ static void kdbus_meta_export_caps(struct
> kdbus_meta_caps *out,
>
> /*
>* This translates the effective capabilities of 'cred' into the given
> - * user-namespace. If the given user-namespace is a child-namespace of
> - * the user-namespace of
6 matches
Mail list logo
