Re: [ovs-dev] [PATCH] rhel: don't drop capabilities when running as root

2018-03-28 Thread Aaron Conole
Russell Bryant writes: > On Tue, Mar 27, 2018 at 9:26 AM, Aaron Conole wrote: >> Aaron Conole writes: >> >>> Currently, regardless of which user is being set as the running user, >>> Open vSwitch daemons on RHEL systems drop

Re: [ovs-dev] [PATCH] rhel: don't drop capabilities when running as root

2018-03-27 Thread Russell Bryant
On Tue, Mar 27, 2018 at 9:26 AM, Aaron Conole wrote: > Aaron Conole writes: > >> Currently, regardless of which user is being set as the running user, >> Open vSwitch daemons on RHEL systems drop capabilities. This means the >> very powerful CAP_SYS_ADMIN

Re: [ovs-dev] [PATCH] rhel: don't drop capabilities when running as root

2018-03-27 Thread Aaron Conole
Aaron Conole writes: > Currently, regardless of which user is being set as the running user, > Open vSwitch daemons on RHEL systems drop capabilities. This means the > very powerful CAP_SYS_ADMIN is dropped, even when the user is 'root'. > > For the majority of use cases

Re: [ovs-dev] [PATCH] rhel: don't drop capabilities when running as root

2018-03-20 Thread Timothy Redaelli
On Tue, 13 Feb 2018 16:42:16 -0500 Aaron Conole wrote: > Currently, regardless of which user is being set as the running user, > Open vSwitch daemons on RHEL systems drop capabilities. This means > the very powerful CAP_SYS_ADMIN is dropped, even when the user is > 'root'. >

[ovs-dev] [PATCH] rhel: don't drop capabilities when running as root

2018-02-13 Thread Aaron Conole
Currently, regardless of which user is being set as the running user, Open vSwitch daemons on RHEL systems drop capabilities. This means the very powerful CAP_SYS_ADMIN is dropped, even when the user is 'root'. For the majority of use cases this behavior works, as the user can enable or disable