>> Hmm, I am not sure I like this, simply because every time I do an >> update, I have to manually sync this file and I don't need this extra >> headache. >> > > Why? If you don't change your config, you don't need new capabilities! > Sorry, missed that. The problem is that when I compile a new kernel, I also tweak with the options (particularly with the Netfilter section), so some "capability" may be activated/deactivated (new iptables targets for example). \that is why I don't want to use a fixed capabilities file as some of the options there may be used in the new version, or removed if I previously used them.
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
