Hi On Thu, Jan 22, 2015 at 3:53 PM, Christian Seiler <[email protected]> wrote: > [1] Note that the only other issue I stumbled upon has now been fixed, > so in general I would say that systemd already works really well > in containers without CAP_SYS_ADMIN if you know how to set them > up properly.
Just as a heads-up: The device-delegation API (src/logind/logind-session-device.c) will also fail if you run without CAP_SYS_ADMIN. Admittedly, DRM and input devices usually don't matter in containers, so it's fine. But on main systems, we really need CAP_SYS_ADMIN. Thanks David _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
