The commit is pushed to "branch-rh7-3.10.0-229.7.2.vz7.9.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git after rh7-3.10.0-229.7.2.vz7.9.8 ------> commit f36c58cad299b1f1ad202ea6b5bc9185b34db80a Author: Stanislav Kinsburskiy <skinsbur...@virtuozzo.com> Date: Wed Nov 11 18:54:50 2015 +0400
ve/autofs: allow /dev/autofs ioctl's in a Container fix capability check in _autofs_dev_ioctl() To enable AutoFS support in a container, the following have to be performed: 1) Allow "/dev/autofs" device in a container: echo "c 10:235 rwm" > /sys/fs/cgroup/devices/CTID/devices.allow 2) Create device node in container via tmpfiles.d: # cat /etc/tmpfiles.d/device-autofs.conf c /dev/autofs 0700 root root - 10:235 https://jira.sw.ru/browse/PSBM-26968 Signed-off-by: Stanislav Kinsburskiy <skinsbur...@virtuozzo.com> --- fs/autofs4/dev-ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c index 6ed2fbf..c68dc86 100644 --- a/fs/autofs4/dev-ioctl.c +++ b/fs/autofs4/dev-ioctl.c @@ -611,7 +611,7 @@ static int _autofs_dev_ioctl(unsigned int command, struct autofs_dev_ioctl __use int err = 0; /* only root can play with this */ - if (!capable(CAP_SYS_ADMIN)) + if (!ve_capable(CAP_SYS_ADMIN)) return -EPERM; cmd_first = _IOC_NR(AUTOFS_DEV_IOCTL_IOC_FIRST); _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel