Here is the original problem which I'm still experiencing with lxc 1.1: > w/ userns: > [root at fedora2 ~]# setcap 'cap_net_admin,cap_net_raw+ep' /usr/bin/ping > Failed to set capabilities on file `/usr/bin/ping' (Operation not permitted) > [root at fedora2 ~]# id > uid=0(root) gid=0(root) groups=0(root) > > w/o userns: > [root at fedora2 ~]# setcap 'cap_net_admin,cap_net_raw+ep' /usr/bin/ping > [root at fedora2 ~]# getcap /usr/bin/ping > /usr/bin/ping = cap_net_admin,cap_net_raw+ep > [root at fedora2 ~]# id > uid=0(root) gid=0(root) groups=0(root) > > every yum install <pkg> where the pkg has file capabilities fails with > > Error unpacking rpm package <PKG> > error: unpacking of archive failed on file <FILE>: cpio: cap_set_file > > is there a way to get this working?
(posted by Stephan Sachse) The relevant threads are: https://lists.linuxcontainers.org/pipermail/lxc-devel/2014-February/008220.html and: https://www.redhat.com/archives/libvir-list/2014-February/msg01545.html Has there been a solution to this problem / an acceptable patch? Running Fedora Rawhide unprivileged trying to install iputils still shows this behaviour. Best, Christian
pgpjhnYG8DCUH.pgp
Description: PGP signature
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel