CAP_AUDIT_READ (since Linux 3.16) Allow reading the audit log via a multicast netlink socket.
Signed-off-by: Christian Brauner <christianvanbrau...@gmail.com> --- src/lxc/conf.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 1b71795..6665546 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -284,6 +284,9 @@ static struct caps_opt caps_opt[] = { { "sys_tty_config", CAP_SYS_TTY_CONFIG }, { "mknod", CAP_MKNOD }, { "lease", CAP_LEASE }, +#ifdef CAP_AUDIT_READ + { "audit_read", CAP_AUDIT_READ }, +#endif #ifdef CAP_AUDIT_WRITE { "audit_write", CAP_AUDIT_WRITE }, #endif -- 2.5.3 _______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel