CAP_AUDIT_READ (since Linux 3.16)
Allow reading the audit log via a multicast netlink socket.
Signed-off-by: Christian Brauner <christianvanbrau...@gmail.com>
---
src/lxc/conf.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 1b71795..6665546 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -284,6 +284,9 @@ static struct caps_opt caps_opt[] = {
{ "sys_tty_config", CAP_SYS_TTY_CONFIG },
{ "mknod", CAP_MKNOD },
{ "lease", CAP_LEASE },
+#ifdef CAP_AUDIT_READ
+ { "audit_read", CAP_AUDIT_READ },
+#endif
#ifdef CAP_AUDIT_WRITE
{ "audit_write", CAP_AUDIT_WRITE },
#endif
--
2.5.3
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
