Dietmar Maurer wrote: > Where can I find more information about vps capabilities, i.e. what > exactly is: > > NET_BIND_SERVICE > KILL > LINUX_IMMUTABLE > NET_ADMIN > SYS_CHROOT
these are std linux capabilities, so you can look at any documentation related to it, plus comments in kernel in include/linux/capability.h and kernel sources. > VE_ADMIN it is a restricted subset of CAP_SYS_ADMIN+CAP_NET_ADMIN capability for VE root. it allows to do a lot of thing allowed for std root, like configuring firewalls, network devices, etc. but not everything, e.g. VE root can't change mtrr registers, can't issue raw SCSI commands, etc. Thanks, Kirill _______________________________________________ Users mailing list [email protected] https://openvz.org/mailman/listinfo/users
