unshare: add --setgroups=deny|allow - openslx/kernel-qcow2-util-linux.git

diff options

author	Karel Zak	2015-01-08 11:51:58 +0100
committer	Karel Zak	2015-01-09 10:35:16 +0100
commit	fbceefded6645de693d576cd988a703a6f60d207 (patch)
tree	9ca52ab8d876e470fd64601c7e7eac1e577fe36c /sys-utils/nsenter.c
parent	unshare: Fix --map-root-user to work on new kernels (diff)
download	kernel-qcow2-util-linux-fbceefded6645de693d576cd988a703a6f60d207.tar.gz kernel-qcow2-util-linux-fbceefded6645de693d576cd988a703a6f60d207.tar.xz kernel-qcow2-util-linux-fbceefded6645de693d576cd988a703a6f60d207.zip

unshare: add --setgroups=deny|allow

Since Linux 3.19 the file /proc/self/setgroups controls setgroups(2) syscall usage in user namespaces. This patch provides command line knob for this feature. The new --setgroups does not automatically implies --user to avoid complexity, it's user's responsibility to use it in right context. The exception is --map-root-user which is mutually exclusive to --setgroups=allow. CC: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Karel Zak <kzak@redhat.com>

Diffstat (limited to 'sys-utils/nsenter.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: