Re: [libvirt-users] lxc capabilities
On Thu, Dec 08, 2011 at 07:14:41AM -0800, Chris Haumesser wrote:
Chris Haumesser wrote:
> Am I misinterpreting the output of getpcaps then? (getpcaps is rather
> undocumented).
Answering my own question, I was misinterpreting the output of getpcaps.
I found the cap_from_text(3) man page, which explained the output format.
I still don't understand why I was able to reboot the host from within a
container, however.
Well I just confirmed (the hard way!) that you are correct. It is possible
to reboot the host from inside the container, despire CAP_SYS_REBOOT
being blocked. I'll try & figure out how that's happening/possible...
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|