[Devel] [PATCH 3/3] ve: remove ns_capable(CAP_VE.*)
Vladimir Davydov
vdavydov at parallels.com
Fri Aug 28 06:58:50 PDT 2015
On Fri, Aug 28, 2015 at 05:20:03PM +0400, Andrew Vagin wrote:
> If we use user namespaces, we don't need to have special capabilities.
>
> Signed-off-by: Andrew Vagin <avagin at openvz.org>
Lovely :-) Although it'd be even better if you reverted all the patches
tampering capability checks one-by-one so that it'd be easier to drop
them during the next rebase. Anyway,
Reviewed-by: Vladimir Davydov <vdavydov at parallels.com>
A couple of notes regarding this patch set.
It seems CAP_VE_ADMIN and CAP_VE_NET_ADMIN are not used anymore. Let's
drop them?
Also, you forgot to revert commit 1875887f263e ("ve: caps: ignore
setting wrong caps with CAP_SETPCAP"), please do it in a separate patch.
More information about the Devel
mailing list