[Devel] [PATCH] fs/locks: Make CAP_LEASE work in containers
Evgenii Shatokhin
eshatokhin at virtuozzo.com
Tue Apr 26 02:04:14 PDT 2016
Hi,
Cyrill, could you please review this patch?
Thanks in advance.
Regards,
Evgenii
25.04.2016 18:22, Evgenii Shatokhin пишет:
> https://jira.sw.ru/browse/PSBM-46199
>
> Allowing the privileged processes in the containers to set leases on
> arbitrary files seems to make no harm. Let us make CAP_LEASE work there.
>
> Signed-off-by: Evgenii Shatokhin <eshatokhin at virtuozzo.com>
> ---
> fs/locks.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/locks.c b/fs/locks.c
> index 93c097b..82e9bc3 100644
> --- a/fs/locks.c
> +++ b/fs/locks.c
> @@ -1693,7 +1693,7 @@ int generic_setlease(struct file *filp, long arg, struct file_lock **flp,
> struct inode *inode = dentry->d_inode;
> int error;
>
> - if ((!uid_eq(current_fsuid(), inode->i_uid)) && !capable(CAP_LEASE))
> + if ((!uid_eq(current_fsuid(), inode->i_uid)) && !ve_capable(CAP_LEASE))
> return -EACCES;
> if (!S_ISREG(inode->i_mode))
> return -EINVAL;
>
More information about the Devel
mailing list