[libvirt] [RFC][PATCH] lxc: drop CAP_SYS_BOOT capability to prevent rebooting from inside containers
Daniel P. Berrange
berrange at redhat.com
Mon May 11 16:41:39 UTC 2009
On Mon, May 11, 2009 at 12:37:25PM -0400, Dave Allan wrote:
> Matthias Bolte wrote:
> >2009/5/11 Daniel P. Berrange <berrange at redhat.com>:
> >>On Mon, May 11, 2009 at 05:59:45PM +0200, Matthias Bolte wrote:
> >>>Hi,
> >>>
> >>>I needed to apply the following two small changes to get it compile.
> >>>
> >>>On my system (Ubuntu 9.04) I don't have a sys/capability.h header, but
> >>>a linux/capability.h header as part of the linux-libc-dev package.
> >>That is because sys/capability.h is provided by libcap, not libc.
> >>I guess you don't have libcap-dev installed.
> >>
> >>$ rpm -qf /usr/include/sys/capability.h
> >>libcap-devel-2.06-4.fc9.i386
> >>
> >
> >You guess was correct. With libcap-dev installed it compiles without
> >problems.
>
> We should check for the presence of libcap-dev in the configure script.
And also add a BuildRequires to the RPM specfile
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the libvir-list
mailing list