[libvirt] [PATCH 10/11] Allow CAP_SYS_REBOOT on new enough kernels
Daniel P. Berrange
berrange at redhat.com
Fri Jul 27 08:47:23 UTC 2012
On Fri, Jul 27, 2012 at 09:59:47AM +0200, Jiri Denemark wrote:
> On Tue, Jul 24, 2012 at 14:22:52 +0100, Daniel P. Berrange wrote:
> > @@ -1651,6 +1730,9 @@ static int lxcContainerChild( void *data )
> > goto cleanup;
> > }
> >
> > + if ((hasReboot = lxcContainerHasReboot()) < 0)
> > + goto cleanup;
> > +
> > cmd = lxcContainerBuildInitCmd(vmDef);
> > virCommandWriteArgLog(cmd, 1);
> >
> > @@ -1714,7 +1796,7 @@ static int lxcContainerChild( void *data )
> > }
> >
> > /* drop a set of root capabilities */
> > - if (lxcContainerDropCapabilities() < 0)
> > + if (lxcContainerDropCapabilities(!!hasReboot) < 0)
> > goto cleanup;
> >
> > if (lxcContainerSendContinue(argv->handshakefd) < 0) {
>
> I trust you the clone() and reboot() magic does the right thing :-) ACK.
Well it doesn't cause the host OS to reboot which is the important
thing :-)
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list