git.ipfire.org Git - thirdparty/systemd.git/commit

]> git.ipfire.org Git - thirdparty/systemd.git/commit

projects / thirdparty / systemd.git / commit

author	Daan De Meyer <daan.j.demeyer@gmail.com>
	Fri, 5 Sep 2025 07:08:44 +0000 (09:08 +0200)
committer	GitHub <noreply@github.com>
	Fri, 5 Sep 2025 07:08:44 +0000 (09:08 +0200)
commit	f743084035c637fa804b543fac21b3de17a32050
tree	e7192d4518ff031f207d76556f9ed9fae710c3ca	tree \| snapshot
parent	a8211e88c7d6feea73fe468e4aecf7b76367d8a3	commit \| diff
parent	cadeaef67cb0f11bd968cfd6a183bcbfc73b0c70	commit \| diff

nspawn: Drop CAP_NET_BIND_SERVICE if in userns with identity mapping (#38723)

Even if there's no uid shift, we still won't be able to bind to
privileged ports in the host network namespace, so drop the capability
regardless of whether we have a uid shift or not.

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom