From: Christian Brauner Date: Mon, 4 Jan 2021 09:50:07 +0000 (+0100) Subject: conf: define missing capabilities X-Git-Tag: lxc-5.0.0~325^2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f2da98c04597cc55c84da67fca6ae54ee68e119d;p=thirdparty%2Flxc.git conf: define missing capabilities Signed-off-by: Christian Brauner --- diff --git a/src/lxc/conf.c b/src/lxc/conf.c index d5c069553..bc0d01463 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -210,28 +210,16 @@ static struct caps_opt caps_opt[] = { { "sys_tty_config", CAP_SYS_TTY_CONFIG }, { "mknod", CAP_MKNOD }, { "lease", CAP_LEASE }, -#ifdef CAP_AUDIT_READ { "audit_read", CAP_AUDIT_READ }, -#endif -#ifdef CAP_AUDIT_WRITE { "audit_write", CAP_AUDIT_WRITE }, -#endif -#ifdef CAP_AUDIT_CONTROL { "audit_control", CAP_AUDIT_CONTROL }, -#endif { "setfcap", CAP_SETFCAP }, { "mac_override", CAP_MAC_OVERRIDE }, { "mac_admin", CAP_MAC_ADMIN }, -#ifdef CAP_SYSLOG { "syslog", CAP_SYSLOG }, -#endif -#ifdef CAP_WAKE_ALARM { "wake_alarm", CAP_WAKE_ALARM }, -#endif -#ifdef CAP_BLOCK_SUSPEND { "block_suspend", CAP_BLOCK_SUSPEND }, #endif -#endif }; static struct limit_opt limit_opt[] = { diff --git a/src/lxc/macro.h b/src/lxc/macro.h index 7a8e15f38..4882b1781 100644 --- a/src/lxc/macro.h +++ b/src/lxc/macro.h @@ -49,6 +49,14 @@ #define CAP_SYS_ADMIN 21 #endif +#ifndef CAP_AUDIT_WRITE +#define CAP_AUDIT_WRITE 29 +#endif + +#ifndef CAP_AUDIT_CONTROL +#define CAP_AUDIT_CONTROL 30 +#endif + #ifndef CAP_SETFCAP #define CAP_SETFCAP 31 #endif @@ -61,6 +69,22 @@ #define CAP_MAC_ADMIN 33 #endif +#ifndef CAP_SYSLOG +#define CAP_SYSLOG 34 +#endif + +#ifndef CAP_WAKE_ALARM +#define CAP_WAKE_ALARM 35 +#endif + +#ifndef CAP_BLOCK_SUSPEND +#define CAP_BLOCK_SUSPEND 36 +#endif + +#ifndef CAP_AUDIT_READ +#define CAP_AUDIT_READ 37 +#endif + /* prctl */ #ifndef PR_CAPBSET_READ #define PR_CAPBSET_READ 23