Add more capabilities

author dlezcano <dlezcano>

Mon, 16 Feb 2009 10:19:27 +0000 (10:19 +0000)

committer dlezcano <dlezcano>

Mon, 16 Feb 2009 10:19:27 +0000 (10:19 +0000)
author dlezcano <dlezcano>
Mon, 16 Feb 2009 10:19:27 +0000 (10:19 +0000)
committer dlezcano <dlezcano>
Mon, 16 Feb 2009 10:19:27 +0000 (10:19 +0000)
diff --git a/lxc.spec.in b/lxc.spec.in

index db4018ac9ffa6c796fc1482f51fdcd266233cdf2..86832d1f138b2fecccadb9a496cfcfa937298333 100644 (file)
--- a/lxc.spec.in
+++ b/lxc.spec.in
@@ -71,18 +71,23 @@ rm -rf %{buildroot}
  mkdir -p /var/lxc
  chmod ugo+w /var/lxc
  
-setcap cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
-    %{_bindir}/lxc-execute && \
-setcap cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
-    %{_bindir}/lxc-start && \
+setcap cap_sys_admin=ep %{_bindir}/lxc-init
+
+setcap cap_sys_admin=ep %{_bindir}/lxc-netstat
+
+setcap cap_sys_admin=ep %{_bindir}/lxc-create
+
+setcap cap_sys_chroot,cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
+    %{_bindir}/lxc-execute
+
+setcap cap_sys_chroot,cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
+    %{_bindir}/lxc-start
+
  setcap cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
-    %{_bindir}/lxc-restart && \
+    %{_bindir}/lxc-restart
+
  setcap cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
-    %{_bindir}/lxc-unshare && \
-setcap cap_sys_admin=ep \
-    %{_bindir}/lxc-init && \
-setcap cap_sys_admin=ep \
-    %{_bindir}/lxc-netstat
+    %{_bindir}/lxc-unshare
  
  %files
  %defattr(-,root,root)
@@ -99,6 +104,9 @@ setcap cap_sys_admin=ep \
  
  %changelog
  
+* Mon Feb 16 2009 Daniel Lezcano <daniel.lezcano@free.fr> - Version 0.6.0
+- Added more capabilities to the executables
+
  * Sun Jan 25 2009 Daniel Lezcano <daniel.lezcano@free.fr> - Version 0.6.0
  - Reduced spec file
  
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am

index 677ebe4f663c5e4338b0a86c1b0382de1449bdf6..c02d811190997a878dd1001bcc03ead71ed285b8 100644 (file)
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -126,18 +126,27 @@ lxc_version_LDADD = liblxc.la
  install-exec-local:
         -@export PATH=$$PATH:/sbin:/usr/sbin && \
          mkdir -p $(localstatedir) && \
-        setcap cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
+               \
+        setcap cap_sys_admin=ep $(bindir)/lxc-create && \
+               \
+        setcap cap_sys_chroot,cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
                 $(bindir)/lxc-execute && \
-        setcap cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
+               \
+        setcap cap_sys_chroot,cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
                 $(bindir)/lxc-start && \
+               \
          setcap cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
                 $(bindir)/lxc-restart && \
+               \
          setcap cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep \
                 $(bindir)/lxc-unshare && \
+               \
          setcap cap_sys_admin=ep \
                 $(bindir)/lxc-init && \
+               \
          setcap cap_sys_admin=ep \
                 $(bindir)/lxc-netstat && \
+               \
          mkdir -p $(prefix)/var/lxc && \
          chmod ugo+rw $(prefix)/var/lxc || \
         (echo && echo && \
author	dlezcano <dlezcano>
	Mon, 16 Feb 2009 10:19:27 +0000 (10:19 +0000)
committer	dlezcano <dlezcano>
	Mon, 16 Feb 2009 10:19:27 +0000 (10:19 +0000)
lxc.spec.in		patch \| blob \| blame \| history
src/lxc/Makefile.am		patch \| blob \| blame \| history