diff options
| author | Torsten Hilbrich <torsten.hilbrich@secunet.com> | 2020-12-04 11:27:12 +0100 |
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2020-12-07 19:56:59 +0100 |
| commit | 88fc9c9bad006a9fd05fbe4fe0107a2adccdae3c (patch) | |
| tree | 8f00d836042f838004d0e330ecab309124951244 /src/nspawn/nspawn-gperf.gperf | |
| parent | Merge pull request #17766 from weblate/weblate-systemd-master (diff) | |
| download | systemd-88fc9c9bad006a9fd05fbe4fe0107a2adccdae3c.tar.xz systemd-88fc9c9bad006a9fd05fbe4fe0107a2adccdae3c.zip | |
systemd-nspawn: Allow setting ambient capability set
The old code was only able to pass the value 0 for the inheritable
and ambient capability set when a non-root user was specified.
However, sometimes it is useful to run a program in its own container
with a user specification and some capabilities set. This is needed
when the capabilities cannot be provided by file capabilities (because
the file system is mounted with MS_NOSUID for additional security).
This commit introduces the option --ambient-capability and the config
file option AmbientCapability=. Both are used in a similar way to the
existing Capability= setting. It changes the inheritable and ambient
set (which is 0 by default). The code also checks that the settings
for the bounding set (as defined by Capability= and DropCapability=)
and the setting for the ambient set (as defined by AmbientCapability=)
are compatible. Otherwise, the operation would fail in any way.
Due to the current use of -1 to indicate no support for ambient
capability set the special value "all" cannot be supported.
Also, the setting of ambient capability is restricted to running a
single program in the container payload.
Diffstat (limited to 'src/nspawn/nspawn-gperf.gperf')
| -rw-r--r-- | src/nspawn/nspawn-gperf.gperf | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/nspawn/nspawn-gperf.gperf b/src/nspawn/nspawn-gperf.gperf index 79304d21ab..7751c3c062 100644 --- a/src/nspawn/nspawn-gperf.gperf +++ b/src/nspawn/nspawn-gperf.gperf @@ -25,6 +25,7 @@ Exec.Parameters, config_parse_strv, 0, of Exec.Environment, config_parse_strv, 0, offsetof(Settings, environment) Exec.User, config_parse_string, 0, offsetof(Settings, user) Exec.Capability, config_parse_capability, 0, offsetof(Settings, capability) +Exec.AmbientCapability, config_parse_capability, 0, offsetof(Settings, ambient_capability) Exec.DropCapability, config_parse_capability, 0, offsetof(Settings, drop_capability) Exec.KillSignal, config_parse_signal, 0, offsetof(Settings, kill_signal) Exec.Personality, config_parse_personality, 0, offsetof(Settings, personality) |