[Bug 1700814] Re: Default capability of cap_setfcap+i should be set on setcap
Serge Hallyn
1700814 at bugs.launchpad.net
Mon Feb 26 16:12:51 UTC 2018
Even unprivileged containers are now usable in containers with the right
kernel, so this would be a good thing to add to the packaging.
I'm not sure when I'll have time, but assigning to myself so that I can
more easily find it when I do.
** Changed in: libcap2 (Ubuntu)
Assignee: (unassigned) => Serge Hallyn (serge-hallyn)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libcap2 in Ubuntu.
https://bugs.launchpad.net/bugs/1700814
Title:
Default capability of cap_setfcap+i should be set on setcap
Status in libcap2 package in Ubuntu:
New
Bug description:
If I grant a user (via pam_cap) cap_setfcap+i, I would then expect
them to be able to use setcap without sudo. setcap is not provided
with any default file capabilities however, so either the user has to
sudo, or I have to grant the setfcap capability to setcap with setcap.
In my mind, it would be reasonable to grant setfcap+i to setcap by
default on installation.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libcap2/+bug/1700814/+subscriptions
More information about the foundations-bugs
mailing list