[prev in list] [next in list] [prev in thread] [next in thread] 

List:       libvirt-users
Subject:    Re: [libvirt-users] dropping capabilities in lxc containers
From:       "Daniel P. Berrange" <berrange () redhat ! com>
Date:       2014-01-29 14:38:03
Message-ID: 20140129143803.GQ790 () redhat ! com
[Download RAW message or body]

On Wed, Jan 29, 2014 at 03:33:23PM +0100, Thierry Parmentelat wrote:
> Thanks for the feedback
> I take it from your answer that there is no current plan in the
> direction of adding this as a feature, right ?

I'm not aware of anyone currently working on this feature.

> In this case, how would you welcome pull requests if we managed
> to add this on our side ?

Well it seems the sf.net LXC tools support a 'lxc.caps.drop'
flag to list caps that should be removed. Since we'd like to
have equivalent or greater features in libvirt, it seems that
it would be in scope to add such a config option to libvirt
XML. So if you'd like to work on it feel free to make a
proposal for XML config & patch.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

[prev in list] [next in list] [prev in thread] [next in thread]