similar to: No subject

This patch adds the ability to kinit to allow the dropping of POSIX capabilities. kinit is modified by this change, such that it understands the new kernel command line "drop_capabilities=" that specifies a comma separated list of capability names that should be dropped before switching over to the next init in the boot strap (typically on the root disk). When processing capabilities

[Mod: The to address has been changed. The original message has been CC'ed to linux-security. This is mostly FYI only -- alex] Winfried, Good question. Since Linux-2.2.* has hit the streets, I'm guessing there may be wider interest in this sort of thing so I'm CC'ing my reply to linux-security. The capability stuff in the kernel provides a way to strip away all of the privilege

Hi! I with my colleagues from Samsung trying to run systemd in Linux container. I saw that the others are experimenting in this topic, so I would like to present the results of my work and tests, perhaps it will be helpful to others. As the prototype I used a manual written by Daniel: https://www.berrange.com/posts/2013/08/12/running-a-full-fedora-os-inside-a-libvirt-lxc-guest/ After many

The usage of strict_strtoul() is not preferred, because strict_strtoul() is obsolete. Thus, kstrtoul() should be used. Signed-off-by: Jingoo Han <jg1.han at samsung.com> --- drivers/xen/xen-selfballoon.c | 54 +++++++++++++++++++++++++++-------------- 1 file changed, 36 insertions(+), 18 deletions(-) diff --git a/drivers/xen/xen-selfballoon.c b/drivers/xen/xen-selfballoon.c index

The usage of strict_strtoul() is not preferred, because strict_strtoul() is obsolete. Thus, kstrtoul() should be used. Signed-off-by: Jingoo Han <jg1.han at samsung.com> --- drivers/xen/xen-selfballoon.c | 54 +++++++++++++++++++++++++++-------------- 1 file changed, 36 insertions(+), 18 deletions(-) diff --git a/drivers/xen/xen-selfballoon.c b/drivers/xen/xen-selfballoon.c index

The usage of strict_strtoul() is not preferred, because strict_strtoul() is obsolete. Thus, kstrtoul() should be used. Signed-off-by: Jingoo Han <jg1.han at samsung.com> --- drivers/xen/xen-selfballoon.c | 54 +++++++++++++++++++++++++++-------------- 1 file changed, 36 insertions(+), 18 deletions(-) diff --git a/drivers/xen/xen-selfballoon.c b/drivers/xen/xen-selfballoon.c index

This patchset applies to klibc mainline. As is it will probably collide with Maximilian's recent patch to rename run-init to switch_root posted last week. To boot an untrusted environment with certain capabilities locked out, we'd like to be able to drop the capabilities up front from early userspace, before we actually transition onto the root volume. This patchset implements this by

On 4/30/19 3:15 PM, Peter Crowther wrote: > On Tue, 30 Apr 2019 at 10:48, Daniel P. Berrangé <berrange@redhat.com> > wrote: > >> On Tue, Apr 30, 2019 at 10:45:03AM +0100, Peter Crowther wrote: >>> On Tue, 30 Apr 2019 at 10:40, Michal Privoznik <mprivozn@redhat.com> >> wrote: >>> >>>> Is there any problem running libvirtd as root?

Filesystem rebalancing (BTRFS_IOC_BALANCE) affects the entire filesystem and may run uninterruptibly for a long time. This does not seem to be something that an unprivileged user should be able to do. Reported-by: Aron Xu <happyaron.xu@gmail.com> Signed-off-by: Ben Hutchings <ben@decadent.org.uk> --- fs/btrfs/volumes.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-)

On 8/11/23 00:00, Jakub Kicinski wrote: > On Thu, 10 Aug 2023 17:42:11 -0400 Michael S. Tsirkin wrote: >>> Directly into the stack? I thought VDUSE is vDPA in user space, >>> meaning to get to the kernel the packet has to first go thru >>> a virtio-net instance. >> >> yes. is that a sufficient filter in your opinion? > > Yes, the ability to create

On 8/11/23 00:00, Jakub Kicinski wrote: > On Thu, 10 Aug 2023 17:42:11 -0400 Michael S. Tsirkin wrote: >>> Directly into the stack? I thought VDUSE is vDPA in user space, >>> meaning to get to the kernel the packet has to first go thru >>> a virtio-net instance. >> >> yes. is that a sufficient filter in your opinion? > > Yes, the ability to create

On Tue, Aug 29, 2023 at 03:34:06PM +0200, Maxime Coquelin wrote: > > > On 8/11/23 00:00, Jakub Kicinski wrote: > > On Thu, 10 Aug 2023 17:42:11 -0400 Michael S. Tsirkin wrote: > > > > Directly into the stack? I thought VDUSE is vDPA in user space, > > > > meaning to get to the kernel the packet has to first go thru > > > > a virtio-net instance.

I am wondering what is the interaction between SE Linux and the kernel "capabilities" in CentOS 5.1? I'm trying to open a raw socket and keep getting permission denied errors. I've tried using the lcap library to find that CAP_SETPCAP appears to be off in the kernel. For compliance reasons, I don't want to turn this on. I've also tried a hand-crafted SE Linux

On 8/29/23 19:05, Michael S. Tsirkin wrote: > On Tue, Aug 29, 2023 at 03:34:06PM +0200, Maxime Coquelin wrote: >> >> >> On 8/11/23 00:00, Jakub Kicinski wrote: >>> On Thu, 10 Aug 2023 17:42:11 -0400 Michael S. Tsirkin wrote: >>>>> Directly into the stack? I thought VDUSE is vDPA in user space, >>>>> meaning to get to the kernel the packet

This patch to the balloon driver eliminates the need for a user-space program to slosh memory between domains and xen. This uses a proc file at /proc/xen/memory_target. When read it reports memory the domain owns in bytes. Writing a new value to the memory_target proc file will cause the domain to exchange memory with xen to reach the target. A xenolinux domain cannot grow bigger than it was

On Tue, 30 Apr 2019 at 10:48, Daniel P. Berrangé <berrange@redhat.com> wrote: > On Tue, Apr 30, 2019 at 10:45:03AM +0100, Peter Crowther wrote: > > On Tue, 30 Apr 2019 at 10:40, Michal Privoznik <mprivozn@redhat.com> > wrote: > > > > > Is there any problem running libvirtd as root? > > > > > > Yes, in the regulated environment in which I

> # chown -R foo:foo /var/lib/libvirt/filesystems/mycontainer you must "shift" the uids for the container 0 -> 666, 1 -> 667, 2 -> 668. there is a tool for this: uidmapshift some tools may not work, because of the missing file capabilities. chown removes all file capabilities! try ping as user inside the container. (missing file cap cap_net_admin,cap_net_raw) /stephan --

https://bugzilla.samba.org/show_bug.cgi?id=11422 Bug ID: 11422 Summary: Feature request: add support for Linux libcap[-ng] Product: rsync Version: 3.1.1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: core Assignee: wayned at samba.org

Add a mount option user_subvol_rm_allowed that allows users to delete a (potentially non-empty!) subvol when they would otherwise we allowed to do an rmdir(2). We duplicate the may_delete() checks from the core VFS code to implement identical security checks (minus the directory size check). Signed-off-by: Sage Weil <sage@newdream.net> --- fs/btrfs/ctree.h | 1 + fs/btrfs/ioctl.c |

On Thu, Jul 14, 2011 at 5:48 PM, Mike Waychison <mikew at google.com> wrote: > On Thu, Jul 14, 2011 at 4:39 PM, Alan Cox <alan at lxorguk.ukuu.org.uk> wrote: >>> for stuff I probably should be disabling considering my goal of making >>> it difficult for root to compromise a system. ?And yes, modules are >>> disabled :) >> >> If you have