diff options
author | Daniel Golle <daniel@makrotopia.org> | 2020-10-19 21:39:17 +0100 |
---|---|---|
committer | Daniel Golle <daniel@makrotopia.org> | 2020-10-21 15:22:30 +0100 |
commit | a2def3663a0feff12550906c33f9ecc3e5fb2a5d (patch) | |
tree | e31c883f642904bd41df5d3bd2eacf96643a59d9 /package/system/ucert | |
parent | 2dffadece9a7243a236ce7d91719787a671e23d4 (diff) | |
download | upstream-a2def3663a0feff12550906c33f9ecc3e5fb2a5d.tar.gz upstream-a2def3663a0feff12550906c33f9ecc3e5fb2a5d.tar.bz2 upstream-a2def3663a0feff12550906c33f9ecc3e5fb2a5d.zip |
procd: jail: clean up capability handling and non-root ubusd
Unify capability handling to only use OCI spec parsers even for ujail
slim containers which previously supposedly used their own format.
80c9516 cgroups: restrict allowed keys in 'unified' section
5ade567 cgroups: memory controller fixes
3121467 early: run ubusd non-root as user ubus, group ubus
12a5b97 jail: adapt to new ubus socket path
788d144 instance: actually wire up capabilities filename
ebc5a7f jail: nuke old capabilities code in favour of reusing OCI code
6c5233a jail: capabilities: apply in two phases
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Diffstat (limited to 'package/system/ucert')
0 files changed, 0 insertions, 0 deletions