[Bug 1700814] Re: Default capability of cap_setfcap+i should be set on setcap
Serge Hallyn
1700814 at bugs.launchpad.net
Thu Jun 29 22:43:39 UTC 2017
Indeed it should be reasonable to do so. Note that there are cases,
including unprivileged containers, where file capabilities cannot be
set, so the packaging would have to gracefully handle (i.e. ignore) that
failure rather than fail the package install.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libcap2 in Ubuntu.
https://bugs.launchpad.net/bugs/1700814
Title:
Default capability of cap_setfcap+i should be set on setcap
Status in libcap2 package in Ubuntu:
New
Bug description:
If I grant a user (via pam_cap) cap_setfcap+i, I would then expect
them to be able to use setcap without sudo. setcap is not provided
with any default file capabilities however, so either the user has to
sudo, or I have to grant the setfcap capability to setcap with setcap.
In my mind, it would be reasonable to grant setfcap+i to setcap by
default on installation.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libcap2/+bug/1700814/+subscriptions
More information about the foundations-bugs
mailing list