[PATCH 3/9] allow sethostname in a container

Eric W. Biederman ebiederm at xmission.com
Thu Feb 17 19:05:21 PST 2011


"Serge E. Hallyn" <serge at hallyn.com> writes:

Acked-by: "Eric W. Biederman" <ebiederm at xmission.com>


> Signed-off-by: Serge E. Hallyn <serge.hallyn at canonical.com>
> ---
>  kernel/sys.c |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/kernel/sys.c b/kernel/sys.c
> index 18da702..7a1bbad 100644
> --- a/kernel/sys.c
> +++ b/kernel/sys.c
> @@ -1177,7 +1177,7 @@ SYSCALL_DEFINE2(sethostname, char __user *, name, int, len)
>  	int errno;
>  	char tmp[__NEW_UTS_LEN];
>  
> -	if (!capable(CAP_SYS_ADMIN))
> +	if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN))
>  		return -EPERM;
>  	if (len < 0 || len > __NEW_UTS_LEN)
>  		return -EINVAL;


More information about the Containers mailing list