[systemd-devel] [PATCH] Drop ConditionCapability=CAP_MKNOD from *udev* units
Colin Guthrie
gmane at colin.guthr.ie
Thu Jul 25 02:09:41 PDT 2013
'Twas brillig, and Frederic Crozat at 25/07/13 09:54 did gyre and gimble:
> Le jeudi 25 juillet 2013 à 10:45 +0200, Thomas Bächler a écrit :
>> Am 25.07.2013 10:18, schrieb Frederic Crozat:
>>> Le mercredi 24 juillet 2013 à 18:41 -0300, Gerardo Exequiel Pozzi a
>>> écrit :
>>>> Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386 at yahoo.com.ar>
>>>> ---
>>>> units/systemd-udev-settle.service.in | 1 -
>>>> units/systemd-udev-trigger.service.in | 1 -
>>>> units/systemd-udevd-control.socket | 1 -
>>>> units/systemd-udevd-kernel.socket | 1 -
>>>> 4 files changed, 4 deletions(-)
>>>
>>> What do you expect to fix with this patch ?
>>>
>>> This will just break distro containers (nspawn / lxc) since it will
>>> cause udev to be started there.
>>
>> If these units should not be started in containers, this should be
>> reflected with ConditionVirtualization. ConditionCapability is not
>> related to containers at all.
>
> Kay changed from ConditionVirtualizaton to ConditionCapability with
> commit 9371e6f3e04b03692c23e392fdf005a08ccf1edb (Date: Wed Oct 12
> 02:02:16 2011 +0200)
I guess the fact that the udev units no longer need CAP_MKNOD (with that
functionality moving to kmod and tmpfiles) means that this condition
seems rather wrong these days.
Perhaps the ConditionVirtualization may be the more appropriate one
again these days?
Col
--
Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/
Day Job:
Tribalogic Limited http://www.tribalogic.net/
Open Source:
Mageia Contributor http://www.mageia.org/
PulseAudio Hacker http://www.pulseaudio.org/
Trac Hacker http://trac.edgewall.org/
More information about the systemd-devel
mailing list