[systemd-devel] [PATCH] Drop ConditionCapability=CAP_MKNOD from *udev* units

[Lennart Poettering]

On Thu, 25.07.13 19:19, Gerardo Exequiel Pozzi (vmlinuz386 at yahoo.com.ar) wrote:

> > Anyway, I don't get what you are trying to achieve by your patch please
> > elaborate.
> 
> My thought was simple: "Hey! what is doing CAP_MKNOD here since is not
> needed anymore for udev, remove them!". Ok course, I did not think in
> containers, my bad.
> 
> Anyway, this should be changed to something more "obvious" thing for
> testing about running environment.
> 
> Q: If udev should not run in container why not udevd itself check about
> this?

It's an optimization. ConditionCapability= means we don't even bother
with forking off the udev process when running in a container.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.