chiark / gitweb /
~ianmdlvl / elogind.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1fc5560) | patch
tmpfiles.d: Create /var/lib/containers
authorMartin Pitt <martin.pitt@ubuntu.com>
Thu, 20 Nov 2014 13:37:08 +0000 (14:37 +0100)
committerLennart Poettering <lennart@poettering.net>
Thu, 20 Nov 2014 23:34:26 +0000 (00:34 +0100)
commit797e7a51cdfb23fa1b90b0a0ea2d5c1c83a739e1
treef4efc0322171aa6da9a87a390af2110b28c1ca02tree | snapshot
parent1fc5560911a7e9e8cf2993e17e1f0a001e148809commit | diff
tmpfiles.d: Create /var/lib/containers

Create /var/lib/containers so that it exists with an appropriate mode. We want
0700 by default so that users on the host aren't able to call suid root
binaries in the container. This becomes a security issue if a user can enter a
container as root, create a suid root binary, and call that from the host.
(This assumes that containers are caged by mandatory access control or are
started as user).
tmpfiles.d/var.conf diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.