Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add AUDIT_WRITE cap #7179

Merged
merged 1 commit into from
Jul 24, 2014
Merged

Add AUDIT_WRITE cap #7179

merged 1 commit into from
Jul 24, 2014

Conversation

LK4D4
Copy link
Contributor

@LK4D4 LK4D4 commented Jul 23, 2014

Fixes #6345

Thanks @larsks for outstanding investigation

@LK4D4
Add AUDIT_WRITE cap
29ecc95 
Fixes #6345

Thanks @larsks for outstanding investigation

Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
@LK4D4
Copy link
Contributor Author

LK4D4 commented Jul 23, 2014

ping @crosbymichael @unclejack

@thaJeztah thaJeztah mentioned this pull request Jul 23, 2014
Merged
@rhatdan
Copy link
Contributor

rhatdan commented Jul 23, 2014

Yes I guess we need this, although I would really prefer not to get audit messages from the container. There is an effort to add namespace to the audit subsystem which should be able to eliminate this need or at least stop audit messages from showing up in the hosts audit log.

@crosbymichael
Copy link
Contributor

@larsks spoke with some of the audit developers and they suggested that we retain AUDIT_WRITE to solve the issues that we are seeing on the newer kernel releases.

@unclejack
Copy link
Contributor

tested with kernel 3.14.12 and kernel 3.15.6

LGTM

@rhatdan
Copy link
Contributor

rhatdan commented Jul 24, 2014

LGTM. I have a patch with AUDIT_WRITE added back in for our testers.

@crosbymichael
Copy link
Contributor

LGTM

crosbymichael pushed a commit that referenced this pull request Jul 24, 2014
Merge pull request #7179 from LK4D4/add_cap_audit_write_#6345
2ed10ea 
Add AUDIT_WRITE cap
@crosbymichael crosbymichael merged commit 2ed10ea into moby:master Jul 24, 2014
@LK4D4 LK4D4 deleted the add_cap_audit_write_#6345 branch July 24, 2014 19:01
@unclejack unclejack mentioned this pull request Jul 29, 2014
Closed
tianon added a commit to tianon/docker-overlay that referenced this pull request Aug 15, 2014
@tianon
Add docker-1.1.2-r1 with AUDIT_WRITE patch from moby/moby#7179 for ke…
d7ab13d 
…rnels >=3.15
@thresheek thresheek mentioned this pull request Aug 16, 2015
Closed
@pweil- pweil- mentioned this pull request Jan 13, 2016
Merged
@mrmagooey mrmagooey mentioned this pull request Jul 12, 2017
Closed
@saschagrunert saschagrunert mentioned this pull request Jul 24, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Docker containers can conflict with users on host system in Linux 3.15
4 participants
@LK4D4 @rhatdan @crosbymichael @unclejack