Author: Michael Weiß <michael.weiss@xxxxxxxxxxxxxxxxxxx>
Date: Fri, 8 Mar 2024 12:17:35 +0100
Oh yes your right that I have missed. I think non-global per-netns sysctls should be save to be allowed for unprivileged roots. sysfs can only be mounted rw in a new private netns. Just unsharing the
Hello, I planned such change but as followup patchset to other work which converts many structures to be per-netns. There is a RFC v2 patchset for reference: https://archive.linuxvirtualserver.org/ht
Author: Michael Weiß <michael.weiss@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 7 Mar 2024 21:31:06 +0100
Configuring ipvs in a non-initial user namespace using the genl netlink interface, e.g., by 'ipvsadm' is currently resulting in an '-EPERM'. This is due to the use of GENL_ADMIN_PERM flag in 'ip_vs_c