Add CAP_NS_OVERRIDE (34).

Signed-off-by: Andrew G. Morgan <morgan@kernel.org> Signed-off-by: Serge H. Hallyn <sergeh@us.ibm.com>
author: Serge E. Hallyn <sergeh@us.ibm.com> 2008-02-07 11:12:31 -0800
committer: Andrew G. Morgan <morgan@kernel.org> 2008-02-07 11:12:31 -0800
commit: 6f8418fa5e8a253970e317600cb963ff45fbe24e (patch)
tree: 93dbf93e055db76d23a6f993f3995aa2e561fc3e
parent: 5b71e2bdcfba29ce1a5097ae39eca261132b097b (diff)
download: libcap-6f8418fa5e8a253970e317600cb963ff45fbe24e.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/libcap/include/linux/capability.h b/libcap/include/linux/capability.h
index 7d50ff6..58bc24e 100644
--- a/libcap/include/linux/capability.h
+++ b/libcap/include/linux/capability.h
@@ -332,7 +332,14 @@ typedef struct kernel_cap_struct {
 
 #define CAP_MAC_ADMIN        33
 
-#define CAP_LAST_CAP         CAP_MAC_ADMIN
+/* Allow acting on resources in another namespace.  In
+   particular:
+      1. when combined with CAP_KILL, kill users in another
+         user namespace
+ */
+#define CAP_NS_OVERRIDE      34
+
+#define CAP_LAST_CAP         CAP_NS_OVERRIDE
 
 #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
author	Serge E. Hallyn <sergeh@us.ibm.com>	2008-02-07 11:12:31 -0800
committer	Andrew G. Morgan <morgan@kernel.org>	2008-02-07 11:12:31 -0800
commit	6f8418fa5e8a253970e317600cb963ff45fbe24e (patch)
tree	93dbf93e055db76d23a6f993f3995aa2e561fc3e
parent	5b71e2bdcfba29ce1a5097ae39eca261132b097b (diff)
download	libcap-6f8418fa5e8a253970e317600cb963ff45fbe24e.tar.gz