On Tue, Jul 01, 2025 at 08:31:23PM +0200, Matteo Croce wrote: > From: Matteo Croce <teknoraver@xxxxxxxx> > > In the BPF token example, the fsopen() syscall is called as privileged > user. This is unneeded because fsopen() can be called also as > unprivileged user from the user namespace. > As the `fs_fd` file descriptor which was sent back and fort is still the > same, keep it open instead of cloning and closing it twice via SCM_RIGHTS. > > cfr. https://github.com/systemd/systemd/pull/36134 > > Signed-off-by: Matteo Croce <teknoraver@xxxxxxxx> > --- Thanks! Acked-by: Christian Brauner <brauner@xxxxxxxxxx>
