On 2023-07-21, Vagrant Cascadian wrote:
> Thanks for the refreshed v2 patches! I gave them a quick spin...
>
> As noted on IRC, apparently it lacks actual calls to setcap, so that
> part still needs another patch at least!
>
> Otherwise, it did seem to more-or-less work...
>
> There are compatibility symlinks from /run/setuid-programs to
> /run/privledged/bin and it sets setuid on requested files.

Oh, I noticed on reconfiguring back to a system without the patches to
support /run/privileged configurations ... the /run/privileged directory
is still present, with all those files sitting there in their previous
state.

This is why I think at least by default, many other distros implement
/run as a tmpfs or similar, so that it at least gets thrown out at
reboot. Though this is obviously a deeper problem than just this patch
series... I will file a separate bug about that.

live well,
  vagrant