Use libcap library instead raw system calls
atkac at redhat.com
Wed Feb 20 15:16:41 UTC 2008
On Wed, Feb 20, 2008 at 04:00:20PM +0100, Adam Tkac wrote:
> Hi all,
> I have problems with capset system call on latest linux kernels
> (version 2.6.25 rc0 and newer). This syscall have been changed (not
> sure what exactly but was changed) and named simply stops work (you
> can see http://thread.gmane.org/gmane.linux.kernel/635219). I've
> created patch which switch to libcap library (POSIX.1e capabilities
> implementation on Linux) instead use raw syscall. It can be also
> benefit on other platforms whose are posix.1e compatible. I saw some
> changes in CVS around this (change 2325.) but this doesn't solve
> problem when you compile named on 2.6.25-rc1 kernel. Would it be
> possible to include attached patch to main source? Or do you have any
> reason why not include it?
> Regards, Adam
> PS: in final version return values from cap_set_flag should be checked
> Adam Tkac, Red Hat, Inc.
And if we are discussing changes in bin/named/unix/os.c file I think
it is also possible simply remove linux_minprivs() function because all
stuff is done in linux_initialprivs(). Please correct me if I'm wrong.
Adam Tkac, Red Hat, Inc.
More information about the bind-workers