2007-03-23 Jakub Jelinek <jakub@redhat.com>

* scripts/check-local-headers.sh: Filter out sys/capability.h. 2007-03-22 Jakub Jelinek <jakub@redhat.com> * config.h.in (HAVE_LIBCAP): Add. * nscd/selinux.h: Include sys/capability.h rather than non-existent sys/capabilities.h. * nscd/selinux.c (preserve_capabilities): Use cap_free instead of free_caps. Cast away const from 4th cap_set_flag argument.
2024-11-27 03:41:23 +08:00 · 2007-07-12 15:07:13 +00:00 · 2007-07-12 15:07:13 +00:00 · 57924f941f
commit 57924f941f
parent 76a149ca08
5 changed files with 26 additions and 6 deletions
--- a/12
+++ b/12
@ -1,3 +1,15 @@
+2007-03-23  Jakub Jelinek  <jakub@redhat.com>
+
+	* scripts/check-local-headers.sh: Filter out sys/capability.h.
+
+2007-03-22  Jakub Jelinek  <jakub@redhat.com>
+
+	* config.h.in (HAVE_LIBCAP): Add.
+	* nscd/selinux.h: Include sys/capability.h rather than non-existent
+	sys/capabilities.h.
+	* nscd/selinux.c (preserve_capabilities): Use cap_free instead of
+	free_caps.  Cast away const from 4th cap_set_flag argument.
+
 2007-03-16  Jakub Jelinek  <jakub@redhat.com>

 	* elf/dl-open.c (dl_open_worker): Declare l in 2 different
--- a/config.h.in
+++ b/config.h.in
@ -19,6 +19,9 @@
 /* Defined if building with SELinux support & audit libs are detected. */
 #undef	HAVE_LIBAUDIT

+/* Defined if building with SELinux support & libcap libs are detected.  */
+#undef  HAVE_LIBCAP
+
 /* Define if using XCOFF. Set by --with-xcoff.  */
 #undef	HAVE_XCOFF

--- a/nscd/selinux.c
+++ b/nscd/selinux.c
@ -182,18 +182,22 @@ preserve_capabilities (void)
  if (tmp_caps == NULL || new_caps == NULL)
    {
      if (tmp_caps != NULL)
-	free_caps (tmp_caps);
+	cap_free (tmp_caps);

      dbg_log (_("Failed to initialize drop of capabilities"));
      error (EXIT_FAILURE, 0, _("cap_init failed"));
    }

  /* There is no reason why these should not work.  */
-  cap_set_flag (new_caps, CAP_PERMITTED, nnew_cap_list, new_cap_list, CAP_SET);
-  cap_set_flag (new_caps, CAP_EFFECTIVE, nnew_cap_list, new_cap_list, CAP_SET);
+  cap_set_flag (new_caps, CAP_PERMITTED, nnew_cap_list,
+		(cap_value_t *) new_cap_list, CAP_SET);
+  cap_set_flag (new_caps, CAP_EFFECTIVE, nnew_cap_list,
+		(cap_value_t *) new_cap_list, CAP_SET);

-  cap_set_flag (tmp_caps, CAP_PERMITTED, ntmp_cap_list, tmp_cap_list, CAP_SET);
-  cap_set_flag (tmp_caps, CAP_EFFECTIVE, ntmp_cap_list, tmp_cap_list, CAP_SET);
+  cap_set_flag (tmp_caps, CAP_PERMITTED, ntmp_cap_list,
+		(cap_value_t *) tmp_cap_list, CAP_SET);
+  cap_set_flag (tmp_caps, CAP_EFFECTIVE, ntmp_cap_list,
+		(cap_value_t *) tmp_cap_list, CAP_SET);

  int res = cap_set_proc (tmp_caps);

--- a/nscd/selinux.h
+++ b/nscd/selinux.h
@ -23,7 +23,7 @@

 #include "nscd.h"
 #ifdef HAVE_LIBCAP
-# include <sys/capabilities.h>
+# include <sys/capability.h>
 #endif

 #ifdef HAVE_SELINUX
--- a/scripts/check-local-headers.sh
+++ b/scripts/check-local-headers.sh
@ -30,6 +30,7 @@ if fgrep "$includedir" */*.d |
 fgrep -v "$includedir/asm" |
 fgrep -v "$includedir/linux" |
 fgrep -v "$includedir/selinux" |
+fgrep -v "$includedir/sys/capability.h" |
 fgrep -v "$includedir/gd"; then
  # If we found a match something is wrong.
  exit 1