This is the mail archive of the libc-hacker@sourceware.org mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH] Fix nscd HAVE_LIBCAP


Hi!

While configure.in has AC_DEFINE(HAVE_LIBCAP), config.h.in doesn't and
so it was never defined.  After defining this I found a couple of compile
time bugs that were masked by it.

2007-03-22  Jakub Jelinek  <jakub@redhat.com>

	* config.h.in (HAVE_LIBCAP): Add.
	* nscd/selinux.h: Include sys/capability.h rather than non-existent
	sys/capabilities.h.
	* nscd/selinux.c (preserve_capabilities): Use cap_free instead of
	free_caps.  Cast away const from 4th cap_set_flag argument.

--- libc/config.h.in.jj	2006-10-31 23:05:27.000000000 +0100
+++ libc/config.h.in	2007-03-22 16:39:46.000000000 +0100
@@ -19,6 +19,9 @@
 /* Defined if building with SELinux support & audit libs are detected. */
 #undef	HAVE_LIBAUDIT
 
+/* Defined if building with SELinux support & libcap libs are detected.  */
+#undef  HAVE_LIBCAP
+
 /* Define if using XCOFF. Set by --with-xcoff.  */
 #undef	HAVE_XCOFF
 
--- libc/nscd/selinux.h.jj	2006-04-26 18:27:39.000000000 +0200
+++ libc/nscd/selinux.h	2007-03-22 16:47:50.000000000 +0100
@@ -1,5 +1,5 @@
 /* Header for nscd SELinux access controls.
-   Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2007 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Matthew Rickard <mjricka@epoch.ncsc.mil>, 2004.
 
@@ -23,7 +23,7 @@
 
 #include "nscd.h"
 #ifdef HAVE_LIBCAP
-# include <sys/capabilities.h>
+# include <sys/capability.h>
 #endif
 
 #ifdef HAVE_SELINUX
--- libc/nscd/selinux.c.jj	2007-01-15 23:25:28.000000000 +0100
+++ libc/nscd/selinux.c	2007-03-22 17:21:36.000000000 +0100
@@ -187,18 +187,22 @@ preserve_capabilities (void)
   if (tmp_caps == NULL || new_caps == NULL)
     {
       if (tmp_caps != NULL)
-	free_caps (tmp_caps);
+	cap_free (tmp_caps);
 
       dbg_log (_("Failed to initialize drop of capabilities"));
       error (EXIT_FAILURE, 0, _("cap_init failed"));
     }
 
   /* There is no reason why these should not work.  */
-  cap_set_flag (new_caps, CAP_PERMITTED, nnew_cap_list, new_cap_list, CAP_SET);
-  cap_set_flag (new_caps, CAP_EFFECTIVE, nnew_cap_list, new_cap_list, CAP_SET);
-
-  cap_set_flag (tmp_caps, CAP_PERMITTED, ntmp_cap_list, tmp_cap_list, CAP_SET);
-  cap_set_flag (tmp_caps, CAP_EFFECTIVE, ntmp_cap_list, tmp_cap_list, CAP_SET);
+  cap_set_flag (new_caps, CAP_PERMITTED, nnew_cap_list,
+		(cap_value_t *) new_cap_list, CAP_SET);
+  cap_set_flag (new_caps, CAP_EFFECTIVE, nnew_cap_list,
+		(cap_value_t *) new_cap_list, CAP_SET);
+
+  cap_set_flag (tmp_caps, CAP_PERMITTED, ntmp_cap_list,
+		(cap_value_t *) tmp_cap_list, CAP_SET);
+  cap_set_flag (tmp_caps, CAP_EFFECTIVE, ntmp_cap_list,
+		(cap_value_t *) tmp_cap_list, CAP_SET);
 
   int res = cap_set_proc (tmp_caps);
 

	Jakub


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]