|
 |
22c213 |
From f756c1c4590a37c533ec0429644a7034ba35dada Mon Sep 17 00:00:00 2001
|
|
|
22c213 |
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
|
|
|
22c213 |
Date: Mon, 27 Jan 2020 19:00:38 +0100
|
|
|
22c213 |
Subject: [PATCH 007/116] build: rename CONFIG_LIBCAP to CONFIG_LIBCAP_NG
|
|
|
22c213 |
MIME-Version: 1.0
|
|
|
22c213 |
Content-Type: text/plain; charset=UTF-8
|
|
|
22c213 |
Content-Transfer-Encoding: 8bit
|
|
|
22c213 |
|
|
|
22c213 |
RH-Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
|
22c213 |
Message-id: <20200127190227.40942-4-dgilbert@redhat.com>
|
|
|
22c213 |
Patchwork-id: 93459
|
|
|
22c213 |
O-Subject: [RHEL-AV-8.2 qemu-kvm PATCH 003/112] build: rename CONFIG_LIBCAP to CONFIG_LIBCAP_NG
|
|
|
22c213 |
Bugzilla: 1694164
|
|
|
22c213 |
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
|
22c213 |
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
|
|
22c213 |
RH-Acked-by: Sergio Lopez Pascual <slp@redhat.com>
|
|
|
22c213 |
|
|
|
22c213 |
From: Paolo Bonzini <pbonzini@redhat.com>
|
|
|
22c213 |
|
|
|
22c213 |
Since we are actually testing for the newer capng library, rename the
|
|
|
22c213 |
symbol to match.
|
|
|
22c213 |
|
|
|
22c213 |
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
|
22c213 |
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
|
22c213 |
(cherry picked from commit a358bca24026a377e0804e137a4499e4e041918d)
|
|
|
22c213 |
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
|
22c213 |
---
|
|
|
22c213 |
configure | 2 +-
|
|
|
22c213 |
qemu-bridge-helper.c | 6 +++---
|
|
|
22c213 |
scsi/qemu-pr-helper.c | 12 ++++++------
|
|
|
22c213 |
3 files changed, 10 insertions(+), 10 deletions(-)
|
|
|
22c213 |
|
|
|
22c213 |
diff --git a/configure b/configure
|
|
|
22c213 |
index 16564f8..7831618 100755
|
|
|
22c213 |
--- a/configure
|
|
|
22c213 |
+++ b/configure
|
|
|
22c213 |
@@ -6760,7 +6760,7 @@ if test "$l2tpv3" = "yes" ; then
|
|
|
22c213 |
echo "CONFIG_L2TPV3=y" >> $config_host_mak
|
|
|
22c213 |
fi
|
|
|
22c213 |
if test "$cap_ng" = "yes" ; then
|
|
|
22c213 |
- echo "CONFIG_LIBCAP=y" >> $config_host_mak
|
|
|
22c213 |
+ echo "CONFIG_LIBCAP_NG=y" >> $config_host_mak
|
|
|
22c213 |
fi
|
|
|
22c213 |
echo "CONFIG_AUDIO_DRIVERS=$audio_drv_list" >> $config_host_mak
|
|
|
22c213 |
for drv in $audio_drv_list; do
|
|
|
22c213 |
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
|
|
|
22c213 |
index 3d50ec0..88b2674 100644
|
|
|
22c213 |
--- a/qemu-bridge-helper.c
|
|
|
22c213 |
+++ b/qemu-bridge-helper.c
|
|
|
22c213 |
@@ -43,7 +43,7 @@
|
|
|
22c213 |
|
|
|
22c213 |
#include "net/tap-linux.h"
|
|
|
22c213 |
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
#include <cap-ng.h>
|
|
|
22c213 |
#endif
|
|
|
22c213 |
|
|
|
22c213 |
@@ -207,7 +207,7 @@ static int send_fd(int c, int fd)
|
|
|
22c213 |
return sendmsg(c, &msg, 0);
|
|
|
22c213 |
}
|
|
|
22c213 |
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
static int drop_privileges(void)
|
|
|
22c213 |
{
|
|
|
22c213 |
/* clear all capabilities */
|
|
|
22c213 |
@@ -246,7 +246,7 @@ int main(int argc, char **argv)
|
|
|
22c213 |
int access_allowed, access_denied;
|
|
|
22c213 |
int ret = EXIT_SUCCESS;
|
|
|
22c213 |
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
/* if we're run from an suid binary, immediately drop privileges preserving
|
|
|
22c213 |
* cap_net_admin */
|
|
|
22c213 |
if (geteuid() == 0 && getuid() != geteuid()) {
|
|
|
22c213 |
diff --git a/scsi/qemu-pr-helper.c b/scsi/qemu-pr-helper.c
|
|
|
22c213 |
index debb18f..0659cee 100644
|
|
|
22c213 |
--- a/scsi/qemu-pr-helper.c
|
|
|
22c213 |
+++ b/scsi/qemu-pr-helper.c
|
|
|
22c213 |
@@ -24,7 +24,7 @@
|
|
|
22c213 |
#include <linux/dm-ioctl.h>
|
|
|
22c213 |
#include <scsi/sg.h>
|
|
|
22c213 |
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
#include <cap-ng.h>
|
|
|
22c213 |
#endif
|
|
|
22c213 |
#include <pwd.h>
|
|
|
22c213 |
@@ -70,7 +70,7 @@ static int num_active_sockets = 1;
|
|
|
22c213 |
static int noisy;
|
|
|
22c213 |
static int verbose;
|
|
|
22c213 |
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
static int uid = -1;
|
|
|
22c213 |
static int gid = -1;
|
|
|
22c213 |
#endif
|
|
|
22c213 |
@@ -97,7 +97,7 @@ static void usage(const char *name)
|
|
|
22c213 |
" (default '%s')\n"
|
|
|
22c213 |
" -T, --trace [[enable=]<pattern>][,events=<file>][,file=<file>]\n"
|
|
|
22c213 |
" specify tracing options\n"
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
" -u, --user=USER user to drop privileges to\n"
|
|
|
22c213 |
" -g, --group=GROUP group to drop privileges to\n"
|
|
|
22c213 |
#endif
|
|
|
22c213 |
@@ -827,7 +827,7 @@ static void close_server_socket(void)
|
|
|
22c213 |
num_active_sockets--;
|
|
|
22c213 |
}
|
|
|
22c213 |
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
static int drop_privileges(void)
|
|
|
22c213 |
{
|
|
|
22c213 |
/* clear all capabilities */
|
|
|
22c213 |
@@ -920,7 +920,7 @@ int main(int argc, char **argv)
|
|
|
22c213 |
pidfile = g_strdup(optarg);
|
|
|
22c213 |
pidfile_specified = true;
|
|
|
22c213 |
break;
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
case 'u': {
|
|
|
22c213 |
unsigned long res;
|
|
|
22c213 |
struct passwd *userinfo = getpwnam(optarg);
|
|
|
22c213 |
@@ -1056,7 +1056,7 @@ int main(int argc, char **argv)
|
|
|
22c213 |
exit(EXIT_FAILURE);
|
|
|
22c213 |
}
|
|
|
22c213 |
|
|
|
22c213 |
-#ifdef CONFIG_LIBCAP
|
|
|
22c213 |
+#ifdef CONFIG_LIBCAP_NG
|
|
|
22c213 |
if (drop_privileges() < 0) {
|
|
|
22c213 |
error_report("Failed to drop privileges: %s", strerror(errno));
|
|
|
22c213 |
exit(EXIT_FAILURE);
|
|
|
22c213 |
--
|
|
|
22c213 |
1.8.3.1
|
|
|
22c213 |
|