1 From c34b2725817d4fd1fd6878bbb16617cb9e3e3a70 Mon Sep 17 00:00:00 2001
2 From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
3 Date: Fri, 22 Jan 2016 16:23:59 +0100
4 Subject: [PATCH] removing capability enforcement
6 Signed-off-by: ronan <ronan@iot.bzh>
8 Change-Id: Idb724192ceab176a611bbed45c0ebc9c8eb5dd30
10 progs/setcap.c | 45 +--------------------------------------------
11 1 file changed, 1 insertion(+), 44 deletions(-)
13 diff --git a/progs/setcap.c b/progs/setcap.c
14 index 7304343..71999b6 100644
17 @@ -58,11 +58,9 @@ static int read_caps(int quiet, const char *filename, char *buffer)
19 int main(int argc, char **argv)
21 - int tried_to_cap_setfcap = 0;
22 char buffer[MAXCAP+1];
23 int retval, quiet=0, verify=0;
25 - cap_value_t capflag;
29 @@ -150,54 +148,13 @@ int main(int argc, char **argv)
30 printf("%s: OK\n", *argv);
33 - if (!tried_to_cap_setfcap) {
34 - capflag = CAP_SETFCAP;
37 - * Raise the effective CAP_SETFCAP.
39 - if (cap_set_flag(mycaps, CAP_EFFECTIVE, 1, &capflag, CAP_SET)
41 - perror("unable to manipulate CAP_SETFCAP - "
42 - "try a newer libcap?");
45 - if (cap_set_proc(mycaps) != 0) {
46 - perror("unable to set CAP_SETFCAP effective capability");
49 - tried_to_cap_setfcap = 1;
51 retval = cap_set_file(*++argv, cap_d);
57 - cap_flag_value_t per_state;
60 - cap_get_flag(cap_d, cap, CAP_PERMITTED, &per_state) != -1;
62 - cap_flag_value_t inh_state, eff_state;
64 - cap_get_flag(cap_d, cap, CAP_INHERITABLE, &inh_state);
65 - cap_get_flag(cap_d, cap, CAP_EFFECTIVE, &eff_state);
66 - if ((inh_state | per_state) != eff_state) {
67 - fprintf(stderr, "NOTE: Under Linux, effective file capabilities must either be empty, or\n"
68 - " exactly match the union of selected permitted and inheritable bits.\n");
73 -#endif /* def linux */
76 "Failed to set capabilities on file `%s' (%s)\n",
77 argv[0], strerror(oerrno));