1 From c34b2725817d4fd1fd6878bbb16617cb9e3e3a70 Mon Sep 17 00:00:00 2001
2 From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
3 Date: Fri, 22 Jan 2016 16:23:59 +0100
4 Subject: [PATCH] removing capability enforcement
6 Change-Id: Idb724192ceab176a611bbed45c0ebc9c8eb5dd30
8 progs/setcap.c | 43 -------------------------------------------
9 1 file changed, 43 deletions(-)
11 diff --git a/progs/setcap.c b/progs/setcap.c
12 index 83090ae..01faa17 100644
15 @@ -58,7 +58,6 @@ static int read_caps(int quiet, const char *filename, char *buffer)
17 int main(int argc, char **argv)
19 - int tried_to_cap_setfcap = 0;
20 char buffer[MAXCAP+1];
21 int retval, quiet=0, verify=0;
23 @@ -150,53 +149,11 @@ int main(int argc, char **argv)
24 printf("%s: OK\n", *argv);
27 - if (!tried_to_cap_setfcap) {
28 - capflag = CAP_SETFCAP;
31 - * Raise the effective CAP_SETFCAP.
33 - if (cap_set_flag(mycaps, CAP_EFFECTIVE, 1, &capflag, CAP_SET)
35 - perror("unable to manipulate CAP_SETFCAP - "
36 - "try a newer libcap?");
39 - if (cap_set_proc(mycaps) != 0) {
40 - perror("unable to set CAP_SETFCAP effective capability");
43 - tried_to_cap_setfcap = 1;
45 retval = cap_set_file(*++argv, cap_d);
50 - cap_flag_value_t per_state;
53 - cap_get_flag(cap_d, cap, CAP_PERMITTED, &per_state) != -1;
55 - cap_flag_value_t inh_state, eff_state;
57 - cap_get_flag(cap_d, cap, CAP_INHERITABLE, &inh_state);
58 - cap_get_flag(cap_d, cap, CAP_EFFECTIVE, &eff_state);
59 - if ((inh_state | per_state) != eff_state) {
60 - fprintf(stderr, "NOTE: Under Linux, effective file capabilities must either be empty, or\n"
61 - " exactly match the union of selected permitted and inheritable bits.\n");
66 -#endif /* def linux */
69 "Failed to set capabilities on file `%s' (%s)\n",
70 argv[0], strerror(errno));