Age | Commit message (Collapse) | Author |
|
Merge commit 'dce069b':
dce069b Add something to run libcap's quicktest tests against development kernel.
1f52c8a Fix tyop in a comment.
a0b240a Up the minor release number.
9c3d89f Update to Linus' kernel tree uapi headers.
b245719 Delete unused #define (magit numbers from <linux/xattr.h>)
1bebacb setcap: fix errno display
ebcbf9f ignore the place I stage user contributed patches for import.
22579a7 Sigh. Compiling capsh statically and we get no getpw*() functions.
85f38a5 Drop use of libattr for our trivial use case of kernel API.
Bug: 32613279
Test: Build HiKey, everything boots.
Change-Id: Id002306c0d28fbc12bd6a409870fb97a8068ff24
|
|
Thanks to P.J.Opalinski for noticing it.
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Add Android.mk file for 'libcap' target. Also add license-related
files.
Including auto-generated file for now, will turn into a host binary
target later.
Bug: 23787966
Change-Id: Iaf2a457872bbc29e758c92cae22e65fa7436d1ed
|
|
instead, prepend it when actually using them.
This makes the variables more useful for specifying on the make invocation,
as you don't have to repeat your FAKEROOT/DESTDIR for every variable you
want to set. Just like you can set 'lib' without specifying lib_prefix.
compare:
make DESTDIR="${somevar}" prefix=/usr/local LIBDIR="${somevar}"/usr/local/lib96 MANDIR="${somevar}"/usr/share/man
to:
make DESTDIR="${somevar}" prefix=/usr/local LIBDIR=/usr/local/lib96 MANDIR=/usr/share/man
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
Move gperf detection from libcap/Makefile to Make.Rules to be more cross-environment friendly.
Fix INDENT test (dollar sign must be doubled):
http://www.gnu.org/software/make/manual/make.html#Variables-in-Recipes
Signed-off-by: Matthieu Crapet <mcrapet@gmail.com>
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
This header stuff seems a bit fragile, but Serge reports including
it in sys/capability.h was causing a lot of trouble building dependent
app packages.
From the perspective of libcap, this API is only needed internally in
cap_file.c so we put an include there.
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
Cc: Andrew G. Morgan <morgan@kernel.org>
Signed-off-by: Xose Vazquez Perez <xose.vazquez@gmail.com>
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
Thanks to Allan McRae for resolving it.
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
In adopting this uapi header file (without kernel internals), I previously
messed up on the apparent location of the files. Thanks to Tom Gundersen for
the clarification. Also, delete the non-uapi copies of things since they
are no longer needed to build the library and tools.
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
Suggestion from Mark Wielaard @ Redhat and, more recently from Akhil Arora @ Intel.
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
This patch was generated by Bryan Kadzban, and most recently supported by
Thomas H.P. Anderson.
For more info on what this file is used for, read:
http://en.wikipedia.org/wiki/Pkg-config
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
|
Thanks to Steve Grubb for suggesting this. He wrote:
=========
I was reviewing something recently and discovered a problem in capsh. The capsh
program has a --chroot command line option. Inspecting the code shows that it does not
do a chdir("/") after calling chroot. This means that '.' is outside the chroot.
Additional info:
http://cwe.mitre.org/data/definitions/243.html
=========
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Include some documentation and a link to capsh's man page.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Since commit 38ef4c2e437d11b5922723504b62824e96761459 syslog
operations require CAP_SYSLOG capability (intoriduced by commit
ce6ada35bdf710d16582cc4869c26722547e6f11), not CAP_SYS_ADMIN.
Patch introduces CAP_SYSLOG capability.
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
|
|
This patch allows modifications of $(CFLAGS) when invoking make and fixes some
library linking issues.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Also add linux securebits.h file in case the system headers did not
include them.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Hey Andrew,
Do you think this belongs in libcap? I figure it looks nice
sitting next to include/sys/capability.h... But can't
convince myself whether it's useful or not.
Signed-off-by: Serge Hallyn <serge@us.ibm.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Also clean up header to avoid hackery - no longer needed apparently.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
I've had a number of reports that some systems are using really
old versions of sed that don't honor the '\t' for tabs in rules.
Since perl does, we'll use that from here on.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
add rule to build HTML
add LIBATTR=no makefile support for not including filesystem support
comment cleanup for cap_file.c.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
This shows up when you try to run getpcaps on a system still
running with 32-bit capabilities. The output is very verbose for
a process with no capabilities. Now it yields '='.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Reported-by: Ulf GrĂ¼ne <ulf.gruene@t-online.de>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Reported-by: Robby Workman <rworkman@slackware.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
This change should not impact any code.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Test new and old function with modified test.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400591
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487223
Correct fix implemented as suggested by Matt.
Reported-by: Matt Kern <matt.kern@undue.org>
Reported-by: Torsten Werner <twerner@debian.org>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
When the most compact representation of a set
of capabilities involves displaying unnamed
capabilities (with numbers), folk find the output
unreadable. With this change, we make an attempt
to avoid ever printing numeric capabilities in
the common cases for capability sets.
Reported-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Reported-by: Lee Essen <lee.essen@owlsbarn.co.uk>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
All the good parts of this change are Mike Frysinger's
<vapier@gentoo.org> work. Everything that is broken, is due to my
mangling of it.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Don't need to do -O2 twice.
Install the static library with the static libraries name(!)
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
v3 capabilities are functionally equivalent to v2 capabilities, but
having a different magic value allow the kernel to warn about possibly
unsafe use of v2 capabilities.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Be more explicit with a local definition of _LIBCAP_CAPABILITY_* to
indicate the libraries preferred capability revision.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Don't install non-existent man pages.
Update kernel header from latest 2.6.26 git tree.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Andrew Morton said:
The hitherto-invisible-to-me PR_GET_TSC and PR_SET_TSC have turned up in
mainline, so I have renumbered your prctl options to
/* Get/set securebits (as per security/commoncap.c) */
#define PR_GET_SECUREBITS 27
#define PR_SET_SECUREBITS 28
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
This function makes modifying only one of E I and P sets easier.
cap_clear() = cap_clear_flag(,E) + cap_clear_flag(,I) + cap_clear_flag(,P)
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Reported separately by Serge and Chris Friedoff.
|
|
This reverts commit 6f8418fa5e8a253970e317600cb963ff45fbe24e.
Serge says this was premature (and Andrew says my bad).
|
|
This change adds support for checking for new capabilities in the
/sys/kernel/capability/{codes,names}/* files when the library wasn't
compiled with the latest capabilities.
Also update documentation for cap_from_text.3 to be more explicit
about how to free a libcap allocated string. (Bug reported by Serge.)
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Fixes build issues while using more than one make job, assuring that
cap_names.h is generated before compiling cap_text.c.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
If you are cross-compiling, you cannot execute `ar` and `ranlib` on the
target library, otherwise things may break. Here we create standard AR
and RANLIB variables which can easily be overridden by the environment.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
If you're installing into a temporary directory, then running ldconfig will
simply waste CPU and I/O time. The install location will not be any path
that ldconfig searches, and generally people build as non-root so the
ldconfig binary will run for a while before erroring out due to lack of
permissions.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Signed-off-by: Serge H. Hallyn <sergeh@us.ibm.com>
|
|
Include copy of latest (2.6.24-mm1) capabiity.h file.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|