1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
From 655f6933b5db66c560098d039e3c91812399beca Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Tue, 20 Apr 2010 04:45:35 -0400
Subject: [PATCH] make capabilities support optional
The new code using libcap is quite minor, so rather than always reqiure
libcap support, make it a normal --enable type flag. Current default
behavior is retained -- if libcap is found, it is enabled, else it is
disabled like every nfs-utils version in the past.
URL: https://bugs.gentoo.org/314777
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
aclocal/libcap.m4 | 18 +++++++++++++-----
support/nsm/file.c | 4 ++++
2 files changed, 17 insertions(+), 5 deletions(-)
diff --git a/aclocal/libcap.m4 b/aclocal/libcap.m4
index eabe507..68a624c 100644
--- a/aclocal/libcap.m4
+++ b/aclocal/libcap.m4
@@ -5,11 +5,19 @@ AC_DEFUN([AC_LIBCAP], [
dnl look for prctl
AC_CHECK_FUNC([prctl], , )
- dnl look for the library; do not add to LIBS if found
- AC_CHECK_LIB([cap], [cap_get_proc], [LIBCAP=-lcap], ,)
- AC_SUBST(LIBCAP)
+ AC_ARG_ENABLE([caps],
+ [AS_HELP_STRING([--disable-caps], [Disable capabilities support])])
+
+ LIBCAP=
+
+ if test "x$enable_caps" != "xno" ; then
+ dnl look for the library; do not add to LIBS if found
+ AC_CHECK_LIB([cap], [cap_get_proc], [LIBCAP=-lcap], ,)
- AC_CHECK_HEADERS([sys/capability.h], ,
- [AC_MSG_ERROR([libcap headers not found.])])
+ AC_CHECK_HEADERS([sys/capability.h], ,
+ [test "x$enable_caps" = "xyes" && AC_MSG_ERROR([libcap headers not found.])])
+ fi
+
+ AC_SUBST(LIBCAP)
])dnl
diff --git a/support/nsm/file.c b/support/nsm/file.c
index d469219..f4baeb9 100644
--- a/support/nsm/file.c
+++ b/support/nsm/file.c
@@ -67,7 +67,9 @@
#endif
#include <sys/types.h>
+#ifdef HAVE_SYS_CAPABILITY_H
#include <sys/capability.h>
+#endif
#include <sys/prctl.h>
#include <sys/stat.h>
@@ -347,6 +349,7 @@ nsm_is_default_parentdir(void)
static _Bool
nsm_clear_capabilities(void)
{
+#ifdef HAVE_SYS_CAPABILITY_H
cap_t caps;
caps = cap_from_text("cap_net_bind_service=ep");
@@ -362,6 +365,7 @@ nsm_clear_capabilities(void)
}
(void)cap_free(caps);
+#endif
return true;
}
--
1.7.0.2
|
GitWeb