From e1f0c5bc78cf7d893682edf27215ecc0030fcaed Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Mon, 26 Mar 2007 20:41:09 +0000 Subject: [PATCH] * scripts/check-local-headers.sh: Filter out sys/capability.h. 2007-03-22 Jakub Jelinek * config.h.in (HAVE_LIBCAP): Add. * nscd/selinux.h: Include sys/capability.h rather than non-existent sys/capabilities.h. * nscd/selinux.c (preserve_capabilities): Use cap_free instead of free_caps. Cast away const from 4th cap_set_flag argument. --- ChangeLog | 12 ++++++++++++ config.h.in | 3 +++ nptl/ChangeLog | 5 +++++ nscd/selinux.c | 16 ++++++++++------ nscd/selinux.h | 4 ++-- scripts/check-local-headers.sh | 1 + 6 files changed, 33 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index e0e1388..11d2aa6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,15 @@ +2007-03-23 Jakub Jelinek + + * scripts/check-local-headers.sh: Filter out sys/capability.h. + +2007-03-22 Jakub Jelinek + + * config.h.in (HAVE_LIBCAP): Add. + * nscd/selinux.h: Include sys/capability.h rather than non-existent + sys/capabilities.h. + * nscd/selinux.c (preserve_capabilities): Use cap_free instead of + free_caps. Cast away const from 4th cap_set_flag argument. + 2007-03-26 Ulrich Drepper * sysdeps/unix/sysv/linux/Versions: Move sync_file_range to diff --git a/config.h.in b/config.h.in index a46e405..b5abb10 100644 --- a/config.h.in +++ b/config.h.in @@ -19,6 +19,9 @@ /* Defined if building with SELinux support & audit libs are detected. */ #undef HAVE_LIBAUDIT +/* Defined if building with SELinux support & libcap libs are detected. */ +#undef HAVE_LIBCAP + /* Define if using XCOFF. Set by --with-xcoff. */ #undef HAVE_XCOFF diff --git a/nptl/ChangeLog b/nptl/ChangeLog index 525a046..8c36611 100644 --- a/nptl/ChangeLog +++ b/nptl/ChangeLog @@ -1,3 +1,8 @@ +2007-03-19 Steven Munroe + + * sysdeps/unix/sysv/linux/powerpc/lowlevellock.h + (__lll_robust_trylock): Add MUTEX_HINT_ACQ to lwarx instruction. + 2007-03-16 Jakub Jelinek * sysdeps/pthread/bits/libc-lock.h: Use __extern_inline and diff --git a/nscd/selinux.c b/nscd/selinux.c index 4a46222..f2dbcee 100644 --- a/nscd/selinux.c +++ b/nscd/selinux.c @@ -187,18 +187,22 @@ preserve_capabilities (void) if (tmp_caps == NULL || new_caps == NULL) { if (tmp_caps != NULL) - free_caps (tmp_caps); + cap_free (tmp_caps); dbg_log (_("Failed to initialize drop of capabilities")); error (EXIT_FAILURE, 0, _("cap_init failed")); } /* There is no reason why these should not work. */ - cap_set_flag (new_caps, CAP_PERMITTED, nnew_cap_list, new_cap_list, CAP_SET); - cap_set_flag (new_caps, CAP_EFFECTIVE, nnew_cap_list, new_cap_list, CAP_SET); - - cap_set_flag (tmp_caps, CAP_PERMITTED, ntmp_cap_list, tmp_cap_list, CAP_SET); - cap_set_flag (tmp_caps, CAP_EFFECTIVE, ntmp_cap_list, tmp_cap_list, CAP_SET); + cap_set_flag (new_caps, CAP_PERMITTED, nnew_cap_list, + (cap_value_t *) new_cap_list, CAP_SET); + cap_set_flag (new_caps, CAP_EFFECTIVE, nnew_cap_list, + (cap_value_t *) new_cap_list, CAP_SET); + + cap_set_flag (tmp_caps, CAP_PERMITTED, ntmp_cap_list, + (cap_value_t *) tmp_cap_list, CAP_SET); + cap_set_flag (tmp_caps, CAP_EFFECTIVE, ntmp_cap_list, + (cap_value_t *) tmp_cap_list, CAP_SET); int res = cap_set_proc (tmp_caps); diff --git a/nscd/selinux.h b/nscd/selinux.h index 9ce0628..27afcd6 100644 --- a/nscd/selinux.h +++ b/nscd/selinux.h @@ -1,5 +1,5 @@ /* Header for nscd SELinux access controls. - Copyright (C) 2004, 2006 Free Software Foundation, Inc. + Copyright (C) 2004, 2006, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Matthew Rickard , 2004. @@ -23,7 +23,7 @@ #include "nscd.h" #ifdef HAVE_LIBCAP -# include +# include #endif #ifdef HAVE_SELINUX diff --git a/scripts/check-local-headers.sh b/scripts/check-local-headers.sh index c2d6ba4..a945ffb 100755 --- a/scripts/check-local-headers.sh +++ b/scripts/check-local-headers.sh @@ -30,6 +30,7 @@ if fgrep "$includedir" */*.{o,os,oS}.d | fgrep -v "$includedir/asm" | fgrep -v "$includedir/linux" | fgrep -v "$includedir/selinux" | +fgrep -v "$includedir/sys/capability.h" | fgrep -v "$includedir/gd"; then # If we found a match something is wrong. exit 1 -- 2.7.4