[gentoo-commits] gentoo-x86 commit in app-cdr/cdrtools/files: cdrtools-3.01

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] gentoo-x86 commit in app-cdr/cdrtools/files: cdrtools-3.01_alpha17-capabilities.patch
@ 2013-10-12  8:46 Daniel Pielmeier (billie)
  0 siblings, 0 replies; 2+ messages in thread
From: Daniel Pielmeier (billie) @ 2013-10-12  8:46 UTC (permalink / raw
  To: gentoo-commits

billie      13/10/12 08:46:59

  Added:                cdrtools-3.01_alpha17-capabilities.patch
  Log:
  Revision bump. Adding a patch by me and Joerg Schilling to fix bug #480666. Thanks to Thomas Maguin for the report and Joerg Schilling for debugging this issue.
  
  (Portage version: 2.2.1/cvs/Linux x86_64, signed Manifest commit with key 215AD14D)

Revision  Changes    Path
1.1                  app-cdr/cdrtools/files/cdrtools-3.01_alpha17-capabilities.patch

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-cdr/cdrtools/files/cdrtools-3.01_alpha17-capabilities.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-cdr/cdrtools/files/cdrtools-3.01_alpha17-capabilities.patch?rev=1.1&content-type=text/plain

Index: cdrtools-3.01_alpha17-capabilities.patch
===================================================================
--- cdrecord/priv.c	2013-10-12 09:51:46.385760482 +0200
+++ cdrecord/priv.c	2013-10-12 09:53:16.545766912 +0200
@@ -111,14 +111,13 @@
 	/*
 	 * Give up privs we do not need anymore.
 	 * We no longer need:
-	 *	cap_dac_override,cap_net_bind_service,cap_sys_nice,cap_sys_resource
+	 *	cap_dac_override,cap_net_bind_service,cap_sys_nice
 	 */
 	cap_t		cset;
 	cap_value_t	caplist[] = {
 					CAP_DAC_OVERRIDE,
 					CAP_NET_BIND_SERVICE,
 					CAP_SYS_NICE,
-					CAP_SYS_RESOURCE,
 					CAP_SYS_RAWIO,		/* Keep as CAP_EFFECTIVE */
 					CAP_SYS_ADMIN		/* Keep as CAP_EFFECTIVE */
 				};
@@ -128,7 +127,7 @@
 	cap_set_flag(cset, CAP_EFFECTIVE, NCAPS-2, caplist, CAP_CLEAR);
 	cap_set_flag(cset, CAP_INHERITABLE, NCAPS, caplist, CAP_CLEAR);
 	if (cap_set_proc(cset) < 0)
-		errmsg("Cannot set process capabilities.\n");
+		errmsg("Cannot set initial process capabilities.\n");
 #endif	/* HAVE_LINUX_CAPS */
 #endif	/* HAVE_PRIV_SET */
 }
@@ -153,14 +152,13 @@
 	/*
 	 * Get back privs we may need now.
 	 * We need:
-	 *	cap_dac_override,cap_net_bind_service,cap_sys_nice,cap_sys_resource
+	 *	cap_dac_override,cap_net_bind_service,cap_sys_nice
 	 */
 	cap_t		cset;
 	cap_value_t	caplist[] = {
 					CAP_DAC_OVERRIDE,
 					CAP_NET_BIND_SERVICE,
-					CAP_SYS_NICE,
-					CAP_SYS_RESOURCE
+					CAP_SYS_NICE
 				};
 
 	cset = cap_get_proc();
@@ -168,7 +166,7 @@
 	cap_set_flag(cset, CAP_EFFECTIVE, NCAPS, caplist, CAP_SET);
 	cap_set_flag(cset, CAP_INHERITABLE, NCAPS, caplist, CAP_SET);
 	if (cap_set_proc(cset) < 0)
-		errmsg("Cannot set process capabilities.\n");
+		errmsg("Cannot regain process capabilities.\n");
 #endif	/* HAVE_LINUX_CAPS */
 #endif	/* HAVE_PRIV_SET */
 }
@@ -193,14 +191,13 @@
 	/*
 	 * Give up privs we do not need anymore.
 	 * We no longer need:
-	 *	cap_dac_override,cap_net_bind_service,cap_sys_nice,cap_sys_resource
+	 *	cap_dac_override,cap_net_bind_service,cap_sys_nice
 	 */
 	cap_t		cset;
 	cap_value_t	caplist[] = {
 					CAP_DAC_OVERRIDE,
 					CAP_NET_BIND_SERVICE,
-					CAP_SYS_NICE,
-					CAP_SYS_RESOURCE
+					CAP_SYS_NICE
 				};
 
 	cset = cap_get_proc();
@@ -208,7 +205,7 @@
 	cap_set_flag(cset, CAP_EFFECTIVE, NCAPS, caplist, CAP_CLEAR);
 	cap_set_flag(cset, CAP_INHERITABLE, NCAPS, caplist, CAP_CLEAR);
 	if (cap_set_proc(cset) < 0)
-		errmsg("Cannot set process capabilities.\n");
+		errmsg("Cannot deactivate process capabilities.\n");
 #endif	/* HAVE_LINUX_CAPS */
 #endif	/* HAVE_PRIV_SET */
 }
@@ -265,7 +262,7 @@
 	cap_set_flag(cset, CAP_INHERITABLE, NCAPS, caplist, CAP_CLEAR);
 	cap_set_flag(cset, CAP_PERMITTED, NCAPS, caplist, CAP_CLEAR);
 	if (cap_set_proc(cset) < 0)
-		errmsg("Cannot set process capabilities.\n");
+		errmsg("Cannot drop process capabilities.\n");
 #endif	/* HAVE_LINUX_CAPS */
 #endif	/* HAVE_PRIV_SET */
 }





^ permalink raw reply	[flat|nested] 2+ messages in thread

* [gentoo-commits] gentoo-x86 commit in app-cdr/cdrtools/files: cdrtools-3.01_alpha17-capabilities.patch
@ 2013-10-14 17:45 Daniel Pielmeier (billie)
  0 siblings, 0 replies; 2+ messages in thread
From: Daniel Pielmeier (billie) @ 2013-10-14 17:45 UTC (permalink / raw
  To: gentoo-commits

billie      13/10/14 17:45:23

  Removed:              cdrtools-3.01_alpha17-capabilities.patch
  Log:
  Remove old.
  
  (Portage version: 2.2.1/cvs/Linux x86_64, signed Manifest commit with key 215AD14D)


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2013-10-14 17:45 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-10-12  8:46 [gentoo-commits] gentoo-x86 commit in app-cdr/cdrtools/files: cdrtools-3.01_alpha17-capabilities.patch Daniel Pielmeier (billie)
  -- strict thread matches above, loose matches on Subject: below --
2013-10-14 17:45 Daniel Pielmeier (billie)

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox