aboutsummaryrefslogtreecommitdiff
path: root/util-linux/setpriv.c
diff options
context:
space:
mode:
Diffstat (limited to 'util-linux/setpriv.c')
-rw-r--r--util-linux/setpriv.c55
1 files changed, 5 insertions, 50 deletions
diff --git a/util-linux/setpriv.c b/util-linux/setpriv.c
index 9f2793949..12ab1bd66 100644
--- a/util-linux/setpriv.c
+++ b/util-linux/setpriv.c
@@ -124,48 +124,7 @@ enum {
124}; 124};
125 125
126#if ENABLE_FEATURE_SETPRIV_CAPABILITIES 126#if ENABLE_FEATURE_SETPRIV_CAPABILITIES
127struct caps { 127DEFINE_STRUCT_CAPS;
128 struct __user_cap_header_struct header;
129 cap_user_data_t data;
130 int u32s;
131};
132
133static void getcaps(struct caps *caps)
134{
135 static const uint8_t versions[] = {
136 _LINUX_CAPABILITY_U32S_3, /* = 2 (fits into byte) */
137 _LINUX_CAPABILITY_U32S_2, /* = 2 */
138 _LINUX_CAPABILITY_U32S_1, /* = 1 */
139 };
140 int i;
141
142 caps->header.pid = 0;
143 for (i = 0; i < ARRAY_SIZE(versions); i++) {
144 caps->header.version = versions[i];
145 if (capget(&caps->header, NULL) == 0)
146 goto got_it;
147 }
148 bb_simple_perror_msg_and_die("capget");
149 got_it:
150
151 switch (caps->header.version) {
152 case _LINUX_CAPABILITY_VERSION_1:
153 caps->u32s = _LINUX_CAPABILITY_U32S_1;
154 break;
155 case _LINUX_CAPABILITY_VERSION_2:
156 caps->u32s = _LINUX_CAPABILITY_U32S_2;
157 break;
158 case _LINUX_CAPABILITY_VERSION_3:
159 caps->u32s = _LINUX_CAPABILITY_U32S_3;
160 break;
161 default:
162 bb_error_msg_and_die("unsupported capability version");
163 }
164
165 caps->data = xmalloc(sizeof(caps->data[0]) * caps->u32s);
166 if (capget(&caps->header, caps->data) < 0)
167 bb_simple_perror_msg_and_die("capget");
168}
169 128
170static unsigned parse_cap(const char *cap) 129static unsigned parse_cap(const char *cap)
171{ 130{
@@ -195,7 +154,7 @@ static void set_inh_caps(char *capstring)
195 154
196 cap = parse_cap(capstring); 155 cap = parse_cap(capstring);
197 if (CAP_TO_INDEX(cap) >= caps.u32s) 156 if (CAP_TO_INDEX(cap) >= caps.u32s)
198 bb_error_msg_and_die("invalid capability cap"); 157 bb_error_msg_and_die("invalid capability '%s'", capstring);
199 158
200 if (capstring[0] == '+') 159 if (capstring[0] == '+')
201 caps.data[CAP_TO_INDEX(cap)].inheritable |= CAP_TO_MASK(cap); 160 caps.data[CAP_TO_INDEX(cap)].inheritable |= CAP_TO_MASK(cap);
@@ -204,11 +163,8 @@ static void set_inh_caps(char *capstring)
204 capstring = strtok(NULL, ","); 163 capstring = strtok(NULL, ",");
205 } 164 }
206 165
207 if ((capset(&caps.header, caps.data)) < 0) 166 if (capset(&caps.header, caps.data) != 0)
208 bb_perror_msg_and_die("capset"); 167 bb_perror_msg_and_die("capset");
209
210 if (ENABLE_FEATURE_CLEAN_UP)
211 free(caps.data);
212} 168}
213 169
214static void set_ambient_caps(char *string) 170static void set_ambient_caps(char *string)
@@ -322,10 +278,9 @@ static int dump(void)
322 bb_putchar('\n'); 278 bb_putchar('\n');
323# endif 279# endif
324 280
325 if (ENABLE_FEATURE_CLEAN_UP) { 281 if (ENABLE_FEATURE_CLEAN_UP)
326 IF_FEATURE_SETPRIV_CAPABILITIES(free(caps.data);)
327 free(gids); 282 free(gids);
328 } 283
329 return EXIT_SUCCESS; 284 return EXIT_SUCCESS;
330} 285}
331#endif /* FEATURE_SETPRIV_DUMP */ 286#endif /* FEATURE_SETPRIV_DUMP */