diff options
Diffstat (limited to 'util-linux/setpriv.c')
-rw-r--r-- | util-linux/setpriv.c | 55 |
1 files changed, 5 insertions, 50 deletions
diff --git a/util-linux/setpriv.c b/util-linux/setpriv.c index 9f2793949..12ab1bd66 100644 --- a/util-linux/setpriv.c +++ b/util-linux/setpriv.c | |||
@@ -124,48 +124,7 @@ enum { | |||
124 | }; | 124 | }; |
125 | 125 | ||
126 | #if ENABLE_FEATURE_SETPRIV_CAPABILITIES | 126 | #if ENABLE_FEATURE_SETPRIV_CAPABILITIES |
127 | struct caps { | 127 | DEFINE_STRUCT_CAPS; |
128 | struct __user_cap_header_struct header; | ||
129 | cap_user_data_t data; | ||
130 | int u32s; | ||
131 | }; | ||
132 | |||
133 | static void getcaps(struct caps *caps) | ||
134 | { | ||
135 | static const uint8_t versions[] = { | ||
136 | _LINUX_CAPABILITY_U32S_3, /* = 2 (fits into byte) */ | ||
137 | _LINUX_CAPABILITY_U32S_2, /* = 2 */ | ||
138 | _LINUX_CAPABILITY_U32S_1, /* = 1 */ | ||
139 | }; | ||
140 | int i; | ||
141 | |||
142 | caps->header.pid = 0; | ||
143 | for (i = 0; i < ARRAY_SIZE(versions); i++) { | ||
144 | caps->header.version = versions[i]; | ||
145 | if (capget(&caps->header, NULL) == 0) | ||
146 | goto got_it; | ||
147 | } | ||
148 | bb_simple_perror_msg_and_die("capget"); | ||
149 | got_it: | ||
150 | |||
151 | switch (caps->header.version) { | ||
152 | case _LINUX_CAPABILITY_VERSION_1: | ||
153 | caps->u32s = _LINUX_CAPABILITY_U32S_1; | ||
154 | break; | ||
155 | case _LINUX_CAPABILITY_VERSION_2: | ||
156 | caps->u32s = _LINUX_CAPABILITY_U32S_2; | ||
157 | break; | ||
158 | case _LINUX_CAPABILITY_VERSION_3: | ||
159 | caps->u32s = _LINUX_CAPABILITY_U32S_3; | ||
160 | break; | ||
161 | default: | ||
162 | bb_error_msg_and_die("unsupported capability version"); | ||
163 | } | ||
164 | |||
165 | caps->data = xmalloc(sizeof(caps->data[0]) * caps->u32s); | ||
166 | if (capget(&caps->header, caps->data) < 0) | ||
167 | bb_simple_perror_msg_and_die("capget"); | ||
168 | } | ||
169 | 128 | ||
170 | static unsigned parse_cap(const char *cap) | 129 | static unsigned parse_cap(const char *cap) |
171 | { | 130 | { |
@@ -195,7 +154,7 @@ static void set_inh_caps(char *capstring) | |||
195 | 154 | ||
196 | cap = parse_cap(capstring); | 155 | cap = parse_cap(capstring); |
197 | if (CAP_TO_INDEX(cap) >= caps.u32s) | 156 | if (CAP_TO_INDEX(cap) >= caps.u32s) |
198 | bb_error_msg_and_die("invalid capability cap"); | 157 | bb_error_msg_and_die("invalid capability '%s'", capstring); |
199 | 158 | ||
200 | if (capstring[0] == '+') | 159 | if (capstring[0] == '+') |
201 | caps.data[CAP_TO_INDEX(cap)].inheritable |= CAP_TO_MASK(cap); | 160 | caps.data[CAP_TO_INDEX(cap)].inheritable |= CAP_TO_MASK(cap); |
@@ -204,11 +163,8 @@ static void set_inh_caps(char *capstring) | |||
204 | capstring = strtok(NULL, ","); | 163 | capstring = strtok(NULL, ","); |
205 | } | 164 | } |
206 | 165 | ||
207 | if ((capset(&caps.header, caps.data)) < 0) | 166 | if (capset(&caps.header, caps.data) != 0) |
208 | bb_perror_msg_and_die("capset"); | 167 | bb_perror_msg_and_die("capset"); |
209 | |||
210 | if (ENABLE_FEATURE_CLEAN_UP) | ||
211 | free(caps.data); | ||
212 | } | 168 | } |
213 | 169 | ||
214 | static void set_ambient_caps(char *string) | 170 | static void set_ambient_caps(char *string) |
@@ -322,10 +278,9 @@ static int dump(void) | |||
322 | bb_putchar('\n'); | 278 | bb_putchar('\n'); |
323 | # endif | 279 | # endif |
324 | 280 | ||
325 | if (ENABLE_FEATURE_CLEAN_UP) { | 281 | if (ENABLE_FEATURE_CLEAN_UP) |
326 | IF_FEATURE_SETPRIV_CAPABILITIES(free(caps.data);) | ||
327 | free(gids); | 282 | free(gids); |
328 | } | 283 | |
329 | return EXIT_SUCCESS; | 284 | return EXIT_SUCCESS; |
330 | } | 285 | } |
331 | #endif /* FEATURE_SETPRIV_DUMP */ | 286 | #endif /* FEATURE_SETPRIV_DUMP */ |