[lxc-devel] [lxc/master] Allow build without sys/capability.h
bneumeier on Github
lxc-bot at linuxcontainers.org
Sun Jan 29 15:45:03 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 421 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170129/e5d4daf5/attachment.bin>
-------------- next part --------------
From df11e022a50d458c4fe3e97f643293cfc9fd30ff Mon Sep 17 00:00:00 2001
From: Brett Neumeier <brett at neumeier.us>
Date: Sun, 29 Jan 2017 08:29:53 -0600
Subject: [PATCH] Allow build without sys/capability.h
There is no guard clause around a reference to CAP_EFFECTIVE and
CAP_SETGID, causing compilation to fail if sys/capability.h is not
available.
Signed-off-by: Brett Neumeier <brett at neumeier.us>
---
src/lxc/start.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 09dc1ff..2929514 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -898,7 +898,11 @@ static int do_start(void *data)
* further above. Only drop groups if we can, so ensure that we
* have necessary privilege.
*/
+ #if HAVE_SYS_CAPABILITY_H
have_cap_setgid = lxc_cap_is_set(CAP_SETGID, CAP_EFFECTIVE);
+ #else
+ have_cap_setgid = false;
+ #endif
if (lxc_list_empty(&handler->conf->id_map) && have_cap_setgid) {
if (lxc_setgroups(0, NULL) < 0)
goto out_warn_father;
More information about the lxc-devel
mailing list