[lxc-devel] [lxc/master] Fix build of conf.c when capabilities is disabled
ffontaine on Github
lxc-bot at linuxcontainers.org
Wed May 17 20:28:00 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 499 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170517/1ed14d82/attachment.bin>
-------------- next part --------------
From adeb1340db1633e8cc53955d1036db4c0b55272f Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Date: Wed, 17 May 2017 22:20:59 +0200
Subject: [PATCH] Fix build of conf.c when capabilities is disabled
Do not call idmaptool_on_path_and_privileged with CAP_SETUID and
CAP_SETGID if HAVE_LIBCAP is not defined otherwise compilation fails
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
---
src/lxc/conf.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index a66d9e7..8f55578 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3469,8 +3469,10 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid)
* will protected it by preventing another user from being handed the
* range by shadow.
*/
+ #if HAVE_LIBCAP
uidmap = idmaptool_on_path_and_privileged("newuidmap", CAP_SETUID);
gidmap = idmaptool_on_path_and_privileged("newgidmap", CAP_SETGID);
+ #endif
if (uidmap > 0 && gidmap > 0) {
DEBUG("Functional newuidmap and newgidmap binary found.");
use_shadow = true;
More information about the lxc-devel
mailing list