aboutsummaryrefslogtreecommitdiffstats
path: root/meta-app-framework/recipes-support/libcap
diff options
context:
space:
mode:
Diffstat (limited to 'meta-app-framework/recipes-support/libcap')
-rw-r--r--meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch87
-rw-r--r--meta-app-framework/recipes-support/libcap/libcap_%.bbappend5
2 files changed, 92 insertions, 0 deletions
diff --git a/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch b/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch
new file mode 100644
index 000000000..fa359fa87
--- /dev/null
+++ b/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch
@@ -0,0 +1,87 @@
+From c34b2725817d4fd1fd6878bbb16617cb9e3e3a70 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
+Date: Fri, 22 Jan 2016 16:23:59 +0100
+Subject: [PATCH] removing capability enforcement
+
+Signed-off-by: ronan <ronan@iot.bzh>
+
+Change-Id: Idb724192ceab176a611bbed45c0ebc9c8eb5dd30
+---
+ progs/setcap.c | 45 +--------------------------------------------
+ 1 file changed, 1 insertion(+), 44 deletions(-)
+
+diff --git a/progs/setcap.c b/progs/setcap.c
+index 7304343..71999b6 100644
+--- a/progs/setcap.c
++++ b/progs/setcap.c
+@@ -58,11 +58,9 @@ static int read_caps(int quiet, const char *filename, char *buffer)
+
+ int main(int argc, char **argv)
+ {
+- int tried_to_cap_setfcap = 0;
+ char buffer[MAXCAP+1];
+ int retval, quiet=0, verify=0;
+ cap_t mycaps;
+- cap_value_t capflag;
+
+ if (argc < 3) {
+ usage();
+@@ -150,54 +148,13 @@ int main(int argc, char **argv)
+ printf("%s: OK\n", *argv);
+ }
+ } else {
+- if (!tried_to_cap_setfcap) {
+- capflag = CAP_SETFCAP;
+-
+- /*
+- * Raise the effective CAP_SETFCAP.
+- */
+- if (cap_set_flag(mycaps, CAP_EFFECTIVE, 1, &capflag, CAP_SET)
+- != 0) {
+- perror("unable to manipulate CAP_SETFCAP - "
+- "try a newer libcap?");
+- exit(1);
+- }
+- if (cap_set_proc(mycaps) != 0) {
+- perror("unable to set CAP_SETFCAP effective capability");
+- exit(1);
+- }
+- tried_to_cap_setfcap = 1;
+- }
+ retval = cap_set_file(*++argv, cap_d);
+ if (retval != 0) {
+- int explained = 0;
+ int oerrno = errno;
+-#ifdef linux
+- cap_value_t cap;
+- cap_flag_value_t per_state;
+-
+- for (cap = 0;
+- cap_get_flag(cap_d, cap, CAP_PERMITTED, &per_state) != -1;
+- cap++) {
+- cap_flag_value_t inh_state, eff_state;
+-
+- cap_get_flag(cap_d, cap, CAP_INHERITABLE, &inh_state);
+- cap_get_flag(cap_d, cap, CAP_EFFECTIVE, &eff_state);
+- if ((inh_state | per_state) != eff_state) {
+- fprintf(stderr, "NOTE: Under Linux, effective file capabilities must either be empty, or\n"
+- " exactly match the union of selected permitted and inheritable bits.\n");
+- explained = 1;
+- break;
+- }
+- }
+-#endif /* def linux */
+-
+ fprintf(stderr,
+ "Failed to set capabilities on file `%s' (%s)\n",
+ argv[0], strerror(oerrno));
+- if (!explained) {
+- usage();
+- }
++
+ }
+ }
+ if (cap_d) {
+--
+2.6.6
+
diff --git a/meta-app-framework/recipes-support/libcap/libcap_%.bbappend b/meta-app-framework/recipes-support/libcap/libcap_%.bbappend
new file mode 100644
index 000000000..fbe893501
--- /dev/null
+++ b/meta-app-framework/recipes-support/libcap/libcap_%.bbappend
@@ -0,0 +1,5 @@
+FILESEXTRAPATHS_append_class-native := ":${THISDIR}/${PN}"
+SRC_URI_append_class-native = " file://removing-capability-enforcement.patch"
+PACKAGECONFIG_class-native ?= "attr"
+DEPENDS_append_class-native = " attr-native"
+