Package: newpid
Version: 7
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu zesty ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following:
* If setcap fails (because the filesystem or namespace lacks support for
capabilities), fall back to setuid, so the installation doesn't fail.
Thanks for considering the patch.
-- System Information:
Debian Release: stretch/sid
APT prefers zesty
APT policy: (500, 'zesty')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.10.0-15-lowlatency (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru newpid-7/debian/newpid.postinst newpid-7ubuntu1/debian/newpid.postinst
--- newpid-7/debian/newpid.postinst 2015-09-30 08:29:52.000000000 -0600
+++ newpid-7ubuntu1/debian/newpid.postinst 2017-04-04 03:05:16.000000000
-0600
@@ -4,7 +4,13 @@
case $1 in
configure)
- setcap "CAP_SYS_ADMIN,CAP_NET_ADMIN=pe" /usr/bin/newpid
+ # Code cargo-culted from iputils-ping postinst:
+ if setcap "CAP_SYS_ADMIN,CAP_NET_ADMIN=pe" /usr/bin/newpid; then
+ chmod u-s /usr/bin/newpid
+ else
+ echo "Setcap failed on /usr/bin/newpid, falling back to
setuid" >&2
+ chmod u+s /usr/bin/newpid
+ fi
;;
esac
