tag 479890 patch
thanks
CAP_FS_MASK has been removed from include/linux/capabilities.h. It
wasn't handled properly before anyway, since it's a mask but was being
used to set a single bit. The attached patch removes it.
--
Matt
diff -ru compartment-1.1.0~/compartment.c compartment-1.1.0/compartment.c
--- compartment-1.1.0~/compartment.c 2008-05-25 08:49:51.000000000 -0700
+++ compartment-1.1.0/compartment.c 2008-05-25 08:50:21.000000000 -0700
@@ -43,16 +43,16 @@
char *_env[] = { "HOME=/", "COMPARTMENT=YES", "PATH=/bin:/usr/bin:/", "" };
-int cap_set_no[29] = {
+int cap_set_no[28] = {
CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_DAC_READ_SEARCH,CAP_FOWNER,CAP_FSETID,
- CAP_FS_MASK,CAP_KILL,CAP_SETGID,CAP_SETUID,CAP_SETPCAP,CAP_LINUX_IMMUTABLE,
+ CAP_KILL,CAP_SETGID,CAP_SETUID,CAP_SETPCAP,CAP_LINUX_IMMUTABLE,
CAP_NET_BIND_SERVICE,CAP_NET_BROADCAST,CAP_NET_ADMIN,CAP_NET_RAW,CAP_IPC_LOCK,
CAP_IPC_OWNER,CAP_SYS_MODULE,CAP_SYS_RAWIO,CAP_SYS_CHROOT,CAP_SYS_PTRACE,
CAP_SYS_PACCT,CAP_SYS_ADMIN,CAP_SYS_BOOT,CAP_SYS_NICE,CAP_SYS_RESOURCE,
CAP_SYS_TIME,CAP_SYS_TTY_CONFIG, 0 };
-char cap_set_names[29][29] = {
+char cap_set_names[28][29] = {
"CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_DAC_READ_SEARCH","CAP_FOWNER","CAP_FSETID",
- "CAP_FS_MASK","CAP_KILL","CAP_SETGID","CAP_SETUID","CAP_SETPCAP",
+ "CAP_KILL","CAP_SETGID","CAP_SETUID","CAP_SETPCAP",
"CAP_LINUX_IMMUTABLE","CAP_NET_BIND_SERVICE","CAP_NET_BROADCAST",
"CAP_NET_ADMIN","CAP_NET_RAW","CAP_IPC_LOCK","CAP_IPC_OWNER","CAP_SYS_MODULE",
"CAP_SYS_RAWIO","CAP_SYS_CHROOT","CAP_SYS_PTRACE","CAP_SYS_PACCT",
