[daemon][jsvc] Handling of capabilities should use libcap
---------------------------------------------------------
Key: DAEMON-168
URL: https://issues.apache.org/jira/browse/DAEMON-168
Project: Commons Daemon
Issue Type: Improvement
Components: Jsvc
Affects Versions: 1.0.2
Environment: Debian Unstable
Reporter: Damien Raude-Morvan
Attachments: old_capabilities.diff
Hi,
[For full story, please see here : http://bugs.debian.org/412690]
As 1.0.2 release, jsvc component use a syscall to handle capabilities settings.
Here is an example in src/native/unix/native/jsvc-unix.c:
if (syscall(__NR_capset, &caphead, &cap) < 0) {
It's not recommended usage of capabilities since ABI/API can change at each
kernel release.
And in fact, it's already changed and kernel handle some backward compat layer
like described here :
http://marc.info/?l=linux-kernel&m=120883245227970&w=2
For now, I'm forced to patch jsvc to force usage of the backward compatibility
layer.
(see attached patch)
Cheers,
--
Damien Raude-Morvan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
