On Feb 8, 2010, at 6:19 PM, Shi Weihua wrote: > at 2010-2-8 18:10, Garrett Cooper wrote: >> On Sun, Feb 7, 2010 at 10:08 PM, Rishikesh <[email protected]> >> wrote: >>> On 02/08/2010 11:32 AM, Shi Weihua wrote: >>>> An error occured on my i386 box. >>>> (OS: Fedora8, Kernel: 2.6.33-rc6, libcap: libcap-2.16) >>>> ------------- >>>> exec_without_inh 1 TFAIL : Failed to drop CAP_SYS_ADMIN from >>>> bounding set. >>>> exec_without_inh 0 TINFO : (ret=-1, errno 38) >>>> ------------- >>>> If the macro HAVE_DECL_CAP_BSET_DROP is 0, this error will occurs. >>>> But the program should to be broken when f != CAP_SET, like the similar >>>> code >>>> "if (ret || f != CAP_SET) {" in exec_with_inh.c. >>>> >>>> The TBROK message will be outputted if my patch merged. >>>> ------------- >>>> exec_without_inh 1 TBROK : Failed to add CAP_SYS_ADMIN to pI >>>> >>> Looks good. I will include if others are not having any comment. >>> >>> Acked-by: Rishikesh K Rajak <[email protected]> >>> >>> Thanks >>> Rishi >>> >>>> ------------- >>>> >>>> Signed-off-by: Shi Weihua<[email protected]> >>>> --- >>>> --- testcases/kernel/security/cap_bound/exec_without_inh.c.orig >>>> 2010-02-08 11:54:22.000000000 -0500 >>>> +++ testcases/kernel/security/cap_bound/exec_without_inh.c 2010-02-08 >>>> 11:55:00.000000000 -0500 >>>> @@ -80,6 +80,11 @@ int main(int argc, char *argv[]) >>>> tst_exit(); >>>> } >>>> } >>>> + else if (ret) { >>>> + tst_resm(TBROK, "Failed to add CAP_SYS_ADMIN to pI\n"); >>>> + tst_exit(); >>>> + } >>>> + >>>> #if HAVE_DECL_CAP_FREE >>>> cap_free(cur); >>>> #endif >> >> Wow -- I really made a mess of that test a few months back... please do... >> >> else if (ret) { >> tst_brkm(TBROK | TERRNO, tst_exit, "Failed to add >> CAP_SYS_ADMIN to pI"); >> } >> >> ... instead. > > ok. I fixed it based on your advice. > > Signed-off-by: Shi Weihua<[email protected]> > --- > --- testcases/kernel/security/cap_bound/exec_without_inh.c.orig > 2010-02-08 11:54:22.000000000 -0500 > +++ testcases/kernel/security/cap_bound/exec_without_inh.c 2010-02-09 > 10:11:15.000000000 -0500 > @@ -80,6 +80,10 @@ int main(int argc, char *argv[]) > tst_exit(); > } > } > + else if (ret) { > + tst_brkm(TBROK | TERRNO, tst_exit, "Failed to add \ > + CAP_SYS_ADMIN to pI"); > + } > #if HAVE_DECL_CAP_FREE > cap_free(cur); > #endif > >> Thanks for catching that one failure point ;)...! >> -Garrett
Committed -- thanks! -Garrett ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Ltp-list mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ltp-list
