Re: [Visdn-hackers] unofficial debian packages?

Mon, 23 Oct 2006 10:00:01 -0700 

On Mon, Oct 23, 2006 at 06:39:19PM +0200 Louis-David Mitterrand wrote:

> Date: Mon, Oct 23, 2006 at 06:39:19PM +0200
> From: Louis-David Mitterrand <[EMAIL PROTECTED]>
> To: To [email protected]
> Subject: [Visdn-hackers] un

Hi,

I've started packaging - it's working for me - but they are far from
perfect (see attached tar).

Just untar it in your source-tree and run

dpkg-buildpackage -uc -us

you need additional patches to get it running on recent kernels but
udev should work for debian. And I've not integrated the patches
for asterisk.

My packages create visdn kernel modules for your running kernel and
don't create an other source-packages that you can use with the debian
kernel build - but they work. :)

Without the patches for asterisk you have to run asterisk as root our
you can use my naugty solution with a LD_PRELOAD (see attached code).

I hope everything works for you - i just dumped my status into this
mail, it's all not ready for "global consumption" yet. :)

Have fun

Leif

Attachment: debian_patches.tar.gz
Description: Binary data

// gcc -o asterisk_capabilities.so -shared asterisk_capabilities.c -nostartfiles
#define _GNU_SOURCE
#include <sys/prctl.h>
#include <dlfcn.h>
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <linux/unistd.h>

#undef _POSIX_SOURCE
#include <sys/capability.h>

static int (*old_setuid)(uid_t uid);

void _init()
{
  old_setuid = (int (*)(uid_t uid))dlsym(RTLD_NEXT, "setuid");
  if ( !old_setuid )
  {
     fprintf(stderr, "setuid not found\n");
     exit(-1);
  }
}

int setuid(uid_t uid)
{
   int res;

   struct __user_cap_header_struct header;
   struct __user_cap_data_struct data;

   prctl(PR_SET_KEEPCAPS,1);

   header.version = _LINUX_CAPABILITY_VERSION;
   header.pid = 0;
   capget(&header, &data);
   data.effective = data.permitted = data.inheritable = 0;

   data.effective = data.permitted = ( 1 << CAP_SETUID ) | ( 1 << CAP_NET_BIND_SERVICE );

   capset(&header, &data);

   res = old_setuid(uid);

   data.effective = data.permitted = ( 1 << CAP_NET_BIND_SERVICE );
   capset(&header, &data);

   return res;
}

_______________________________________________
Visdn-hackers mailing list
[email protected]
https://mailman.uli.it/mailman/listinfo/visdn-hackers

Reply via email to