From 2af5e3fac394a922bcf7752be25128879405a21a Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Wed, 21 Feb 2018 20:13:39 +0100 Subject: [PATCH] libbb: compile capability code only if FEATURE_SETPRIV_CAPABILITIES or RUN_INIT Signed-off-by: Denys Vlasenko --- include/libbb.h | 5 ++--- libbb/capability.c | 3 ++- util-linux/switch_root.c | 6 ++++++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/include/libbb.h b/include/libbb.h index c02621d94..f1ab1ca6f 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -1488,6 +1488,7 @@ extern void run_shell(const char *shell, int loginshell, const char **args) NORE */ const char *get_shell_name(void) FAST_FUNC; +#if ENABLE_FEATURE_SETPRIV_CAPABILITIES || ENABLE_RUN_INIT unsigned cap_name_to_number(const char *cap) FAST_FUNC; void printf_cap(const char *pfx, unsigned cap_no) FAST_FUNC; void drop_capability(int cap_ordinal) FAST_FUNC; @@ -1499,9 +1500,7 @@ struct caps { \ struct __user_cap_data_struct data[2]; \ } void getcaps(void *caps) FAST_FUNC; - -unsigned cap_name_to_number(const char *name) FAST_FUNC; -void printf_cap(const char *pfx, unsigned cap_no) FAST_FUNC; +#endif #if ENABLE_SELINUX extern void renew_current_security_context(void) FAST_FUNC; diff --git a/libbb/capability.c b/libbb/capability.c index f60062bfc..6587dcbf7 100644 --- a/libbb/capability.c +++ b/libbb/capability.c @@ -3,7 +3,8 @@ * * Licensed under GPLv2 or later, see file LICENSE in this source tree. */ -//kbuild:lib-$(CONFIG_PLATFORM_LINUX) += capability.o +//kbuild:lib-$(CONFIG_FEATURE_SETPRIV_CAPABILITIES) += capability.o +//kbuild:lib-$(CONFIG_RUN_INIT) += capability.o #include // #include diff --git a/util-linux/switch_root.c b/util-linux/switch_root.c index 2d1802b79..947dd0cdc 100644 --- a/util-linux/switch_root.c +++ b/util-linux/switch_root.c @@ -39,6 +39,12 @@ #include #if ENABLE_RUN_INIT # include +# ifndef PR_CAPBSET_READ +# define PR_CAPBSET_READ 23 +# endif +# ifndef PR_CAPBSET_DROP +# define PR_CAPBSET_DROP 24 +# endif # include // #include // This header is in libcap, but the functions are in libc.