The old code doesn't require any capabilities, but your new code requires that the user have CAP_DAC_READ_SEARCH, due to the use of AT_EMPTY_PATH with linkat. (I personally think CAP_DAC_READ_SEARCH should be unnecessary and that f0cc6ffb should be reverted, but I digress.) Joseph C. Sible On Tue, Sep 25, 2018 at 7:13 PM Adam Borowski <kilobyte@xxxxxxxxxx> wrote: > > In the example snippet, we already have the fd, thus there's no > need to refer to the file by name. And, /proc/ might be not mounted > or not accessible. > > Noticed-by: Theodore Ts'o <tytso@xxxxxxx> > Signed-off-by: Adam Borowski <kilobyte@xxxxxxxxxx> > --- > man2/open.2 | 4 +--- > 1 file changed, 1 insertion(+), 3 deletions(-) > > diff --git a/man2/open.2 b/man2/open.2 > index 5d0ce66d8..1c775b6b3 100644 > --- a/man2/open.2 > +++ b/man2/open.2 > @@ -811,9 +811,7 @@ fd = open("/path/to/dir", O_TMPFILE | O_RDWR, > > /* File I/O on 'fd'... */ > > -snprintf(path, PATH_MAX, "/proc/self/fd/%d", fd); > -linkat(AT_FDCWD, path, AT_FDCWD, "/path/for/file", > - AT_SYMLINK_FOLLOW); > +linkat(fd, NULL, AT_FDCWD, "/path/for/file", AT_EMPTY_PATH); > .EE > .in > .IP > -- > 2.19.0 >