FreeBSD's <sys/capability.h> was renamed to <sys/capsicum.h> a few years ago to avoid future conflicts with POSIX capabilities. There is still a stub for compatibility, but it would be better not to rely on it. DES -- Dag-Erling Smørgrav - des@xxxxxx
diff --git a/configure.ac b/configure.ac index 49c5caa2..9094cf04 100644 --- a/configure.ac +++ b/configure.ac @@ -370,7 +370,6 @@ AC_CHECK_HEADERS([ \ sys/audit.h \ sys/bitypes.h \ sys/bsdtty.h \ - sys/capability.h \ sys/cdefs.h \ sys/dir.h \ sys/mman.h \ @@ -402,6 +401,13 @@ AC_CHECK_HEADERS([ \ wchar.h \ ]) +# sys/capsicum.h requires sys/types.h +AC_CHECK_HEADERS([sys/capsicum.h], [], [], [ +#ifdef HAVE_SYS_TYPES_H +# include <sys/types.h> +#endif +]) + # lastlog.h requires sys/time.h to be included first on Solaris AC_CHECK_HEADERS([lastlog.h], [], [], [ #ifdef HAVE_SYS_TIME_H @@ -3256,10 +3262,10 @@ elif test "x$sandbox_arg" = "xseccomp_filter" || \ AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter]) elif test "x$sandbox_arg" = "xcapsicum" || \ ( test -z "$sandbox_arg" && \ - test "x$ac_cv_header_sys_capability_h" = "xyes" && \ + test "x$ac_cv_header_sys_capsicum_h" = "xyes" && \ test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then - test "x$ac_cv_header_sys_capability_h" != "xyes" && \ - AC_MSG_ERROR([capsicum sandbox requires sys/capability.h header]) + test "x$ac_cv_header_sys_capsicum_h" != "xyes" && \ + AC_MSG_ERROR([capsicum sandbox requires sys/capsicum.h header]) test "x$ac_cv_func_cap_rights_limit" != "xyes" && \ AC_MSG_ERROR([capsicum sandbox requires cap_rights_limit function]) SANDBOX_STYLE="capsicum" diff --git a/sandbox-capsicum.c b/sandbox-capsicum.c index 655f0d21..e10bad7e 100644 --- a/sandbox-capsicum.c +++ b/sandbox-capsicum.c @@ -22,7 +22,7 @@ #include <sys/param.h> #include <sys/time.h> #include <sys/resource.h> -#include <sys/capability.h> +#include <sys/capsicum.h> #include <errno.h> #include <stdarg.h>
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev