[PATCH] Capsicum headers

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

FreeBSD's <sys/capability.h> was renamed to <sys/capsicum.h> a few years
ago to avoid future conflicts with POSIX capabilities.  There is still a
stub for compatibility, but it would be better not to rely on it.

DES
-- 
Dag-Erling Smørgrav - des@xxxxxx


diff --git a/configure.ac b/configure.ac
index 49c5caa2..9094cf04 100644
--- a/configure.ac
+++ b/configure.ac
@@ -370,7 +370,6 @@ AC_CHECK_HEADERS([ \
 	sys/audit.h \
 	sys/bitypes.h \
 	sys/bsdtty.h \
-	sys/capability.h \
 	sys/cdefs.h \
 	sys/dir.h \
 	sys/mman.h \
@@ -402,6 +401,13 @@ AC_CHECK_HEADERS([ \
 	wchar.h \
 ])
 
+# sys/capsicum.h requires sys/types.h
+AC_CHECK_HEADERS([sys/capsicum.h], [], [], [
+#ifdef HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+])
+
 # lastlog.h requires sys/time.h to be included first on Solaris
 AC_CHECK_HEADERS([lastlog.h], [], [], [
 #ifdef HAVE_SYS_TIME_H
@@ -3256,10 +3262,10 @@ elif test "x$sandbox_arg" = "xseccomp_filter" || \
 	AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter])
 elif test "x$sandbox_arg" = "xcapsicum" || \
      ( test -z "$sandbox_arg" && \
-       test "x$ac_cv_header_sys_capability_h" = "xyes" && \
+       test "x$ac_cv_header_sys_capsicum_h" = "xyes" && \
        test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then
-       test "x$ac_cv_header_sys_capability_h" != "xyes" && \
-		AC_MSG_ERROR([capsicum sandbox requires sys/capability.h header])
+       test "x$ac_cv_header_sys_capsicum_h" != "xyes" && \
+		AC_MSG_ERROR([capsicum sandbox requires sys/capsicum.h header])
        test "x$ac_cv_func_cap_rights_limit" != "xyes" && \
 		AC_MSG_ERROR([capsicum sandbox requires cap_rights_limit function])
        SANDBOX_STYLE="capsicum"
diff --git a/sandbox-capsicum.c b/sandbox-capsicum.c
index 655f0d21..e10bad7e 100644
--- a/sandbox-capsicum.c
+++ b/sandbox-capsicum.c
@@ -22,7 +22,7 @@
 #include <sys/param.h>
 #include <sys/time.h>
 #include <sys/resource.h>
-#include <sys/capability.h>
+#include <sys/capsicum.h>
 
 #include <errno.h>
 #include <stdarg.h>

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux