Proper fallback if capability dropping is not available

diff --git a/src/charon-nm/nm/nm_backend.c b/src/charon-nm/nm/nm_backend.c
index a9ad9bd..f36cf1f 100644 (file)
--- a/src/charon-nm/nm/nm_backend.c
+++ b/src/charon-nm/nm/nm_backend.c
@@ -22,7 +22,9 @@
 #include <daemon.h>
 #include <processing/jobs/callback_job.h>
 
+#ifndef CAP_DAC_OVERRIDE
 #define CAP_DAC_OVERRIDE 1
+#endif
 
 typedef struct nm_backend_t nm_backend_t;
 

diff --git a/src/libcharon/daemon.c b/src/libcharon/daemon.c
index ece5aff..612796a 100644 (file)
--- a/src/libcharon/daemon.c
+++ b/src/libcharon/daemon.c
@@ -29,6 +29,10 @@
 #include <kernel/kernel_handler.h>
 #include <processing/jobs/start_action_job.h>
 
+#ifndef CAP_NET_ADMIN
+#define CAP_NET_ADMIN 12
+#endif
+
 typedef struct private_daemon_t private_daemon_t;
 
 /**

diff --git a/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c b/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c
index c7fd3b0..df24cfa 100644 (file)
--- a/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c
+++ b/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c
@@ -19,8 +19,9 @@
 
 #include <daemon.h>
 
-/* missing in cababilities.h */
+#ifndef CAP_AUDIT_WRITE
 #define CAP_AUDIT_WRITE 29
+#endif
 
 METHOD(plugin_t, get_name, char*,
        eap_gtc_plugin_t *this)

diff --git a/src/libstrongswan/utils/capabilities.h b/src/libstrongswan/utils/capabilities.h
index df29cd3..cd23cbf 100644 (file)
--- a/src/libstrongswan/utils/capabilities.h
+++ b/src/libstrongswan/utils/capabilities.h
@@ -24,7 +24,7 @@
 #include <library.h>
 #ifdef HAVE_SYS_CAPABILITY_H
 # include <sys/capability.h>
-#else
+#elif defined(CAPABILITIES_NATIVE)
 # include <linux/capability.h>
 #endif