Proper fallback if capability dropping is not available

author Tobias Brunner <tobias@strongswan.org>

Fri, 27 Jul 2012 12:45:15 +0000 (14:45 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Fri, 27 Jul 2012 12:46:42 +0000 (14:46 +0200)
author Tobias Brunner <tobias@strongswan.org>
Fri, 27 Jul 2012 12:45:15 +0000 (14:45 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Fri, 27 Jul 2012 12:46:42 +0000 (14:46 +0200)
diff --git a/src/charon-nm/nm/nm_backend.c b/src/charon-nm/nm/nm_backend.c

index a9ad9bd..f36cf1f 100644 (file)
--- a/src/charon-nm/nm/nm_backend.c
+++ b/src/charon-nm/nm/nm_backend.c
@@ -22,7 +22,9 @@
  #include <daemon.h>
  #include <processing/jobs/callback_job.h>
  
  #include <daemon.h>
  #include <processing/jobs/callback_job.h>
  
+#ifndef CAP_DAC_OVERRIDE
  #define CAP_DAC_OVERRIDE 1
  #define CAP_DAC_OVERRIDE 1
+#endif
  
  typedef struct nm_backend_t nm_backend_t;
  
  
  typedef struct nm_backend_t nm_backend_t;
  
diff --git a/src/libcharon/daemon.c b/src/libcharon/daemon.c

index ece5aff..612796a 100644 (file)
--- a/src/libcharon/daemon.c
+++ b/src/libcharon/daemon.c
@@ -29,6 +29,10 @@
  #include <kernel/kernel_handler.h>
  #include <processing/jobs/start_action_job.h>
  
  #include <kernel/kernel_handler.h>
  #include <processing/jobs/start_action_job.h>
  
+#ifndef CAP_NET_ADMIN
+#define CAP_NET_ADMIN 12
+#endif
+
  typedef struct private_daemon_t private_daemon_t;
  
  /**
  typedef struct private_daemon_t private_daemon_t;
  
  /**
diff --git a/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c b/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c

index c7fd3b0..df24cfa 100644 (file)
--- a/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c
+++ b/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c
@@ -19,8 +19,9 @@
  
  #include <daemon.h>
  
  
  #include <daemon.h>
  
-/* missing in cababilities.h */
+#ifndef CAP_AUDIT_WRITE
  #define CAP_AUDIT_WRITE 29
  #define CAP_AUDIT_WRITE 29
+#endif
  
  METHOD(plugin_t, get_name, char*,
         eap_gtc_plugin_t *this)
  
  METHOD(plugin_t, get_name, char*,
         eap_gtc_plugin_t *this)
diff --git a/src/libstrongswan/utils/capabilities.h b/src/libstrongswan/utils/capabilities.h

index df29cd3..cd23cbf 100644 (file)
--- a/src/libstrongswan/utils/capabilities.h
+++ b/src/libstrongswan/utils/capabilities.h
@@ -24,7 +24,7 @@
  #include <library.h>
  #ifdef HAVE_SYS_CAPABILITY_H
  # include <sys/capability.h>
  #include <library.h>
  #ifdef HAVE_SYS_CAPABILITY_H
  # include <sys/capability.h>
-#else
+#elif defined(CAPABILITIES_NATIVE)
  # include <linux/capability.h>
  #endif
  
  # include <linux/capability.h>
  #endif
author	Tobias Brunner <tobias@strongswan.org>
	Fri, 27 Jul 2012 12:45:15 +0000 (14:45 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Fri, 27 Jul 2012 12:46:42 +0000 (14:46 +0200)
src/charon-nm/nm/nm_backend.c		patch \| blob \| history
src/libcharon/daemon.c		patch \| blob \| history
src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c		patch \| blob \| history
src/libstrongswan/utils/capabilities.h		patch \| blob \| history