]>
Commit | Line | Data |
---|---|---|
faa995d8 | 1 | diff -urN util-vserver-0.30.215/lib/syscall_netadd-netv2.hc util-vserver-trunk/lib/syscall_netadd-netv2.hc |
2 | --- util-vserver-0.30.215/lib/syscall_netadd-netv2.hc 2008-03-17 09:59:48.000000000 +0100 | |
3 | +++ util-vserver-trunk/lib/syscall_netadd-netv2.hc 2008-05-22 23:51:10.000000000 +0200 | |
4 | @@ -1,4 +1,4 @@ | |
5 | -// $Id$ --*- c -*-- | |
6 | +// $Id$ --*- c -*-- | |
7 | ||
8 | // Copyright (C) 2007 Daniel Hokka Zakrisson | |
9 | // | |
10 | @@ -27,10 +27,15 @@ | |
11 | case VC_NXA_TYPE_IPV4: { | |
12 | struct vcmd_net_addr_ipv4_v1 k_info; | |
13 | ||
14 | - k_info.type = info->vna_type & ~VC_NXA_TYPE_IPV4; | |
15 | - k_info.flags = info->vna_flags; | |
16 | - k_info.ip.s_addr = info->vna_v4_ip.s_addr; | |
17 | - k_info.mask.s_addr = info->vna_v4_mask.s_addr; | |
18 | + k_info.type = info->vna_type & ~VC_NXA_TYPE_IPV4; | |
19 | + k_info.flags = info->vna_flags; | |
20 | + k_info.ip.s_addr = info->vna_v4_ip.s_addr; | |
21 | + k_info.mask.s_addr = info->vna_v4_mask.s_addr; | |
22 | + | |
23 | + if (k_info.ip.s_addr == 0) { | |
24 | + k_info.type = VC_NXA_TYPE_MASK; | |
25 | + k_info.mask.s_addr = 0; | |
26 | + } | |
27 | ||
28 | return vserver(VCMD_net_add_ipv4, NID_USER2KERNEL(nid), &k_info); | |
29 | } | |
30 | diff -urN util-vserver-0.30.215/src/naddress.c util-vserver-trunk/src/naddress.c | |
31 | --- util-vserver-0.30.215/src/naddress.c 2008-03-17 09:59:45.000000000 +0100 | |
32 | +++ util-vserver-trunk/src/naddress.c 2008-05-22 23:51:01.000000000 +0200 | |
33 | @@ -1,4 +1,4 @@ | |
34 | -// $Id$ | |
35 | +// $Id$ | |
36 | ||
37 | // Copyright (C) 2003 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> | |
38 | // Copyright (C) 2006 Daniel Hokka Zakrisson <daniel@hozac.com> | |
39 | @@ -315,7 +315,6 @@ | |
40 | } | |
41 | ||
42 | out: | |
43 | - free(str); | |
44 | return ret; | |
45 | } | |
46 | ||
47 | diff -urN util-vserver-0.30.215/src/capability-compat.h util-vserver-trunk/src/capability-compat.h | |
48 | --- util-vserver-0.30.215/src/capability-compat.h 2008-03-17 09:59:45.000000000 +0100 | |
49 | +++ util-vserver-trunk/src/capability-compat.h 2008-05-22 23:51:01.000000000 +0200 | |
50 | @@ -1,4 +1,4 @@ | |
51 | -// $Id$ --*- c -*-- | |
52 | +// $Id$ --*- c -*-- | |
53 | ||
54 | // Copyright (C) 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> | |
55 | // | |
56 | @@ -29,3 +29,11 @@ | |
57 | extern int capset (struct __user_cap_header_struct *, struct __user_cap_data_struct *); | |
58 | ||
59 | #endif | |
60 | + | |
61 | +#ifndef _LINUX_CAPABILITY_VERSION_1 | |
62 | +# define _LINUX_CAPABILITY_VERSION_1 _LINUX_CAPABILITY_VERSION | |
63 | +#endif | |
64 | + | |
65 | +#ifndef _LINUX_CAPABILITY_VERSION_2 | |
66 | +# define _LINUX_CAPABILITY_VERSION_2 0x20071026 | |
67 | +#endif | |
68 | diff -urN util-vserver-0.30.215/src/rpm-fake.c util-vserver-trunk/src/rpm-fake.c | |
69 | --- util-vserver-0.30.215/src/rpm-fake.c 2008-03-17 09:59:45.000000000 +0100 | |
70 | +++ util-vserver-trunk/src/rpm-fake.c 2008-05-22 23:51:01.000000000 +0200 | |
71 | @@ -1,4 +1,4 @@ | |
72 | -// $Id$ --*- c++ -*-- | |
73 | +// $Id$ --*- c++ -*-- | |
74 | ||
75 | // Copyright (C) 2003 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> | |
76 | // | |
77 | @@ -419,22 +419,30 @@ | |
78 | static void | |
79 | reduceCapabilities() | |
80 | { | |
81 | + int retried = 0; | |
82 | struct __user_cap_header_struct header; | |
83 | - struct __user_cap_data_struct user; | |
84 | + struct __user_cap_data_struct user[2]; | |
85 | ||
86 | - header.version = _LINUX_CAPABILITY_VERSION; | |
87 | + header.version = _LINUX_CAPABILITY_VERSION_2; | |
88 | header.pid = 0; | |
89 | ||
90 | - if (capget(&header, &user)==-1) { | |
91 | +retry: | |
92 | + if (capget(&header, user)==-1) { | |
93 | + if (!retried && | |
94 | + header.version != _LINUX_CAPABILITY_VERSION_2) { | |
95 | + header.version = _LINUX_CAPABILITY_VERSION_1; | |
96 | + retried = 1; | |
97 | + goto retry; | |
98 | + } | |
99 | perror("capget()"); | |
100 | exit(wrapper_exit_code); | |
101 | } | |
102 | ||
103 | - user.effective &= ~(1<<CAP_MKNOD); | |
104 | - user.permitted &= ~(1<<CAP_MKNOD); | |
105 | - user.inheritable &= ~(1<<CAP_MKNOD); | |
106 | + user[0].effective &= ~(1<<CAP_MKNOD); | |
107 | + user[0].permitted &= ~(1<<CAP_MKNOD); | |
108 | + user[0].inheritable &= ~(1<<CAP_MKNOD); | |
109 | ||
110 | - if (capset(&header, &user)==-1) { | |
111 | + if (capset(&header, user)==-1) { | |
112 | perror("capset()"); | |
113 | exit(wrapper_exit_code); | |
114 | } | |
115 | diff -urN util-vserver-0.30.215/src/vserver-info.c util-vserver-trunk/src/vserver-info.c | |
116 | --- util-vserver-0.30.215/src/vserver-info.c 2008-03-17 09:59:45.000000000 +0100 | |
117 | +++ util-vserver-trunk/src/vserver-info.c 2008-05-22 23:51:01.000000000 +0200 | |
118 | @@ -1,4 +1,4 @@ | |
119 | -// $Id$ --*- c -*-- | |
120 | +// $Id$ --*- c -*-- | |
121 | ||
122 | // Copyright (C) 2003 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> | |
123 | // | |
124 | @@ -185,9 +185,11 @@ | |
125 | static bool | |
126 | verifyCap() | |
127 | { | |
128 | + int retried = 0; | |
129 | struct __user_cap_header_struct header; | |
130 | - struct __user_cap_data_struct user; | |
131 | - header.version = _LINUX_CAPABILITY_VERSION; | |
132 | + struct __user_cap_data_struct user[2]; | |
133 | + | |
134 | + header.version = _LINUX_CAPABILITY_VERSION_2; | |
135 | header.pid = 0; | |
136 | ||
137 | if (getuid()!=0) { | |
138 | @@ -199,17 +201,24 @@ | |
139 | // perror( "prctl:" ); | |
140 | // return false; | |
141 | // } | |
142 | - | |
143 | - if (capget(&header, &user)==-1) { | |
144 | + | |
145 | +retry: | |
146 | + if (capget(&header, user)==-1) { | |
147 | + if (!retried && | |
148 | + header.version != _LINUX_CAPABILITY_VERSION_2) { | |
149 | + header.version = _LINUX_CAPABILITY_VERSION_1; | |
150 | + retried = 1; | |
151 | + goto retry; | |
152 | + } | |
153 | perror("capget()"); | |
154 | return false; | |
155 | } | |
156 | ||
157 | - user.effective = 0; | |
158 | - user.permitted = 0; | |
159 | - user.inheritable = 0; | |
160 | + user[0].effective = user[1].effective = 0; | |
161 | + user[0].permitted = user[1].permitted = 0; | |
162 | + user[0].inheritable = user[1].inheritable = 0; | |
163 | ||
164 | - if (capset(&header, &user)==-1) { | |
165 | + if (capset(&header, user)==-1) { | |
166 | perror("capset()"); | |
167 | return false; | |
168 | } | |
169 | diff -urN util-vserver-0.30.215/src/tunctl.c util-vserver-trunk/src/tunctl.c | |
170 | --- util-vserver-0.30.215/src/tunctl.c 2008-03-17 09:59:45.000000000 +0100 | |
171 | +++ util-vserver-trunk/src/tunctl.c 2008-05-22 23:51:01.000000000 +0200 | |
172 | @@ -33,6 +33,21 @@ | |
173 | #include <linux/if_tun.h> | |
174 | ||
175 | /* Make sure we have the necessary ioctls */ | |
176 | +#ifndef TUNSETNOCSUM | |
177 | +# define TUNSETNOCSUM _IOW('T', 200, int) | |
178 | +#endif | |
179 | +#ifndef TUNSETIFF | |
180 | +# define TUNSETIFF _IOW('T', 202, int) | |
181 | +#endif | |
182 | +#ifndef TUNSETPERSIST | |
183 | +# define TUNSETPERSIST _IOW('T', 203, int) | |
184 | +#endif | |
185 | +#ifndef TUNSETOWNER | |
186 | +# define TUNSETOWNER _IOW('T', 204, int) | |
187 | +#endif | |
188 | +#ifndef TUNSETLINK | |
189 | +# define TUNSETLINK _IOW('T', 205, int) | |
190 | +#endif | |
191 | #ifndef TUNSETGROUP | |
192 | # define TUNSETGROUP _IOW('T', 206, int) | |
193 | #endif | |
194 | diff -urN util-vserver-0.30.215/src/vspace.c util-vserver-trunk/src/vspace.c | |
195 | --- util-vserver-0.30.215/src/vspace.c 2008-03-17 09:59:45.000000000 +0100 | |
196 | +++ util-vserver-trunk/src/vspace.c 2008-05-22 23:51:01.000000000 +0200 | |
197 | @@ -1,4 +1,4 @@ | |
198 | -// $Id$ --*- c -*-- | |
199 | +// $Id$ --*- c -*-- | |
200 | ||
201 | // Copyright (C) 2004 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> | |
202 | // Copyright (C) 2007 Daniel Hokka Zakrisson | |
203 | @@ -114,6 +114,8 @@ | |
204 | if (mask == 0) | |
205 | return; | |
206 | ||
207 | + mask &= ~CLONE_FS; | |
208 | + | |
209 | signal(SIGCHLD, SIG_DFL); | |
210 | ||
211 | #ifdef NDEBUG |