diff -urN util-vserver-0.30.215/lib/syscall_netadd-netv2.hc util-vserver-trunk/lib/syscall_netadd-netv2.hc --- util-vserver-0.30.215/lib/syscall_netadd-netv2.hc 2008-03-17 09:59:48.000000000 +0100 +++ util-vserver-trunk/lib/syscall_netadd-netv2.hc 2008-05-22 23:51:10.000000000 +0200 @@ -1,4 +1,4 @@ -// $Id$ --*- c -*-- +// $Id$ --*- c -*-- // Copyright (C) 2007 Daniel Hokka Zakrisson // @@ -27,10 +27,15 @@ case VC_NXA_TYPE_IPV4: { struct vcmd_net_addr_ipv4_v1 k_info; - k_info.type = info->vna_type & ~VC_NXA_TYPE_IPV4; - k_info.flags = info->vna_flags; - k_info.ip.s_addr = info->vna_v4_ip.s_addr; - k_info.mask.s_addr = info->vna_v4_mask.s_addr; + k_info.type = info->vna_type & ~VC_NXA_TYPE_IPV4; + k_info.flags = info->vna_flags; + k_info.ip.s_addr = info->vna_v4_ip.s_addr; + k_info.mask.s_addr = info->vna_v4_mask.s_addr; + + if (k_info.ip.s_addr == 0) { + k_info.type = VC_NXA_TYPE_MASK; + k_info.mask.s_addr = 0; + } return vserver(VCMD_net_add_ipv4, NID_USER2KERNEL(nid), &k_info); } diff -urN util-vserver-0.30.215/src/naddress.c util-vserver-trunk/src/naddress.c --- util-vserver-0.30.215/src/naddress.c 2008-03-17 09:59:45.000000000 +0100 +++ util-vserver-trunk/src/naddress.c 2008-05-22 23:51:01.000000000 +0200 @@ -1,4 +1,4 @@ -// $Id$ +// $Id$ // Copyright (C) 2003 Enrico Scholz // Copyright (C) 2006 Daniel Hokka Zakrisson @@ -315,7 +315,6 @@ } out: - free(str); return ret; } diff -urN util-vserver-0.30.215/src/capability-compat.h util-vserver-trunk/src/capability-compat.h --- util-vserver-0.30.215/src/capability-compat.h 2008-03-17 09:59:45.000000000 +0100 +++ util-vserver-trunk/src/capability-compat.h 2008-05-22 23:51:01.000000000 +0200 @@ -1,4 +1,4 @@ -// $Id$ --*- c -*-- +// $Id$ --*- c -*-- // Copyright (C) 2005 Enrico Scholz // @@ -29,3 +29,11 @@ extern int capset (struct __user_cap_header_struct *, struct __user_cap_data_struct *); #endif + +#ifndef _LINUX_CAPABILITY_VERSION_1 +# define _LINUX_CAPABILITY_VERSION_1 _LINUX_CAPABILITY_VERSION +#endif + +#ifndef _LINUX_CAPABILITY_VERSION_2 +# define _LINUX_CAPABILITY_VERSION_2 0x20071026 +#endif diff -urN util-vserver-0.30.215/src/rpm-fake.c util-vserver-trunk/src/rpm-fake.c --- util-vserver-0.30.215/src/rpm-fake.c 2008-03-17 09:59:45.000000000 +0100 +++ util-vserver-trunk/src/rpm-fake.c 2008-05-22 23:51:01.000000000 +0200 @@ -1,4 +1,4 @@ -// $Id$ --*- c++ -*-- +// $Id$ --*- c++ -*-- // Copyright (C) 2003 Enrico Scholz // @@ -419,22 +419,30 @@ static void reduceCapabilities() { + int retried = 0; struct __user_cap_header_struct header; - struct __user_cap_data_struct user; + struct __user_cap_data_struct user[2]; - header.version = _LINUX_CAPABILITY_VERSION; + header.version = _LINUX_CAPABILITY_VERSION_2; header.pid = 0; - if (capget(&header, &user)==-1) { +retry: + if (capget(&header, user)==-1) { + if (!retried && + header.version != _LINUX_CAPABILITY_VERSION_2) { + header.version = _LINUX_CAPABILITY_VERSION_1; + retried = 1; + goto retry; + } perror("capget()"); exit(wrapper_exit_code); } - user.effective &= ~(1< // @@ -185,9 +185,11 @@ static bool verifyCap() { + int retried = 0; struct __user_cap_header_struct header; - struct __user_cap_data_struct user; - header.version = _LINUX_CAPABILITY_VERSION; + struct __user_cap_data_struct user[2]; + + header.version = _LINUX_CAPABILITY_VERSION_2; header.pid = 0; if (getuid()!=0) { @@ -199,17 +201,24 @@ // perror( "prctl:" ); // return false; // } - - if (capget(&header, &user)==-1) { + +retry: + if (capget(&header, user)==-1) { + if (!retried && + header.version != _LINUX_CAPABILITY_VERSION_2) { + header.version = _LINUX_CAPABILITY_VERSION_1; + retried = 1; + goto retry; + } perror("capget()"); return false; } - user.effective = 0; - user.permitted = 0; - user.inheritable = 0; + user[0].effective = user[1].effective = 0; + user[0].permitted = user[1].permitted = 0; + user[0].inheritable = user[1].inheritable = 0; - if (capset(&header, &user)==-1) { + if (capset(&header, user)==-1) { perror("capset()"); return false; } diff -urN util-vserver-0.30.215/src/tunctl.c util-vserver-trunk/src/tunctl.c --- util-vserver-0.30.215/src/tunctl.c 2008-03-17 09:59:45.000000000 +0100 +++ util-vserver-trunk/src/tunctl.c 2008-05-22 23:51:01.000000000 +0200 @@ -33,6 +33,21 @@ #include /* Make sure we have the necessary ioctls */ +#ifndef TUNSETNOCSUM +# define TUNSETNOCSUM _IOW('T', 200, int) +#endif +#ifndef TUNSETIFF +# define TUNSETIFF _IOW('T', 202, int) +#endif +#ifndef TUNSETPERSIST +# define TUNSETPERSIST _IOW('T', 203, int) +#endif +#ifndef TUNSETOWNER +# define TUNSETOWNER _IOW('T', 204, int) +#endif +#ifndef TUNSETLINK +# define TUNSETLINK _IOW('T', 205, int) +#endif #ifndef TUNSETGROUP # define TUNSETGROUP _IOW('T', 206, int) #endif diff -urN util-vserver-0.30.215/src/vspace.c util-vserver-trunk/src/vspace.c --- util-vserver-0.30.215/src/vspace.c 2008-03-17 09:59:45.000000000 +0100 +++ util-vserver-trunk/src/vspace.c 2008-05-22 23:51:01.000000000 +0200 @@ -1,4 +1,4 @@ -// $Id$ --*- c -*-- +// $Id$ --*- c -*-- // Copyright (C) 2004 Enrico Scholz // Copyright (C) 2007 Daniel Hokka Zakrisson @@ -114,6 +114,8 @@ if (mask == 0) return; + mask &= ~CLONE_FS; + signal(SIGCHLD, SIG_DFL); #ifdef NDEBUG