GNU bug report logs -
#61462
Add support for file capabilities(7)
Previous Next
Reported by: Tobias Geerinckx-Rice <me <at> tobias.gr>
Date: Sun, 12 Feb 2023 20:46:01 UTC
Severity: normal
Tags: patch
Done: Tobias Geerinckx-Rice <me <at> tobias.gr>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
On 2023-07-21, Vagrant Cascadian wrote:
> Thanks for the refreshed v2 patches! I gave them a quick spin...
>
> As noted on IRC, apparently it lacks actual calls to setcap, so that
> part still needs another patch at least!
>
> Otherwise, it did seem to more-or-less work...
>
> There are compatibility symlinks from /run/setuid-programs to
> /run/privledged/bin and it sets setuid on requested files.
Oh, I noticed on reconfiguring back to a system without the patches to
support /run/privileged configurations ... the /run/privileged directory
is still present, with all those files sitting there in their previous
state.
This is why I think at least by default, many other distros implement
/run as a tmpfs or similar, so that it at least gets thrown out at
reboot. Though this is obviously a deeper problem than just this patch
series... I will file a separate bug about that.
live well,
vagrant
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 305 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.