mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-11-25 09:36:14 +01:00
32 lines
1,019 B
Diff
32 lines
1,019 B
Diff
|
From c5f36683a04d5e8418a4ba5b27d369c04cf5610f Mon Sep 17 00:00:00 2001
|
||
|
|
From: magic_rb <richard@brezak.sk>
|
||
|
|
Date: Tue, 17 Sep 2024 23:54:36 +0200
|
||
|
|
Subject: [PATCH] Don't bail if we have capabilities in non-setuid case
|
||
|
|
|
||
|
|
Signed-off-by: magic_rb <richard@brezak.sk>
|
||
|
|
---
|
||
|
|
bubblewrap.c | 7 -------
|
||
|
|
1 file changed, 7 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/bubblewrap.c b/bubblewrap.c
|
||
|
|
index bc75da4..027dfd4 100644
|
||
|
|
--- a/bubblewrap.c
|
||
|
|
+++ b/bubblewrap.c
|
||
|
|
@@ -872,13 +872,6 @@ acquire_privs (void)
|
||
|
|
/* Keep only the required capabilities for setup */
|
||
|
|
set_required_caps ();
|
||
|
|
}
|
||
|
|
- else if (real_uid != 0 && has_caps ())
|
||
|
|
- {
|
||
|
|
- /* We have some capabilities in the non-setuid case, which should not happen.
|
||
|
|
- Probably caused by the binary being setcap instead of setuid which we
|
||
|
|
- don't support anymore */
|
||
|
|
- die ("Unexpected capabilities but not setuid, old file caps config?");
|
||
|
|
- }
|
||
|
|
else if (real_uid == 0)
|
||
|
|
{
|
||
|
|
/* If our uid is 0, default to inheriting all caps; the caller
|
||
|
|
--
|
||
|
|
2.46.0
|
||
|
|
|