summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2017-08-28 16:48:27 +1000
committerDarren Tucker <dtucker@zip.com.au>2017-08-28 16:48:27 +1000
commitdd9d9b3381a4597b840d480b043823112039327e (patch)
treec32a429880d5e53896323a70cf27c705338b0d75
parentf5e917ab105af5dd6429348d9bc463e52b263f92 (diff)
Switch Capsicum header to sys/capsicum.h.
FreeBSD's <sys/capability.h> was renamed to <sys/capsicum.h> in 2014 to avoid future conflicts with POSIX capabilities (the last release that didn't have it was 9.3) so switch to that. Patch from des at des.no.
Diffstat
-rw-r--r--configure.ac14
-rw-r--r--sandbox-capsicum.c2
2 files changed, 11 insertions, 5 deletions
diff --git a/configure.ac b/configure.ac
index 49c5caa26..9094cf044 100644
--- a/configure.ac
+++ b/configure.ac
@@ -370,7 +370,6 @@ AC_CHECK_HEADERS([ \
370 sys/audit.h \ 370 sys/audit.h \
371 sys/bitypes.h \ 371 sys/bitypes.h \
372 sys/bsdtty.h \ 372 sys/bsdtty.h \
373 sys/capability.h \
374 sys/cdefs.h \ 373 sys/cdefs.h \
375 sys/dir.h \ 374 sys/dir.h \
376 sys/mman.h \ 375 sys/mman.h \
@@ -402,6 +401,13 @@ AC_CHECK_HEADERS([ \
402 wchar.h \ 401 wchar.h \
403]) 402])
404 403
404# sys/capsicum.h requires sys/types.h
405AC_CHECK_HEADERS([sys/capsicum.h], [], [], [
406#ifdef HAVE_SYS_TYPES_H
407# include <sys/types.h>
408#endif
409])
410
405# lastlog.h requires sys/time.h to be included first on Solaris 411# lastlog.h requires sys/time.h to be included first on Solaris
406AC_CHECK_HEADERS([lastlog.h], [], [], [ 412AC_CHECK_HEADERS([lastlog.h], [], [], [
407#ifdef HAVE_SYS_TIME_H 413#ifdef HAVE_SYS_TIME_H
@@ -3256,10 +3262,10 @@ elif test "x$sandbox_arg" = "xseccomp_filter" || \
3256 AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter]) 3262 AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter])
3257elif test "x$sandbox_arg" = "xcapsicum" || \ 3263elif test "x$sandbox_arg" = "xcapsicum" || \
3258 ( test -z "$sandbox_arg" && \ 3264 ( test -z "$sandbox_arg" && \
3259 test "x$ac_cv_header_sys_capability_h" = "xyes" && \ 3265 test "x$ac_cv_header_sys_capsicum_h" = "xyes" && \
3260 test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then 3266 test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then
3261 test "x$ac_cv_header_sys_capability_h" != "xyes" && \ 3267 test "x$ac_cv_header_sys_capsicum_h" != "xyes" && \
3262 AC_MSG_ERROR([capsicum sandbox requires sys/capability.h header]) 3268 AC_MSG_ERROR([capsicum sandbox requires sys/capsicum.h header])
3263 test "x$ac_cv_func_cap_rights_limit" != "xyes" && \ 3269 test "x$ac_cv_func_cap_rights_limit" != "xyes" && \
3264 AC_MSG_ERROR([capsicum sandbox requires cap_rights_limit function]) 3270 AC_MSG_ERROR([capsicum sandbox requires cap_rights_limit function])
3265 SANDBOX_STYLE="capsicum" 3271 SANDBOX_STYLE="capsicum"
diff --git a/sandbox-capsicum.c b/sandbox-capsicum.c
index 655f0d217..e10bad7e8 100644
--- a/sandbox-capsicum.c
+++ b/sandbox-capsicum.c
@@ -22,7 +22,7 @@
22#include <sys/param.h> 22#include <sys/param.h>
23#include <sys/time.h> 23#include <sys/time.h>
24#include <sys/resource.h> 24#include <sys/resource.h>
25#include <sys/capability.h> 25#include <sys/capsicum.h>
26 26
27#include <errno.h> 27#include <errno.h>
28#include <stdarg.h> 28#include <stdarg.h>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 15:07:13 +0000