You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Damien Raude-Morvan (JIRA)" <ji...@apache.org> on 2010/07/28 19:34:16 UTC
[jira] Created: (DAEMON-168) [daemon][jsvc] Handling of
capabilities should use libcap
[daemon][jsvc] Handling of capabilities should use libcap
---------------------------------------------------------
Key: DAEMON-168
URL: https://issues.apache.org/jira/browse/DAEMON-168
Project: Commons Daemon
Issue Type: Improvement
Components: Jsvc
Affects Versions: 1.0.2
Environment: Debian Unstable
Reporter: Damien Raude-Morvan
Attachments: old_capabilities.diff
Hi,
[For full story, please see here : http://bugs.debian.org/412690]
As 1.0.2 release, jsvc component use a syscall to handle capabilities settings.
Here is an example in src/native/unix/native/jsvc-unix.c:
if (syscall(__NR_capset, &caphead, &cap) < 0) {
It's not recommended usage of capabilities since ABI/API can change at each kernel release.
And in fact, it's already changed and kernel handle some backward compat layer like described here :
http://marc.info/?l=linux-kernel&m=120883245227970&w=2
For now, I'm forced to patch jsvc to force usage of the backward compatibility layer.
(see attached patch)
Cheers,
--
Damien Raude-Morvan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DAEMON-168) [daemon][jsvc] Handling of
capabilities should use libcap
Posted by "Mladen Turk (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DAEMON-168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mladen Turk updated DAEMON-168:
-------------------------------
Fix Version/s: 1.0.3
(was: 1.0.2)
> [daemon][jsvc] Handling of capabilities should use libcap
> ---------------------------------------------------------
>
> Key: DAEMON-168
> URL: https://issues.apache.org/jira/browse/DAEMON-168
> Project: Commons Daemon
> Issue Type: Improvement
> Components: Jsvc
> Affects Versions: 1.0.2
> Environment: Debian Unstable
> Reporter: Damien Raude-Morvan
> Fix For: 1.0.3
>
> Attachments: old_capabilities.diff
>
>
> Hi,
> [For full story, please see here : http://bugs.debian.org/412690]
> As 1.0.2 release, jsvc component use a syscall to handle capabilities settings.
> Here is an example in src/native/unix/native/jsvc-unix.c:
> if (syscall(__NR_capset, &caphead, &cap) < 0) {
> It's not recommended usage of capabilities since ABI/API can change at each kernel release.
> And in fact, it's already changed and kernel handle some backward compat layer like described here :
> http://marc.info/?l=linux-kernel&m=120883245227970&w=2
> For now, I'm forced to patch jsvc to force usage of the backward compatibility layer.
> (see attached patch)
> Cheers,
> --
> Damien Raude-Morvan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DAEMON-168) [daemon][jsvc] Handling of
capabilities should use libcap
Posted by "Mladen Turk (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DAEMON-168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12893682#action_12893682 ]
Mladen Turk commented on DAEMON-168:
------------------------------------
Fixed in the trunk by using libcap.
Can you guys check the head and see if it works for you.
> [daemon][jsvc] Handling of capabilities should use libcap
> ---------------------------------------------------------
>
> Key: DAEMON-168
> URL: https://issues.apache.org/jira/browse/DAEMON-168
> Project: Commons Daemon
> Issue Type: Improvement
> Components: Jsvc
> Affects Versions: 1.0.2
> Environment: Debian Unstable
> Reporter: Damien Raude-Morvan
> Attachments: old_capabilities.diff
>
>
> Hi,
> [For full story, please see here : http://bugs.debian.org/412690]
> As 1.0.2 release, jsvc component use a syscall to handle capabilities settings.
> Here is an example in src/native/unix/native/jsvc-unix.c:
> if (syscall(__NR_capset, &caphead, &cap) < 0) {
> It's not recommended usage of capabilities since ABI/API can change at each kernel release.
> And in fact, it's already changed and kernel handle some backward compat layer like described here :
> http://marc.info/?l=linux-kernel&m=120883245227970&w=2
> For now, I'm forced to patch jsvc to force usage of the backward compatibility layer.
> (see attached patch)
> Cheers,
> --
> Damien Raude-Morvan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DAEMON-168) [daemon][jsvc] Handling of
capabilities should use libcap
Posted by "Damien Raude-Morvan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DAEMON-168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Damien Raude-Morvan updated DAEMON-168:
---------------------------------------
Attachment: old_capabilities.diff
> [daemon][jsvc] Handling of capabilities should use libcap
> ---------------------------------------------------------
>
> Key: DAEMON-168
> URL: https://issues.apache.org/jira/browse/DAEMON-168
> Project: Commons Daemon
> Issue Type: Improvement
> Components: Jsvc
> Affects Versions: 1.0.2
> Environment: Debian Unstable
> Reporter: Damien Raude-Morvan
> Attachments: old_capabilities.diff
>
>
> Hi,
> [For full story, please see here : http://bugs.debian.org/412690]
> As 1.0.2 release, jsvc component use a syscall to handle capabilities settings.
> Here is an example in src/native/unix/native/jsvc-unix.c:
> if (syscall(__NR_capset, &caphead, &cap) < 0) {
> It's not recommended usage of capabilities since ABI/API can change at each kernel release.
> And in fact, it's already changed and kernel handle some backward compat layer like described here :
> http://marc.info/?l=linux-kernel&m=120883245227970&w=2
> For now, I'm forced to patch jsvc to force usage of the backward compatibility layer.
> (see attached patch)
> Cheers,
> --
> Damien Raude-Morvan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DAEMON-168) [daemon][jsvc] Handling of
capabilities should use libcap
Posted by "Mladen Turk (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DAEMON-168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mladen Turk resolved DAEMON-168.
--------------------------------
Fix Version/s: 1.0.2
Resolution: Fixed
Fixed in the trunk.
Will be part of 1.0.3
> [daemon][jsvc] Handling of capabilities should use libcap
> ---------------------------------------------------------
>
> Key: DAEMON-168
> URL: https://issues.apache.org/jira/browse/DAEMON-168
> Project: Commons Daemon
> Issue Type: Improvement
> Components: Jsvc
> Affects Versions: 1.0.2
> Environment: Debian Unstable
> Reporter: Damien Raude-Morvan
> Fix For: 1.0.2
>
> Attachments: old_capabilities.diff
>
>
> Hi,
> [For full story, please see here : http://bugs.debian.org/412690]
> As 1.0.2 release, jsvc component use a syscall to handle capabilities settings.
> Here is an example in src/native/unix/native/jsvc-unix.c:
> if (syscall(__NR_capset, &caphead, &cap) < 0) {
> It's not recommended usage of capabilities since ABI/API can change at each kernel release.
> And in fact, it's already changed and kernel handle some backward compat layer like described here :
> http://marc.info/?l=linux-kernel&m=120883245227970&w=2
> For now, I'm forced to patch jsvc to force usage of the backward compatibility layer.
> (see attached patch)
> Cheers,
> --
> Damien Raude-Morvan
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.