You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by mt...@apache.org on 2012/02/06 15:36:24 UTC

svn commit: r1241022 - in /commons/proper/daemon/branches/1.0.x: RELEASE-NOTES.txt src/native/unix/configure.in src/native/unix/native/jsvc-unix.c

Author: mturk
Date: Mon Feb  6 14:36:24 2012
New Revision: 1241022

URL: http://svn.apache.org/viewvc?rev=1241022&view=rev
Log:
DAEMON-234 Dynamically load libcap.so.

Modified:
    commons/proper/daemon/branches/1.0.x/RELEASE-NOTES.txt
    commons/proper/daemon/branches/1.0.x/src/native/unix/configure.in
    commons/proper/daemon/branches/1.0.x/src/native/unix/native/jsvc-unix.c

Modified: commons/proper/daemon/branches/1.0.x/RELEASE-NOTES.txt
URL: http://svn.apache.org/viewvc/commons/proper/daemon/branches/1.0.x/RELEASE-NOTES.txt?rev=1241022&r1=1241021&r2=1241022&view=diff
==============================================================================
--- commons/proper/daemon/branches/1.0.x/RELEASE-NOTES.txt (original)
+++ commons/proper/daemon/branches/1.0.x/RELEASE-NOTES.txt Mon Feb  6 14:36:24 2012
@@ -79,7 +79,7 @@ NEW FEATURES:
 
 BUG FIXES:
 
-1.0.9: DAEMON-232, DAEMON-233, DAEMON-237
+1.0.9: DAEMON-232, DAEMON-233, DAEMON-234, DAEMON-237
 
 1.0.8: DAEMON-195, DAEMON-215, DAEMON-216, DAEMON-218, DAEMON-219, DAEMON-220,
        DAEMON-222, DAEMON-223, DAEMON-224, DAEMON-227, DAEMON-228

Modified: commons/proper/daemon/branches/1.0.x/src/native/unix/configure.in
URL: http://svn.apache.org/viewvc/commons/proper/daemon/branches/1.0.x/src/native/unix/configure.in?rev=1241022&r1=1241021&r2=1241022&view=diff
==============================================================================
--- commons/proper/daemon/branches/1.0.x/src/native/unix/configure.in (original)
+++ commons/proper/daemon/branches/1.0.x/src/native/unix/configure.in Mon Feb  6 14:36:24 2012
@@ -115,7 +115,7 @@ fi
 AC_SUBST(LDCMD)
 if test "$supported_os" = "linux"
 then
-AC_CHECK_LIB([cap], [cap_init], [CFLAGS="$CFLAGS -DHAVE_LIBCAP" ; LIBS="$LIBS -lcap"])
+AC_CHECK_LIB([cap], [cap_init], [CFLAGS="$CFLAGS -DHAVE_LIBCAP"])
 fi
 
 if test -z "$STRIPFLAGS"

Modified: commons/proper/daemon/branches/1.0.x/src/native/unix/native/jsvc-unix.c
URL: http://svn.apache.org/viewvc/commons/proper/daemon/branches/1.0.x/src/native/unix/native/jsvc-unix.c?rev=1241022&r1=1241021&r2=1241022&view=diff
==============================================================================
--- commons/proper/daemon/branches/1.0.x/src/native/unix/native/jsvc-unix.c (original)
+++ commons/proper/daemon/branches/1.0.x/src/native/unix/native/jsvc-unix.c Mon Feb  6 14:36:24 2012
@@ -188,6 +188,53 @@ static cap_value_t caps_min[] = {
 #define CAPS     1
 #define CAPSMIN  2
 
+
+typedef int     (*fd_cap_free)(void *);
+typedef cap_t   (*fd_cap_init)(void);
+typedef int     (*fd_cap_clear)(cap_t);
+typedef int     (*fd_cap_get_flag)(cap_t, cap_value_t, cap_flag_t, cap_flag_value_t *);
+typedef int     (*fd_cap_set_flag)(cap_t, cap_flag_t, int, const cap_value_t *, cap_flag_value_t);
+typedef int     (*fd_cap_set_proc)(cap_t);
+
+static dso_handle hlibcap = NULL;
+static fd_cap_free  fp_cap_free;
+static fd_cap_init  fp_cap_init;
+static fd_cap_clear fp_cap_clear;
+static fd_cap_get_flag fp_cap_get_flag;
+static fd_cap_set_flag fp_cap_set_flag;
+static fd_cap_set_proc fp_cap_set_proc;
+
+static int ld_libcap(void)
+{
+    dso_handle dso;
+#define CAP_LDD(name) \
+    if ((fp_##name = dso_symbol(dso, #name)) == NULL) { \
+        log_error("cannot locate " #name " in libcap.so -- %s", dso_error());  \
+        dso_unlink(dso);    \
+        return -1;          \
+    } else log_debug("loaded " #name " from libcap.")
+
+    if (hlibcap != NULL)
+        return 0;
+    dso = dso_link("/lib/libcap.so");
+    if (dso == 0)
+        dso = dso_link("/usr/lib/libcap.so");
+    if (dso == 0) {
+        log_error("failed loading capabilities library -- %s.", dso_error());
+        return -1;
+    }
+    CAP_LDD(cap_free);
+    CAP_LDD(cap_init);
+    CAP_LDD(cap_clear);
+
+    CAP_LDD(cap_get_flag);
+    CAP_LDD(cap_set_flag);
+    CAP_LDD(cap_set_proc);
+    hlibcap = dso;
+#undef CAP_LDD
+    return 0;
+}
+
 static int set_caps(int cap_type)
 {
     cap_t c;
@@ -196,6 +243,9 @@ static int set_caps(int cap_type)
     cap_value_t *caps;
     const char  *type;
 
+    if (ld_libcap()) {
+        return -1;
+    }
     if (cap_type == CAPS) {
         ncap = sizeof(caps_std)/sizeof(cap_value_t);
         caps = caps_std;
@@ -212,16 +262,16 @@ static int set_caps(int cap_type)
         type = "null";
         flag = CAP_CLEAR;
     }
-    c = cap_init();
-    cap_clear(c);
-    cap_set_flag(c, CAP_EFFECTIVE,   ncap, caps, flag);
-    cap_set_flag(c, CAP_INHERITABLE, ncap, caps, flag);
-    cap_set_flag(c, CAP_PERMITTED,   ncap, caps, flag);
-    if (cap_set_proc(c) != 0) {
+    c = (*fp_cap_init)();
+    (*fp_cap_clear)(c);
+    (*fp_cap_set_flag)(c, CAP_EFFECTIVE,   ncap, caps, flag);
+    (*fp_cap_set_flag)(c, CAP_INHERITABLE, ncap, caps, flag);
+    (*fp_cap_set_flag)(c, CAP_PERMITTED,   ncap, caps, flag);
+    if ((*fp_cap_set_proc)(c) != 0) {
         log_error("failed setting %s capabilities.", type);
         return -1;
     }
-    cap_free(c);
+    (*fp_cap_free)(c);
     if (cap_type == CAPS)
         log_debug("increased capability set.");
     else if (cap_type == CAPSMIN)