From: Patrick Steinhardt <ps@pks.im>
To: util-linux@vger.kernel.org
Cc: Patrick Steinhardt <ps@pks.im>, luto@kernel.org, kzak@redhat.com
Subject: [PATCH 0/5] Ambient capabilities for setpriv
Date: Sat, 24 Jun 2017 16:04:29 +0200 [thread overview]
Message-ID: <cover.1498312509.git.ps@pks.im> (raw)
Hi,
this patch series implements support for ambient capabilities in
setpriv(1). Ambient capabilities have been implemented with Linux
4.3 by Andy Lutomirski [1]. Quoting from capabilities(7):
This is a set of capabilities that are preserved across an
execve(2) of a program that is not privileged.
The patches are inspired and squarely based on published patches
for util-linux by Andy [2]. As these commits seem to never have
been upstreamed, I've contacted Andy a few days ago whether he
intends to do so in the near future, but got no response. Anyway,
as I would like to have ambient capabilities available in
setpriv, I took up the baton and wrote this patch series.
Regards
Patrick
[1]: https://lwn.net/Articles/636533/
[2]: https://git.kernel.org/pub/scm/linux/kernel/git/luto/util-linux-playground.git/commit/?h=cap_ambient&id=860c73ac1acaaae976bdd3bb83b89b0180f0702a
Patrick Steinhardt (5):
setpriv: introduce indirection for `capng_type` enum
setpriv: proxy function checking whether a capability is set
setpriv: proxy function to update capabilities
setpriv: support dumping ambient capabilities
setpriv: support modifying the set of ambient capabilities
sys-utils/setpriv.1 | 8 ++--
sys-utils/setpriv.c | 109 ++++++++++++++++++++++++++++++++++++++++++++++------
2 files changed, 103 insertions(+), 14 deletions(-)
--
2.13.1
next reply other threads:[~2017-06-24 14:04 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-24 14:04 Patrick Steinhardt [this message]
2017-06-24 14:04 ` [PATCH 1/5] setpriv: introduce indirection for `capng_type` enum Patrick Steinhardt
2017-06-24 14:04 ` [PATCH 2/5] setpriv: proxy function checking whether a capability is set Patrick Steinhardt
2017-06-24 20:44 ` Andy Lutomirski
2017-06-24 14:04 ` [PATCH 3/5] setpriv: proxy function to update capabilities Patrick Steinhardt
2017-06-24 20:45 ` Andy Lutomirski
2017-06-24 14:04 ` [PATCH 4/5] setpriv: support dumping ambient capabilities Patrick Steinhardt
2017-06-24 20:46 ` Andy Lutomirski
2017-06-24 14:04 ` [PATCH 5/5] setpriv: support modifying the set of " Patrick Steinhardt
2017-06-24 20:47 ` Andy Lutomirski
2017-06-25 9:33 ` Patrick Steinhardt
2017-06-24 20:44 ` [PATCH 1/5] setpriv: introduce indirection for `capng_type` enum Andy Lutomirski
2017-06-24 20:43 ` [PATCH 0/5] Ambient capabilities for setpriv Andy Lutomirski
2017-06-25 9:11 ` Patrick Steinhardt
2017-06-27 13:14 ` Karel Zak
2017-06-27 16:00 ` Patrick Steinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1498312509.git.ps@pks.im \
--to=ps@pks.im \
--cc=kzak@redhat.com \
--cc=luto@kernel.org \
--cc=util-linux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.