File: 04-log-error.patch

package info (click to toggle)
libcap-ng 0.8.3-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 2,292 kB
  • sloc: sh: 4,360; ansic: 2,734; python: 355; makefile: 165
file content (83 lines) | stat: -rw-r--r-- 2,169 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
From: Steve Grubb <sgrubb@redhat.com>
Date: Tue, 29 Mar 2022 20:43:39 +0000
Subject: Block bad return codes, log error instead.

Origin: https://src.fedoraproject.org/rpms/libcap-ng/c/45a1c444fc044f85360193cc4458f04c145c6133.patch
Bug: https://github.com/stevegrubb/libcap-ng/issues/21
Forwarded: not-needed
---
 src/cap-ng.c | 44 +++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 41 insertions(+), 3 deletions(-)

diff --git a/src/cap-ng.c b/src/cap-ng.c
index b4aa3d4..426edb6 100644
--- a/src/cap-ng.c
+++ b/src/cap-ng.c
@@ -784,6 +784,41 @@ int capng_updatev(capng_act_t action, capng_type_t type,
 	return rc;
 }
 
+#include <sys/param.h>
+static char *get_exename(char *exename, int size)
+{
+        char tmp[PATH_MAX+1];
+	int res;
+
+        /* get the name of the current executable */
+        if ((res = readlink("/proc/self/exe", tmp, PATH_MAX)) < 0)
+                strcpy(exename, "\"?\"");
+        else {
+                tmp[res] = '\0';
+                snprintf(exename, size, "\"%s\"", tmp);
+        }
+        return exename;
+}
+
+#include <syslog.h>
+static void log_problem(unsigned int msg)
+{
+	static const char *text[3] = {
+		"dropping bounding set",
+		"getting new bounding set",
+		"dropping bounding set due to not having CAP_SETPCAP"
+	};
+	static int warned[3] = {0, 0, 0};
+	unsigned idx = msg - 2;
+	char exe[2048];
+	if (warned[idx] == 0) {
+		// Only warn once
+		syslog(LOG_ERR, "libcap-ng used by %s failed %s in capng_apply",
+		       get_exename(exe, 2047), text[idx]);
+		warned[idx] = 1;
+	}
+}
+
 int capng_apply(capng_select_t set)
 {
 	int rc = 0;
@@ -805,19 +840,22 @@ if (HAVE_PR_CAPBSET_DROP) {
 				if (capng_have_capability(CAPNG_BOUNDING_SET,
 								 i) == 0) {
 				    if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) <0) {
-					rc = -2;
+//					rc = -2;
+					log_problem(2);
 					goto try_caps;
 				    }
 				}
 			}
 			m.state = CAPNG_APPLIED;
 			if (get_bounding_set() < 0) {
-				rc = -3;
+//				rc = -3;
+				log_problem(3);
 				goto try_caps;
 			}
 		} else {
 			memcpy(&m, &state, sizeof(m)); /* restore state */
-			rc = -4;
+//			rc = -4;
+			log_problem(4);
 			goto try_caps;
 		}
 }