nfsdcld: Before clearing the capability bounding set, check if we have the cap
authorHarald Hoyer <harald@redhat.com>
Tue, 19 Jun 2012 14:53:29 +0000 (10:53 -0400)
committerSteve Dickson <steved@redhat.com>
Tue, 19 Jun 2012 14:53:29 +0000 (10:53 -0400)
commitd18b89cd7352783580f3d3dde26f8617e36459b9
tree91d6ba4b0d401cf12ed1ef56ad7b1a088f3346bc
parent55b1769e63cdffa07b597fa6132c9902cec25265
nfsdcld: Before clearing the capability bounding set, check if we have the cap

From: Harald Hoyer <harald@redhat.com>

PR_CAPBSET_DROP can return EINVAL, if an older kernel does support
some capabilities, which are defined by CAP_LAST_CAP, which results in
a failure of the service.

For example kernel 3.4 errors on CAP_EPOLLWAKEUP, which was newly
introduced in 3.5.

So, for future capabilities, we clear until we get an EINVAL for
PR_CAPBSET_READ.

Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
support/nsm/file.c
utils/nfsdcld/nfsdcld.c