]> granicus.if.org Git - shadow/commit
projects / shadow / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ff8b1eb) | patch
newuidmap/newgidmap: install with file capabilities
authorGiuseppe Scrivano <gscrivan@redhat.com>
Wed, 24 Oct 2018 09:08:28 +0000 (11:08 +0200)
committerGiuseppe Scrivano <gscrivan@redhat.com>
Wed, 24 Oct 2018 21:10:59 +0000 (23:10 +0200)
commit70971457b761cdd6cd507acfc935295b4f3f237f
tree966195ddf44bf13c67f20f873c449938db8722fbtree | snapshot
parentff8b1ebafa15f881856e4c5e4eceb5ec05f4738fcommit | diff
newuidmap/newgidmap: install with file capabilities

do not install newuidmap/newgidmap as suid binaries.  Running these
tools with the same euid as the owner of the user namespace to
configure requires only CAP_SETUID and CAP_SETGID instead of requiring
CAP_SYS_ADMIN when it is installed as a suid binary.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
configure.ac diff | blob | history
src/Makefile.am diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.