NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

iputils: set the permissions with IPUTILS_PERMISSIONS

Browse Source 
... for arping, clockdiff and ping. These require root permission for
socket(). Upstream solution (script setcap-setuid.sh) requires
setcap binary on the host and cap_net_raw+ep + libcap, or setting
setuid root executable (which is dangerous). Neither would work anyway
since we install as non-root user.

This restores behavior used for version s20180629. We used to setuid the
ping and traceroute6 programs. traceroute6 is no longer built since the
bump to s20190515, but now arping and clockdiff are built, and these
need setuid as well. So enable setuid on arping, clockdiff and ping.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit is contained in:
Petr Vorel 2019-06-10 01:07:02 +02:00 committed by Arnout Vandecappelle (Essensium/Mind)
parent 87f7264c2f
commit e2821a494b
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
package/iputils/iputils.mk
View File

@ -52,4 +52,12 @@ endif
# XSL Stylesheets for DocBook 5 not packaged for buildroot
IPUTILS_CONF_OPTS += -DBUILD_MANS=false -DBUILD_HTML_MANS=false
# handle permissions ourselves
IPUTILS_CONF_OPTS += -DNO_SETCAP_OR_SUID=true
define IPUTILS_PERMISSIONS
/bin/arping f 4755 0 0 - - - - -
/bin/clockdiff f 4755 0 0 - - - - -
/bin/ping f 4755 0 0 - - - - -
endef
$(eval $(meson-package))