From 16c29a1920e48e7480595edd0ae96094d6e220c8 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Sat, 3 Apr 2010 07:12:06 -0400 Subject: mount.cifs: fix toggle_cap_dac_override ...it clears the capability set completely, which it shouldn't do. It also doesn't call cap_set_proc to make the new capability set active. Signed-off-by: Jeff Layton --- mount.cifs.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/mount.cifs.c b/mount.cifs.c index 1f08230..eb72c46 100644 --- a/mount.cifs.c +++ b/mount.cifs.c @@ -395,13 +395,6 @@ toggle_cap_dac_override(int enable) return EX_SYSERR; } - if (cap_clear(caps) == -1) { - fprintf(stderr, "Unable to clear capability set: %s\n", - strerror(errno)); - rc = EX_SYSERR; - goto free_caps; - } - cap_list = CAP_DAC_OVERRIDE; if (cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap_list, enable ? CAP_SET : CAP_CLEAR) == -1) { @@ -410,6 +403,12 @@ toggle_cap_dac_override(int enable) rc = EX_SYSERR; goto free_caps; } + + if (cap_set_proc(caps) != 0) { + fprintf(stderr, "Unable to set current process capabilities: %s\n", + strerror(errno)); + rc = EX_SYSERR; + } free_caps: cap_free(caps); return 0; -- cgit v1.2.3