[PATCH] setpriv: remove dependency on libcap headers
Denys Vlasenko
vda.linux at googlemail.com
Fri Jul 7 16:00:45 UTC 2017
On Fri, Jul 7, 2017 at 3:40 PM, Patrick Steinhardt <ps at pks.im> wrote:
> The setpriv applet is including <sys/capability.h> for the capget(2) and
> capset(2) functions. Unfortunately, this header is not provided by
> linux-headers, but by libcap instead, which requires users to have them
> installed. As these functions are not actually implemented by libcap
> itself but instead provided by the libc, no additional linking is
> required and as such the depenency went by unnoticed.
>
> To get rid of this requirement, we can instead use a direct syscall.
> Taking a look at musl libc's implementation of these funcitions, they
> are direct wrappers to `syscall(SYS_capset, ...)` and
> `syscall(SYS_capget, ...)`. As such, it is trivial to reimplement them
> ourselves via syscall(2).
>
> function old new delta
> getcaps 230 246 +16
> setpriv_main 1260 1266 +6
Evidently, this is not the same, since code size increased.
I'm going with this instead:
// #include <sys/capability.h>
// This header is in libcap, but the functions are in libc.
// Comment in the header says this above capset/capget:
/* system calls - look to libc for function to system call mapping */
extern int capset(cap_user_header_t header, cap_user_data_t data);
extern int capget(cap_user_header_t header, const cap_user_data_t data);
// so for bbox, let's just repeat the declarations.
// This way, libcap needs not be installed in build environment.
More information about the busybox
mailing list