359937 – net-misc/iputils: support file capabilities instead of set*id

Bug 359937 - net-misc/iputils: support file capabilities instead of set*id

Summary: net-misc/iputils: support file capabilities instead of set*id

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Core system (show other bugs)
Hardware:	All Linux

Importance:	Normal enhancement (vote)
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:

Duplicates (1):	408927 (view as bug list)
Depends on:
Blocks:

Reported:	2011-03-22 13:15 UTC by montjoie
Modified:	2015-04-25 00:00 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
patch to add caps use flag to iputils ebuild (iputils_with_caps.patch,1.88 KB, patch) 2011-03-22 13:18 UTC, montjoie	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description montjoie 2011-03-22 13:15:22 UTC

/bin/ping is set-uid
We can use posix caps to set it CAP_NET_RAW instead of set-uid
(same thing for ping6 traceroute6

Reproducible: Always

Comment 1 montjoie 2011-03-22 13:18:20 UTC

Created attachment 266855 [details, diff]
patch to add caps use flag to iputils ebuild

This patch add the support of setting posix caps to ping and traceroute6

(It corrects also some mising || die)

Comment 2 SpanKY gentoo-dev

2011-03-22 14:28:04 UTC

we're not going to quite go that route.  there's already an eclass being proposed on gentoo-dev to handle this.

Comment 3 SpanKY gentoo-dev

2013-01-25 04:22:37 UTC

*** Bug 408927 has been marked as a duplicate of this bug. ***

Comment 4 SpanKY gentoo-dev

2015-04-25 00:00:43 UTC

hmm i implemented this a few years ago in iputils-20121221-r1 which is now stable.  guess i forgot to update this bug.

https://sources.gentoo.org/net-misc/iputils/iputils-20121221-r1.ebuild?revision=1.1&view=markup