Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 364487 - Posix file-based capabilities support - Function for setting caps
Summary: Posix file-based capabilities support - Function for setting caps
Status: CONFIRMED
Alias: None
Product: Gentoo Hosted Projects
Classification: Unclassified
Component: PMS/EAPI (show other bugs)
Hardware: All Linux
: Normal enhancement with 1 vote (vote)
Assignee: PMS/EAPI
URL: http://archives.gentoo.org/gentoo-dev...
Whiteboard:
Keywords:
Depends on:
Blocks: future-eapi
  Show dependency tree
 
Reported: 2011-04-22 14:46 UTC by Constanze Hausner (RETIRED)
Modified: 2021-05-16 05:27 UTC (History)
5 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Constanze Hausner (RETIRED) gentoo-dev 2011-04-22 14:46:25 UTC
As stated in the linked mailinglist post:
For supporting filebased-caps, we need all PMS to provide a function
which: 
- gets the final path and the caps to set, tries to set them and then
removes the suid-bit, if successful
- returns 0 or 1, indicating success or failure

If the user's setting doesn't allow caps, then the function is not
available.

Additionally we could also pass the fallback-filemode to the PMS, so it
could do the suid-setting itself, but this would be optional.


Reproducible: Always
Comment 1 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2018-03-15 19:08:24 UTC
I agree we should do this. I think it wouldn't be *that hard* to implement but it might be too late to include it in EAPI 7.

One thing worth noting is that we may need to account for two separate problems:

a. filesystem used for build not supporting capabilities,

b. filesystem used for merge not supporting capabilities.

One does not imply the other. In other words, the function might succeed when building package but the capabilities would be lost on install. The opposite is also possible -- not being able to set caps while building but being able to set it post-install.

All that considered, I think it is important to have well-defined fallback here. In particular, the PM *must* be able to deal with missing capabilities after build with capabilities succeeded (and when using binpkg built with caps). For extra points, being able to 'remember' capabilities when filesystem can't store them during build would also be useful.

I'm not sure if 'mode' is the only thing fallback needs to be concerned about. In some cases ownership may also be relevant. We should research existing uses of fcaps.eclass for this, I guess.
Comment 2 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2018-03-15 19:09:31 UTC
(CC-ing fcaps.eclass maintainers)