summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Jakma <paul.jakma@sun.com>2007-09-18 18:07:18 +0000
committerPaul Jakma <paul.jakma@sun.com>2007-09-18 18:07:18 +0000
commit6b148faa291f68dd43bba37fbc0e6b75a2e1e078 (patch)
tree7e9f1d21114da9be1587047adef75a373aeae6a8
parente08286bcf8a73d1922b0464bef52c1b27eda7c43 (diff)
[privs/Solaris] Quagga should work in zones with IP instances
2007-09-18 Paul Jakma <paul.jakma@sun.com> * privs.c: definition of ZCAP_NET_ADMIN on Solaris should be PRIV_SYS_IP_CONFIG, when that's available. Thus allowing Quagga to work with in Solaris zones with exclusive IP instances.
-rw-r--r--lib/ChangeLog7
-rw-r--r--lib/privs.c5
2 files changed, 12 insertions, 0 deletions
diff --git a/lib/ChangeLog b/lib/ChangeLog
index 26a25171..8125451f 100644
--- a/lib/ChangeLog
+++ b/lib/ChangeLog
@@ -1,3 +1,10 @@
+2007-09-18 Paul Jakma <paul.jakma@sun.com>
+
+ * privs.c: definition of ZCAP_NET_ADMIN on Solaris should
+ be PRIV_SYS_IP_CONFIG, when that's available. Thus allowing
+ Quagga to work with in Solaris zones with exclusive IP
+ instances.
+
2007-08-21 Denis Ovsienko
* sockopt.[ch]: (setsockopt_so_sendbuf, getsockopt_so_sendbuf):
diff --git a/lib/privs.c b/lib/privs.c
index f4117e26..69606f57 100644
--- a/lib/privs.c
+++ b/lib/privs.c
@@ -117,7 +117,12 @@ static struct
/* Quagga -> Solaris privilege mappings */
[ZCAP_SETID] = { 1, (pvalue_t []) { PRIV_PROC_SETID }, },
[ZCAP_BIND] = { 1, (pvalue_t []) { PRIV_NET_PRIVADDR }, },
+ /* IP_CONFIG is a subset of NET_CONFIG and is allowed in zones */
+#ifdef PRIV_SYS_IP_CONFIG
+ [ZCAP_NET_ADMIN] = { 1, (pvalue_t []) { PRIV_SYS_IP_CONFIG }, },
+#else
[ZCAP_NET_ADMIN] = { 1, (pvalue_t []) { PRIV_SYS_NET_CONFIG }, },
+#endif
[ZCAP_NET_RAW] = { 2, (pvalue_t []) { PRIV_NET_RAWACCESS,
PRIV_NET_ICMPACCESS }, },
[ZCAP_CHROOT] = { 1, (pvalue_t []) { PRIV_PROC_CHROOT }, },