summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/ChangeLog7
-rw-r--r--lib/privs.c5
2 files changed, 12 insertions, 0 deletions
diff --git a/lib/ChangeLog b/lib/ChangeLog
index 26a25171..8125451f 100644
--- a/lib/ChangeLog
+++ b/lib/ChangeLog
@@ -1,3 +1,10 @@
+2007-09-18 Paul Jakma <paul.jakma@sun.com>
+
+ * privs.c: definition of ZCAP_NET_ADMIN on Solaris should
+ be PRIV_SYS_IP_CONFIG, when that's available. Thus allowing
+ Quagga to work with in Solaris zones with exclusive IP
+ instances.
+
2007-08-21 Denis Ovsienko
* sockopt.[ch]: (setsockopt_so_sendbuf, getsockopt_so_sendbuf):
diff --git a/lib/privs.c b/lib/privs.c
index f4117e26..69606f57 100644
--- a/lib/privs.c
+++ b/lib/privs.c
@@ -117,7 +117,12 @@ static struct
/* Quagga -> Solaris privilege mappings */
[ZCAP_SETID] = { 1, (pvalue_t []) { PRIV_PROC_SETID }, },
[ZCAP_BIND] = { 1, (pvalue_t []) { PRIV_NET_PRIVADDR }, },
+ /* IP_CONFIG is a subset of NET_CONFIG and is allowed in zones */
+#ifdef PRIV_SYS_IP_CONFIG
+ [ZCAP_NET_ADMIN] = { 1, (pvalue_t []) { PRIV_SYS_IP_CONFIG }, },
+#else
[ZCAP_NET_ADMIN] = { 1, (pvalue_t []) { PRIV_SYS_NET_CONFIG }, },
+#endif
[ZCAP_NET_RAW] = { 2, (pvalue_t []) { PRIV_NET_RAWACCESS,
PRIV_NET_ICMPACCESS }, },
[ZCAP_CHROOT] = { 1, (pvalue_t []) { PRIV_PROC_CHROOT }, },
generated by cgit v1.2.1 (git 2.18.0) at 2025-10-31 17:35:48 +0000