From 1091edede8b8308bccd3f0d356ab77d70cb97559 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 25 Jun 2013 09:03:00 +0200 Subject: capabilities: CAP_CHOWN might be required by many plugins opening UNIX sockets But as the sockets will be created with the user/group of the running process this might not be required as no change may be needed. --- src/libcharon/plugins/load_tester/load_tester_plugin.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/libcharon/plugins/load_tester/load_tester_plugin.c') diff --git a/src/libcharon/plugins/load_tester/load_tester_plugin.c b/src/libcharon/plugins/load_tester/load_tester_plugin.c index 6fee2bf3b..a32a2a435 100644 --- a/src/libcharon/plugins/load_tester/load_tester_plugin.c +++ b/src/libcharon/plugins/load_tester/load_tester_plugin.c @@ -269,6 +269,12 @@ plugin_t *load_tester_plugin_create() return NULL; } + if (!lib->caps->keep(lib->caps, CAP_CHOWN)) + { /* required to chown(2) control socket */ + DBG1(DBG_CFG, "load-tester plugin requires CAP_CHOWN capability"); + return NULL; + } + INIT(this, .public = { .plugin = { -- cgit v1.2.3