Drop userns revert patch (rhbz 917708)

This commit is contained in:
Josh Boyer 2014-08-22 13:20:49 -04:00
parent cc594c1f09
commit 80bc74d4ce
2 changed files with 3 additions and 52 deletions

View File

@ -1,46 +0,0 @@
From 4b8ff4ede68d09f1a262f0a07718d65782422132 Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer@fedoraproject.org>
Date: Wed, 13 Nov 2013 10:21:18 -0500
Subject: [PATCH] Revert "userns: Allow unprivileged users to create user
namespaces."
This reverts commit 5eaf563e53294d6696e651466697eb9d491f3946.
Bugzilla: 917708
Upstream-status: Fedora mustard
Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
Conflicts:
kernel/fork.c
---
kernel/fork.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/kernel/fork.c b/kernel/fork.c
index 0cf9cdb6e491..31d3a9763887 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1624,6 +1624,19 @@ long do_fork(unsigned long clone_flags,
long nr;
/*
+ * Do some preliminary argument and permissions checking before we
+ * actually start allocating stuff
+ */
+ if (clone_flags & CLONE_NEWUSER) {
+ /* hopefully this check will go away when userns support is
+ * complete
+ */
+ if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SETUID) ||
+ !capable(CAP_SETGID))
+ return -EPERM;
+ }
+
+ /*
* Determine whether and which event to report to ptracer. When
* called from kernel_thread or CLONE_UNTRACED is explicitly
* requested, no event is reported; otherwise, report if the event
--
1.9.3

View File

@ -560,9 +560,6 @@ Patch530: silence-fbcon-logo.patch
Patch600: lib-cpumask-Make-CPUMASK_OFFSTACK-usable-without-deb.patch Patch600: lib-cpumask-Make-CPUMASK_OFFSTACK-usable-without-deb.patch
#rhbz 917708
Patch700: Revert-userns-Allow-unprivileged-users-to-create-use.patch
Patch800: crash-driver.patch Patch800: crash-driver.patch
# crypto/ # crypto/
@ -1311,9 +1308,6 @@ ApplyPatch silence-fbcon-logo.patch
# Changes to upstream defaults. # Changes to upstream defaults.
#rhbz 917708
ApplyPatch Revert-userns-Allow-unprivileged-users-to-create-use.patch
# /dev/crash driver. # /dev/crash driver.
ApplyPatch crash-driver.patch ApplyPatch crash-driver.patch
@ -2271,6 +2265,9 @@ fi
# ||----w | # ||----w |
# || || # || ||
%changelog %changelog
* Fri Aug 22 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Drop userns revert patch (rhbz 917708)
* Fri Aug 22 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.17.0-0.rc1.git3.1 * Fri Aug 22 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.17.0-0.rc1.git3.1
- Linux v3.17-rc1-99-g5317821c0853 - Linux v3.17-rc1-99-g5317821c0853