From 2ba6d8558bde328b804bbc0d5f5e502ce6833647 Mon Sep 17 00:00:00 2001
From: Michal Hlavinka <mhlavink@fedoraproject.org>
Date: Mon, 5 Oct 2009 13:43:31 +0000
Subject: [PATCH] - make capabilities optional - fix capabilities for 3ware
 contollers (#526626)

---
 smartmontools-5.38-lowcap.patch | 126 +++++++++++++++++++++++++++++---
 smartmontools.spec              |   6 +-
 2 files changed, 121 insertions(+), 11 deletions(-)

diff --git a/smartmontools-5.38-lowcap.patch b/smartmontools-5.38-lowcap.patch
index f2aa69f..b15e6fb 100644
--- a/smartmontools-5.38-lowcap.patch
+++ b/smartmontools-5.38-lowcap.patch
@@ -1,6 +1,6 @@
 diff -up smartmontools-5.38/configure.in.lowcap smartmontools-5.38/configure.in
---- smartmontools-5.38/configure.in.lowcap	2009-08-26 17:40:36.942297517 +0200
-+++ smartmontools-5.38/configure.in	2009-08-26 17:40:36.951298527 +0200
+--- smartmontools-5.38/configure.in.lowcap	2009-10-05 15:28:23.770170937 +0200
++++ smartmontools-5.38/configure.in	2009-10-05 15:28:23.777234123 +0200
 @@ -143,6 +143,40 @@ if test "$with_selinux" = "yes"; then
  	AC_DEFINE(WITH_SELINUX, [1], [Define to 1 if SELinux support is enabled])
  fi
@@ -44,7 +44,7 @@ diff -up smartmontools-5.38/configure.in.lowcap smartmontools-5.38/configure.in
      if test "$mandir" = '${prefix}/man'; then
 diff -up smartmontools-5.38/Makefile.am.lowcap smartmontools-5.38/Makefile.am
 --- smartmontools-5.38/Makefile.am.lowcap	2007-04-01 18:49:44.000000000 +0200
-+++ smartmontools-5.38/Makefile.am	2009-08-26 17:40:36.951298527 +0200
++++ smartmontools-5.38/Makefile.am	2009-10-05 15:28:23.781295996 +0200
 @@ -35,7 +35,7 @@ smartd_SOURCES =  smartd.cpp      \
                    utility.cpp     \
                    utility.h
@@ -54,9 +54,25 @@ diff -up smartmontools-5.38/Makefile.am.lowcap smartmontools-5.38/Makefile.am
  smartd_DEPENDENCIES = @os_deps@
  
  EXTRA_smartd_SOURCES = os_darwin.cpp    \
+diff -up smartmontools-5.38/smartd.8.in.lowcap smartmontools-5.38/smartd.8.in
+--- smartmontools-5.38/smartd.8.in.lowcap	2008-03-04 23:09:47.000000000 +0100
++++ smartmontools-5.38/smartd.8.in	2009-10-05 15:32:50.106358362 +0200
+@@ -354,6 +354,12 @@ The default level is 1, so \'\-r ataioct
+ equivalent.
+ 
+ .TP
++.b \-C, \-\-capabilities
++Use possix \fBcapabilities(7)\fP (EXPERIMENTAL).
++
++Warning: Mail notification does not work when used.
++
++.TP
+ .B \-\-service
+ Cygwin and Windows only: Enables \fBsmartd\fP to run as a Windows service.
+ 
 diff -up smartmontools-5.38/smartd.cpp.lowcap smartmontools-5.38/smartd.cpp
---- smartmontools-5.38/smartd.cpp.lowcap	2009-08-26 17:40:36.937297475 +0200
-+++ smartmontools-5.38/smartd.cpp	2009-08-26 17:57:48.558423011 +0200
+--- smartmontools-5.38/smartd.cpp.lowcap	2009-10-05 15:28:23.764170895 +0200
++++ smartmontools-5.38/smartd.cpp	2009-10-05 15:28:23.783301065 +0200
 @@ -74,6 +74,10 @@ extern "C" int __stdcall FreeConsole(voi
  #include <io.h> // setmode()
  #endif // __CYGWIN__
@@ -68,18 +84,108 @@ diff -up smartmontools-5.38/smartd.cpp.lowcap smartmontools-5.38/smartd.cpp
  // locally included files
  #include "int64.h"
  #include "atacmds.h"
-@@ -4408,6 +4412,14 @@ static int smartd_main(int argc, char **
+@@ -179,6 +183,11 @@ static int facility=LOG_DAEMON;
+ static bool do_fork=true;
+ #endif
+ 
++#ifdef HAVE_LIBCAP_NG
++// enable possix capabilities
++static bool enable_capabilities=false;
++#endif
++
+ // used for control of printing, passing arguments to atacmds.c
+ smartmonctrl *con=NULL;
+ 
+@@ -613,6 +622,15 @@ void MailWarning(cfgfile *cfg, int which
+     if  (epoch<(mail->lastsent+days))
+       return;
+   }
++  
++#ifdef HAVE_LIBCAP_NG
++  if (enable_capabilities) {
++    PrintOut(LOG_ERR,"Sending a mail was supressed. "
++		     "Mails can't be send when capabilites are enabled\n");
++    return;
++  }
++
++#endif
+ 
+   // record the time of this mail message, and the first mail message
+   if (!mail->logged)
+@@ -1239,6 +1257,11 @@ void Usage (void){
+   PrintOut(LOG_INFO,"        Quit on one of: %s\n\n", GetValidArgList('q'));
+   PrintOut(LOG_INFO,"  -r, --report=TYPE\n");
+   PrintOut(LOG_INFO,"        Report transactions for one of: %s\n\n", GetValidArgList('r'));
++#ifdef HAVE_LIBCAP_NG
++  PrintOut(LOG_INFO,"  -C, --usecapabilities\n");
++  PrintOut(LOG_INFO,"        Use possix capabilities (EXPERIMENTAL).\n"
++		    "        Warning: Mail notification does not work when used.\n");
++#endif
+ #ifdef _WIN32
+   PrintOut(LOG_INFO,"  --service\n");
+   PrintOut(LOG_INFO,"        Running as windows service (see man page), install with:\n");
+@@ -1260,6 +1283,9 @@ void Usage (void){
+   PrintOut(LOG_INFO,"  -p NAME    Write PID file NAME\n");
+   PrintOut(LOG_INFO,"  -q WHEN    Quit on one of: %s\n", GetValidArgList('q'));
+   PrintOut(LOG_INFO,"  -r TYPE    Report transactions for one of: %s\n", GetValidArgList('r'));
++#ifdef HAVE_LIBCAP_NG
++  PrintOut(LOG_INFO,"  -C         Use possix capabilities (EXPERIMENTAL)\n");
++#endif
+   PrintOut(LOG_INFO,"  -V         Print License, Copyright, and version information\n");
+ #endif
+ }
+@@ -3890,6 +3916,7 @@ void ParseOpts(int argc, char **argv){
+     { "copyright",      no_argument,       0, 'V' },
+     { "help",           no_argument,       0, 'h' },
+     { "usage",          no_argument,       0, 'h' },
++    { "usecapabilities",no_argument,       0, 'C' },
+     { 0,                0,                 0, 0   }
+   };
+ #endif
+@@ -4030,6 +4057,12 @@ void ParseOpts(int argc, char **argv){
+       PrintCopyleft();
+       EXIT(0);
+       break;
++#ifdef HAVE_LIBCAP_NG
++    case 'C':
++      //enable possix capabilities
++      enable_capabilities=1;
++      break;
++#endif
+     case 'h':
+       // help: print summary of command-line options
+       debugmode=1;
+@@ -4408,6 +4441,16 @@ static int smartd_main(int argc, char **
    
    // don't exit on bad checksums
    con->checksumfail=0;
 +
 +#ifdef HAVE_LIBCAP_NG
 +  // Drop capabilities
-+  capng_clear(CAPNG_SELECT_BOTH);
-+  capng_updatev(CAPNG_ADD, (capng_type_t)(CAPNG_EFFECTIVE|CAPNG_PERMITTED),
-+               CAP_SYS_ADMIN, CAP_SYS_RAWIO, -1);
-+  capng_apply(CAPNG_SELECT_BOTH);
++  if (enable_capabilities) {
++    capng_clear(CAPNG_SELECT_BOTH);
++    capng_updatev(CAPNG_ADD, (capng_type_t)(CAPNG_EFFECTIVE|CAPNG_PERMITTED),
++                CAP_SYS_ADMIN, CAP_MKNOD, CAP_SYS_RAWIO, -1);
++    capng_apply(CAPNG_SELECT_BOTH);
++  }
 +#endif
    
    // the main loop of the code
    while (1){
+@@ -4482,7 +4525,15 @@ static int smartd_main(int argc, char **
+         PrintTestSchedule(ATAandSCSIdevlist);
+         EXIT(0);
+       }
+-      
++#ifdef HAVE_LIBCAP_NG
++      for(int i=numdevata+numdevscsi; i>1; i--) {
++	  if (ATAandSCSIdevlist[i-1]->mailwarn) {
++	      PrintOut(LOG_WARNING,"Mail can't be enabled together with --usecapabilities. All mail will be suppressed.\n");
++	      break;
++	  }
++      }
++	
++#endif
+       // reset signal
+       caughtsigHUP=0;
+     }
diff --git a/smartmontools.spec b/smartmontools.spec
index 9b3d7e6..3a65c6c 100644
--- a/smartmontools.spec
+++ b/smartmontools.spec
@@ -1,7 +1,7 @@
 Summary:	Tools for monitoring SMART capable hard disks
 Name:		smartmontools
 Version:	5.38
-Release: 	16%{?dist}
+Release: 	17%{?dist}
 Epoch:		1
 Group:		System Environment/Base
 License:	GPLv2+
@@ -79,6 +79,10 @@ fi
 %config(noreplace) %{_sysconfdir}/sysconfig/smartmontools
 
 %changelog
+* Mon Oct 05 2009 Michal Hlaivnka <mhlavink@redhat.com> - 1:5.38-17
+- make capabilities optional
+- fix capabilities for 3ware contollers (#526626)
+
 * Wed Aug 26 2009 Michal Hlavinka <mhlavink@redhat.com> - 1:5.38-16
 - extend capability scanning devices