- make capabilities optional

- fix capabilities for 3ware contollers (#526626)
2009-10-05 13:43:31 +00:00 · 2009-10-05 13:43:31 +00:00 · 2ba6d8558b
commit 2ba6d8558b
parent 5501583b47
2 changed files with 121 additions and 11 deletions
--- a/smartmontools-5.38-lowcap.patch
+++ b/smartmontools-5.38-lowcap.patch
@ -1,6 +1,6 @@
 diff -up smartmontools-5.38/configure.in.lowcap smartmontools-5.38/configure.in
--- smartmontools-5.38/configure.in.lowcap	2009-08-26 17:40:36.942297517 +0200
-+++ smartmontools-5.38/configure.in	2009-08-26 17:40:36.951298527 +0200
+--- smartmontools-5.38/configure.in.lowcap	2009-10-05 15:28:23.770170937 +0200
+++ smartmontools-5.38/configure.in	2009-10-05 15:28:23.777234123 +0200
@@ -143,6 +143,40 @@ if test "$with_selinux" = "yes"; then
 	AC_DEFINE(WITH_SELINUX, [1], [Define to 1 if SELinux support is enabled])
 fi
@ -44,7 +44,7 @@ diff -up smartmontools-5.38/configure.in.lowcap smartmontools-5.38/configure.in
     if test "$mandir" = '${prefix}/man'; then
 diff -up smartmontools-5.38/Makefile.am.lowcap smartmontools-5.38/Makefile.am
 --- smartmontools-5.38/Makefile.am.lowcap	2007-04-01 18:49:44.000000000 +0200
-+++ smartmontools-5.38/Makefile.am	2009-08-26 17:40:36.951298527 +0200
+++ smartmontools-5.38/Makefile.am	2009-10-05 15:28:23.781295996 +0200
@@ -35,7 +35,7 @@ smartd_SOURCES =  smartd.cpp      \
                   utility.cpp     \
                   utility.h
@ -54,9 +54,25 @@ diff -up smartmontools-5.38/Makefile.am.lowcap smartmontools-5.38/Makefile.am
 smartd_DEPENDENCIES = @os_deps@
 
 EXTRA_smartd_SOURCES = os_darwin.cpp    \
+diff -up smartmontools-5.38/smartd.8.in.lowcap smartmontools-5.38/smartd.8.in
+--- smartmontools-5.38/smartd.8.in.lowcap	2008-03-04 23:09:47.000000000 +0100
+++ smartmontools-5.38/smartd.8.in	2009-10-05 15:32:50.106358362 +0200
+@@ -354,6 +354,12 @@ The default level is 1, so \'\-r ataioct
+ equivalent.
+ 
+ .TP
+.b \-C, \-\-capabilities
+Use possix \fBcapabilities(7)\fP (EXPERIMENTAL).
+
+Warning: Mail notification does not work when used.
+
+.TP
+ .B \-\-service
+ Cygwin and Windows only: Enables \fBsmartd\fP to run as a Windows service.
+ 
 diff -up smartmontools-5.38/smartd.cpp.lowcap smartmontools-5.38/smartd.cpp
--- smartmontools-5.38/smartd.cpp.lowcap	2009-08-26 17:40:36.937297475 +0200
-+++ smartmontools-5.38/smartd.cpp	2009-08-26 17:57:48.558423011 +0200
+--- smartmontools-5.38/smartd.cpp.lowcap	2009-10-05 15:28:23.764170895 +0200
+++ smartmontools-5.38/smartd.cpp	2009-10-05 15:28:23.783301065 +0200
@@ -74,6 +74,10 @@ extern "C" int __stdcall FreeConsole(voi
 #include <io.h> // setmode()
 #endif // __CYGWIN__
@ -68,18 +84,108 @@ diff -up smartmontools-5.38/smartd.cpp.lowcap smartmontools-5.38/smartd.cpp
 // locally included files
 #include "int64.h"
 #include "atacmds.h"
-@@ -4408,6 +4412,14 @@ static int smartd_main(int argc, char **
+@@ -179,6 +183,11 @@ static int facility=LOG_DAEMON;
+ static bool do_fork=true;
+ #endif
+ 
+#ifdef HAVE_LIBCAP_NG
+// enable possix capabilities
+static bool enable_capabilities=false;
+#endif
+
+ // used for control of printing, passing arguments to atacmds.c
+ smartmonctrl *con=NULL;
+ 
+@@ -613,6 +622,15 @@ void MailWarning(cfgfile *cfg, int which
+     if  (epoch<(mail->lastsent+days))
+       return;
+   }
+  
+#ifdef HAVE_LIBCAP_NG
+  if (enable_capabilities) {
+    PrintOut(LOG_ERR,"Sending a mail was supressed. "
+		     "Mails can't be send when capabilites are enabled\n");
+    return;
+  }
+
+#endif
+ 
+   // record the time of this mail message, and the first mail message
+   if (!mail->logged)
+@@ -1239,6 +1257,11 @@ void Usage (void){
+   PrintOut(LOG_INFO,"        Quit on one of: %s\n\n", GetValidArgList('q'));
+   PrintOut(LOG_INFO,"  -r, --report=TYPE\n");
+   PrintOut(LOG_INFO,"        Report transactions for one of: %s\n\n", GetValidArgList('r'));
+#ifdef HAVE_LIBCAP_NG
+  PrintOut(LOG_INFO,"  -C, --usecapabilities\n");
+  PrintOut(LOG_INFO,"        Use possix capabilities (EXPERIMENTAL).\n"
+		    "        Warning: Mail notification does not work when used.\n");
+#endif
+ #ifdef _WIN32
+   PrintOut(LOG_INFO,"  --service\n");
+   PrintOut(LOG_INFO,"        Running as windows service (see man page), install with:\n");
+@@ -1260,6 +1283,9 @@ void Usage (void){
+   PrintOut(LOG_INFO,"  -p NAME    Write PID file NAME\n");
+   PrintOut(LOG_INFO,"  -q WHEN    Quit on one of: %s\n", GetValidArgList('q'));
+   PrintOut(LOG_INFO,"  -r TYPE    Report transactions for one of: %s\n", GetValidArgList('r'));
+#ifdef HAVE_LIBCAP_NG
+  PrintOut(LOG_INFO,"  -C         Use possix capabilities (EXPERIMENTAL)\n");
+#endif
+   PrintOut(LOG_INFO,"  -V         Print License, Copyright, and version information\n");
+ #endif
+ }
+@@ -3890,6 +3916,7 @@ void ParseOpts(int argc, char **argv){
+     { "copyright",      no_argument,       0, 'V' },
+     { "help",           no_argument,       0, 'h' },
+     { "usage",          no_argument,       0, 'h' },
+    { "usecapabilities",no_argument,       0, 'C' },
+     { 0,                0,                 0, 0   }
+   };
+ #endif
+@@ -4030,6 +4057,12 @@ void ParseOpts(int argc, char **argv){
+       PrintCopyleft();
+       EXIT(0);
+       break;
+#ifdef HAVE_LIBCAP_NG
+    case 'C':
+      //enable possix capabilities
+      enable_capabilities=1;
+      break;
+#endif
+     case 'h':
+       // help: print summary of command-line options
+       debugmode=1;
+@@ -4408,6 +4441,16 @@ static int smartd_main(int argc, char **
   
   // don't exit on bad checksums
   con->checksumfail=0;
 +
 +#ifdef HAVE_LIBCAP_NG
 +  // Drop capabilities
-+  capng_clear(CAPNG_SELECT_BOTH);
-+  capng_updatev(CAPNG_ADD, (capng_type_t)(CAPNG_EFFECTIVE|CAPNG_PERMITTED),
-+               CAP_SYS_ADMIN, CAP_SYS_RAWIO, -1);
-+  capng_apply(CAPNG_SELECT_BOTH);
+  if (enable_capabilities) {
+    capng_clear(CAPNG_SELECT_BOTH);
+    capng_updatev(CAPNG_ADD, (capng_type_t)(CAPNG_EFFECTIVE|CAPNG_PERMITTED),
+                CAP_SYS_ADMIN, CAP_MKNOD, CAP_SYS_RAWIO, -1);
+    capng_apply(CAPNG_SELECT_BOTH);
+  }
 +#endif
   
   // the main loop of the code
   while (1){
+@@ -4482,7 +4525,15 @@ static int smartd_main(int argc, char **
+         PrintTestSchedule(ATAandSCSIdevlist);
+         EXIT(0);
+       }
+-      
+#ifdef HAVE_LIBCAP_NG
+      for(int i=numdevata+numdevscsi; i>1; i--) {
+	  if (ATAandSCSIdevlist[i-1]->mailwarn) {
+	      PrintOut(LOG_WARNING,"Mail can't be enabled together with --usecapabilities. All mail will be suppressed.\n");
+	      break;
+	  }
+      }
+	
+#endif
+       // reset signal
+       caughtsigHUP=0;
+     }
--- a/smartmontools.spec
+++ b/smartmontools.spec
@ -1,7 +1,7 @@
 Summary:	Tools for monitoring SMART capable hard disks
 Name:		smartmontools
 Version:	5.38
-Release: 	16%{?dist}
+Release: 	17%{?dist}
 Epoch:		1
 Group:		System Environment/Base
 License:	GPLv2+
@ -79,6 +79,10 @@ fi
 %config(noreplace) %{_sysconfdir}/sysconfig/smartmontools

 %changelog
+* Mon Oct 05 2009 Michal Hlaivnka <mhlavink@redhat.com> - 1:5.38-17
+- make capabilities optional
+- fix capabilities for 3ware contollers (#526626)
+
 * Wed Aug 26 2009 Michal Hlavinka <mhlavink@redhat.com> - 1:5.38-16
 - extend capability scanning devices