shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-18 06:03:42 +03:00
Code

test-seccomp: check for CAP_IPC_OWNER before calling shmat()

Browse Source 
shmat() requires the CAP_IPC_OWNER capability. When running test-seccomp
in environments with root + CAP_SYS_ADMIN, but not CAP_IPC_OWNER,
memory_deny_write_execute_shmat would fail. This fixes it.

(cherry picked from commit 7e46a5c093e9e0d2e1ec734058e0caf1725ff37e)
(cherry picked from commit d4ca019870e9c31026c75633be12b5893ffa4ecf)
(cherry picked from commit 9a50c7c1499cb84b068552c503b9139c9e3a2e17)
This commit is contained in:
Anita Zhang 2022-05-24 10:51:27 -07:00 committed by Zbigniew Jędrzejewski-Szmek
parent 0041f0d609
commit f0c4650378
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/test/test-seccomp.c
View File

@ -655,7 +655,7 @@ TEST(memory_deny_write_execute_shmat) {
log_notice("Seccomp not available, skipping %s", __func__);
return;
}
if (!have_seccomp_privs()) {
if (!have_seccomp_privs() || have_effective_cap(CAP_IPC_OWNER) <= 0) {
log_notice("Not privileged, skipping %s", __func__);
return;
}