Include linux/capability.h instead of sys/capability.h
Some distros put sys/capability.h into libcap-dev or similiar, which is a bit unforunate, we don't need libcap-dev or anything like that. Since we anyway only used the capget()/capset(), we can just define a simple wrapper and call the syscall directly and therefore avoid above mentioned issue.
这个提交包含在:
父节点
0be081c55d
当前提交
631980b775
6
exile.h
6
exile.h
@ -43,11 +43,15 @@
|
||||
#include <linux/seccomp.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/audit.h>
|
||||
#include <sys/capability.h>
|
||||
#include <linux/capability.h>
|
||||
#include <stddef.h>
|
||||
#include <inttypes.h>
|
||||
#include <asm/unistd.h>
|
||||
|
||||
#define capget(hdrp,datap) syscall(__NR_capget,hdrp,datap)
|
||||
#define capset(hdrp,datap) syscall(__NR_capset,hdrp,datap)
|
||||
|
||||
|
||||
#ifndef HAVE_LANDLOCK
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,13,0)
|
||||
/* TODO: Hopefully a fair assumption. But we need to runtime checks */
|
||||
|
正在加载...
在新工单中引用
屏蔽一个用户