Cross Reference: /external/libcap/progs/quicktest.sh

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
dce069b617cf5e42fde707196eaf2ee8d62bc96c	07-Feb-2016	Andrew G. Morgan <morgan@kernel.org>	Add something to run libcap's quicktest tests against development kernel. The kdebug directory requires qemu to run and expects the kernel to be compiled with the running architecture. My setup has the kernel sources as a peer to the libcap directory so kdebug assumes that too. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
22579a76da810d3cc58cf3e802b29a28082ea5cd	31-Jan-2016	Andrew G. Morgan <morgan@kernel.org>	Sigh. Compiling capsh statically and we get no getpw*() functions. This is, at least, true on my Fedora based system. The chroot tests won't work with a dynamic binary, so stop using --user and use --uid instead. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
12ea42e59cbac9b6c58ac81af577086beda86ead	24-Dec-2013	Andrew G Morgan <morgan@kernel.org>	Stop using ping to test privilege use. It appears that ping has been modified to hard-code non-file-capability acquired privilege use. That is, it requires PR_SET_KEEPCAPS (a legacy supporting secure bit) to function in order for ping to work. As such, we can't rely on it for quicktest.sh. Instead, we use a copy of capsh enhanced with file-caps for our test cases. Thanks to Serge Hallyn @ Ubuntu for figuring out what broke. Signed-off-by: Andrew G Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
af725c50c2930485947bd958dbdf984faf8fc1ba	25-Jul-2011	Andrew G. Morgan <morgan@kernel.org>	Change directory to "/" after --chroot operation. Thanks to Steve Grubb for suggesting this. He wrote: ========= I was reviewing something recently and discovered a problem in capsh. The capsh program has a --chroot command line option. Inspecting the code shows that it does not do a chdir("/") after calling chroot. This means that '.' is outside the chroot. Additional info: http://cwe.mitre.org/data/definitions/243.html ========= Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
85748f41a73ea18241a7291a8d4a29e06377cd79	09-Aug-2010	Andrew G. Morgan <morgan@kernel.org>	Default to installing setcap with an inheritable capability. For my conveneince, default to installing an inheritable file capability on setcap when installed. This requires the process inherit a capability for it to take effect, but that's what pam_cap is for... You can disable this install feature with: make RAISE_SETFCAP=no install Also, clean up Make files and a test, and add more comments. The make files needed a fix (remove -lpam from pam_cap/Makefile) and I've added a number of comments in support of various issues folk have asked me about. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
8525eb6615366f46f9bb753ce7f16b1c4a2adfff	12-Jan-2010	Andrew G. Morgan <morgan@kernel.org>	Clean up of prctl code. Also add linux securebits.h file in case the system headers did not include them. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
319cbc6501a0e78da9e2a2a608e7c4a14123594d	03-Jan-2010	Andrew G. Morgan <morgan@kernel.org>	Add a test for maximal lock-down. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
5df3c2a2822a1fbcbe22834490cfd8d2212e6a5d	27-Aug-2009	Andrew G. Morgan <morgan@kernel.org>	Fix test to actually test setuid-0 scripts don't get capabilities. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
1b5fb7eb0d8737e961ded5ce731d7f10a26da8f1	11-Nov-2008	Andrew G. Morgan <morgan@kernel.org>	Makefile tweaks mostly add rule to build HTML add LIBATTR=no makefile support for not including filesystem support comment cleanup for cap_file.c. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
a0b745aed508179e140df99e94bea5195c23721d	06-Mar-2008	Chris Friedhoff <chris@friedhoff.org>	Added missing rm -f ./ping to quicktest.sh (for early exit) Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
6410f786d68b9812cb69b41ecd78250cef9cfe4f	06-Mar-2008	Andrew G. Morgan <morgan@kernel.org>	Add a test for all= capability setting etc, support. /external/libcap/progs/quicktest.sh
f8e4eeb26683080042d1fd0f9c3c35a95bf487a8	01-Mar-2008	Andrew G. Morgan <morgan@kernel.org>	Rearranged order to support bailing early if no securebits support available Also activated test for 2.6.24 bug (fixed by serge in 2.6.25) /external/libcap/progs/quicktest.sh
b1759d812ce05bf126e49b3f8e57481ba96735c7	22-Feb-2008	Andrew G. Morgan <morgan@kernel.org>	Extend capsh with --caps= --killit= --forkfor= and == support Add these features to capsh, and add two new test cases to quicktest.sh (inspired by wireshark) for keeping an eye on legacy --keep functionality: --caps=xxx set caps as per cap_from_text() --killit=<n> send signal(n) to child --forkfor=<n> fork and make child sleep for <n> sec == re-exec(capsh) with args as for -- Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
e57378c88b6144ff9c06777ff0e0c9d722eeefd3	05-Feb-2008	Andrew G. Morgan <morgan@kernel.org>	We don't need to export _cap_names[] any more. I've added perfect hash generation support for looking up names (if you have gperf installed). Signed-off-by: Andrew G. Morgan <morgan@kernel.org> /external/libcap/progs/quicktest.sh
d3ea8da3c1acaabf5accbec15a29919ed0170598	04-Feb-2008	Andrew G. Morgan <morgan@kernel.org>	Support for prctl based securebits. Add a quick regression/reference test for the various capability manipulations. (Run it as root.) /external/libcap/progs/quicktest.sh