382. [bug] named -u failed on Debian Linux.

CHANGES

+ 382.	[bug]		named -u failed on Debian Linux.
+
  381.	[bug]		Check for IPV6_RECVPKTINFO and use it instead of
 			IPV6_PKTINFO if found. [RT #229]
 

bin/named/unix/os.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: os.c,v 1.29 2000/08/01 01:12:21 tale Exp $ */
+/* $Id: os.c,v 1.30 2000/08/10 00:31:58 bwelling Exp $ */
 
 #include <config.h>
 
@@ -61,7 +61,10 @@ static isc_boolean_t done_setuid = ISC_FALSE;
 
 #ifdef HAVE_LINUX_PRCTL_H
 #include <sys/prctl.h>		/* Required for prctl(). */
+#ifndef PR_SET_KEEPCAPS
+#define PR_SET_KEEPCAPS 8
 #endif
+#endif /* HAVE_LINUX_PRCTL_H */
 
 #ifndef SYS_capset
 #define SYS_capset __NR_capset
@@ -108,14 +111,10 @@ linux_initialprivs(void) {
 	 */
 	caps |= (1 << CAP_SYS_CHROOT);
 
-#if defined(HAVE_LINUX_PRCTL_H) && defined(PR_SET_KEEPCAPS)
+#ifdef HAVE_LINUX_PRCTL_H
 	/*
 	 * If the kernel supports keeping capabilities after setuid(), we
-	 * also want the setuid capability.
-	 *
-	 * There's no point turning this on if we don't have PR_SET_KEEPCAPS,
-	 * because changing user ids only works right with linuxthreads if
-	 * we can do it early (before creating threads).
+	 * also want the setuid capability.  We don't know until we've tried.
 	 */
 	caps |= (1 << CAP_SETUID);
 #endif
@@ -151,7 +150,7 @@ linux_minprivs(void) {
 	linux_setcaps(caps);
 }
 
-#if defined(HAVE_LINUX_PRCTL_H) && defined(PR_SET_KEEPCAPS)
+#ifdef HAVE_LINUX_PRCTL_H
 static void
 linux_keepcaps(void) {
 	/*
@@ -310,7 +309,7 @@ ns_os_changeuser(void) {
 void
 ns_os_minprivs(void) {
 #ifdef HAVE_LINUX_CAPABILITY_H
-#if defined(HAVE_LINUX_PRCTL_H) && defined(PR_SET_KEEPCAPS)
+#ifdef HAVE_LINUX_PRCTL_H
 	linux_keepcaps();
 	ns_os_changeuser();
 #endif