Well, this fixes it. But this is not a solution, rather a workaround,
I guess the whole thing is to allow using drbd with selinux/lids enabled,
while removal still does not.. Not, #ifdef that KERNEL_HAS_CN_SKB_PARMS
was in drbd_nl.c - I tried simply adding the same ifdef in connector.c,
but it did not help, so I decided to comment the whole thing.
Regards,
Piotr Wadas <pwa...@dtpw.pl>
left:~/DRBDSRC/834# diff -uNr modules.before modules.after
diff -uNr modules.before/drbd8/drbd/connector.c
modules.after/drbd8/drbd/connector.c
--- modules.before/drbd8/drbd/connector.c 2009-10-06 13:32:41.000000000
+0200
+++ modules.after/drbd8/drbd/connector.c 2009-10-18 16:58:42.000000000
+0200
@@ -211,8 +211,6 @@
msg = NLMSG_DATA(nlh);
/* DRBD specific change: Only allow packets from ROOT */
- if (!capable(CAP_SYS_ADMIN))
- return -EPERM;
return cn_call_callback(msg, (void (*)(void *))kfree_skb, skb);
}
diff -uNr modules.before/drbd8/drbd/drbd_nl.c
modules.after/drbd8/drbd/drbd_nl.c
--- modules.before/drbd8/drbd/drbd_nl.c 2009-10-05 14:52:03.000000000 +0200
+++ modules.after/drbd8/drbd/drbd_nl.c 2009-10-18 16:58:59.000000000 +0200
@@ -2063,13 +2063,6 @@
return;
}
-#ifdef KERNEL_HAS_CN_SKB_PARMS
- if (!cap_raised(nsp->eff_cap, CAP_SYS_ADMIN)) {
- retcode = ERR_PERM;
- goto fail;
- }
-#endif
-
mdev = ensure_mdev(nlp);
if (!mdev) {
retcode = ERR_MINOR_INVALID;
left:~/DRBDSRC/834#
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
