Bug 463296
| Summary: | [LTC 6.0 FEAT] 201317:File Capabilities - Userspace | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | IBM Bug Proxy <bugproxy> |
| Component: | distribution | Assignee: | Scott Haines <shaines> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Ben Levenson <benl> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 6.0 | CC: | atodorov, borgan, ejratl, mharris, notting, pmatilai, sgrubb, snagar, syeghiay |
| Target Milestone: | beta | Keywords: | FutureFeature |
| Target Release: | 6.0 | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | libcap-2.16-5.el6 | Doc Type: | Enhancement |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-11-10 20:13:06 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 463297 | ||
| Bug Blocks: | 356741, 554559 | ||
|
Description
IBM Bug Proxy
2008-09-22 20:40:36 UTC
This version of libcap is already in Fedora 10, so this should not be an issue. Note that further integration and actually using fs capabilities in shipped packages is unfinished work. Please note that more than just libcap-2 is needed. We need rpm to support capabilities so that it can be decided in the spec file what they should be. We also need user space tools updated to consider files with security extended attributes to be privileged. We have a tracker bug #449984 that we have been working over the last few months. There is a lot of resistance from the community for this feature as noted in bug #455713 where we tried to get setuid removed from ping. For the record, support for capabilities was recently added to rpm upstream. It's not in any released version yet but that can be expected to change in time for RHEL 6. As noted in comment #5, userspace file capabilties support is enabled in F10. Fixed in 'libcap-2.16-5.el6', included in compose 'RHEL6.0-20091106.0'. Moving to ON_QA. ------- Comment From sergeh.com 2010-05-20 09:12 EDT------- After 'yum install libcap-devel', the ltp filecaps testcase compile, runs, and passes. [root@ibm-x3950m2-02 6]# pwd /mnt/redhat/rel-eng/RHEL6.0-20100818.0/6 [root@ibm-x3950m2-02 6]# find -name "libcap-2*" ./WebServer/x86_64/os/Packages/libcap-2.16-5.2.el6.i686.rpm ./WebServer/x86_64/os/Packages/libcap-2.16-5.2.el6.x86_64.rpm ./WebServer/source/SRPMS/libcap-2.16-5.2.el6.src.rpm ./Server/i386/os/Packages/libcap-2.16-5.2.el6.i686.rpm ./Server/source/SRPMS/libcap-2.16-5.2.el6.src.rpm ./Server/s390x/os/Packages/libcap-2.16-5.2.el6.s390.rpm ./Server/s390x/os/Packages/libcap-2.16-5.2.el6.s390x.rpm ./Server/ppc64/os/Packages/libcap-2.16-5.2.el6.ppc.rpm ./Server/ppc64/os/Packages/libcap-2.16-5.2.el6.ppc64.rpm ./Server/x86_64/os/Packages/libcap-2.16-5.2.el6.x86_64.rpm ./Server/x86_64/os/Packages/libcap-2.16-5.2.el6.i686.rpm ./Client/i386/os/Packages/libcap-2.16-5.2.el6.i686.rpm ./Client/source/SRPMS/libcap-2.16-5.2.el6.src.rpm ./Client/x86_64/os/Packages/libcap-2.16-5.2.el6.x86_64.rpm ./Client/x86_64/os/Packages/libcap-2.16-5.2.el6.i686.rpm ./ComputeNode/x86_64/os/Packages/libcap-2.16-5.2.el6.i686.rpm ./ComputeNode/x86_64/os/Packages/libcap-2.16-5.2.el6.x86_64.rpm ./ComputeNode/source/SRPMS/libcap-2.16-5.2.el6.src.rpm ./Workstation/i386/os/Packages/libcap-2.16-5.2.el6.i686.rpm ./Workstation/source/SRPMS/libcap-2.16-5.2.el6.src.rpm ./Workstation/x86_64/os/Packages/libcap-2.16-5.2.el6.x86_64.rpm ./Workstation/x86_64/os/Packages/libcap-2.16-5.2.el6.i686.rpm ./source/SRPMS/libcap-2.16-5.2.el6.src.rpm see also comment #7 Red Hat Enterprise Linux 6.0 is now available and should resolve the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you. |