Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 589770 - libnet tests uid instead of posix capabilities
Summary: libnet tests uid instead of posix capabilities
Alias: None
Product: Fedora
Classification: Fedora
Component: libnet
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Robert Scheck
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2010-05-06 20:38 UTC by Steve Grubb
Modified: 2010-07-09 21:22 UTC (History)
3 users (show)

Fixed In Version: 1.1.4-4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-07-09 21:22:22 UTC
Type: ---

Attachments (Terms of Use)
patch attempting to fix the problem (2.82 KB, patch)
2010-05-06 20:43 UTC, Steve Grubb
no flags Details | Diff

Description Steve Grubb 2010-05-06 20:38:10 UTC
Description of problem:
The suricata IDS system wants to change uid while retaining the CAP_NET_RAW capability. Libnet errors out saying that uid 0 is required. Checking for uid 0 is just a simple way of testing for capabilities. It should check the capability rather than uid.

Version-Release number of selected component (if applicable):

Comment 1 Steve Grubb 2010-05-06 20:43:00 UTC
Created attachment 412165 [details]
patch attempting to fix the problem

This patch necessitates adding "BuildRequires: libcap-ng-devel" and putting "autoreconf -fv --install" before configure.

Comment 2 Robert Scheck 2010-05-06 21:02:37 UTC
I've forwarded the patch to upstream. If upstream accepts the patch, I'll
apply it for Fedora.

Comment 3 Robert Scheck 2010-05-09 14:00:41 UTC
Steve, upstream told me: "There's an alternate fix for this on the head, simply 
not checking, and erroring out if we can't open the socket. Can you check that 
works for you?" -> http://github.com/sam-github/libnet 

Is upstream's solution solving the issue for you? And if not, why exactly?

Comment 4 Steve Grubb 2010-05-14 14:47:52 UTC
I did not test the new code, but I reviewed this patch:


It appears to solve the problem. I suppose pushing that into rawhide would be helpful. Thanks.

Comment 5 Robert Scheck 2010-07-09 21:22:22 UTC
Package: libnet-1.1.4-4.fc14 Tag: dist-f14 Status: complete Built by: robert

Note You need to log in before you can comment on or make changes to this bug.