From: Tobias Kaufmann Date: Fri, 31 Jul 2020 08:57:15 +0000 (+0200) Subject: core: fix comments on ambient capabilities X-Git-Tag: v245.8~31 X-Git-Url: http://git-history.diyao.me/?a=commitdiff_plain;h=7ca8684e864f8625d432df8074f7fc0a560f65cd;p=systemd%2F.git core: fix comments on ambient capabilities The comments on the code for ambient capabilities was wrong/outdated. (cherry picked from commit 16fcb1918a0e4514b1d0d78259d4ffd646b5da59) (cherry picked from commit 08338a234e381223416d536867199b2f9a2ed30a) --- diff --git a/src/core/execute.c b/src/core/execute.c index c1df37a097..c7843eb474 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -3770,8 +3770,16 @@ static int exec_child( } } - /* This is done before enforce_user, but ambient set - * does not survive over setresuid() if keep_caps is not set. */ + /* Ambient capabilities are cleared during setresuid() (in enforce_user()) even with + * keep-caps set. + * To be able to raise the ambient capabilities after setresuid() they have to be + * added to the inherited set and keep caps has to be set (done in enforce_user()). + * After setresuid() the ambient capabilities can be raised as they are present in + * the permitted and inhertiable set. However it is possible that someone wants to + * set ambient capabilities without changing the user, so we also set the ambient + * capabilities here. + * The requested ambient capabilities are raised in the inheritable set if the + * second argument is true. */ if (!needs_ambient_hack) { r = capability_ambient_set_apply(context->capability_ambient_set, true); if (r < 0) { @@ -3797,7 +3805,7 @@ static int exec_child( if (!needs_ambient_hack && context->capability_ambient_set != 0) { - /* Fix the ambient capabilities after user change. */ + /* Raise the ambient capabilities after user change. */ r = capability_ambient_set_apply(context->capability_ambient_set, false); if (r < 0) { *exit_status = EXIT_CAPABILITIES;