diff options
| author | Josh Boyer <jwboyer@fedoraproject.org> | 2014-08-22 13:20:49 -0400 |
|---|---|---|
| committer | Josh Boyer <jwboyer@fedoraproject.org> | 2014-08-22 13:22:21 -0400 |
| commit | 80bc74d4ce9e462bbd7fe79e75679969cfea70af (patch) | |
| tree | b41f057c9953a7fc5312f0be581071c96f210eb7 | |
| parent | cc594c1f096d8245ef2741b409c8f43249ea0c25 (diff) | |
| download | kernel-80bc74d4ce9e462bbd7fe79e75679969cfea70af.tar.gz kernel-80bc74d4ce9e462bbd7fe79e75679969cfea70af.tar.xz kernel-80bc74d4ce9e462bbd7fe79e75679969cfea70af.zip | |
Drop userns revert patch (rhbz 917708)
| -rw-r--r-- | Revert-userns-Allow-unprivileged-users-to-create-use.patch | 46 | ||||
| -rw-r--r-- | kernel.spec | 9 |
2 files changed, 3 insertions, 52 deletions
diff --git a/Revert-userns-Allow-unprivileged-users-to-create-use.patch b/Revert-userns-Allow-unprivileged-users-to-create-use.patch deleted file mode 100644 index 2d899faa2..000000000 --- a/Revert-userns-Allow-unprivileged-users-to-create-use.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 4b8ff4ede68d09f1a262f0a07718d65782422132 Mon Sep 17 00:00:00 2001 -From: Josh Boyer <jwboyer@fedoraproject.org> -Date: Wed, 13 Nov 2013 10:21:18 -0500 -Subject: [PATCH] Revert "userns: Allow unprivileged users to create user - namespaces." - -This reverts commit 5eaf563e53294d6696e651466697eb9d491f3946. - -Bugzilla: 917708 -Upstream-status: Fedora mustard - -Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org> - -Conflicts: - kernel/fork.c ---- - kernel/fork.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/kernel/fork.c b/kernel/fork.c -index 0cf9cdb6e491..31d3a9763887 100644 ---- a/kernel/fork.c -+++ b/kernel/fork.c -@@ -1624,6 +1624,19 @@ long do_fork(unsigned long clone_flags, - long nr; - - /* -+ * Do some preliminary argument and permissions checking before we -+ * actually start allocating stuff -+ */ -+ if (clone_flags & CLONE_NEWUSER) { -+ /* hopefully this check will go away when userns support is -+ * complete -+ */ -+ if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SETUID) || -+ !capable(CAP_SETGID)) -+ return -EPERM; -+ } -+ -+ /* - * Determine whether and which event to report to ptracer. When - * called from kernel_thread or CLONE_UNTRACED is explicitly - * requested, no event is reported; otherwise, report if the event --- -1.9.3 - diff --git a/kernel.spec b/kernel.spec index c49f12ee3..928ea384f 100644 --- a/kernel.spec +++ b/kernel.spec @@ -560,9 +560,6 @@ Patch530: silence-fbcon-logo.patch Patch600: lib-cpumask-Make-CPUMASK_OFFSTACK-usable-without-deb.patch -#rhbz 917708 -Patch700: Revert-userns-Allow-unprivileged-users-to-create-use.patch - Patch800: crash-driver.patch # crypto/ @@ -1311,9 +1308,6 @@ ApplyPatch silence-fbcon-logo.patch # Changes to upstream defaults. -#rhbz 917708 -ApplyPatch Revert-userns-Allow-unprivileged-users-to-create-use.patch - # /dev/crash driver. ApplyPatch crash-driver.patch @@ -2271,6 +2265,9 @@ fi # ||----w | # || || %changelog +* Fri Aug 22 2014 Josh Boyer <jwboyer@fedoraproject.org> +- Drop userns revert patch (rhbz 917708) + * Fri Aug 22 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.17.0-0.rc1.git3.1 - Linux v3.17-rc1-99-g5317821c0853 |