[kernel] r8424 - in dists/etch/linux-2.6/debian: . patches/bugfix/all/vserver patches/series

Dann Frazier dannf at alioth.debian.org
Fri Apr 6 19:24:03 UTC 2007 

Author: dannf
Date: Fri Apr  6 19:24:02 2007
New Revision: 8424

Added:
   dists/etch/linux-2.6/debian/patches/bugfix/all/vserver/net-mount-fix.patch
Modified:
   dists/etch/linux-2.6/debian/changelog
   dists/etch/linux-2.6/debian/patches/series/13-extra
Log:
* bugfix/all/vserver/net-mount-fix.patch
  Fix mounting of network filesystems with VX_BINARY_MOUNT caps
  (closes: #418076)

Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog	(original)
+++ dists/etch/linux-2.6/debian/changelog	Fri Apr  6 19:24:02 2007
@@ -17,8 +17,11 @@
     [SECURITY] Fix a vulnerability that allows local users to read
     otherwise unreadable (but executable) files by triggering a core dump.
     See CVE-2007-0958
+  * bugfix/all/vserver/net-mount-fix.patch
+    Fix mounting of network filesystems with VX_BINARY_MOUNT caps
+    (closes: #418076)
 
- -- dann frazier <dannf at debian.org>  Wed, 04 Apr 2007 01:38:23 -0600
+ -- dann frazier <dannf at debian.org>  Fri, 06 Apr 2007 13:16:08 -0600
 
 linux-2.6 (2.6.18.dfsg.1-12) unstable; urgency=low
 

Added: dists/etch/linux-2.6/debian/patches/bugfix/all/vserver/net-mount-fix.patch
==============================================================================
--- (empty file)
+++ dists/etch/linux-2.6/debian/patches/bugfix/all/vserver/net-mount-fix.patch	Fri Apr  6 19:24:02 2007
@@ -0,0 +1,12 @@
+diff -NurpP --minimal linux-2.6.18.5-vs2.0.2.2-rc9/fs/super.c linux-2.6.18.5-vs2.0.3-rc1/fs/super.c
+--- linux-2.6.18.5-vs2.0.2.2-rc9/fs/super.c	2006-09-20 17:59:47 +0200
++++ linux-2.6.18.5-vs2.0.3-rc1/fs/super.c	2006-12-13 23:06:16 +0100
+@@ -848,7 +848,7 @@ vfs_kern_mount(struct file_system_type *
+ 
+ 	sb = mnt->mnt_sb;
+ 	error = -EPERM;
+-	if (!capable(CAP_SYS_ADMIN) && !sb->s_bdev &&
++	if (!vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT) && !sb->s_bdev &&
+ 		(sb->s_magic != PROC_SUPER_MAGIC) &&
+ 		(sb->s_magic != DEVPTS_SUPER_MAGIC))
+ 		goto out_sb;

Modified: dists/etch/linux-2.6/debian/patches/series/13-extra
==============================================================================
--- dists/etch/linux-2.6/debian/patches/series/13-extra	(original)
+++ dists/etch/linux-2.6/debian/patches/series/13-extra	Fri Apr  6 19:24:02 2007
@@ -1,2 +1,3 @@
 + bugfix/all/vserver/cacct-overflow.patch  *_vserver *_xen-vserver
 + bugfix/all/vserver/locks.patch  *_vserver *_xen-vserver
++ bugfix/all/vserver/net-mount-fix.patch *_vserver *_xen-vserver

More information about the Kernel-svn-changes mailing list