diff options
author | Petr Vorel <petr.vorel@gmail.com> | 2019-07-14 07:18:37 +0200 |
---|---|---|
committer | Petr Vorel <petr.vorel@gmail.com> | 2019-07-16 07:33:51 +0200 |
commit | 054670aa4748d598e4dae18e5e23254baa7c9944 (patch) | |
tree | d272897d1d8f8ae14dc97a93b634417eec032c68 | |
parent | aed8db0345479db50e2530f1d41ef8c9bc275541 (diff) | |
download | iputils-054670aa4748d598e4dae18e5e23254baa7c9944.tar.gz |
meson: Allow to set using setcap-setuid.sh per app
by adding new variables SETCAP_OR_SUID_{ARPING,CLOCKDIFF,PING,TRACEROUTE6}.
All but SETCAP_OR_SUID_ARPING are enabled by default (arping is disabled
due ARP Poisoning).
Old variable NO_SETCAP_OR_SUID is still kept as a global switch off.
Therefore compatibility with previous settings is kept.
Variables are used as a condition to run setcap-setuid.sh, thus
removing none parameter (added by d45a8c8 #175) which is not needed now.
Fixes: #204
Tested-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
-rwxr-xr-x | build-aux/setcap-setuid.sh | 4 | ||||
-rw-r--r-- | meson.build | 61 | ||||
-rw-r--r-- | meson_options.txt | 14 |
3 files changed, 46 insertions, 33 deletions
diff --git a/build-aux/setcap-setuid.sh b/build-aux/setcap-setuid.sh index 7514307..5ad514a 100755 --- a/build-aux/setcap-setuid.sh +++ b/build-aux/setcap-setuid.sh @@ -14,10 +14,6 @@ _log() { } case "$perm_type" in - none) - # Gentoo needs build system to back off. - # https://github.com/iputils/iputils/issues/175 - ;; caps) params="cap_net_raw+p" _log "calling: $setcap $params $exec_path" diff --git a/meson.build b/meson.build index 50df973..1ac0783 100644 --- a/meson.build +++ b/meson.build @@ -226,10 +226,7 @@ config_h = configure_file( configuration : conf) setcap = find_program('setcap', '/usr/sbin/setcap', '/sbin/setcap', required : false) -if get_option('NO_SETCAP_OR_SUID') - perm_type = 'none' - setcap_path = '/dev/null' -elif cap_dep.found() and setcap.found() +if cap_dep.found() and setcap.found() perm_type = 'caps' setcap_path = setcap.path() else @@ -249,12 +246,14 @@ if build_ping == true dependencies : [m_dep, cap_dep, idn_dep, intl_dep, crypto_dep, resolv_dep], link_with : [libcommon], install: true) - meson.add_install_script('build-aux/setcap-setuid.sh', - join_paths(get_option('prefix'), get_option('bindir')), - 'ping', - perm_type, - setcap_path - ) + if (get_option('SETCAP_OR_SUID_PING') and not get_option('NO_SETCAP_OR_SUID')) + meson.add_install_script('build-aux/setcap-setuid.sh', + join_paths(get_option('prefix'), get_option('bindir')), + 'ping', + perm_type, + setcap_path + ) + endif endif if build_tracepath == true @@ -269,12 +268,14 @@ if build_traceroute6 == true dependencies : [cap_dep, intl_dep, idn_dep], link_with : [libcommon], install: true) - meson.add_install_script('build-aux/setcap-setuid.sh', - join_paths(get_option('prefix'), get_option('bindir')), - 'traceroute6', - perm_type, - setcap_path - ) + if (get_option('SETCAP_OR_SUID_TRACEROUTE6') and not get_option('NO_SETCAP_OR_SUID')) + meson.add_install_script('build-aux/setcap-setuid.sh', + join_paths(get_option('prefix'), get_option('bindir')), + 'traceroute6', + perm_type, + setcap_path + ) + endif endif if build_clockdiff == true @@ -282,12 +283,14 @@ if build_clockdiff == true dependencies : [cap_dep, intl_dep], link_with : [libcommon], install: true) - meson.add_install_script('build-aux/setcap-setuid.sh', - join_paths(get_option('prefix'), get_option('bindir')), - 'clockdiff', - perm_type, - setcap_path - ) + if (get_option('SETCAP_OR_SUID_CLOCKDIFF') and not get_option('NO_SETCAP_OR_SUID')) + meson.add_install_script('build-aux/setcap-setuid.sh', + join_paths(get_option('prefix'), get_option('bindir')), + 'clockdiff', + perm_type, + setcap_path + ) + endif endif if build_rinfod == true @@ -312,12 +315,14 @@ if build_arping == true dependencies : [rt_dep, cap_dep, idn_dep, intl_dep], link_with : [libcommon], install: true) - meson.add_install_script('build-aux/setcap-setuid.sh', - join_paths(get_option('prefix'), get_option('bindir')), - 'arping', - perm_type, - setcap_path - ) + if (get_option('SETCAP_OR_SUID_ARPING') and not get_option('NO_SETCAP_OR_SUID')) + meson.add_install_script('build-aux/setcap-setuid.sh', + join_paths(get_option('prefix'), get_option('bindir')), + 'arping', + perm_type, + setcap_path + ) + endif endif if build_tftpd == true diff --git a/meson_options.txt b/meson_options.txt index 4b32418..ba1a669 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -48,7 +48,19 @@ option('BUILD_HTML_MANS', type : 'boolean', value : false, description : 'Build html manuals') option('NO_SETCAP_OR_SUID', type : 'boolean', value : false, - description : 'Allow disabling build-aux/setcap-setuid.sh') + description : 'Disable setting setcap or setuid with build-aux/setcap-setuid.sh') + +option('SETCAP_OR_SUID_ARPING', type : 'boolean', value : false, + description : 'Set setcap or setuid on arping with build-aux/setcap-setuid.sh') + +option('SETCAP_OR_SUID_CLOCKDIFF', type : 'boolean', value : true, + description : 'Set setcap or setuid on clockdiff with build-aux/setcap-setuid.sh') + +option('SETCAP_OR_SUID_PING', type : 'boolean', value : true, + description : 'Set setcap or setuid on ping with build-aux/setcap-setuid.sh') + +option('SETCAP_OR_SUID_TRACEROUTE6', type : 'boolean', value : true, + description : 'Set setcap or setuid on traceroute6 with build-aux/setcap-setuid.sh') option('ARPING_DEFAULT_DEVICE', type : 'string', value : '', description : 'Default device for arping') |