diff options
| author | Michael Zeller <mike@mikezeller.net> | 2021-06-16 12:30:44 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-06-16 12:30:44 -0400 |
| commit | 43e443cf314f0181bdd958df4333caa1aee086c8 (patch) | |
| tree | 93755b82f824cd0539ce32e9d20c051dbf83689e | |
| parent | 8e22e6a144951e89f25db37f754117a8404d5b97 (diff) | |
| download | illumos-joyent-release-20210617.tar.gz | |
OS-8180 lx want support for NoNewPrivs (#317)release-20210617
Reviewed by: Andy Fiddaman <andy@omnios.org>
Approved by: Dan McDonald <danmcd@joyent.com>
| -rw-r--r-- | usr/src/uts/common/brand/lx/syscall/lx_prctl.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/usr/src/uts/common/brand/lx/syscall/lx_prctl.c b/usr/src/uts/common/brand/lx/syscall/lx_prctl.c index a8b3c3422c..24058adf89 100644 --- a/usr/src/uts/common/brand/lx/syscall/lx_prctl.c +++ b/usr/src/uts/common/brand/lx/syscall/lx_prctl.c @@ -278,6 +278,16 @@ lx_prctl(int opt, uintptr_t data) return (0); } + case LX_PR_SET_NO_NEW_PRIVS: { + /* + * On recent versions of Linux more services are starting to set + * NoNewPrivs=yes in their systemd unit file. Since we currently + * just return success for LX_PR_CAPBSET_DROP there is currently + * no need to map this to the illumos privileges. + */ + return (0); + } + default: break; } |