PL3026: This is the upgraded version of vdu that maintains an internal

[util-vserver.git] / src / vsh.c

diff --git a/src/vsh.c b/src/vsh.c
index a834f2b..0fdd59c 100644 (file)
--- a/src/vsh.c
+++ b/src/vsh.c
@@ -179,6 +179,10 @@ static int sandbox_chroot(uid_t uid)
        return 0;
 }
 
+#ifndef CAP_CONTEXT
+#  define CAP_CONTEXT  29
+#endif
+
 static struct {
        const char *option;
        int bit;
@@ -218,9 +222,7 @@ static struct {
        {"CAP_SYS_RESOURCE",CAP_SYS_RESOURCE},
        {"CAP_SYS_TIME",        CAP_SYS_TIME},
        {"CAP_MKNOD",           CAP_MKNOD},
-#ifdef CAP_QUOTACTL
-       {"CAP_QUOTACTL",        CAP_QUOTACTL},
-#endif
+       {"CAP_CONTEXT",         CAP_CONTEXT},
        {NULL,0}
 };
 
@@ -234,6 +236,7 @@ static unsigned get_remove_cap(char *name) {
 
        remove_cap = /* NOTE: keep in sync with chcontext.c */
                (1<<CAP_LINUX_IMMUTABLE)|
+               (1<<CAP_NET_BIND_SERVICE)|
                (1<<CAP_NET_BROADCAST)|
                (1<<CAP_NET_ADMIN)|
                (1<<CAP_NET_RAW)|
@@ -248,12 +251,7 @@ static unsigned get_remove_cap(char *name) {
                (1<<CAP_SYS_RESOURCE)|
                (1<<CAP_SYS_TIME)|
                (1<<CAP_MKNOD)|
-#ifdef CAP_QUOTACTL
-               (1<<CAP_QUOTACTL)|
-#endif
-#ifdef CAP_CONTEXT
                (1<<CAP_CONTEXT)|
-#endif
                0
                ;