- merge revision 1.5

date: 2004/11/23 15:07:40;  author: mlhuang;  state: Exp;  lines: +4 -4
- apply ioctl() patch to make sure that only superuser or someone
  capable of setting the immutable bit, can set the immulink bit

From: Sam Vilain <sam@vilain.net>
Re: [Vserver] [PATCH] immulink ioctl is not available on vs1.9.3-rc2,  even with CONFIG_VSERVER_LEGACY
To: vserver@list.linux-vserver.org
Date: 10/19/04 12:17 am

Here's the missing link.

diff --git a/fs/ext2/ioctl.c b/fs/ext2/ioctl.c
index f6043a6..594c16c 100644 (file)
--- a/fs/ext2/ioctl.c
+++ b/fs/ext2/ioctl.c
@@ -50,11 +50,11 @@ int ext2_ioctl (struct inode * inode, struct file * filp, unsigned int cmd,
                 *
                 * This test looks nicer. Thanks to Pauline Middelink
                 */
-               if ((oldflags & EXT2_IMMUTABLE_FL) ||
+               if (((oldflags & EXT2_IMMUTABLE_FL) ||
                        ((flags ^ oldflags) &
-                       (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL))) {
-                       if (!capable(CAP_LINUX_IMMUTABLE))
-                               return -EPERM;
+                        (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL | EXT2_IUNLINK_FL)))
+                   && !capable(CAP_LINUX_IMMUTABLE)) {
+                       return -EPERM;          
                }
 
                flags = flags & EXT2_FL_USER_MODIFIABLE;