From b5103ca6242b876768de92d024ccc54b98bca85b Mon Sep 17 00:00:00 2001
From: Mark Huang <mlhuang@cs.princeton.edu>
Date: Tue, 23 Nov 2004 15:07:40 +0000
Subject: [PATCH] - apply ioctl() patch to make sure that only superuser or
 someone   capable of setting the immutable bit, can set the immulink bit

From: Sam Vilain <sam@vilain.net>
Re: [Vserver] [PATCH] immulink ioctl is not available on vs1.9.3-rc2,  even with CONFIG_VSERVER_LEGACY
To: vserver@list.linux-vserver.org
Date: 10/19/04 12:17 am

Here's the missing link.
---
 fs/ext2/ioctl.c | 8 ++++----
 fs/ext3/ioctl.c | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/fs/ext2/ioctl.c b/fs/ext2/ioctl.c
index f6043a6e2..594c16c80 100644
--- a/fs/ext2/ioctl.c
+++ b/fs/ext2/ioctl.c
@@ -50,11 +50,11 @@ int ext2_ioctl (struct inode * inode, struct file * filp, unsigned int cmd,
 		 *
 		 * This test looks nicer. Thanks to Pauline Middelink
 		 */
-		if ((oldflags & EXT2_IMMUTABLE_FL) ||
+		if (((oldflags & EXT2_IMMUTABLE_FL) ||
 			((flags ^ oldflags) &
-			(EXT2_APPEND_FL | EXT2_IMMUTABLE_FL))) {
-			if (!capable(CAP_LINUX_IMMUTABLE))
-				return -EPERM;
+			 (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL | EXT2_IUNLINK_FL)))
+		    && !capable(CAP_LINUX_IMMUTABLE)) {
+			return -EPERM;		
 		}
 
 		flags = flags & EXT2_FL_USER_MODIFIABLE;
diff --git a/fs/ext3/ioctl.c b/fs/ext3/ioctl.c
index 37bd4509d..f58d49736 100644
--- a/fs/ext3/ioctl.c
+++ b/fs/ext3/ioctl.c
@@ -59,11 +59,11 @@ int ext3_ioctl (struct inode * inode, struct file * filp, unsigned int cmd,
 		 *
 		 * This test looks nicer. Thanks to Pauline Middelink
 		 */
-		if ((oldflags & EXT3_IMMUTABLE_FL) ||
+		if (((oldflags & EXT3_IMMUTABLE_FL) ||
 			((flags ^ oldflags) &
-			(EXT3_APPEND_FL | EXT3_IMMUTABLE_FL))) {
-			if (!capable(CAP_LINUX_IMMUTABLE))
-				return -EPERM;
+			 (EXT3_APPEND_FL | EXT3_IMMUTABLE_FL | EXT3_IUNLINK_FL)))
+		    && !capable(CAP_LINUX_IMMUTABLE)) {
+			return -EPERM;		
 		}
 
 		/*
-- 
2.47.0