diff options
author | Lennart Poettering <lennart@poettering.net> | 2014-06-17 03:23:23 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2014-06-17 03:26:40 +0200 |
commit | c47fc1f025dd4b4c22d4650385748dc8486df0b6 (patch) | |
tree | 820668266222c28f922ac2148971b3ad0bf987bd /src/core | |
parent | a1259e0a1481b3621ebcc285b76a2ea43ca223c8 (diff) |
kmod: conditionalize kmod setup on CAP_SYS_MODULE, not whether we run in a container
It's generally preferrable to conditionalize on the actual ability to do
something then the context we run in.
Diffstat (limited to 'src/core')
-rw-r--r-- | src/core/kmod-setup.c | 6 | ||||
-rw-r--r-- | src/core/main.c | 3 |
2 files changed, 6 insertions, 3 deletions
diff --git a/src/core/kmod-setup.c b/src/core/kmod-setup.c index 0791ae8ead..2f3f608830 100644 --- a/src/core/kmod-setup.c +++ b/src/core/kmod-setup.c @@ -27,7 +27,7 @@ #include "macro.h" #include "execute.h" - +#include "capability.h" #include "kmod-setup.h" static void systemd_kmod_log( @@ -54,6 +54,7 @@ static bool cmdline_check_kdbus(void) { } int kmod_setup(void) { + static const struct { const char *module; const char *path; @@ -76,6 +77,9 @@ int kmod_setup(void) { unsigned int i; int r; + if (have_effective_cap(CAP_SYS_MODULE) == 0) + return 0; + for (i = 0; i < ELEMENTSOF(kmod_table); i++) { struct kmod_module *mod; diff --git a/src/core/main.c b/src/core/main.c index 4ad3bc2c57..899233bf51 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -1589,8 +1589,7 @@ int main(int argc, char *argv[]) { status_welcome(); #ifdef HAVE_KMOD - if (detect_container(NULL) <= 0) - kmod_setup(); + kmod_setup(); #endif hostname_setup(); machine_id_setup(""); |