From 19c0b0b9a5039b842cf9e6c3e7ece75fb8725602 Mon Sep 17 00:00:00 2001
From: Ronny Chevalier <chevalier.ronny@gmail.com>
Date: Sat, 30 Jan 2016 17:26:39 +0100
Subject: core: set NoNewPrivileges for seccomp if we don't have CAP_SYS_ADMIN

The manpage of seccomp specify that using seccomp with
SECCOMP_SET_MODE_FILTER will return EACCES if the caller do not have
CAP_SYS_ADMIN set, or if the no_new_privileges bit is not set. Hence,
without NoNewPrivilege set, it is impossible to use a SystemCall*
directive with a User directive set in system mode.

Now, NoNewPrivileges is set if we are in user mode, or if we are in
system mode and we don't have CAP_SYS_ADMIN, and SystemCall*
directives are used.
---
 Makefile.am | 1 +
 1 file changed, 1 insertion(+)

(limited to 'Makefile.am')

diff --git a/Makefile.am b/Makefile.am
index 7bd98dddf6..02557ef46a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1556,6 +1556,7 @@ EXTRA_DIST += \
 	test/test-execute/exec-systemcallfilter-failing.service \
 	test/test-execute/exec-systemcallfilter-not-failing2.service \
 	test/test-execute/exec-systemcallfilter-not-failing.service \
+	test/test-execute/exec-systemcallfilter-system-user.service \
 	test/test-execute/exec-user.service \
 	test/test-execute/exec-workingdirectory.service \
 	test/test-execute/exec-umask-0177.service \
-- 
cgit v1.2.3-54-g00ecf