From e1ff27a3caccb0a8fa8d013e8a4c8e1ce5710da6 Mon Sep 17 00:00:00 2001 From: Josh Boyer Date: Fri, 22 Aug 2014 13:20:49 -0400 Subject: [PATCH] Drop userns revert patch (rhbz 917708) --- ...low-unprivileged-users-to-create-use.patch | 44 ------------------- kernel.spec | 9 ++-- 2 files changed, 3 insertions(+), 50 deletions(-) delete mode 100644 Revert-userns-Allow-unprivileged-users-to-create-use.patch diff --git a/Revert-userns-Allow-unprivileged-users-to-create-use.patch b/Revert-userns-Allow-unprivileged-users-to-create-use.patch deleted file mode 100644 index cea6bff01..000000000 --- a/Revert-userns-Allow-unprivileged-users-to-create-use.patch +++ /dev/null @@ -1,44 +0,0 @@ -Bugzilla: 917708 -Upstream-status: Fedora mustard - -From e3da68be55914bfeedb8866f191cc0958579611d Mon Sep 17 00:00:00 2001 -From: Josh Boyer -Date: Wed, 13 Nov 2013 10:21:18 -0500 -Subject: [PATCH] Revert "userns: Allow unprivileged users to create user - namespaces." - -This reverts commit 5eaf563e53294d6696e651466697eb9d491f3946. - -Conflicts: - kernel/fork.c ---- - kernel/fork.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/kernel/fork.c b/kernel/fork.c -index f6d11fc..e04c9a7 100644 ---- a/kernel/fork.c -+++ b/kernel/fork.c -@@ -1573,6 +1573,19 @@ long do_fork(unsigned long clone_flags, - long nr; - - /* -+ * Do some preliminary argument and permissions checking before we -+ * actually start allocating stuff -+ */ -+ if (clone_flags & CLONE_NEWUSER) { -+ /* hopefully this check will go away when userns support is -+ * complete -+ */ -+ if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SETUID) || -+ !capable(CAP_SETGID)) -+ return -EPERM; -+ } -+ -+ /* - * Determine whether and which event to report to ptracer. When - * called from kernel_thread or CLONE_UNTRACED is explicitly - * requested, no event is reported; otherwise, report if the event --- -1.8.3.1 - diff --git a/kernel.spec b/kernel.spec index e9c28b5b1..a0f1da48e 100644 --- a/kernel.spec +++ b/kernel.spec @@ -560,9 +560,6 @@ Patch530: silence-fbcon-logo.patch Patch600: 0001-lib-cpumask-Make-CPUMASK_OFFSTACK-usable-without-deb.patch -#rhbz 917708 -Patch700: Revert-userns-Allow-unprivileged-users-to-create-use.patch - Patch800: crash-driver.patch # crypto/ @@ -1306,9 +1303,6 @@ ApplyPatch silence-fbcon-logo.patch # Changes to upstream defaults. -#rhbz 917708 -ApplyPatch Revert-userns-Allow-unprivileged-users-to-create-use.patch - # /dev/crash driver. ApplyPatch crash-driver.patch @@ -2270,6 +2264,9 @@ fi # ||----w | # || || %changelog +* Fri Aug 22 2014 Josh Boyer +- Drop userns revert patch (rhbz 917708) + * Tue Aug 19 2014 Josh Boyer - Fix NFSv3 oops (rhbz 1131551)