gocapability: upstream fix for unsporrted caps

vbatts · vbatts · commit 4bf03a0fac48 · 2014-05-17T03:51:02.000-04:00
@vmarmol has made the fix upstream for not failing if the capability being dropped is returned as invalid from the syscall, which is the case when the capability is not supported on the host. This is a blocker presently for RHEL6.5 on CAP_SYSLOG. We have patched around this in our RPM for the time being, but this is the proper fix. See also #5810 Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
diff --git a/hack/vendor.sh b/hack/vendor.sh
@@ -45,7 +45,7 @@ clone git github.com/gorilla/context 708054d61e5
 
 clone git github.com/gorilla/mux 9b36453141c
 
-clone git github.com/syndtr/gocapability 3454319be2
+clone git github.com/syndtr/gocapability 3c85049eae
 
 clone hg code.google.com/p/go.net 84a4013f96e0
 
diff --git a/vendor/src/github.com/syndtr/gocapability/capability/capability_linux.go b/vendor/src/github.com/syndtr/gocapability/capability/capability_linux.go
@@ -388,6 +388,11 @@ func (c *capsV3) Apply(kind CapType) (err error) {
 				}
 				err = prctl(syscall.PR_CAPBSET_DROP, uintptr(i), 0, 0, 0)
 				if err != nil {
+					// Ignore EINVAL since the capability may not be supported in this system.
+					if errno, ok := err.(syscall.Errno); ok && errno == syscall.EINVAL {
+						err = nil
+						continue
+					}
 					return
 				}
 			}

Original file line number	Diff line number	Diff line change
`@@ -388,6 +388,11 @@ func (c *capsV3) Apply(kind CapType) (err error) {`
`388`	`388`	`}`
`389`	`389`	`err = prctl(syscall.PR_CAPBSET_DROP, uintptr(i), 0, 0, 0)`
`390`	`390`	`if err != nil {`
	`391`	`+ // Ignore EINVAL since the capability may not be supported in this system.`
	`392`	`+ if errno, ok := err.(syscall.Errno); ok && errno == syscall.EINVAL {`
	`393`	`+ err = nil`
	`394`	`+ continue`
	`395`	`+ }`
`391`	`396`	`return`
`392`	`397`	`}`
`393`	`398`	`}`