summaryrefslogtreecommitdiffhomepage
path: root/src/nxt_isolation.c
diff options
context:
space:
mode:
authorAndrew Clayton <a.clayton@nginx.com>2022-11-25 10:32:20 +0000
committerAndrew Clayton <a.clayton@nginx.com>2022-11-25 10:32:20 +0000
commit0277d8f1034f6f3dcdb5fd88dc3a9a3f04c1de89 (patch)
treebba91031af562500f28d0f1743f3b8b69563d348 /src/nxt_isolation.c
parent1f37d8121a3dfc2f039b859835c4ec22e77f01c9 (diff)
downloadunit-0277d8f1034f6f3dcdb5fd88dc3a9a3f04c1de89.tar.gz
unit-0277d8f1034f6f3dcdb5fd88dc3a9a3f04c1de89.tar.bz2
Isolation: Fix the enablement of PR_SET_NO_NEW_PRIVS.
This prctl(2) option is checked for in auto/isolation, unfortunately due to a typo this feature has never been enabled. In the auto/isolation script the feature name was down as NXT_HAVE_PR_SET_NO_NEW_PRIVS0, which means we end up with the following in build/nxt_auto_config.h #ifndef NXT_HAVE_PR_SET_NO_NEW_PRIVS0 #define NXT_HAVE_PR_SET_NO_NEW_PRIVS0 1 #endif Whereas everywhere else is checking for NXT_HAVE_PR_SET_NO_NEW_PRIVS. This also guards the inclusion of sys/prctl.h in src/nxt_process.c which is required by a subsequent commit. Fixes: e2b53e1 ("Added "rootfs" feature.") Reviewed-by: Alejandro Colomar <alx@nginx.com> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions