From 763396b8be07be41b1baf336952fd222cbeb8db7 Mon Sep 17 00:00:00 2001
From: Andrew Clayton <a.clayton@nginx.com>
Date: Fri, 25 Nov 2022 10:32:20 +0000
Subject: Isolation: Fix the enablement of PR_SET_NO_NEW_PRIVS.

This prctl(2) option is checked for in auto/isolation, unfortunately due
to a typo this feature has never been enabled.

In the auto/isolation script the feature name was down as
NXT_HAVE_PR_SET_NO_NEW_PRIVS0, which means we end up with the following
in build/nxt_auto_config.h

  #ifndef NXT_HAVE_PR_SET_NO_NEW_PRIVS0
  #define NXT_HAVE_PR_SET_NO_NEW_PRIVS0  1
  #endif

Whereas everywhere else is checking for NXT_HAVE_PR_SET_NO_NEW_PRIVS.

This also guards the inclusion of sys/prctl.h in src/nxt_process.c which
is required by a subsequent commit.

Fixes: e2b53e1 ("Added "rootfs" feature.")
Reviewed-by: Alejandro Colomar <alx@nginx.com>
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
---
 auto/isolation | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auto/isolation b/auto/isolation
index cbf42d9d..b706c94d 100644
--- a/auto/isolation
+++ b/auto/isolation
@@ -90,7 +90,7 @@ nxt_feature_test="#include <mntent.h>
 
 
 nxt_feature="prctl(PR_SET_NO_NEW_PRIVS)"
-nxt_feature_name=NXT_HAVE_PR_SET_NO_NEW_PRIVS0
+nxt_feature_name=NXT_HAVE_PR_SET_NO_NEW_PRIVS
 nxt_feature_run=no
 nxt_feature_incs=
 nxt_feature_libs=
-- 
cgit