On 3/12/21 12:25 AM, Stijn Tintel wrote:
Having libcap in OpenWrt base allows us to enable libcap support in
other packages in base.
In lldpd, this would allow the monitor process to drop its privileges
instead of running as root, improving security. It will also allow us to
drop our patch to disable libcap.
I suspect some people might counter this by saying lldpd belongs in the
packages feed; I strongly disagree as imo LLDP is an essential service
for any network device, and especially switches. Even the cheapest
managed switches support LLDP for more than 5 years already.
Also see: https://github.com/openwrt/openwrt/pull/3823#issuecomment-795174537
I'll bump lldpd to the latest version after this series is merged, and
debug the problem reported by John on the realtek target.
Stijn Tintel (4):
libcap: import from packages feed
libcap: drop invalid copyright header
libcap: bump to 2.48
lldpd: add libcap dependency
Acked-by: Hauke Mehrtens <ha...@hauke-m.de>
I am not a lldpd user so I can not say if we should make it depend on
libcap, but I saw some packages which has implicit dependencies.
Hauke
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
