From: Stanislav Kinsburskiy <skinsbur...@parallels.com> This fixes -EPERM result for link creation by root in container
https://jira.sw.ru/browse/PSBM-40567 Signed-off-by: Stanislav Kinsburskiy <skinsbur...@parallels.com> --- fs/namei.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/namei.c b/fs/namei.c index e7d9f54..d3430ee 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -869,7 +869,7 @@ static int may_linkat(struct path *link) * otherwise, it must be a safe source. */ if (uid_eq(cred->fsuid, inode->i_uid) || safe_hardlink_source(inode) || - capable(CAP_FOWNER)) + ve_capable(CAP_FOWNER)) return 0; audit_log_link_denied("linkat", link); @@ -3955,7 +3955,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, * handlink using the passed filedescriptor. */ if (flags & AT_EMPTY_PATH) { - if (!capable(CAP_DAC_READ_SEARCH)) + if (!ve_capable(CAP_DAC_READ_SEARCH)) return -ENOENT; how = LOOKUP_EMPTY; } _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
