cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-29 23:18:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

knot: disable libcap-ng

Browse Source 
Recently, there was added libcap-ng to OpenWrt packages feed,
which is optional for Knot DNS. It enables POSIX 1003.1e capabilities.
This can restrict root (by default it runs as root) permissions and
might harm and as there isn't systemd on OpenWrt it can interfere.

There is an added patch, which introduced an option to disable libcap-ng.
This will be part of the next release.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 41957d6967)
This commit is contained in:
Josef Schlehofer
2020-05-22 13:59:39 +02:00
parent 550fa7c286
commit aef8cb50ff
2 changed files with 41 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/knot/Makefile
+2 -1
View File
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=knot
PKG_VERSION:=2.9.3
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-dns/
@@ -149,6 +149,7 @@ export KNOT_VERSION_FORMAT=release
CONFIGURE_ARGS += \
--enable-recvmmsg=no \
--enable-cap-ng=no \
--disable-fastparser \
--without-libidn \
--with-rundir=/var/run/knot \