I have not tested this myself, but if I had, the test setup would have
been very similar to what Frank did (so, big thanks) - run a DCO
environment with "owner nobody", and see if things still work.
I will add this to my DCO server test environment - run one of the
iroute-using instances with "nobody", so it is continuously tested.
I did have a stare-at-code a few weeks ago, and we did discuss this
a few months ago, and the approach chosen seems to make sense.
Uncrustify complained about two lines with tabs -> fixed.
Your patch has been applied to the master branch.
commit 2e359a088226ab1e5ee41fbab27d38d8a8d192ac
Author: Timo Rothenpieler
Date: Sat May 14 12:37:17 2022 +0200
platform: Retain CAP_NET_ADMIN when dropping privileges
Signed-off-by: Timo Rothenpieler <t...@rothenpieler.org>
Acked-by: Frank Lichtenheld <fr...@lichtenheld.com>
Message-Id: <20220514103717.235-1-t...@rothenpieler.org>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24360.html
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
