Re: [Openvpn-devel] [PATCH v2] Retain CAP_NET_ADMIN when dropping privileges

On 06/04/2022 14:44, Timo Rothenpieler wrote: --- a/configure.ac +++ b/configure.ac @@ -794,6 +794,25 @@ dnl   esac   fi +dnl +dnl Depend on libcap-ng on Linux +dnl +case "$host" in +    *-*-linux*) +    PKG_CHECK_MODULES([LIBCAPNG], +  [libcap-ng], +  [ha

Re: [Openvpn-devel] [PATCH v2] Retain CAP_NET_ADMIN when dropping privileges

On 06/04/2022 14:44, Timo Rothenpieler wrote: 'man cap_change_id' does not mention setting errno at all. What do we expect to see with M_ERRNO? Every function it internally calls sets errno, so in case of failure errno will reflect what went wrong. Like, for example EPERM will be the most

Re: [Openvpn-devel] [PATCH v2] Retain CAP_NET_ADMIN when dropping privileges

On 06.04.2022 11:52, Antonio Quartulli wrote: Hi, On 30/03/2022 22:55, Timo Rothenpieler wrote: --- Using libcap-ng now A commit message would be good, but I see that David has already proposed one. The latest rebased version of this patch already has that message. Just seemed silly to re-

[Openvpn-devel] Summary of the community meeting (6th April 2022)

Hi, Here's the summary of the IRC meeting. --- COMMUNITY MEETING Place: #openvpn-meeting on libera.chat Date: Wed 6th April 2022 Time: 10:30 CEST (9:30 UTC) Planned meeting topics for this meeting were here: Your local meeting t

Re: [Openvpn-devel] [PATCH v2] Retain CAP_NET_ADMIN when dropping privileges

Hi, On 30/03/2022 22:55, Timo Rothenpieler wrote: --- Using libcap-ng now A commit message would be good, but I see that David has already proposed one. configure.ac | 19 + distro/systemd/openvpn-cli...@.service.in | 2 +- distro/systemd/openvpn-ser