| Message ID | 1442271254-27897-3-git-send-email-azhou@nicira.com |
|---|---|
| State | Changes Requested |
| Headers | show |
On Mon, Sep 14, 2015 at 03:54:06PM -0700, Andy Zhou wrote: > Add configuration option for enabling or disabling linking with > libcap-ng. This option is enabled by default. Disabling this option > prevents ovs-vswitchd from accepting the --user option on Linux. > > Signed-off-by: Andy Zhou <azhou@nicira.com> This should probably update the installation guide to note the new optional library dependency. Since capabilities are a security feature, like SSL, I think that we should handle libcapng like we do OpenSSL, e.g.: - no option: use libcapng if it's present - --disable-libcapng: do not use libcapng - --enable-libcapng: do use libcapng and fail configuration if it's missing See OVS_CHECK_OPENSSL for the details. Please add m4 quoting here: AC_CHECK_LIB(cap-ng, capng_clear, HAVE_LIBCAPNG=yes) e.g.: AC_CHECK_LIB([cap-ng], [capng_clear], [HAVE_LIBCAPNG=yes]) Thanks, Ben.
diff --git a/configure.ac b/configure.ac index 36387a1..39055fe 100644 --- a/configure.ac +++ b/configure.ac @@ -91,6 +91,7 @@ OVS_CHECK_COVERAGE OVS_CHECK_NDEBUG OVS_CHECK_NETLINK OVS_CHECK_OPENSSL +OVS_CHECK_LIBCAPNG OVS_CHECK_LOGDIR OVS_CHECK_PYTHON OVS_CHECK_DOT diff --git a/m4/openvswitch.m4 b/m4/openvswitch.m4 index 087c7e5..83edb16 100644 --- a/m4/openvswitch.m4 +++ b/m4/openvswitch.m4 @@ -157,6 +157,29 @@ AC_DEFUN([OVS_CHECK_NETLINK], [Define to 1 if Netlink protocol is available.]) fi]) +dnl Checks for libcap-ng. +AC_DEFUN([OVS_CHECK_LIBCAPNG], + [AC_ARG_ENABLE( + [libcapng], + [AC_HELP_STRING([--disable-libcapng], [Disable Linux capability support])], + [case "${enableval}" in + (yes) libcapng=true ;; + (no) libcapng=false ;; + (*) AC_MSG_ERROR([bad value ${enableval} for --enable-libcapng]) ;; + esac], + [libcapng=check]) + + if test "$libcapng" != false; then + AC_CHECK_LIB(cap-ng, capng_clear, HAVE_LIBCAPNG=yes) + fi + + AM_CONDITIONAL([HAVE_LIBCAPNG], [test "$HAVE_LIBCAPNG" = yes]) + if test "$HAVE_LIBCAPNG" = yes; then + AC_DEFINE([HAVE_LIBCAPNG], [1], + [Define to 1 if libcap-ng is available.]) + OVS_LDFLAGS="$OVS_LDFLAGS -lcap-ng" + fi]) + dnl Checks for OpenSSL. AC_DEFUN([OVS_CHECK_OPENSSL], [AC_ARG_ENABLE(
Add configuration option for enabling or disabling linking with libcap-ng. This option is enabled by default. Disabling this option prevents ovs-vswitchd from accepting the --user option on Linux. Signed-off-by: Andy Zhou <azhou@nicira.com> --- configure.ac | 1 + m4/openvswitch.m4 | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+)