This patch changes suser() to capable() in linux/drivers
The following drivers were left alone primarily because I didn't
recognize their ioctls. I'm also a bit careful about touching the tty
code. If someone more familiar with the code would help out, I'd be
grateful.
drivers/net/wavelan.c
drivers/net/ewrk3.c
drivers/net/eql.c
drivers/net/sdla.c
drivers/net/hamradio/baycom_par.c
drivers/net/hamradio/baycom_ser_fdx.c
drivers/net/hamradio/baycom_ser_hdx.c
drivers/net/hamradio/bpqether.c
drivers/net/hamradio/hdlcdrv.c
drivers/net/hamradio/pi2.c
drivers/net/hamradio/pt.c
drivers/net/hamradio/scc.c
drivers/net/hamradio/soundmodem/sm.c
drivers/net/hamradio/soundmodem/sm_sbc.c
drivers/net/hamradio/soundmodem/sm_wss.c
drivers/net/hamradio/dmascc.c
drivers/block/floppy.c
drivers/block/swim3.c
drivers/char/console.c
drivers/char/tty_ioctl.c
drivers/char/tty_io.c
drivers/char/lp.c
drivers/char/vt.c
drivers/char/tpqic02.c
drivers/char/cyclades.c
drivers/char/apm_bios.c
drivers/char/esp.c
drivers/scsi/st.c
drivers/sbus/char/vfc_dev.c
astor
-- Alexander Kjeldaas, Guardian Networks AS, Trondheim, Norway http://www.guardian.no/--GuTyElPB9bOcsMOR Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=cap_97_3_drivers
diff -urN /tmp/linux/drivers/acorn/block/fd1772.c lp97/drivers/acorn/block/fd1772.c --- /tmp/linux/drivers/acorn/block/fd1772.c Sat Feb 21 22:25:15 1998 +++ lp97/drivers/acorn/block/fd1772.c Thu Apr 23 15:56:11 1998 @@ -1368,7 +1368,7 @@ case FDFLUSH: return invalidate_drive(drive); } - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; if (drive < 0 || drive > 3) return -EINVAL; diff -urN /tmp/linux/drivers/acorn/block/mfmhd.c lp97/drivers/acorn/block/mfmhd.c --- /tmp/linux/drivers/acorn/block/mfmhd.c Thu Apr 9 00:51:32 1998 +++ lp97/drivers/acorn/block/mfmhd.c Thu Apr 23 15:55:44 1998 @@ -1206,14 +1206,14 @@ return 0; case BLKFLSBUF: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; fsync_dev(dev); invalidate_buffers(dev); return 0; case BLKRASET: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (arg > 0xff) return -EINVAL; @@ -1227,7 +1227,7 @@ return put_user (mfm[minor].nr_sects, (long *)arg); case BLKFRASET: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; max_readahead[major][minor] = arg; return 0; @@ -1239,7 +1239,7 @@ return put_user(max_sectors[major][minor], (long *) arg); case BLKRRPART: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; return mfm_reread_partitions(dev); diff -urN /tmp/linux/drivers/block/acsi.c lp97/drivers/block/acsi.c --- /tmp/linux/drivers/block/acsi.c Sat Feb 21 02:55:45 1998 +++ lp97/drivers/block/acsi.c Thu Apr 23 17:29:22 1998 @@ -1149,7 +1149,7 @@ (long *) arg); case BLKFLSBUF: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!inode->i_rdev) return -EINVAL; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); diff -urN /tmp/linux/drivers/block/ataflop.c lp97/drivers/block/ataflop.c --- /tmp/linux/drivers/block/ataflop.c Sat Feb 21 02:55:45 1998 +++ lp97/drivers/block/ataflop.c Thu Apr 23 14:27:00 1998 @@ -1631,7 +1631,7 @@ return -EFAULT; return 0; case BLKRASET: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (param > 0xff) return -EINVAL; @@ -1641,7 +1641,7 @@ return put_user(read_ahead[MAJOR(inode->i_rdev)], (int *) param); case BLKFLSBUF: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); diff -urN /tmp/linux/drivers/block/floppy.c lp97/drivers/block/floppy.c --- /tmp/linux/drivers/block/floppy.c Thu Mar 12 00:25:12 1998 +++ lp97/drivers/block/floppy.c Thu Apr 23 14:25:18 1998 @@ -3208,7 +3208,7 @@ (g->stretch&~(FD_STRETCH|FD_SWAPSIDES)) != 0) return -EINVAL; if (type){ - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; LOCK_FDC(drive,1); for (cnt = 0; cnt < N_DRIVE; cnt++){ @@ -3373,7 +3373,7 @@ return _COPYOUT(loc); } case BLKRASET: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(param > 0xff) return -EINVAL; read_ahead[MAJOR(inode->i_rdev)] = param; return 0; @@ -3381,7 +3381,7 @@ return put_user(read_ahead[MAJOR(inode->i_rdev)], (long *) param); case BLKFLSBUF: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); return 0; diff -urN /tmp/linux/drivers/block/hd.c lp97/drivers/block/hd.c --- /tmp/linux/drivers/block/hd.c Sat Sep 6 19:08:56 1997 +++ lp97/drivers/block/hd.c Thu Apr 23 14:22:18 1998 @@ -603,7 +603,7 @@ return copy_to_user(loc, &g, sizeof g) ? -EFAULT : 0; } case BLKRASET: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(arg > 0xff) return -EINVAL; read_ahead[MAJOR(inode->i_rdev)] = arg; return 0; @@ -616,7 +616,7 @@ return put_user(hd[MINOR(inode->i_rdev)].nr_sects, (long *) arg); case BLKFLSBUF: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); return 0; diff -urN /tmp/linux/drivers/block/ide-proc.c lp97/drivers/block/ide-proc.c --- /tmp/linux/drivers/block/ide-proc.c Thu Apr 23 00:59:22 1998 +++ lp97/drivers/block/ide-proc.c Thu Apr 23 15:49:47 1998 @@ -111,7 +111,7 @@ unsigned long startn = 0, n, flags; const char *start = NULL, *msg = NULL; - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; /* * Skip over leading whitespace @@ -432,7 +432,7 @@ const char *start = NULL; ide_settings_t *setting; - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; /* * Skip over leading whitespace @@ -573,7 +573,7 @@ { ide_drive_t *drive = (ide_drive_t *) data; - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (ide_replace_subdriver(drive, buffer)) return -EINVAL; diff -urN /tmp/linux/drivers/block/ide.c lp97/drivers/block/ide.c --- /tmp/linux/drivers/block/ide.c Sat Apr 11 01:04:41 1998 +++ lp97/drivers/block/ide.c Thu Apr 23 15:16:24 1998 @@ -1837,7 +1837,7 @@ int i, rc = 0; u32 *p; - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (!(setting->rw & SETTING_WRITE)) return -EPERM; @@ -1974,7 +1974,7 @@ return 0; } case BLKFLSBUF: - if (!suser()) return -EACCES; + if (!capable(CAP_SYS_ADMIN)) return -EACCES; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); return 0; @@ -1983,7 +1983,7 @@ return put_user(drive->part[MINOR(inode->i_rdev)&PARTN_MASK].nr_sects, (long *) arg); case BLKRRPART: /* Re-read partition tables */ - if (!suser()) return -EACCES; + if (!capable(CAP_SYS_ADMIN)) return -EACCES; return ide_revalidate_disk(inode->i_rdev); case HDIO_GET_IDENTITY: @@ -2011,7 +2011,7 @@ { byte args[4], *argbuf = args; int argsize = 4; - if (!suser()) return -EACCES; + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (NULL == (void *) arg) return ide_do_drive_cmd(drive, &rq, ide_wait); if (copy_from_user(args, (void *)arg, 4)) @@ -2034,7 +2034,7 @@ case HDIO_SCAN_HWIF: { int args[3]; - if (!suser()) return -EACCES; + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (copy_from_user(args, (void *)arg, 3 * sizeof(int))) return -EFAULT; if (ide_register(args[0], args[1], args[2]) == -1) @@ -2042,7 +2042,7 @@ return 0; } case HDIO_SET_NICE: - if (!suser()) return -EACCES; + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (drive->driver == NULL) return -EPERM; if (arg != (arg & ((1 << IDE_NICE_DSC_OVERLAP) | (1 << IDE_NICE_1)))) diff -urN /tmp/linux/drivers/block/loop.c lp97/drivers/block/loop.c --- /tmp/linux/drivers/block/loop.c Mon Mar 23 19:13:52 1998 +++ lp97/drivers/block/loop.c Thu Apr 23 17:30:05 1998 @@ -448,7 +448,7 @@ info.lo_flags = lo->lo_flags; strncpy(info.lo_name, lo->lo_name, LO_NAME_SIZE); info.lo_encrypt_type = lo->lo_encrypt_type; - if (lo->lo_encrypt_key_size && suser()) { + if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) { info.lo_encrypt_key_size = lo->lo_encrypt_key_size; memcpy(info.lo_encrypt_key, lo->lo_encrypt_key, lo->lo_encrypt_key_size); diff -urN /tmp/linux/drivers/block/md.c lp97/drivers/block/md.c --- /tmp/linux/drivers/block/md.c Sun Mar 29 22:24:05 1998 +++ lp97/drivers/block/md.c Thu Apr 23 14:28:44 1998 @@ -622,7 +622,7 @@ int minor, err; struct hd_geometry *loc = (struct hd_geometry *) arg; - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (((minor=MINOR(inode->i_rdev)) & 0x80) && diff -urN /tmp/linux/drivers/block/nbd.c lp97/drivers/block/nbd.c --- /tmp/linux/drivers/block/nbd.c Fri Mar 27 18:37:42 1998 +++ lp97/drivers/block/nbd.c Thu Apr 23 17:29:39 1998 @@ -316,7 +316,7 @@ struct nbd_device *lo; int dev, error; - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; if (!inode) return -EINVAL; diff -urN /tmp/linux/drivers/block/paride/pd.c lp97/drivers/block/paride/pd.c --- /tmp/linux/drivers/block/paride/pd.c Sun Jan 25 18:59:59 1998 +++ lp97/drivers/block/paride/pd.c Thu Apr 23 17:28:10 1998 @@ -466,7 +466,7 @@ put_user(pd_hd[dev].start_sect,(long *)&geo->start); return 0; case BLKRASET: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!(inode->i_rdev)) return -EINVAL; if(arg > 0xff) return -EINVAL; read_ahead[MAJOR(inode->i_rdev)] = arg; @@ -484,7 +484,7 @@ put_user(pd_hd[dev].nr_sects,(long *) arg); return (0); case BLKFLSBUF: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!(inode->i_rdev)) return -EINVAL; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); diff -urN /tmp/linux/drivers/block/paride/pf.c lp97/drivers/block/paride/pf.c --- /tmp/linux/drivers/block/paride/pf.c Sun Dec 28 21:05:45 1997 +++ lp97/drivers/block/paride/pf.c Thu Apr 23 17:28:28 1998 @@ -416,7 +416,7 @@ put_user(0,(long *)&geo->start); return 0; case BLKRASET: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!(inode->i_rdev)) return -EINVAL; if(arg > 0xff) return -EINVAL; read_ahead[MAJOR(inode->i_rdev)] = arg; @@ -434,7 +434,7 @@ put_user(PF.capacity,(long *) arg); return (0); case BLKFLSBUF: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!(inode->i_rdev)) return -EINVAL; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); diff -urN /tmp/linux/drivers/block/ps2esdi.c lp97/drivers/block/ps2esdi.c --- /tmp/linux/drivers/block/ps2esdi.c Tue Feb 10 01:12:54 1998 +++ lp97/drivers/block/ps2esdi.c Thu Apr 23 17:29:04 1998 @@ -1091,7 +1091,7 @@ } break; case BLKRASET: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (!inode->i_rdev) return -EINVAL; @@ -1109,7 +1109,7 @@ } break; case BLKFLSBUF: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (!inode->i_rdev) return -EINVAL; diff -urN /tmp/linux/drivers/block/rd.c lp97/drivers/block/rd.c --- /tmp/linux/drivers/block/rd.c Wed Mar 11 20:42:30 1998 +++ lp97/drivers/block/rd.c Thu Apr 23 14:28:58 1998 @@ -164,7 +164,7 @@ switch (cmd) { case BLKFLSBUF: - if (!suser()) return -EACCES; + if (!capable(CAP_SYS_ADMIN)) return -EACCES; invalidate_buffers(inode->i_rdev); break; case BLKGETSIZE: /* Return device size */ diff -urN /tmp/linux/drivers/block/xd.c lp97/drivers/block/xd.c --- /tmp/linux/drivers/block/xd.c Sat Apr 4 19:36:10 1998 +++ lp97/drivers/block/xd.c Thu Apr 23 14:26:37 1998 @@ -338,7 +338,7 @@ return copy_to_user(geometry, &g, sizeof g) ? -EFAULT : 0; } case BLKRASET: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(arg > 0xff) return -EINVAL; read_ahead[MAJOR(inode->i_rdev)] = arg; return 0; @@ -348,12 +348,12 @@ if (!arg) return -EINVAL; return put_user(xd_struct[MINOR(inode->i_rdev)].nr_sects,(long *) arg); case BLKFLSBUF: /* Return devices size */ - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); return 0; case HDIO_SET_DMA: - if (!suser()) return -EACCES; + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if (xdc_busy) return -EBUSY; nodma = !arg; if (nodma && xd_dma_buffer) { diff -urN /tmp/linux/drivers/cdrom/sbpcd.c lp97/drivers/cdrom/sbpcd.c --- /tmp/linux/drivers/cdrom/sbpcd.c Tue Feb 10 01:12:55 1998 +++ lp97/drivers/cdrom/sbpcd.c Thu Apr 23 16:04:17 1998 @@ -4189,7 +4189,7 @@ switch (cmd) /* Sun-compatible */ { case DDIOCSDBG: /* DDI Debug */ - if (!suser()) RETURN_UP(-EPERM); + if (!capable(CAP_SYS_ADMIN)) RETURN_UP(-EPERM); i=sbpcd_dbg_ioctl(arg,1); RETURN_UP(i); case CDROMRESET: /* hard reset the drive */ @@ -4478,7 +4478,7 @@ } /* end of CDROMREADAUDIO */ case BLKRASET: - if(!suser()) RETURN_UP(-EACCES); + if(!capable(CAP_SYS_ADMIN)) RETURN_UP(-EACCES); if(!(cdi->dev)) RETURN_UP(-EINVAL); if(arg > 0xff) RETURN_UP(-EINVAL); read_ahead[MAJOR(cdi->dev)] = arg; diff -urN /tmp/linux/drivers/char/apm_bios.c lp97/drivers/char/apm_bios.c --- /tmp/linux/drivers/char/apm_bios.c Thu Apr 2 00:41:32 1998 +++ lp97/drivers/char/apm_bios.c Thu Apr 23 15:48:19 1998 @@ -1050,7 +1050,7 @@ * we might close the device immediately without doing a * privileged operation -- cevans */ - as->suser = suser(); + as->suser = capable(CAP_SYS_ADMIN); as->next = user_list; user_list = as; filp->private_data = as; diff -urN /tmp/linux/drivers/char/bttv.c lp97/drivers/char/bttv.c --- /tmp/linux/drivers/char/bttv.c Tue Apr 14 02:03:04 1998 +++ lp97/drivers/char/bttv.c Thu Apr 23 15:44:02 1998 @@ -1581,7 +1581,7 @@ case VIDIOCSFBUF: { struct video_buffer v; - if(!suser()) + if(!capable(CAP_SYS_ADMIN)) return -EPERM; if(copy_from_user(&v, arg,sizeof(v))) return -EFAULT; @@ -1680,7 +1680,7 @@ return 0; case BTTV_WRITEE: - if(!suser()) + if(!capable(CAP_SYS_ADMIN)) return -EPERM; if(copy_from_user((void *) eedata, (void *) arg, 256)) return -EFAULT; @@ -1688,7 +1688,7 @@ return 0; case BTTV_READEE: - if(!suser()) + if(!capable(CAP_SYS_ADMIN)) return -EPERM; readee(&(btv->i2c), eedata); if(copy_to_user((void *) arg, (void *) eedata, 256)) diff -urN /tmp/linux/drivers/char/console.c lp97/drivers/char/console.c --- /tmp/linux/drivers/char/console.c Wed Apr 8 20:30:27 1998 +++ lp97/drivers/char/console.c Thu Apr 23 15:18:28 1998 @@ -331,7 +331,7 @@ long p, q; /* prevent users from taking too much memory */ - if (i >= MAX_NR_USER_CONSOLES && !suser()) + if (i >= MAX_NR_USER_CONSOLES && !capable(CAP_SYS_RESOURCE)) return -EPERM; /* due to the granularity of kmalloc, we waste some memory here */ diff -urN /tmp/linux/drivers/char/esp.c lp97/drivers/char/esp.c --- /tmp/linux/drivers/char/esp.c Thu Mar 12 02:37:13 1998 +++ lp97/drivers/char/esp.c Thu Apr 23 14:53:41 1998 @@ -926,7 +926,7 @@ "esp serial", info); if (retval) { - if (suser()) { + if (capable(CAP_SYS_ADMIN)) { if (info->tty) set_bit(TTY_IO_ERROR, &info->tty->flags); @@ -1499,7 +1499,7 @@ if (change_irq && (info->line % 8)) return -EINVAL; - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if (change_irq || (new_serial.close_delay != info->close_delay) || ((new_serial.flags & ~ASYNC_USR_MASK) != diff -urN /tmp/linux/drivers/char/ftape/zftape/zftape-ctl.c lp97/drivers/char/ftape/zftape/zftape-ctl.c --- /tmp/linux/drivers/char/ftape/zftape/zftape-ctl.c Tue Mar 10 23:43:13 1998 +++ lp97/drivers/char/ftape/zftape/zftape-ctl.c Thu Apr 23 16:08:01 1998 @@ -1342,9 +1342,9 @@ TRACE_FUN(ft_t_flow); TRACE(ft_t_noise, "Mag tape ioctl command: MTIOCFTCMD"); - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { TRACE_ABORT(-EPERM, ft_t_info, - "only the superuser may send raw qic-117 commands"); + "need CAP_SYS_ADMIN capability to send raw qic-117 commands"); } if (zft_qic_mode) { TRACE_ABORT(-EACCES, ft_t_info, diff -urN /tmp/linux/drivers/char/istallion.c lp97/drivers/char/istallion.c --- /tmp/linux/drivers/char/istallion.c Mon Mar 23 22:49:29 1998 +++ lp97/drivers/char/istallion.c Thu Apr 23 16:05:21 1998 @@ -1774,7 +1774,7 @@ #endif copy_from_user(&sio, sp, sizeof(struct serial_struct)); - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if ((sio.baud_base != portp->baud_base) || (sio.close_delay != portp->close_delay) || ((sio.flags & ~ASYNC_USR_MASK) != diff -urN /tmp/linux/drivers/char/nvram.c lp97/drivers/char/nvram.c --- /tmp/linux/drivers/char/nvram.c Tue Nov 4 17:34:39 1997 +++ lp97/drivers/char/nvram.c Thu Apr 23 14:54:04 1998 @@ -285,7 +285,7 @@ switch( cmd ) { case NVRAM_INIT: /* initialize NVRAM contents and checksum */ - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return( -EACCES ); save_flags(flags); @@ -301,7 +301,7 @@ case NVRAM_SETCKS: /* just set checksum, contents unchanged * (maybe useful after checksum garbaged * somehow...) */ - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return( -EACCES ); save_flags(flags); diff -urN /tmp/linux/drivers/char/random.c lp97/drivers/char/random.c --- /tmp/linux/drivers/char/random.c Fri Feb 27 05:00:12 1998 +++ lp97/drivers/char/random.c Thu Apr 23 15:48:42 1998 @@ -1199,7 +1199,7 @@ put_user(ent_count, (int *) arg); return 0; case RNDADDTOENTCNT: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; retval = verify_area(VERIFY_READ, (void *) arg, sizeof(int)); if (retval) @@ -1228,7 +1228,7 @@ wake_up_interruptible(&random_read_wait); return 0; case RNDGETPOOL: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; p = (int *) arg; retval = verify_area(VERIFY_WRITE, (void *) p, sizeof(int)); @@ -1249,7 +1249,7 @@ return -EFAULT; return 0; case RNDADDENTROPY: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; p = (int *) arg; retval = verify_area(VERIFY_READ, (void *) p, 2*sizeof(int)); @@ -1287,13 +1287,13 @@ wake_up_interruptible(&random_read_wait); return 0; case RNDZAPENTCNT: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; random_state.entropy_count = 0; return 0; case RNDCLEARPOOL: /* Clear the entropy pool and associated counters. */ - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; rand_clear_pool(); return 0; diff -urN /tmp/linux/drivers/char/riscom8.c lp97/drivers/char/riscom8.c --- /tmp/linux/drivers/char/riscom8.c Thu Mar 5 20:55:06 1998 +++ lp97/drivers/char/riscom8.c Thu Apr 23 16:06:42 1998 @@ -1447,7 +1447,7 @@ change_speed = ((port->flags & ASYNC_SPD_MASK) != (tmp.flags & ASYNC_SPD_MASK)); - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if ((tmp.close_delay != port->close_delay) || (tmp.closing_wait != port->closing_wait) || ((tmp.flags & ~ASYNC_USR_MASK) != diff -urN /tmp/linux/drivers/char/rocket.c lp97/drivers/char/rocket.c --- /tmp/linux/drivers/char/rocket.c Thu Apr 2 19:12:23 1998 +++ lp97/drivers/char/rocket.c Thu Apr 23 16:06:23 1998 @@ -1315,7 +1315,7 @@ if (copy_from_user(&new_serial, new_info, sizeof(new_serial))) return -EFAULT; - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if ((new_serial.flags & ~ROCKET_USR_MASK) != (info->flags & ~ROCKET_USR_MASK)) return -EPERM; diff -urN /tmp/linux/drivers/char/rtc.c lp97/drivers/char/rtc.c --- /tmp/linux/drivers/char/rtc.c Sun Mar 15 19:25:42 1998 +++ lp97/drivers/char/rtc.c Thu Apr 23 14:52:24 1998 @@ -220,7 +220,7 @@ * We don't really want Joe User enabling more * than 64Hz of interrupts on a multi-user machine. */ - if ((rtc_freq > 64) && (!suser())) + if ((rtc_freq > 64) && (!capable(CAP_SYS_RESOURCE))) return -EACCES; if (!(rtc_status & RTC_TIMER_ON)) { @@ -308,7 +308,7 @@ unsigned int yrs; unsigned long flags; - if (!suser()) + if (!capable(CAP_SYS_TIME)) return -EACCES; if (copy_from_user(&rtc_tm, (struct rtc_time*)arg, @@ -394,7 +394,7 @@ * We don't really want Joe User generating more * than 64Hz of interrupts on a multi-user machine. */ - if ((arg > 64) && (!suser())) + if ((arg > 64) && (!capable(CAP_SYS_RESOURCE))) return -EACCES; while (arg > (1<<tmp)) @@ -429,7 +429,7 @@ if (arg < 1900) return -EINVAL; - if (!suser()) + if (!capable(CAP_SYS_TIME)) return -EACCES; epoch = arg; diff -urN /tmp/linux/drivers/char/serial.c lp97/drivers/char/serial.c --- /tmp/linux/drivers/char/serial.c Thu Apr 23 00:59:22 1998 +++ lp97/drivers/char/serial.c Thu Apr 23 15:46:37 1998 @@ -973,7 +973,7 @@ * here. */ if (serial_inp(info, UART_LSR) == 0xff) { - if (suser()) { + if (capable(CAP_SYS_ADMIN)) { if (info->tty) set_bit(TTY_IO_ERROR, &info->tty->flags); } else @@ -1005,7 +1005,7 @@ retval = request_irq(state->irq, handler, IRQ_T(info), "serial", NULL); if (retval) { - if (suser()) { + if (capable(CAP_SYS_ADMIN)) { if (info->tty) set_bit(TTY_IO_ERROR, &info->tty->flags); @@ -1638,7 +1638,7 @@ change_port = (new_serial.port != state->port) || (new_serial.hub6 != state->hub6); - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if (change_irq || change_port || (new_serial.baud_base != state->baud_base) || (new_serial.type != state->type) || @@ -1837,7 +1837,7 @@ { int retval; - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; if (info->state->count > 1) @@ -1922,7 +1922,7 @@ int retval; void (*handler)(int, void *, struct pt_regs *); - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; state = info->state; diff -urN /tmp/linux/drivers/char/specialix.c lp97/drivers/char/specialix.c --- /tmp/linux/drivers/char/specialix.c Thu Mar 5 20:55:06 1998 +++ lp97/drivers/char/specialix.c Thu Apr 23 16:06:09 1998 @@ -1842,7 +1842,7 @@ change_speed = ((port->flags & ASYNC_SPD_MASK) != (tmp.flags & ASYNC_SPD_MASK)); - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if ((tmp.close_delay != port->close_delay) || (tmp.closing_wait != port->closing_wait) || ((tmp.flags & ~ASYNC_USR_MASK) != diff -urN /tmp/linux/drivers/char/stallion.c lp97/drivers/char/stallion.c --- /tmp/linux/drivers/char/stallion.c Thu Apr 2 19:12:23 1998 +++ lp97/drivers/char/stallion.c Thu Apr 23 16:05:34 1998 @@ -1338,7 +1338,7 @@ #endif copy_from_user(&sio, sp, sizeof(struct serial_struct)); - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if ((sio.baud_base != portp->baud_base) || (sio.close_delay != portp->close_delay) || ((sio.flags & ~ASYNC_USR_MASK) != diff -urN /tmp/linux/drivers/char/vt.c lp97/drivers/char/vt.c --- /tmp/linux/drivers/char/vt.c Thu Apr 23 00:59:22 1998 +++ lp97/drivers/char/vt.c Thu Apr 23 15:19:57 1998 @@ -249,7 +249,8 @@ if (!(key_map = key_maps[s])) { int j; - if (keymap_count >= MAX_NR_OF_USER_KEYMAPS && !suser()) + if (keymap_count >= MAX_NR_OF_USER_KEYMAPS && + !capable(CAP_SYS_RESOURCE)) return -EPERM; key_map = (ushort *) kmalloc(sizeof(plain_map), @@ -268,7 +269,7 @@ /* * Attention Key. */ - if (((ov == K_SAK) || (v == K_SAK)) && !suser()) + if (((ov == K_SAK) || (v == K_SAK)) && !capable(CAP_SYS_ADMIN)) return -EPERM; key_map[i] = U(v); if (!s && (KTYP(ov) == KT_SHIFT || KTYP(v) == KT_SHIFT)) diff -urN /tmp/linux/drivers/isdn/avmb1/capi.c lp97/drivers/isdn/avmb1/capi.c --- /tmp/linux/drivers/isdn/avmb1/capi.c Thu Apr 2 02:20:57 1998 +++ lp97/drivers/isdn/avmb1/capi.c Thu Apr 23 16:00:11 1998 @@ -384,7 +384,7 @@ struct capi_manufacturer_cmd mcmd; if (minor) return -EINVAL; - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EPERM; retval = copy_from_user((void *) &mcmd, (void *) arg, sizeof(mcmd)); diff -urN /tmp/linux/drivers/macintosh/macserial.c lp97/drivers/macintosh/macserial.c --- /tmp/linux/drivers/macintosh/macserial.c Thu Apr 23 00:59:23 1998 +++ lp97/drivers/macintosh/macserial.c Thu Apr 23 15:57:20 1998 @@ -963,7 +963,7 @@ copy_from_user(&new_serial,new_info,sizeof(new_serial)); old_info = *info; - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if ((new_serial.baud_base != info->baud_base) || (new_serial.type != info->type) || (new_serial.close_delay != info->close_delay) || diff -urN /tmp/linux/drivers/net/3c59x.c lp97/drivers/net/3c59x.c --- /tmp/linux/drivers/net/3c59x.c Thu Apr 2 19:12:23 1998 +++ lp97/drivers/net/3c59x.c Thu Apr 23 14:19:07 1998 @@ -1957,7 +1957,7 @@ data[3] = mdio_read(ioaddr, data[0] & 0x1f, data[1] & 0x1f); return 0; case SIOCDEVPRIVATE+2: /* Write the specified MII register */ - if (!suser()) + if (!capable(CAP_NET_ADMIN)) return -EPERM; mdio_write(ioaddr, data[0] & 0x1f, data[1] & 0x1f, data[2]); return 0; diff -urN /tmp/linux/drivers/net/de4x5.c lp97/drivers/net/de4x5.c --- /tmp/linux/drivers/net/de4x5.c Tue Apr 7 16:52:04 1998 +++ lp97/drivers/net/de4x5.c Thu Apr 23 14:18:10 1998 @@ -5487,7 +5487,7 @@ if (status) break; status = -EPERM; - if (!suser()) + if (!capable(CAP_NET_ADMIN)) break; status = 0; copy_from_user(tmp.addr, ioc->data, ETH_ALEN); @@ -5505,7 +5505,7 @@ break; case DE4X5_SET_PROM: /* Set Promiscuous Mode */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { omr = inl(DE4X5_OMR); omr |= OMR_PR; outl(omr, DE4X5_OMR); @@ -5516,7 +5516,7 @@ break; case DE4X5_CLR_PROM: /* Clear Promiscuous Mode */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { omr = inl(DE4X5_OMR); omr &= ~OMR_PR; outb(omr, DE4X5_OMR); @@ -5531,7 +5531,7 @@ break; case DE4X5_MCA_EN: /* Enable pass all multicast addressing */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { omr = inl(DE4X5_OMR); omr |= OMR_PM; outl(omr, DE4X5_OMR); @@ -5552,7 +5552,7 @@ break; case DE4X5_CLR_STATS: /* Zero out the driver statistics */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { cli(); memset(&lp->pktStats, 0, sizeof(lp->pktStats)); sti(); @@ -5569,7 +5569,7 @@ break; case DE4X5_SET_OMR: /* Set the OMR Register contents */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { if (!(status = verify_area(VERIFY_READ, (void *)ioc->data, 1))) { copy_from_user(tmp.addr, ioc->data, 1); outl(tmp.addr[0], DE4X5_OMR); diff -urN /tmp/linux/drivers/net/depca.c lp97/drivers/net/depca.c --- /tmp/linux/drivers/net/depca.c Tue Feb 10 21:56:44 1998 +++ lp97/drivers/net/depca.c Thu Apr 23 14:12:24 1998 @@ -1714,7 +1714,7 @@ } break; case DEPCA_SET_HWADDR: /* Set the hardware address */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { if (!(status = verify_area(VERIFY_READ, (void *) ioc->data, ETH_ALEN))) { copy_from_user(tmp.addr, ioc->data, ETH_ALEN); for (i = 0; i < ETH_ALEN; i++) { @@ -1736,7 +1736,7 @@ break; case DEPCA_SET_PROM: /* Set Promiscuous Mode */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { while (dev->tbusy); /* Stop ring access */ set_bit(0, (void *) &dev->tbusy); while (lp->tx_old != lp->tx_new); /* Wait for the ring to empty */ @@ -1754,7 +1754,7 @@ break; case DEPCA_CLR_PROM: /* Clear Promiscuous Mode */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { while (dev->tbusy); /* Stop ring access */ set_bit(0, (void *) &dev->tbusy); while (lp->tx_old != lp->tx_new); /* Wait for the ring to empty */ @@ -1782,7 +1782,7 @@ } break; case DEPCA_SET_MCA: /* Set a multicast address */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { if (!(status = verify_area(VERIFY_READ, ioc->data, ETH_ALEN * ioc->len))) { copy_from_user(tmp.addr, ioc->data, ETH_ALEN * ioc->len); set_multicast_list(dev); @@ -1793,7 +1793,7 @@ break; case DEPCA_CLR_MCA: /* Clear all multicast addresses */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { set_multicast_list(dev); } else { status = -EPERM; @@ -1801,7 +1801,7 @@ break; case DEPCA_MCA_EN: /* Enable pass all multicast addressing */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { set_multicast_list(dev); } else { status = -EPERM; @@ -1818,7 +1818,7 @@ break; case DEPCA_CLR_STATS: /* Zero out the driver statistics */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { cli(); memset(&lp->pktStats, 0, sizeof(lp->pktStats)); sti(); diff -urN /tmp/linux/drivers/net/dlci.c lp97/drivers/net/dlci.c --- /tmp/linux/drivers/net/dlci.c Sat Feb 21 03:28:22 1998 +++ lp97/drivers/net/dlci.c Thu Apr 23 14:20:02 1998 @@ -322,7 +322,7 @@ { struct dlci_local *dlp; - if (!suser()) + if (!capable(CAP_NET_ADMIN)) return(-EPERM); dlp = dev->priv; @@ -542,7 +542,7 @@ struct dlci_add add; int err; - if (!suser()) + if (!capable(CAP_NET_ADMIN)) return(-EPERM); if(copy_from_user(&add, arg, sizeof(struct dlci_add))) diff -urN /tmp/linux/drivers/net/eepro100.c lp97/drivers/net/eepro100.c --- /tmp/linux/drivers/net/eepro100.c Thu Apr 2 19:12:23 1998 +++ lp97/drivers/net/eepro100.c Thu Apr 23 15:50:56 1998 @@ -1528,7 +1528,7 @@ data[3] = mdio_read(ioaddr, data[0], data[1]); return 0; case SIOCDEVPRIVATE+2: /* Write the specified MII register */ - if (!suser()) + if (!capable(CAP_NET_ADMIN)) return -EPERM; mdio_write(ioaddr, data[0], data[1], data[2]); return 0; diff -urN /tmp/linux/drivers/net/eql.c lp97/drivers/net/eql.c --- /tmp/linux/drivers/net/eql.c Tue Feb 10 21:56:44 1998 +++ lp97/drivers/net/eql.c Thu Apr 23 14:18:36 1998 @@ -329,7 +329,8 @@ static int eql_ioctl(struct device *dev, struct ifreq *ifr, int cmd) { - if(cmd!=EQL_GETMASTRCFG && cmd!=EQL_GETSLAVECFG && !suser()) + if(cmd!=EQL_GETMASTRCFG && cmd!=EQL_GETSLAVECFG && + !capable(CAP_NET_ADMIN)) return -EPERM; switch (cmd) { diff -urN /tmp/linux/drivers/net/ewrk3.c lp97/drivers/net/ewrk3.c --- /tmp/linux/drivers/net/ewrk3.c Thu Feb 19 23:58:40 1998 +++ lp97/drivers/net/ewrk3.c Thu Apr 23 14:16:27 1998 @@ -1684,7 +1684,7 @@ } break; case EWRK3_SET_HWADDR: /* Set the hardware address */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { if (!(status = verify_area(VERIFY_READ, (void *) ioc->data, ETH_ALEN))) { csr = inb(EWRK3_CSR); csr |= (CSR_TXD | CSR_RXD); @@ -1705,7 +1705,7 @@ break; case EWRK3_SET_PROM: /* Set Promiscuous Mode */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { csr = inb(EWRK3_CSR); csr |= CSR_PME; csr &= ~CSR_MCE; @@ -1716,7 +1716,7 @@ break; case EWRK3_CLR_PROM: /* Clear Promiscuous Mode */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { csr = inb(EWRK3_CSR); csr &= ~CSR_PME; outb(csr, EWRK3_CSR); @@ -1749,7 +1749,7 @@ break; case EWRK3_SET_MCA: /* Set a multicast address */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { if (!(status = verify_area(VERIFY_READ, ioc->data, ETH_ALEN * ioc->len))) { copy_from_user(tmp.addr, ioc->data, ETH_ALEN * ioc->len); set_multicast_list(dev); @@ -1760,7 +1760,7 @@ break; case EWRK3_CLR_MCA: /* Clear all multicast addresses */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { set_multicast_list(dev); } else { status = -EPERM; @@ -1768,7 +1768,7 @@ break; case EWRK3_MCA_EN: /* Enable multicast addressing */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { csr = inb(EWRK3_CSR); csr |= CSR_MCE; csr &= ~CSR_PME; @@ -1788,7 +1788,7 @@ break; case EWRK3_CLR_STATS: /* Zero out the driver statistics */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { cli(); memset(&lp->pktStats, 0, sizeof(lp->pktStats)); sti(); @@ -1805,7 +1805,7 @@ } break; case EWRK3_SET_CSR: /* Set the CSR Register contents */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { if (!(status = verify_area(VERIFY_READ, ioc->data, 1))) { copy_from_user(tmp.addr, ioc->data, 1); outb(tmp.addr[0], EWRK3_CSR); @@ -1816,7 +1816,7 @@ break; case EWRK3_GET_EEPROM: /* Get the EEPROM contents */ - if (suser()) { + if (capable(CAP_NET_ADMIN)) { for (i = 0; i < (EEPROM_MAX >> 1); i++) { tmp.val[i] = (short) Read_EEPROM(iobase, i); } @@ -1835,7 +1835,9 @@ break; case EWRK3_SET_EEPROM: /* Set the EEPROM contents */ - if (suser()) { + /* FIXME: could this EEPROM be programmed to increase + privilege? -astor */ + if (capable(CAP_NET_ADMIN)) { if (!(status = verify_area(VERIFY_READ, ioc->data, EEPROM_MAX))) { copy_from_user(tmp.addr, ioc->data, EEPROM_MAX); for (i = 0; i < (EEPROM_MAX >> 1); i++) { diff -urN /tmp/linux/drivers/net/ipddp.c lp97/drivers/net/ipddp.c --- /tmp/linux/drivers/net/ipddp.c Thu Mar 12 19:54:12 1998 +++ lp97/drivers/net/ipddp.c Thu Apr 23 14:10:49 1998 @@ -307,7 +307,7 @@ { struct ipddp_route *rt = (struct ipddp_route *)ifr->ifr_data; - if(!suser()) + if(!capable(CAP_NET_ADMIN)) return -EPERM; switch(cmd) diff -urN /tmp/linux/drivers/net/ppp.c lp97/drivers/net/ppp.c --- /tmp/linux/drivers/net/ppp.c Sat Mar 28 02:45:16 1998 +++ lp97/drivers/net/ppp.c Thu Apr 23 14:10:08 1998 @@ -2279,7 +2279,7 @@ /* * The user must have an euid of root to do these requests. */ - if (!suser ()) + if (!capable(CAP_NET_ADMIN)) return -EPERM; /* * Set the MRU value diff -urN /tmp/linux/drivers/pci/proc.c lp97/drivers/pci/proc.c --- /tmp/linux/drivers/pci/proc.c Thu Apr 23 00:59:23 1998 +++ lp97/drivers/pci/proc.c Thu Apr 23 16:01:18 1998 @@ -56,7 +56,7 @@ * undefined locations (think of Intel PIIX4 as a typical example). */ - if (fsuser()) + if (capable(CAP_SYS_ADMIN)) size = PCI_CFG_SPACE_SIZE; else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) size = 128; diff -urN /tmp/linux/drivers/sbus/char/rtc.c lp97/drivers/sbus/char/rtc.c --- /tmp/linux/drivers/sbus/char/rtc.c Tue Jan 13 00:15:45 1998 +++ lp97/drivers/sbus/char/rtc.c Thu Apr 23 15:58:44 1998 @@ -91,7 +91,7 @@ case RTCSET: - if (!suser()) + if (!capable(CAP_SYS_TIME)) return -EPERM; copy_from_user_ret(&rtc_tm, (struct rtc_time*)arg, sizeof(struct rtc_time), -EFAULT); diff -urN /tmp/linux/drivers/sbus/char/vfc_dev.c lp97/drivers/sbus/char/vfc_dev.c --- /tmp/linux/drivers/sbus/char/vfc_dev.c Thu Apr 23 00:59:24 1998 +++ lp97/drivers/sbus/char/vfc_dev.c Thu Apr 23 16:02:57 1998 @@ -205,7 +205,7 @@ unsigned char *buffer; int ret; - if(!suser()) return -EPERM; + if(!capable(CAP_SYS_ADMIN)) return -EPERM; switch(cmd) { case VFC_I2C_SEND: diff -urN /tmp/linux/drivers/sbus/char/zs.c lp97/drivers/sbus/char/zs.c --- /tmp/linux/drivers/sbus/char/zs.c Thu Apr 23 00:59:24 1998 +++ lp97/drivers/sbus/char/zs.c Thu Apr 23 15:57:01 1998 @@ -1265,7 +1265,7 @@ return -EFAULT; old_info = *info; - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if ((new_serial.baud_base != info->baud_base) || (new_serial.type != info->type) || (new_serial.close_delay != info->close_delay) || diff -urN /tmp/linux/drivers/scsi/scsi_ioctl.c lp97/drivers/scsi/scsi_ioctl.c --- /tmp/linux/drivers/scsi/scsi_ioctl.c Sun Apr 12 20:05:00 1998 +++ lp97/drivers/scsi/scsi_ioctl.c Thu Apr 23 17:26:49 1998 @@ -372,13 +372,13 @@ put_user( dev->host->host_no, (int *) arg); return 0; case SCSI_IOCTL_TAGGED_ENABLE: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!dev->tagged_supported) return -EINVAL; dev->tagged_queue = 1; dev->current_tag = 1; return 0; case SCSI_IOCTL_TAGGED_DISABLE: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!dev->tagged_supported) return -EINVAL; dev->tagged_queue = 0; dev->current_tag = 0; @@ -386,7 +386,7 @@ case SCSI_IOCTL_PROBE_HOST: return ioctl_probe(dev->host, arg); case SCSI_IOCTL_SEND_COMMAND: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; return ioctl_command((Scsi_Device *) dev, (Scsi_Ioctl_Command *) arg); case SCSI_IOCTL_DOORLOCK: if (!dev->removable || !dev->lockable) return 0; diff -urN /tmp/linux/drivers/scsi/sd_ioctl.c lp97/drivers/scsi/sd_ioctl.c --- /tmp/linux/drivers/scsi/sd_ioctl.c Sun Jan 4 19:40:16 1998 +++ lp97/drivers/scsi/sd_ioctl.c Thu Apr 23 16:02:12 1998 @@ -79,7 +79,7 @@ return 0; case BLKRASET: - if (!suser()) + if (!capable(CAP_SYS_ADMIN)) return -EACCES; if(!(inode->i_rdev)) return -EINVAL; if(arg > 0xff) return -EINVAL; @@ -96,7 +96,7 @@ return 0; case BLKFLSBUF: - if(!suser()) return -EACCES; + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!(inode->i_rdev)) return -EINVAL; fsync_dev(inode->i_rdev); invalidate_buffers(inode->i_rdev); diff -urN /tmp/linux/drivers/scsi/sr_ioctl.c lp97/drivers/scsi/sr_ioctl.c --- /tmp/linux/drivers/scsi/sr_ioctl.c Tue Feb 10 01:12:55 1998 +++ lp97/drivers/scsi/sr_ioctl.c Thu Apr 23 16:02:30 1998 @@ -792,7 +792,7 @@ return 0; case BLKRASET: - if(!suser()) + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!(cdi->dev)) return -EINVAL; @@ -804,7 +804,7 @@ RO_IOCTLS(cdi->dev,arg); case BLKFLSBUF: - if(!suser()) + if(!capable(CAP_SYS_ADMIN)) return -EACCES; if(!(cdi->dev)) return -EINVAL; diff -urN /tmp/linux/drivers/sgi/char/sgiserial.c lp97/drivers/sgi/char/sgiserial.c --- /tmp/linux/drivers/sgi/char/sgiserial.c Sat Feb 21 03:28:22 1998 +++ lp97/drivers/sgi/char/sgiserial.c Thu Apr 23 15:56:36 1998 @@ -1201,7 +1201,7 @@ copy_from_user(&new_serial,new_info,sizeof(new_serial)); old_info = *info; - if (!suser()) { + if (!capable(CAP_SYS_ADMIN)) { if ((new_serial.baud_base != info->baud_base) || (new_serial.type != info->type) || (new_serial.close_delay != info->close_delay) ||
--GuTyElPB9bOcsMOR--
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu