summaryrefslogtreecommitdiffhomepage
path: root/util
diff options
context:
space:
mode:
authorBrad Fitzpatrick <bradfitz@tailscale.com>2022-04-21 09:41:30 -0700
committerBrad Fitzpatrick <bradfitz@tailscale.com>2022-04-21 09:43:44 -0700
commit731d4cfe4c843bf09512a2d12aa21884015adaa9 (patch)
treedb9dca1a767523ec0cf3bce5732653deebd2b041 /util
parentdf26c63793895506f76a57838de7060844331d6a (diff)
downloadtailscale-bradfitz/kmod.tar.xz
tailscale-bradfitz/kmod.zip
util/kmod: call unix.Capget directly, without kernel.org/pub/linux/libs/security/libcap/capbradfitz/kmod
The kernel.org/pub/linux/libs/security/libcap/cap or its dependencies somehow broke the Android build, bringing in cgo stuff or something. It was quicker to remove the dependency than debug. Change-Id: Ib9bf6f81ce199460ed1ac920afc542a1e3549138 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Diffstat (limited to 'util')
-rw-r--r--util/kmod/kmod.go17
1 files changed, 6 insertions, 11 deletions
diff --git a/util/kmod/kmod.go b/util/kmod/kmod.go
index 728357bc1..6247456a4 100644
--- a/util/kmod/kmod.go
+++ b/util/kmod/kmod.go
@@ -26,7 +26,6 @@ import (
"go4.org/mem"
"golang.org/x/sys/unix"
- "kernel.org/pub/linux/libs/security/libcap/cap"
"pault.ag/go/modprobe"
"tailscale.com/util/lineread"
"tailscale.com/util/multierr"
@@ -65,16 +64,12 @@ func hasKernelModule(name string) (bool, error) {
// result of true implies that it may be worth trying to install a module, not
// that doing so will work.
func canInstallModule() (bool, error) {
- caps, err := cap.GetPID(0) // 0 = current process
- if err == nil {
- // errors from GetFlag are either due to the receiver being
- // uninitialized, or the kernel gave junk results, both of which aren't
- // very meaningful out of context to a user, so this error is mostly
- // ignored.
- b, err := caps.GetFlag(cap.Effective, cap.SYS_MODULE)
- if err == nil {
- return b, nil
- }
+ var capData unix.CapUserData
+ if unix.Capget(&unix.CapUserHeader{
+ Version: 0x20080522, // V3 added in Linux 2.6.26
+ Pid: 0, // current
+ }, &capData) == nil {
+ return capData.Effective&unix.CAP_SYS_MODULE != 0, nil
}
// could not determine a well known result from capabilities, make an
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.