[Dnsmasq-discuss] [PATCH] Improve "chown of PID file failed" message for missing CAP_CHOWN

Tue Jan 7 21:54:14 UTC 2025

Patch applied. Thanks. Also manpage typo fix.

Cheers,

Simon.

On 06/01/2025 14:44, Andrew Sayers wrote:
> Print a specific INFO message instead of a generic WARNING message,
> so users aren't inconvenienced and maintainers know what to do.
> 
> Debian currently runs this service as part of NetworkManager,
> in a systemd service without CAP_CHOWN.  Other distributions may
> have the same problem, or might add the issue in future.
> This fix should communicate the issue clearly to them.
> ---
>   src/dnsmasq.c | 12 +++++++++++-
>   1 file changed, 11 insertions(+), 1 deletion(-)
> 
> diff --git a/src/dnsmasq.c b/src/dnsmasq.c
> index 48e402f..7f2686b 100644
> --- a/src/dnsmasq.c
> +++ b/src/dnsmasq.c
> @@ -61,6 +61,7 @@ int main (int argc, char **argv)
>     int need_cap_net_admin = 0;
>     int need_cap_net_raw = 0;
>     int need_cap_net_bind_service = 0;
> +  int have_cap_chown = 0;
>     char *bound_device = NULL;
>     int did_bind = 0;
>     struct server *serv;
> @@ -556,6 +557,8 @@ int main (int argc, char **argv)
>     data = safe_malloc(sizeof(*data) * capsize);
>     capget(hdr, data); /* Get current values, for verification */
>   
> +  have_cap_chown = data->permitted & (1 << CAP_CHOWN);
> +
>     if (need_cap_net_admin && !(data->permitted & (1 << CAP_NET_ADMIN)))
>       fail = "NET_ADMIN";
>     else if (need_cap_net_raw && !(data->permitted & (1 << CAP_NET_RAW)))
> @@ -869,7 +872,14 @@ int main (int argc, char **argv)
>     my_syslog(LOG_INFO, _("compile time options: %s"), compile_opts);
>   
>     if (chown_warn != 0)
> -    my_syslog(LOG_WARNING, "chown of PID file %s failed: %s", daemon->runfile, strerror(chown_warn));
> +    {
> +#if defined(HAVE_LINUX_NETWORK)
> +      if (chown_warn == EPERM && !have_cap_chown)
> +        my_syslog(LOG_INFO, "chown of PID file %s failed: please add capability CAP_CHOWN", daemon->runfile);
> +      else
> +#endif
> +      my_syslog(LOG_WARNING, "chown of PID file %s failed: %s", daemon->runfile, strerror(chown_warn));
> +    }
>     
>   #ifdef HAVE_DBUS
>     if (option_bool(OPT_DBUS))