V3 file capabilities: alter behavior of cap_setpcap

[linux-2.6-block.git] / kernel / sysctl_check.c

diff --git a/kernel/sysctl_check.c b/kernel/sysctl_check.c
index f47c33d17032b75852dc2d24ed2b5d646eb8651a..3c9ef5a7d5754e26608a905042401f3f2940becd 100644 (file)
--- a/kernel/sysctl_check.c
+++ b/kernel/sysctl_check.c
@@ -38,7 +38,10 @@ static struct trans_ctl_table trans_kern_table[] = {
        { KERN_NODENAME,                "hostname" },
        { KERN_DOMAINNAME,              "domainname" },
 
+#ifdef CONFIG_SECURITY_CAPABILITIES
        { KERN_CAP_BSET,                "cap-bound" },
+#endif /* def CONFIG_SECURITY_CAPABILITIES */
+
        { KERN_PANIC,                   "panic" },
        { KERN_REALROOTDEV,             "real-root-dev" },
 
@@ -1532,7 +1535,9 @@ int sysctl_check_table(struct ctl_table *table)
                            (table->strategy == sysctl_ms_jiffies) ||
                            (table->proc_handler == proc_dostring) ||
                            (table->proc_handler == proc_dointvec) ||
+#ifdef CONFIG_SECURITY_CAPABILITIES
                            (table->proc_handler == proc_dointvec_bset) ||
+#endif /* def CONFIG_SECURITY_CAPABILITIES */
                            (table->proc_handler == proc_dointvec_minmax) ||
                            (table->proc_handler == proc_dointvec_jiffies) ||
                            (table->proc_handler == proc_dointvec_userhz_jiffies) ||