Minor check for setuid permission for gsr kms serverHEAD master

author: dec05eba <dec05eba@protonmail.com> 2025-03-09 00:05:24 +0100
committer: dec05eba <dec05eba@protonmail.com> 2025-03-09 00:05:24 +0100
commit: 64615b454990ce632c1e1ac5da5bd6452739096f (patch)
tree: fcd5b0d0214b7878f72c697bce21ccd5f11c74df /main.c
parent: f5cfd405b1d731e5b8582c66a3b5006c9d0209ce (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/main.c b/main.c
index 86bcdc8..ff71eed 100644
--- a/main.c
+++ b/main.c
@@ -351,7 +351,7 @@ static int launch_gsr_kms_server(const char *initial_socket_path, const char *ca
     char kms_server_proxy_home[PATH_MAX];
     snprintf(kms_server_proxy_home, sizeof(kms_server_proxy_home), "%s/kms-server-proxy", user_homepath);
 
-    if(file_has_capabilities(kms_server_proxy_local_filepath, (const cap_value_t[]){ CAP_SYS_ADMIN }, 1)) {
+    if(file_has_capabilities(kms_server_proxy_local_filepath, (const cap_value_t[]){ CAP_SYS_ADMIN, CAP_SETUID }, 2)) {
         /* Need to resolve kms_server_proxy_local_filepath because /home can be a symlink to another location */
         char kms_server_proxy_local_filepath_full[PATH_MAX];
         if(!readlink_realpath(kms_server_proxy_local_filepath, kms_server_proxy_local_filepath_full)) {
author	dec05eba <dec05eba@protonmail.com>	2025-03-09 00:05:24 +0100
committer	dec05eba <dec05eba@protonmail.com>	2025-03-09 00:05:24 +0100
commit	64615b454990ce632c1e1ac5da5bd6452739096f (patch)
tree	fcd5b0d0214b7878f72c697bce21ccd5f11c74df /main.c
parent	f5cfd405b1d731e5b8582c66a3b5006c9d0209ce (diff)