Grant CAP_SETSOCKOPT in dispatch 1.3p1

This fixes a major issue that somehow didn't surface until upgrading to FreeBSD 12.1-RELEASE-p6, where since calico doesn't grant the CAP_SETSOCKOPT capability on accepted sockets, pounce crashes trying to set keepalive on sockets on receives from it.
author: June McEnroe <june@causal.agency> 2020-06-12 16:26:28 -0400
committer: June McEnroe <june@causal.agency> 2020-06-12 16:26:28 -0400
commit: 0612bda26527c230814a9d5b1dec7f09f2a33eed (patch)
tree: f75c6b3059a543bb11fc5e9bbdc4b6b8d19d4a09
parent: Add additional permission for linking with LibreSSL (diff)
download: pounce-0612bda26527c230814a9d5b1dec7f09f2a33eed.tar.gz
pounce-0612bda26527c230814a9d5b1dec7f09f2a33eed.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/dispatch.c b/dispatch.c
index f9c714a..6b96e97 100644
--- a/dispatch.c
+++ b/dispatch.c
@@ -225,7 +225,7 @@ int main(int argc, char *argv[]) {
 
 	cap_rights_t dirRights, sockRights, unixRights, bindRights;
 	cap_rights_init(&dirRights, CAP_CONNECTAT);
-	cap_rights_init(&sockRights, CAP_EVENT, CAP_RECV, CAP_SEND);
+	cap_rights_init(&sockRights, CAP_EVENT, CAP_RECV, CAP_SEND, CAP_SETSOCKOPT);
 	cap_rights_init(&unixRights, CAP_CONNECT, CAP_SEND);
 	cap_rights_init(&bindRights, CAP_LISTEN, CAP_ACCEPT);
 	cap_rights_merge(&bindRights, &sockRights);
author	June McEnroe <june@causal.agency>	2020-06-12 16:26:28 -0400
committer	June McEnroe <june@causal.agency>	2020-06-12 16:26:28 -0400
commit	0612bda26527c230814a9d5b1dec7f09f2a33eed (patch)
tree	f75c6b3059a543bb11fc5e9bbdc4b6b8d19d4a09
parent	Add additional permission for linking with LibreSSL (diff)
download	pounce-0612bda26527c230814a9d5b1dec7f09f2a33eed.tar.gz pounce-0612bda26527c230814a9d5b1dec7f09f2a33eed.zip