diff --git a/CHANGES b/CHANGES index 7c7852ec65..4020898801 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,4 @@ -XXXX. [func] Remove libseccomp based system-call filtering [GL #93] +4898. [func] Remove libseccomp based system-call filtering. [GL #93] 4897. [test] Update to rpz system test so that it doesn't recurse. [GL #68] diff --git a/bin/named/main.c b/bin/named/main.c index 30c8263d00..4a2dcf060b 100644 --- a/bin/named/main.c +++ b/bin/named/main.c @@ -1163,7 +1163,6 @@ setup(void) { ns_server_setoption(sctx, NS_SERVER_DISABLE6, ISC_TRUE); named_g_server->sctx->delay = delay; - } static void diff --git a/config.h.in b/config.h.in index 0ce2b02668..08f61463d2 100644 --- a/config.h.in +++ b/config.h.in @@ -7,8 +7,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: acconfig.h,v 1.53 2008/12/01 23:47:44 tbox Exp $ */ - /*! \file */ /*** @@ -262,9 +260,6 @@ int sigwait(const unsigned int *set, int *sig); /* Build with GeoIP Country IPv6 support */ #undef HAVE_GEOIP_V6 -/* Define to 1 if you have the `getrandom' function. */ -#undef HAVE_GETRANDOM - /* Define to use gperftools CPU profiler. */ #undef HAVE_GPERFTOOLS_PROFILER diff --git a/configure b/configure index af930eaac2..db980faf1e 100755 --- a/configure +++ b/configure @@ -943,6 +943,7 @@ infodir docdir oldincludedir includedir +runstatedir localstatedir sharedstatedir sysconfdir @@ -1107,6 +1108,7 @@ datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' @@ -1359,6 +1361,15 @@ do | -silent | --silent | --silen | --sile | --sil) silent=yes ;; + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ @@ -1496,7 +1507,7 @@ fi for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir + libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. @@ -1649,6 +1660,7 @@ Fine tuning of the installation directories: --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] @@ -12011,18 +12023,6 @@ yes) ;; esac -for ac_func in getrandom -do : - ac_fn_c_check_func "$LINENO" "getrandom" "ac_cv_func_getrandom" -if test "x$ac_cv_func_getrandom" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GETRANDOM 1 -_ACEOF - -fi -done - - # # Make very sure that these are the first files processed by # config.status, since we use the processed output as the input for diff --git a/configure.in b/configure.in index 89be2a4a86..9dbfc88bf4 100644 --- a/configure.in +++ b/configure.in @@ -106,8 +106,6 @@ yes) ;; esac -AC_CHECK_FUNCS(getrandom) - # # Make very sure that these are the first files processed by # config.status, since we use the processed output as the input for diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml index 7cfa5e8580..69672ccb04 100644 --- a/doc/arm/notes.xml +++ b/doc/arm/notes.xml @@ -78,6 +78,13 @@ to generate these keys. [RT #46404] + + + The configure --enable-seccomp option, + which formerly turned on system-call filtering on Linux, has + been removed. [GL #93] + +