Skip to content

Commit

Permalink
fix: correct Fedora 40 detection, and be more verbose about version (#13
Browse files Browse the repository at this point in the history 
)
  • Loading branch information
@ABotelho23
ABotelho23 authored Jan 12, 2025
1 parent f153348 commit 0aee79e
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions 1_prune.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,11 +198,13 @@ setcap cap_net_bind_service=ep ./usr/bin/rsh
setcap cap_sys_admin=p $(realpath ./usr/bin/sunshine)

# SSSD
if [ -f ${TREE}/etc/os-release ] &&
[ $(cat ${TREE}/etc/os-release | grep VERSION_ID | grep 40) ]; then
echo "Detected Fedora version: 40"
echo "Not setting capabilities on sssd binaries for Fedora 40."
if [ -f ${TREE}/usr/etc/os-release ] && \
[ $(cat ${TREE}/usr/etc/os-release | grep VERSION_ID | grep 40) ]; then
echo "Detected Fedora version 40."
echo "NOT setting capabilities on sssd binaries."
else
echo "Detected Fedora version 41 or higher."
echo "Setting latest capabilities on sssd binaries."
setcap cap_dac_read_search,cap_setgid,cap_setuid=p ./usr/libexec/sssd/krb5_child
setcap cap_dac_read_search=p ./usr/libexec/sssd/ldap_child
setcap cap_setgid,cap_setuid=p ./usr/libexec/sssd/selinux_child
Expand Down

0 comments on commit 0aee79e

Please sign in to comment.