From 344a25c133ab8195d8b16bb922c951ca6d604057 Mon Sep 17 00:00:00 2001
From: Michał Zieliński <michal@zielinscy.org.pl>
Date: Sun, 16 Oct 2016 13:35:29 +0200
Subject: Run as nonroot user on Linux (with CAP_NET_ADMIN and CAP_NET_RAW
 added).

- ZT will only drop root privileges if zerotier-one user exists. It is created by
Debian postinst script - in other cases the user has to be created by administrator.
- Linux >=4.3 with ambient capabilities is required, otherwise ZT will silently
- "-U" option now also disables privileges dropping
---
 make-linux.mk | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'make-linux.mk')

diff --git a/make-linux.mk b/make-linux.mk
index 016f7b7c..9dfd39bf 100644
--- a/make-linux.mk
+++ b/make-linux.mk
@@ -111,8 +111,8 @@ endif
 
 all:	one manpages
 
-one:	$(OBJS) service/OneService.o one.o osdep/LinuxEthernetTap.o
-	$(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-one $(OBJS) service/OneService.o one.o osdep/LinuxEthernetTap.o $(LDLIBS)
+one:	$(OBJS) service/OneService.o one.o osdep/LinuxEthernetTap.o osdep/LinuxDropPrivileges.o
+	$(CXX) $(CXXFLAGS) $(LDFLAGS) -o zerotier-one $(OBJS) service/OneService.o one.o osdep/LinuxEthernetTap.o osdep/LinuxDropPrivileges.o $(LDLIBS)
 	$(STRIP) zerotier-one
 	ln -sf zerotier-one zerotier-idtool
 	ln -sf zerotier-one zerotier-cli
-- 
cgit v1.2.3