lldpd: add libcap dependency

Now that libcap is in OpenWrt base, we can drop our custom patch to
disable libcap support and have lldpd depend on it instead. This will
allow the monitor process to drop its privileges instead of running as
root, improving security.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

diff --git a/package/network/services/lldpd/Makefile b/package/network/services/lldpd/Makefile
index 74d6791091c36b97ba28125aa6acb232423aa214..1329abe8747f5b06559cc2ec64af37f69c874744 100644 (file)
--- a/package/network/services/lldpd/Makefile
+++ b/package/network/services/lldpd/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=lldpd
 PKG_VERSION:=1.0.7
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://media.luffy.cx/files/lldpd
@@ -30,7 +30,7 @@ define Package/lldpd
   SUBMENU:=Routing and Redirection
   TITLE:=Link Layer Discovery Protocol daemon
   URL:=https://vincentbernat.github.io/lldpd/
-  DEPENDS:=+libevent2 +USE_GLIBC:libbsd +LLDPD_WITH_JSON:libjson-c +LLDPD_WITH_SNMP:libnetsnmp
+  DEPENDS:=+libcap +libevent2 +USE_GLIBC:libbsd +LLDPD_WITH_JSON:libjson-c +LLDPD_WITH_SNMP:libnetsnmp
   USERID:=lldp=121:lldp=129
   MENU:=1
 endef

diff --git a/package/network/services/lldpd/patches/001-disable_libcap.patch b/package/network/services/lldpd/patches/001-disable_libcap.patch
deleted file mode 100644 (file)
index 96cf00a..0000000
--- a/package/network/services/lldpd/patches/001-disable_libcap.patch
+++ /dev/null
@@ -1,17 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -246,7 +246,13 @@ PKG_CHECK_MODULES([check], [check >= 0.9
- 
- # Third-party libraries
- lldp_CHECK_LIBEVENT
--lldp_CHECK_LIBCAP
-+
-+#libcap is not a core package so disable this capability
-+#lldp_CHECK_LIBCAP
-+libcap_LIBS=
-+libcap_CFLAGS=
-+AC_SUBST([libcap_LIBS])
-+AC_SUBST([libcap_CFLAGS])
- 
- # Compatibility with pkg.m4 < 0.27
- m4_ifdef([PKG_INSTALLDIR], [PKG_INSTALLDIR],