--- branches/ccs-patch/patches/ccs-patch-2.6.25-suse-11.0.diff	2009/08/06 07:51:05	2859
+++ branches/ccs-patch/patches/ccs-patch-2.6.25-suse-11.0.diff	2009/08/07 14:47:14	2866
@@ -13,7 +13,7 @@
  fs/fcntl.c                      |    5 +++++
  fs/ioctl.c                      |    5 +++++
  fs/namei.c                      |   35 +++++++++++++++++++++++++++++++++++
- fs/namespace.c                  |   26 ++++++++++++++++++++++++++
+ fs/namespace.c                  |   24 ++++++++++++++++++++++++
  fs/open.c                       |   15 +++++++++++++++
  fs/proc/proc_misc.c             |    1 +
  include/linux/init_task.h       |    2 ++
@@ -39,7 +39,7 @@
  net/unix/af_unix.c              |    4 ++++
  security/Kconfig                |    2 ++
  security/Makefile               |    3 +++
- 37 files changed, 240 insertions(+), 2 deletions(-)
+ 37 files changed, 238 insertions(+), 2 deletions(-)
 
 --- linux-2.6.25.20-0.4.orig/arch/ia64/ia32/sys_ia32.c
 +++ linux-2.6.25.20-0.4/arch/ia64/ia32/sys_ia32.c
@@ -458,12 +458,10 @@
  
  	newmnt->mnt_flags = mnt_flags;
  	if ((err = graft_tree(newmnt, nd)))
-@@ -1412,6 +1427,13 @@ long do_mount(char *dev_name, char *dir_
+@@ -1412,6 +1427,11 @@ long do_mount(char *dev_name, char *dir_
  	if (data_page)
  		((char *)data_page)[PAGE_SIZE - 1] = 0;
  
-+	if (!ccs_capable(CCS_SYS_MOUNT))
-+		return -EPERM;
 +	retval = ccs_check_mount_permission(dev_name, dir_name, type_page,
 +					    &flags);
 +	if (retval)
@@ -472,7 +470,7 @@
  	/* Separate the per-mountpoint flags */
  	if (flags & MS_NOSUID)
  		mnt_flags |= MNT_NOSUID;
-@@ -1680,6 +1702,8 @@ asmlinkage long sys_pivot_root(const cha
+@@ -1680,6 +1700,8 @@ asmlinkage long sys_pivot_root(const cha
  
  	if (!capable(CAP_SYS_ADMIN))
  		return -EPERM;
@@ -481,7 +479,7 @@
  
  	lock_kernel();
  
-@@ -1696,6 +1720,8 @@ asmlinkage long sys_pivot_root(const cha
+@@ -1696,6 +1718,8 @@ asmlinkage long sys_pivot_root(const cha
  		goto out1;
  
  	error = security_sb_pivotroot(&old_nd, &new_nd);