The debugfs helper code has the ability to mount the debugfs file system if it is not already mounted. However, it cannot do this after the capabilities have been dropped. So perform the mount early.
This is especially important when using network name spaces. Each namespace has its own /sys, so the mount of debugfs in the global namespace is not visible in other namespaces.
Signed-off-by: Andrew Lunn andrew@lunn.ch --- main.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/main.c b/main.c index 452d9ae..b1c5ec5 100644 --- a/main.c +++ b/main.c @@ -30,6 +30,7 @@ #include <unistd.h> #endif #include "alfred.h" +#include "debugfs.h" #include "packet.h" #include "list.h"
@@ -160,6 +161,9 @@ static struct globals *alfred_init(int argc, char *argv[]) {NULL, 0, NULL, 0}, };
+ /* We need full capabilities to mount debugfs, so do that now */ + debugfs_mount(NULL); + ret = reduce_capabilities(); if (ret < 0) return NULL;