響應: 500 OOPS: priv_sock_get_int 錯誤: 讀取目錄列表失敗

/*************************************************************************
 *      響應: 500 OOPS: priv_sock_get_int 錯誤: 讀取目錄列表失敗
 * 說明：
 *     使用了Android的Kernel來做Linux系統開發，自己搭的文件系統運行vsftp出現
 * 500 OOPS: priv_sock_get_int報錯，原因是Android內核檢查機制導致的。
 *                              
 *                                      2017-10-11 深圳 南山平山村 曾劍鋒
 ************************************************************************/

一、參考文檔：
    1. vsftpd 服務移植出現 500 oops : socket 解決
        http://www.cnblogs.com/chenfulin5/p/6912706.html

二、解決辦法：
    1. cat net/ipv4/af_inet.c
        ...
        #ifdef CONFIG_ANDROID_PARANOID_NETWORK
        #include <linux/android_aid.h>
        
        static inline int current_has_network(void)
        {
            return in_egroup_p(AID_INET) || capable(CAP_NET_RAW);
        }
        #else
        static inline int current_has_network(void)
        {
            return 1;
        }
        #endif
        ...
    2. make menuconfig
         .config - Linux/arm 3.0.35 Kernel Configuration
         ──────────────────────────────────────────────────────────────────────────────
          ┌────────────────────────── Networking options ───────────────────────────┐
          │  Arrow keys navigate the menu.  <Enter> selects submenus --->.          │  
          │  Highlighted letters are hotkeys.  Pressing <Y> includes, <N> excludes, │  
          │  <M> modularizes features.  Press <Esc><Esc> to exit, <?> for Help, </> │  
          │  for Search.  Legend: [*] built-in  [ ] excluded  <M> module  < >       │  
          │ ┌────^(-)─────────────────────────────────────────────────────────────┐ │  
          │ │    [ ]   TCP: advanced congestion control  --->                     │ │  
          │ │    [ ]   TCP: MD5 Signature Option support (RFC2385) (EXPERIMENTAL) │ │  
          │ │    < >   The IPv6 protocol  --->                                    │ │  
          │ │    [ ] Only allow certain groups to create sockets  <---- 修改這里  | │  
          │ │    [*] Network activity statistics tracking                         │ │  
          │ │    [ ] Security Marking                                             │ │  
          │ │    [ ] Timestamping in PHY devices                                  │ │  
          │ │    [ ] Network packet filtering framework (Netfilter)  --->         │ │  
          │ │    < > The DCCP Protocol (EXPERIMENTAL)  --->                       │ │  
          │ └────v(+)─────────────────────────────────────────────────────────────┘ │  
          ├─────────────────────────────────────────────────────────────────────────┤  
          │                    <Select>    < Exit >    < Help >                     │  
          └─────────────────────────────────────────────────────────────────────────┘  
    3. 編譯報錯：    
        ...
        security/commoncap.c: In function 'cap_capable':
        security/commoncap.c:91:40: error: 'AID_NET_RAW' undeclared (first use in this function)
        security/commoncap.c:91:40: note: each undeclared identifier is reported only once for each function it appears in
        security/commoncap.c:93:42: error: 'AID_NET_ADMIN' undeclared (first use in this function)
        make[1]: *** [security/commoncap.o] Error 1
        make: *** [security] Error 2
        ...
    4. 解決編譯報錯：
        cat security/commoncap.c
            ...
            int cap_capable(struct task_struct *tsk, const struct cred *cred,
                    struct user_namespace *targ_ns, int cap, int audit)
            {
                /*
                if (cap == CAP_NET_RAW && in_egroup_p(AID_NET_RAW))
                    return 0;
                if (cap == CAP_NET_ADMIN && in_egroup_p(AID_NET_ADMIN))
                    return 0;
                */
                ...
            }
            ...