响应: 500 OOPS: priv_sock_get_int 错误: 读取目录列表失败

/*************************************************************************
 *      响应: 500 OOPS: priv_sock_get_int 错误: 读取目录列表失败
 * 说明：
 *     使用了Android的Kernel来做Linux系统开发，自己搭的文件系统运行vsftp出现
 * 500 OOPS: priv_sock_get_int报错，原因是Android内核检查机制导致的。
 *                              
 *                                      2017-10-11 深圳 南山平山村 曾剑锋
 ************************************************************************/

一、参考文档：
    1. vsftpd 服务移植出现 500 oops : socket 解决
        http://www.cnblogs.com/chenfulin5/p/6912706.html

二、解决办法：
    1. cat net/ipv4/af_inet.c
        ...
        #ifdef CONFIG_ANDROID_PARANOID_NETWORK
        #include <linux/android_aid.h>
        
        static inline int current_has_network(void)
        {
            return in_egroup_p(AID_INET) || capable(CAP_NET_RAW);
        }
        #else
        static inline int current_has_network(void)
        {
            return 1;
        }
        #endif
        ...
    2. make menuconfig
         .config - Linux/arm 3.0.35 Kernel Configuration
         ──────────────────────────────────────────────────────────────────────────────
          ┌────────────────────────── Networking options ───────────────────────────┐
          │  Arrow keys navigate the menu.  <Enter> selects submenus --->.          │  
          │  Highlighted letters are hotkeys.  Pressing <Y> includes, <N> excludes, │  
          │  <M> modularizes features.  Press <Esc><Esc> to exit, <?> for Help, </> │  
          │  for Search.  Legend: [*] built-in  [ ] excluded  <M> module  < >       │  
          │ ┌────^(-)─────────────────────────────────────────────────────────────┐ │  
          │ │    [ ]   TCP: advanced congestion control  --->                     │ │  
          │ │    [ ]   TCP: MD5 Signature Option support (RFC2385) (EXPERIMENTAL) │ │  
          │ │    < >   The IPv6 protocol  --->                                    │ │  
          │ │    [ ] Only allow certain groups to create sockets  <---- 修改这里  | │  
          │ │    [*] Network activity statistics tracking                         │ │  
          │ │    [ ] Security Marking                                             │ │  
          │ │    [ ] Timestamping in PHY devices                                  │ │  
          │ │    [ ] Network packet filtering framework (Netfilter)  --->         │ │  
          │ │    < > The DCCP Protocol (EXPERIMENTAL)  --->                       │ │  
          │ └────v(+)─────────────────────────────────────────────────────────────┘ │  
          ├─────────────────────────────────────────────────────────────────────────┤  
          │                    <Select>    < Exit >    < Help >                     │  
          └─────────────────────────────────────────────────────────────────────────┘  
    3. 编译报错：    
        ...
        security/commoncap.c: In function 'cap_capable':
        security/commoncap.c:91:40: error: 'AID_NET_RAW' undeclared (first use in this function)
        security/commoncap.c:91:40: note: each undeclared identifier is reported only once for each function it appears in
        security/commoncap.c:93:42: error: 'AID_NET_ADMIN' undeclared (first use in this function)
        make[1]: *** [security/commoncap.o] Error 1
        make: *** [security] Error 2
        ...
    4. 解决编译报错：
        cat security/commoncap.c
            ...
            int cap_capable(struct task_struct *tsk, const struct cred *cred,
                    struct user_namespace *targ_ns, int cap, int audit)
            {
                /*
                if (cap == CAP_NET_RAW && in_egroup_p(AID_NET_RAW))
                    return 0;
                if (cap == CAP_NET_ADMIN && in_egroup_p(AID_NET_ADMIN))
                    return 0;
                */
                ...
            }
            ...