From 017bd4be4ff9aa09b3b5b0550db8dc57b61e1fcc Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Nov 04 2021 04:34:16 +0000
Subject: import libcap-ng-0.8.2-6.el9


---

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..ad3679c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/libcap-ng-0.8.2.tar.gz
diff --git a/.libcap-ng.metadata b/.libcap-ng.metadata
new file mode 100644
index 0000000..bafcdc6
--- /dev/null
+++ b/.libcap-ng.metadata
@@ -0,0 +1 @@
+8273804b128e7753ed94e782d36fc9178f0d454b SOURCES/libcap-ng-0.8.2.tar.gz
diff --git a/SOURCES/libcap-ng-0.8.2-apply-disable.patch b/SOURCES/libcap-ng-0.8.2-apply-disable.patch
new file mode 100644
index 0000000..f28f20d
--- /dev/null
+++ b/SOURCES/libcap-ng-0.8.2-apply-disable.patch
@@ -0,0 +1,66 @@
+diff -urp libcap-ng-0.8.3.orig/src/cap-ng.c libcap-ng-0.8.3/src/cap-ng.c
+--- libcap-ng-0.8.3.orig/src/cap-ng.c	2021-01-30 09:26:33.000000000 -0500
++++ libcap-ng-0.8.3/src/cap-ng.c	2021-01-30 09:52:43.507967643 -0500
+@@ -713,6 +713,36 @@ int capng_updatev(capng_act_t action, ca
+ 	return rc;
+ }
+ 
++#include <sys/param.h>
++static char *get_exename(char *exename, int size)
++{
++        char tmp[PATH_MAX+1];
++	int res;
++
++        /* get the name of the current executable */
++        if ((res = readlink("/proc/self/exe", tmp, PATH_MAX)) < -1)
++                strcpy(exename, "\"?\"");
++        else {
++                tmp[res] = '\0';
++                snprintf(exename, size, "\"%s\"", tmp);
++        }
++        return exename;
++}
++
++#include <syslog.h>
++static void log_problem(unsigned int msg)
++{
++	static const char *text[3] = {
++		"dropping bounding set",
++		"getting new bounding set",
++		"due to not having CAP_SETPCAP"
++	};
++	unsigned idx = msg - 2;
++	char exe[2048];
++	syslog(LOG_ERR, "libcap-ng used by %s failed %s in capng_apply",
++	       get_exename(exe, 2047), text[idx]);
++}
++
+ int capng_apply(capng_select_t set)
+ {
+ 	int rc = 0;
+@@ -733,19 +763,22 @@ int capng_apply(capng_select_t set)
+ 				if (capng_have_capability(CAPNG_BOUNDING_SET,
+ 								 i) == 0) {
+ 				    if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) <0) {
+-					rc = -2;
++//					rc = -2;
++					log_problem(2);
+ 					goto try_caps;
+ 				    }
+ 				}
+ 			}
+ 			m.state = CAPNG_APPLIED;
+ 			if (get_bounding_set() < 0) {
+-				rc = -3;
++//				rc = -3;
++				log_problem(3);
+ 				goto try_caps;
+ 			}
+ 		} else {
+ 			memcpy(&m, &state, sizeof(m)); /* restore state */
+-			rc = -4;
++//			rc = -4;
++			log_problem(4);
+ 			goto try_caps;
+ 		}
+ #endif
diff --git a/SPECS/libcap-ng.spec b/SPECS/libcap-ng.spec
new file mode 100644
index 0000000..70b50ab
--- /dev/null
+++ b/SPECS/libcap-ng.spec
@@ -0,0 +1,331 @@
+Summary: Alternate posix capabilities library
+Name: libcap-ng
+Version: 0.8.2
+Release: 6%{?dist}
+License: LGPLv2+
+URL: https://people.redhat.com/sgrubb/libcap-ng/
+Source0: https://people.redhat.com/sgrubb/libcap-ng/%{name}-%{version}.tar.gz
+# This patch can be removed when 1899540 is resolved
+Patch1: libcap-ng-0.8.2-apply-disable.patch
+BuildRequires: gcc
+BuildRequires: make
+BuildRequires: kernel-headers >= 2.6.11 
+BuildRequires: libattr-devel
+
+%description
+Libcap-ng is a library that makes using posix capabilities easier
+
+%package devel
+Summary: Header files for libcap-ng library
+License: LGPLv2+
+Requires: kernel-headers >= 2.6.11
+Requires: %{name}%{?_isa} = %{version}-%{release}
+Requires: pkgconfig
+
+%description devel
+The libcap-ng-devel package contains the files needed for developing
+applications that need to use the libcap-ng library.
+
+%package python3
+Summary: Python3 bindings for libcap-ng library
+License: LGPLv2+
+BuildRequires: python3-devel swig
+BuildRequires: make
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description python3
+The libcap-ng-python3 package contains the bindings so that libcap-ng
+and can be used by python3 applications.
+
+%package utils
+Summary: Utilities for analyzing and setting file capabilities
+License: GPLv2+
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description utils
+The libcap-ng-utils package contains applications to analyze the
+posix capabilities of all the program running on a system. It also
+lets you set the file system based capabilities.
+
+%prep
+%setup -q
+%patch1 -p1
+
+%build
+%configure --libdir=%{_libdir} --with-python=no --with-python3
+%make_build CFLAGS="%{optflags}"
+
+%install
+%make_install
+
+# Remove a couple things so they don't get picked up
+rm -f $RPM_BUILD_ROOT%{_libdir}/libcap-ng.la
+rm -f $RPM_BUILD_ROOT%{_libdir}/libcap-ng.a
+rm -f $RPM_BUILD_ROOT%{_libdir}/libdrop_ambient.la
+rm -f $RPM_BUILD_ROOT%{_libdir}/libdrop_ambient.a
+rm -f $RPM_BUILD_ROOT%{_libdir}/python?.?/site-packages/_capng.a
+rm -f $RPM_BUILD_ROOT%{_libdir}/python?.?/site-packages/_capng.la
+
+%check
+make check
+
+%ldconfig_scriptlets
+
+%files
+%license COPYING.LIB
+%{_libdir}/libcap-ng.so.*
+%{_libdir}/libdrop_ambient.so.*
+%attr(0644,root,root) %{_mandir}/man7/*
+
+%files devel
+%attr(0644,root,root) %{_mandir}/man3/*
+%attr(0644,root,root) %{_includedir}/cap-ng.h
+%{_libdir}/libcap-ng.so
+%{_libdir}/libdrop_ambient.so
+%attr(0644,root,root) %{_datadir}/aclocal/cap-ng.m4
+%{_libdir}/pkgconfig/libcap-ng.pc
+
+%files python3
+%attr(755,root,root) %{python3_sitearch}/*
+%{python3_sitearch}/capng.py*
+
+%files utils
+%license COPYING
+%attr(0755,root,root) %{_bindir}/*
+%attr(0644,root,root) %{_mandir}/man8/*
+
+%changelog
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.8.2-6
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.8.2-5
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Feb 02 2021 Steve Grubb <sgrubb@redhat.com> 0.8.2-4
+- Adjust syslog warning for bad use of capng_apply
+
+* Sat Jan 30 2021 Steve Grubb <sgrubb@redhat.com> 0.8.2-3
+- Add syslog warning for bad use of capng_apply
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Wed Dec 09 2020 Steve Grubb <sgrubb@redhat.com> 0.8.2-1
+- New upstream bugfix release
+
+* Fri Nov 20 2020 Steve Grubb <sgrubb@redhat.com> 0.8.1-2
+- Add temporary patch disabling bounding set error codes
+
+* Wed Nov 18 2020 Steve Grubb <sgrubb@redhat.com> 0.8.1-1
+- New upstream bugfix release
+
+* Tue Sep 08 2020 Steve Grubb <sgrubb@redhat.com> 0.8-1
+- New upstream feature release
+
+* Sun Aug 23 2020 Steve Grubb <sgrubb@redhat.com> 0.7.11-1
+- New upstream release
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.10-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 0.7.10-3
+- Rebuilt for Python 3.9
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.10-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Tue Oct 01 2019 Steve Grubb <sgrubb@redhat.com> 0.7.10-1
+- New upstream release
+
+* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 0.7.9-9
+- Rebuilt for Python 3.8
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.9-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Mar  8 2019 Joe Orton <jorton@redhat.com> - 0.7.9-7
+- fix crash on dlclose due to atfork handler (#1680481)
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.9-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Tue Oct 16 2018 Steve Grubb <sgrubb@redhat.com> 0.7.9-5
+- Remove python2 bindings (#1634889)
+
+* Thu Aug 09 2018 Steve Grubb <sgrubb@redhat.com> 0.7.9-4
+- Fix bug where filecap may not show capabilities
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.9-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 0.7.9-2
+- Rebuilt for Python 3.7
+
+* Wed Feb 07 2018 Steve Grubb <sgrubb@redhat.com> 0.7.9-1
+- New upstream bugfix release
+
+* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.7.8-9
+- Switch to %%ldconfig_scriptlets
+
+* Fri Jan 05 2018 Iryna Shcherbina <ishcherb@redhat.com> - 0.7.8-8
+- Update Python 2 dependency declarations to new packaging standards
+  (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
+
+* Sun Aug 20 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.7.8-7
+- Add Provides for the old name without %%_isa
+
+* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.7.8-6
+- Python 2 binary package renamed to python2-libcap-ng
+  See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.8-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.8-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.8-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 0.7.8-2
+- Rebuild for Python 3.6
+
+* Sun Jul 24 2016 Steve Grubb <sgrubb@redhat.com> 0.7.8-1
+- New upstream bugfix release
+
+* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.7-5
+- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
+
+* Wed Feb 03 2016 Steve Grubb <sgrubb@redhat.com> 0.7.7-4
+- use python site arch macros (#1303610)
+
+* Tue Nov 10 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.7-3
+- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.7-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Wed May 13 2015 Steve Grubb <sgrubb@redhat.com> 0.7.7-1
+- New upstream bugfix release
+
+* Fri May 08 2015 Steve Grubb <sgrubb@redhat.com> 0.7.6-1
+- New upstream release adding python3 support
+
+* Thu May 07 2015 Steve Grubb <sgrubb@redhat.com> 0.7.5-1
+- New upstream release
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.4-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Thu Jul 17 2014 Tom Callaway <spot@fedoraproject.org> - 0.7.4-6
+- fix license handling
+
+* Mon Jun 23 2014 Kyle McMartin <kyle@redhat.com> 0.7.4-5
+- Clamp CAP_LAST_CAP at /proc/sys/kernel/cap_last_cap's value in the
+  Python bindings test if possible, otherwise use the value from
+  <linux/capability.h> since the kernel now has 37 capabilities upstream,
+  but our builders are not that up to date.
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.4-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Wed May 07 2014 Steve Grubb <sgrubb@redhat.com> 0.7.4-3
+- Add PR_SET_NO_NEW_PRIVS call back to capng_lock
+
+* Wed Apr 30 2014 Steve Grubb <sgrubb@redhat.com> 0.7.4-2
+- Remove PR_SET_NO_NEW_PRIVS call in capng_lock
+
+* Thu Apr 24 2014 Steve Grubb <sgrubb@redhat.com> 0.7.4-1
+- New upstream release
+
+* Thu Nov 14 2013 Steve Grubb <sgrubb@redhat.com> 0.7.3-6
+- Rebuild to pickup current CAP_LAST_CAP
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Tue Jul 02 2013 Karsten Hopp <karsten@redhat.com> 0.7.3-4
+- bump release and rebuild to fix dependencies on PPC
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Wed Dec 19 2012 Steve Grubb <sgrubb@redhat.com> 0.7.3-2
+- Remove useless code in pscap causing EBADFD
+
+* Fri Nov 09 2012 Steve Grubb <sgrubb@redhat.com> 0.7.3-1
+- New upstream release
+
+* Wed Oct 24 2012 Steve Grubb <sgrubb@redhat.com> 0.7.1-1
+- New upstream release
+
+* Tue Jul 24 2012 Steve Grubb <sgrubb@redhat.com> 0.7-1
+- New upstream release
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.6-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Fri Jun 24 2011 Steve Grubb <sgrubb@redhat.com> 0.6.6-1
+- New upstream release
+
+* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Wed Nov 03 2010 Steve Grubb <sgrubb@redhat.com> 0.6.5-1
+- New upstream release fixing 2.6.36 kernel header issue
+
+* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 0.6.4-4
+- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
+
+* Thu Jun 17 2010 Steve Grubb <sgrubb@redhat.com> 0.6.4-3
+- Only open regular files in filecap
+
+* Mon May 24 2010 Steve Grubb <sgrubb@redhat.com> 0.6.4-2
+- In utils subpackage added a requires statement.
+
+* Thu May 06 2010 Steve Grubb <sgrubb@redhat.com> 0.6.4-1
+- New upstream release fixing multi-threading issue
+
+* Wed Apr 28 2010 Steve Grubb <sgrubb@redhat.com> 0.6.3-2
+- filecap shows full capabilities if a file has any
+
+* Thu Mar 11 2010 Steve Grubb <sgrubb@redhat.com> 0.6.3-1
+- New upstream release
+
+* Tue Feb 16 2010 Steve Grubb <sgrubb@redhat.com> 0.6.2-4
+- Use global macro and require pkgconfig for devel subpackage
+
+* Fri Oct 09 2009 Steve Grubb <sgrubb@redhat.com> 0.6.2-3
+- Apply patch to retain setpcap only if clearing bounding set
+
+* Sat Oct 03 2009 Steve Grubb <sgrubb@redhat.com> 0.6.2-2
+- Apply patch correcting pscap and netcap acct detection
+
+* Mon Sep 28 2009 Steve Grubb <sgrubb@redhat.com> 0.6.2-1
+- New upstream release
+
+* Sun Jul 26 2009 Steve Grubb <sgrubb@redhat.com> 0.6.1-1
+- New upstream release
+
+* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Mon Jun 29 2009 Steve Grubb <sgrubb@redhat.com> 0.6-1
+- New upstream release
+
+* Sun Jun 21 2009 Steve Grubb <sgrubb@redhat.com> 0.5.1-1
+- New upstream release
+
+* Fri Jun 19 2009 Steve Grubb <sgrubb@redhat.com> 0.5-1
+- New upstream release
+
+* Fri Jun 12 2009 Steve Grubb <sgrubb@redhat.com> 0.4.2-1
+- New upstream release
+
+* Fri Jun 12 2009 Steve Grubb <sgrubb@redhat.com> 0.4.1-1
+- Initial build.
+