From 017bd4be4ff9aa09b3b5b0550db8dc57b61e1fcc Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 04 2021 04:34:16 +0000 Subject: import libcap-ng-0.8.2-6.el9 --- diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ad3679c --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/libcap-ng-0.8.2.tar.gz diff --git a/.libcap-ng.metadata b/.libcap-ng.metadata new file mode 100644 index 0000000..bafcdc6 --- /dev/null +++ b/.libcap-ng.metadata @@ -0,0 +1 @@ +8273804b128e7753ed94e782d36fc9178f0d454b SOURCES/libcap-ng-0.8.2.tar.gz diff --git a/SOURCES/libcap-ng-0.8.2-apply-disable.patch b/SOURCES/libcap-ng-0.8.2-apply-disable.patch new file mode 100644 index 0000000..f28f20d --- /dev/null +++ b/SOURCES/libcap-ng-0.8.2-apply-disable.patch @@ -0,0 +1,66 @@ +diff -urp libcap-ng-0.8.3.orig/src/cap-ng.c libcap-ng-0.8.3/src/cap-ng.c +--- libcap-ng-0.8.3.orig/src/cap-ng.c 2021-01-30 09:26:33.000000000 -0500 ++++ libcap-ng-0.8.3/src/cap-ng.c 2021-01-30 09:52:43.507967643 -0500 +@@ -713,6 +713,36 @@ int capng_updatev(capng_act_t action, ca + return rc; + } + ++#include ++static char *get_exename(char *exename, int size) ++{ ++ char tmp[PATH_MAX+1]; ++ int res; ++ ++ /* get the name of the current executable */ ++ if ((res = readlink("/proc/self/exe", tmp, PATH_MAX)) < -1) ++ strcpy(exename, "\"?\""); ++ else { ++ tmp[res] = '\0'; ++ snprintf(exename, size, "\"%s\"", tmp); ++ } ++ return exename; ++} ++ ++#include ++static void log_problem(unsigned int msg) ++{ ++ static const char *text[3] = { ++ "dropping bounding set", ++ "getting new bounding set", ++ "due to not having CAP_SETPCAP" ++ }; ++ unsigned idx = msg - 2; ++ char exe[2048]; ++ syslog(LOG_ERR, "libcap-ng used by %s failed %s in capng_apply", ++ get_exename(exe, 2047), text[idx]); ++} ++ + int capng_apply(capng_select_t set) + { + int rc = 0; +@@ -733,19 +763,22 @@ int capng_apply(capng_select_t set) + if (capng_have_capability(CAPNG_BOUNDING_SET, + i) == 0) { + if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) <0) { +- rc = -2; ++// rc = -2; ++ log_problem(2); + goto try_caps; + } + } + } + m.state = CAPNG_APPLIED; + if (get_bounding_set() < 0) { +- rc = -3; ++// rc = -3; ++ log_problem(3); + goto try_caps; + } + } else { + memcpy(&m, &state, sizeof(m)); /* restore state */ +- rc = -4; ++// rc = -4; ++ log_problem(4); + goto try_caps; + } + #endif diff --git a/SPECS/libcap-ng.spec b/SPECS/libcap-ng.spec new file mode 100644 index 0000000..70b50ab --- /dev/null +++ b/SPECS/libcap-ng.spec @@ -0,0 +1,331 @@ +Summary: Alternate posix capabilities library +Name: libcap-ng +Version: 0.8.2 +Release: 6%{?dist} +License: LGPLv2+ +URL: https://people.redhat.com/sgrubb/libcap-ng/ +Source0: https://people.redhat.com/sgrubb/libcap-ng/%{name}-%{version}.tar.gz +# This patch can be removed when 1899540 is resolved +Patch1: libcap-ng-0.8.2-apply-disable.patch +BuildRequires: gcc +BuildRequires: make +BuildRequires: kernel-headers >= 2.6.11 +BuildRequires: libattr-devel + +%description +Libcap-ng is a library that makes using posix capabilities easier + +%package devel +Summary: Header files for libcap-ng library +License: LGPLv2+ +Requires: kernel-headers >= 2.6.11 +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: pkgconfig + +%description devel +The libcap-ng-devel package contains the files needed for developing +applications that need to use the libcap-ng library. + +%package python3 +Summary: Python3 bindings for libcap-ng library +License: LGPLv2+ +BuildRequires: python3-devel swig +BuildRequires: make +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description python3 +The libcap-ng-python3 package contains the bindings so that libcap-ng +and can be used by python3 applications. + +%package utils +Summary: Utilities for analyzing and setting file capabilities +License: GPLv2+ +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description utils +The libcap-ng-utils package contains applications to analyze the +posix capabilities of all the program running on a system. It also +lets you set the file system based capabilities. + +%prep +%setup -q +%patch1 -p1 + +%build +%configure --libdir=%{_libdir} --with-python=no --with-python3 +%make_build CFLAGS="%{optflags}" + +%install +%make_install + +# Remove a couple things so they don't get picked up +rm -f $RPM_BUILD_ROOT%{_libdir}/libcap-ng.la +rm -f $RPM_BUILD_ROOT%{_libdir}/libcap-ng.a +rm -f $RPM_BUILD_ROOT%{_libdir}/libdrop_ambient.la +rm -f $RPM_BUILD_ROOT%{_libdir}/libdrop_ambient.a +rm -f $RPM_BUILD_ROOT%{_libdir}/python?.?/site-packages/_capng.a +rm -f $RPM_BUILD_ROOT%{_libdir}/python?.?/site-packages/_capng.la + +%check +make check + +%ldconfig_scriptlets + +%files +%license COPYING.LIB +%{_libdir}/libcap-ng.so.* +%{_libdir}/libdrop_ambient.so.* +%attr(0644,root,root) %{_mandir}/man7/* + +%files devel +%attr(0644,root,root) %{_mandir}/man3/* +%attr(0644,root,root) %{_includedir}/cap-ng.h +%{_libdir}/libcap-ng.so +%{_libdir}/libdrop_ambient.so +%attr(0644,root,root) %{_datadir}/aclocal/cap-ng.m4 +%{_libdir}/pkgconfig/libcap-ng.pc + +%files python3 +%attr(755,root,root) %{python3_sitearch}/* +%{python3_sitearch}/capng.py* + +%files utils +%license COPYING +%attr(0755,root,root) %{_bindir}/* +%attr(0644,root,root) %{_mandir}/man8/* + +%changelog +* Mon Aug 09 2021 Mohan Boddu - 0.8.2-6 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Fri Apr 16 2021 Mohan Boddu - 0.8.2-5 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Tue Feb 02 2021 Steve Grubb 0.8.2-4 +- Adjust syslog warning for bad use of capng_apply + +* Sat Jan 30 2021 Steve Grubb 0.8.2-3 +- Add syslog warning for bad use of capng_apply + +* Tue Jan 26 2021 Fedora Release Engineering - 0.8.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Dec 09 2020 Steve Grubb 0.8.2-1 +- New upstream bugfix release + +* Fri Nov 20 2020 Steve Grubb 0.8.1-2 +- Add temporary patch disabling bounding set error codes + +* Wed Nov 18 2020 Steve Grubb 0.8.1-1 +- New upstream bugfix release + +* Tue Sep 08 2020 Steve Grubb 0.8-1 +- New upstream feature release + +* Sun Aug 23 2020 Steve Grubb 0.7.11-1 +- New upstream release + +* Tue Jul 28 2020 Fedora Release Engineering - 0.7.10-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue May 26 2020 Miro Hrončok - 0.7.10-3 +- Rebuilt for Python 3.9 + +* Wed Jan 29 2020 Fedora Release Engineering - 0.7.10-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Tue Oct 01 2019 Steve Grubb 0.7.10-1 +- New upstream release + +* Mon Aug 19 2019 Miro Hrončok - 0.7.9-9 +- Rebuilt for Python 3.8 + +* Thu Jul 25 2019 Fedora Release Engineering - 0.7.9-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Fri Mar 8 2019 Joe Orton - 0.7.9-7 +- fix crash on dlclose due to atfork handler (#1680481) + +* Fri Feb 01 2019 Fedora Release Engineering - 0.7.9-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Oct 16 2018 Steve Grubb 0.7.9-5 +- Remove python2 bindings (#1634889) + +* Thu Aug 09 2018 Steve Grubb 0.7.9-4 +- Fix bug where filecap may not show capabilities + +* Fri Jul 13 2018 Fedora Release Engineering - 0.7.9-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Jun 19 2018 Miro Hrončok - 0.7.9-2 +- Rebuilt for Python 3.7 + +* Wed Feb 07 2018 Steve Grubb 0.7.9-1 +- New upstream bugfix release + +* Sat Feb 03 2018 Igor Gnatenko - 0.7.8-9 +- Switch to %%ldconfig_scriptlets + +* Fri Jan 05 2018 Iryna Shcherbina - 0.7.8-8 +- Update Python 2 dependency declarations to new packaging standards + (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) + +* Sun Aug 20 2017 Zbigniew Jędrzejewski-Szmek - 0.7.8-7 +- Add Provides for the old name without %%_isa + +* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek - 0.7.8-6 +- Python 2 binary package renamed to python2-libcap-ng + See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 + +* Thu Aug 03 2017 Fedora Release Engineering - 0.7.8-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 0.7.8-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 0.7.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon Dec 19 2016 Miro Hrončok - 0.7.8-2 +- Rebuild for Python 3.6 + +* Sun Jul 24 2016 Steve Grubb 0.7.8-1 +- New upstream bugfix release + +* Tue Jul 19 2016 Fedora Release Engineering - 0.7.7-5 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Wed Feb 03 2016 Steve Grubb 0.7.7-4 +- use python site arch macros (#1303610) + +* Tue Nov 10 2015 Fedora Release Engineering - 0.7.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 + +* Wed Jun 17 2015 Fedora Release Engineering - 0.7.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed May 13 2015 Steve Grubb 0.7.7-1 +- New upstream bugfix release + +* Fri May 08 2015 Steve Grubb 0.7.6-1 +- New upstream release adding python3 support + +* Thu May 07 2015 Steve Grubb 0.7.5-1 +- New upstream release + +* Sun Aug 17 2014 Fedora Release Engineering - 0.7.4-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Thu Jul 17 2014 Tom Callaway - 0.7.4-6 +- fix license handling + +* Mon Jun 23 2014 Kyle McMartin 0.7.4-5 +- Clamp CAP_LAST_CAP at /proc/sys/kernel/cap_last_cap's value in the + Python bindings test if possible, otherwise use the value from + since the kernel now has 37 capabilities upstream, + but our builders are not that up to date. + +* Sat Jun 07 2014 Fedora Release Engineering - 0.7.4-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 07 2014 Steve Grubb 0.7.4-3 +- Add PR_SET_NO_NEW_PRIVS call back to capng_lock + +* Wed Apr 30 2014 Steve Grubb 0.7.4-2 +- Remove PR_SET_NO_NEW_PRIVS call in capng_lock + +* Thu Apr 24 2014 Steve Grubb 0.7.4-1 +- New upstream release + +* Thu Nov 14 2013 Steve Grubb 0.7.3-6 +- Rebuild to pickup current CAP_LAST_CAP + +* Sat Aug 03 2013 Fedora Release Engineering - 0.7.3-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jul 02 2013 Karsten Hopp 0.7.3-4 +- bump release and rebuild to fix dependencies on PPC + +* Thu Feb 14 2013 Fedora Release Engineering - 0.7.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Dec 19 2012 Steve Grubb 0.7.3-2 +- Remove useless code in pscap causing EBADFD + +* Fri Nov 09 2012 Steve Grubb 0.7.3-1 +- New upstream release + +* Wed Oct 24 2012 Steve Grubb 0.7.1-1 +- New upstream release + +* Tue Jul 24 2012 Steve Grubb 0.7-1 +- New upstream release + +* Thu Jul 19 2012 Fedora Release Engineering - 0.6.6-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jan 13 2012 Fedora Release Engineering - 0.6.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Fri Jun 24 2011 Steve Grubb 0.6.6-1 +- New upstream release + +* Mon Feb 07 2011 Fedora Release Engineering - 0.6.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Nov 03 2010 Steve Grubb 0.6.5-1 +- New upstream release fixing 2.6.36 kernel header issue + +* Wed Jul 21 2010 David Malcolm - 0.6.4-4 +- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild + +* Thu Jun 17 2010 Steve Grubb 0.6.4-3 +- Only open regular files in filecap + +* Mon May 24 2010 Steve Grubb 0.6.4-2 +- In utils subpackage added a requires statement. + +* Thu May 06 2010 Steve Grubb 0.6.4-1 +- New upstream release fixing multi-threading issue + +* Wed Apr 28 2010 Steve Grubb 0.6.3-2 +- filecap shows full capabilities if a file has any + +* Thu Mar 11 2010 Steve Grubb 0.6.3-1 +- New upstream release + +* Tue Feb 16 2010 Steve Grubb 0.6.2-4 +- Use global macro and require pkgconfig for devel subpackage + +* Fri Oct 09 2009 Steve Grubb 0.6.2-3 +- Apply patch to retain setpcap only if clearing bounding set + +* Sat Oct 03 2009 Steve Grubb 0.6.2-2 +- Apply patch correcting pscap and netcap acct detection + +* Mon Sep 28 2009 Steve Grubb 0.6.2-1 +- New upstream release + +* Sun Jul 26 2009 Steve Grubb 0.6.1-1 +- New upstream release + +* Fri Jul 24 2009 Fedora Release Engineering - 0.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Mon Jun 29 2009 Steve Grubb 0.6-1 +- New upstream release + +* Sun Jun 21 2009 Steve Grubb 0.5.1-1 +- New upstream release + +* Fri Jun 19 2009 Steve Grubb 0.5-1 +- New upstream release + +* Fri Jun 12 2009 Steve Grubb 0.4.2-1 +- New upstream release + +* Fri Jun 12 2009 Steve Grubb 0.4.1-1 +- Initial build. +