diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..389ba7b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/libcap-ng-0.7.9.tar.gz
diff --git a/.libcap-ng.metadata b/.libcap-ng.metadata
new file mode 100644
index 0000000..3e3aca4
--- /dev/null
+++ b/.libcap-ng.metadata
@@ -0,0 +1 @@
+f29f1eefdfbbd93501d9c7a54ac340d4ca660634 SOURCES/libcap-ng-0.7.9.tar.gz
diff --git a/SOURCES/libcap-ng-0.8-permitted.patch b/SOURCES/libcap-ng-0.8-permitted.patch
new file mode 100644
index 0000000..cc48b86
--- /dev/null
+++ b/SOURCES/libcap-ng-0.8-permitted.patch
@@ -0,0 +1,142 @@
+diff -urp libcap-ng-0.8.orig/docs/capng_have_capabilities.3 libcap-ng-0.8/docs/capng_have_capabilities.3
+--- libcap-ng-0.8.orig/docs/capng_have_capabilities.3	2018-02-07 13:20:31.000000000 -0500
++++ libcap-ng-0.8/docs/capng_have_capabilities.3	2018-08-09 16:29:40.521624973 -0400
+@@ -1,14 +1,20 @@
+-.TH "CAPNG_HAVE_CAPABILITIES" "3" "June 2009" "Red Hat" "Libcap-ng API"
++.TH "CAPNG_HAVE_CAPABILITIES" "3" "Aug 2018" "Red Hat" "Libcap-ng API"
+ .SH NAME
+-capng_have_capabilities \- general check for capabilities
++.nf
++capng_have_capabilities, capng_have_permitted_capabilities \- check for capabilities
+ .SH "SYNOPSIS"
+ .B #include <cap-ng.h>
+ .sp
+ capng_results_t capng_have_capabilities(capng_select_t set);
++capng_results_t capng_have_permitted_capabilities(void);
+ 
+ .SH "DESCRIPTION"
+ 
+-capng_have_capabilities will check the selected internal capabilities sets to see what the status is. The capabilities sets must be previously setup with calls to capng_get_caps_process, capng_get_caps_fd, or in some other way setup. The options are CAPNG_SELECT_CAPS for the traditional capabilities, CAPNG_SELECT_BOUNDS for the bounding set, or CAPNG_SELECT_BOTH if clearing both is desired.
++capng_have_capabilities will check the selected internal capabilities sets to see what the status is. The capabilities sets must be previously setup with calls to capng_get_caps_process, capng_get_caps_fd, or in some other way setup. The options are CAPNG_SELECT_CAPS for the traditional capabilities, CAPNG_SELECT_BOUNDS for the bounding set, or CAPNG_SELECT_BOTH if clearing both is desired. When capabilities are checked, it will only look at the effective capabilities.
++
++If, however, the source of capabilities comes from a file, then you may need to additionally check the permitted capabilities. It's for this reason that
++.B capng_have_permitted_capabilities
++was created. It takes no arguments because it simply checks the permitted set.
+ 
+ .SH "RETURN VALUE"
+ 
+diff -urp libcap-ng-0.8.orig/src/cap-ng.c libcap-ng-0.8/src/cap-ng.c
+--- libcap-ng-0.8.orig/src/cap-ng.c	2018-07-02 14:42:53.993939477 -0400
++++ libcap-ng-0.8/src/cap-ng.c	2018-08-09 16:31:47.255611373 -0400
+@@ -777,10 +776,10 @@ capng_results_t capng_have_capabilities(
+ 				full = 1;
+ 			else
+ 				return CAPNG_PARTIAL;
+-			if ((m.data.v3[1].effective & UPPER_MASK) == 0)
++			if ((m.data.v3[1].effective & UPPER_MASK) == 0 && !full)
+ 				empty = 1;
+ 			else if ((m.data.v3[1].effective & UPPER_MASK) ==
+-							UPPER_MASK)
++						UPPER_MASK && !empty)
+ 				full = 1;
+ 			else
+ 				return CAPNG_PARTIAL;
+@@ -805,6 +804,40 @@ capng_results_t capng_have_capabilities(
+ 
+ 	if (empty == 1 && full == 0)
+ 		return CAPNG_NONE;
++	else if (empty == 0 && full == 1)
++		return CAPNG_FULL;
++	
++	return CAPNG_PARTIAL;
++}
++
++// -1 - error, 0 - no caps, 1 partial caps, 2 full caps
++capng_results_t capng_have_permitted_capabilities(void)
++{
++	int empty = 0, full = 0;
++
++	// First, try to init with current set
++	if (m.state < CAPNG_INIT)
++		capng_get_caps_process();
++
++	// If we still don't have anything, error out
++	if (m.state < CAPNG_INIT)
++		return CAPNG_FAIL;
++
++	if (m.data.v3[0].permitted == 0)
++		empty = 1;
++	else if (m.data.v3[0].permitted == 0xFFFFFFFFU)
++		full = 1;
++	else
++		return CAPNG_PARTIAL;
++	if ((m.data.v3[1].permitted & UPPER_MASK) == 0 && !full)
++		empty = 1;
++	else if ((m.data.v3[1].permitted & UPPER_MASK) == UPPER_MASK && !empty)
++		full = 1;
++	else
++		return CAPNG_PARTIAL;
++
++	if (empty == 1 && full == 0)
++		return CAPNG_NONE;
+ 	else if (empty == 0 && full == 1)
+ 		return CAPNG_FULL;
+ 	
+diff -urp libcap-ng-0.8.orig/src/cap-ng.h libcap-ng-0.8/src/cap-ng.h
+--- libcap-ng-0.8.orig/src/cap-ng.h	2018-02-07 13:20:31.000000000 -0500
++++ libcap-ng-0.8/src/cap-ng.h	2018-08-09 15:54:10.054853595 -0400
+@@ -63,6 +63,7 @@ int capng_apply_caps_fd(int fd);
+ 
+ // These functions check capability bits
+ capng_results_t capng_have_capabilities(capng_select_t set);
++capng_results_t capng_have_permitted_capabilities(void);
+ int capng_have_capability(capng_type_t which, unsigned int capability);
+ 
+ // These functions printout capabilities
+diff -urp libcap-ng-0.8.orig/utils/filecap.8 libcap-ng-0.8/utils/filecap.8
+--- libcap-ng-0.8.orig/utils/filecap.8	2018-02-07 13:20:31.000000000 -0500
++++ libcap-ng-0.8/utils/filecap.8	2018-08-09 16:35:39.751586424 -0400
+@@ -1,10 +1,10 @@
+-.TH FILECAP: "8" "March 2009" "Red Hat" "System Administration Utilities"
++.TH FILECAP: "8" "Aug 2018" "Red Hat" "System Administration Utilities"
+ .SH NAME
+ filecap \- a program to see capabilities
+ .SH SYNOPSIS
+ .B filecap [ \-a | \-d | /dir | /dir/file [cap1 cap2 ...] ]
+ .SH DESCRIPTION
+-\fBfilecap\fP is a program that prints out a report of programs with file based capabilities. If a file is not in the report or there is no report at all, no capabilities were found. For expedience, the default is to check only the directories in the PATH environmental variable. If the \-a command line option is given, then all directories will be checked. If a directory is passed, it will recursively check that directory. If a path to a file is given, it will only check that file. If the path to the file includes capabilities, then they are written to the file.
++\fBfilecap\fP is a program that prints out a report of programs with file based capabilities. If a file is not in the report or there is no report at all, no capabilities were found. For expedience, the default is to check only the directories in the PATH environmental variable. If the \-a command line option is given, then all directories will be checked. If a directory is passed, it will recursively check that directory. If a path to a file is given, it will only check that file. If a file is given followed by capabilities, then the capabilities are written to the file.
+ 
+ .SH OPTIONS
+ .TP
+diff -urp libcap-ng-0.8.orig/utils/filecap.c libcap-ng-0.8/utils/filecap.c
+--- libcap-ng-0.8.orig/utils/filecap.c	2018-02-07 13:20:31.000000000 -0500
++++ libcap-ng-0.8/utils/filecap.c	2018-08-09 16:03:18.989794688 -0400
+@@ -59,6 +59,7 @@ static int check_file(const char *fpath,
+ 	int fd = open(fpath, O_RDONLY|O_CLOEXEC);
+ 	if (fd >= 0) {
+ 		capng_results_t rc;
++		int permitted = 0;
+ 
+ 		capng_clear(CAPNG_SELECT_BOTH);
+ 		if (capng_get_caps_fd(fd) < 0) {
+@@ -68,12 +69,17 @@ static int check_file(const char *fpath,
+ 				ret = 1;
+ 		}
+ 		rc = capng_have_capabilities(CAPNG_SELECT_CAPS);
++		if (rc == CAPNG_NONE) {
++			permitted = 1;
++			rc = capng_have_permitted_capabilities();
++		}
+ 		if (rc > CAPNG_NONE) {
+ 			if (header == 0) {
+ 				header = 1;
+-				printf("%-20s capabilities\n", "file");
++				printf("%-9s %-20s capabilities\n", "set", "file");
+ 			}
+-			printf("%s     ", fpath);
++			printf("%s %s     ",
++				permitted ? "permitted" : "effective",  fpath);
+ 			if (rc == CAPNG_FULL)
+ 				printf("full");
+ 			else
diff --git a/SOURCES/libcap-ng-filecap-enodata.patch b/SOURCES/libcap-ng-filecap-enodata.patch
new file mode 100644
index 0000000..3832fc4
--- /dev/null
+++ b/SOURCES/libcap-ng-filecap-enodata.patch
@@ -0,0 +1,13 @@
+diff --git a/utils/filecap.c b/utils/filecap.c
+index 4e40beb..475995c 100644
+--- a/utils/filecap.c
++++ b/utils/filecap.c
+@@ -63,7 +63,7 @@ static int check_file(const char *fpath,
+ 		int permitted = 0;
+ 
+ 		capng_clear(CAPNG_SELECT_BOTH);
+-		if (capng_get_caps_fd(fd) < 0) {
++		if (capng_get_caps_fd(fd) < 0 && errno != ENODATA) {
+ 			fprintf(stderr, "Unable to get capabilities of %s: %s\n",
+ 				fpath, strerror(errno));
+ 			if (single_file)
diff --git a/SPECS/libcap-ng.spec b/SPECS/libcap-ng.spec
new file mode 100644
index 0000000..6d93453
--- /dev/null
+++ b/SPECS/libcap-ng.spec
@@ -0,0 +1,281 @@
+%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
+
+Summary: An alternate posix capabilities library
+Name: libcap-ng
+Version: 0.7.9
+Release: 4%{?dist}
+License: LGPLv2+
+URL: http://people.redhat.com/sgrubb/libcap-ng
+Source0: http://people.redhat.com/sgrubb/libcap-ng/%{name}-%{version}.tar.gz
+Patch1: libcap-ng-0.8-permitted.patch
+Patch2: libcap-ng-filecap-enodata.patch
+BuildRequires: gcc
+BuildRequires: kernel-headers >= 2.6.11 
+BuildRequires: libattr-devel
+
+%description
+Libcap-ng is a library that makes using posix capabilities easier
+
+%package devel
+Summary: Header files for libcap-ng library
+License: LGPLv2+
+Requires: kernel-headers >= 2.6.11
+Requires: %{name} = %{version}-%{release}
+Requires: pkgconfig
+
+%description devel
+The libcap-ng-devel package contains the files needed for developing
+applications that need to use the libcap-ng library.
+
+%package python3
+Summary: Python3 bindings for libcap-ng library
+License: LGPLv2+
+BuildRequires: python3-devel swig
+Requires: %{name} = %{version}-%{release}
+
+%description python3
+The libcap-ng-python3 package contains the bindings so that libcap-ng
+and can be used by python3 applications.
+
+%package utils
+Summary: Utilities for analyzing and setting file capabilities
+License: GPLv2+
+Requires: %{name} = %{version}-%{release}
+
+%description utils
+The libcap-ng-utils package contains applications to analyze the
+posix capabilities of all the program running on a system. It also
+lets you set the file system based capabilities.
+
+%prep
+%setup -q
+%patch1 -p1
+%patch2 -p1
+
+%build
+%configure --libdir=/%{_lib} --with-python=no --with-python3
+make CFLAGS="%{optflags}" %{?_smp_mflags}
+
+%install
+make DESTDIR="${RPM_BUILD_ROOT}" INSTALL='install -p' install
+
+# Move the symlink
+rm -f $RPM_BUILD_ROOT/%{_lib}/%{name}.so
+mkdir -p $RPM_BUILD_ROOT%{_libdir}
+VLIBNAME=$(ls $RPM_BUILD_ROOT/%{_lib}/%{name}.so.*.*.*)
+LIBNAME=$(basename $VLIBNAME)
+ln -s ../../%{_lib}/$LIBNAME $RPM_BUILD_ROOT%{_libdir}/%{name}.so
+
+# Move the pkgconfig file
+mv $RPM_BUILD_ROOT/%{_lib}/pkgconfig $RPM_BUILD_ROOT%{_libdir}
+
+# Remove a couple things so they don't get picked up
+rm -f $RPM_BUILD_ROOT/%{_lib}/libcap-ng.la
+rm -f $RPM_BUILD_ROOT/%{_lib}/libcap-ng.a
+rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_capng.a
+rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_capng.la
+
+%check
+make check
+
+%ldconfig_scriptlets
+
+%files
+%{!?_licensedir:%global license %%doc}
+%license COPYING.LIB
+/%{_lib}/libcap-ng.so.*
+
+%files devel
+%attr(0644,root,root) %{_mandir}/man3/*
+%attr(0644,root,root) %{_includedir}/cap-ng.h
+%{_libdir}/libcap-ng.so
+%attr(0644,root,root) %{_datadir}/aclocal/cap-ng.m4
+%{_libdir}/pkgconfig/libcap-ng.pc
+
+%files python3
+%attr(755,root,root) %{python3_sitearch}/*
+%{python3_sitearch}/capng.py*
+
+%files utils
+%{!?_licensedir:%global license %%doc}
+%license COPYING
+%attr(0755,root,root) %{_bindir}/*
+%attr(0644,root,root) %{_mandir}/man8/*
+
+%changelog
+* Tue Jan 08 2019 Steve Grubb <sgrubb@redhat.com> 0.7.9-4
+resolves: rhbz#1599364 - filecap fails of files with no capabilities
+
+* Thu Aug 09 2018 Steve Grubb <sgrubb@redhat.com> 0.7.9-3
+resolves: rhbz#1599364 - filecap fails of files with no capabilities
+
+* Thu Jun 08 2018 Steve Grubb <sgrubb@redhat.com> 0.7.9-2
+- Drop python2 bindings (#1588449)
+
+* Wed Feb 07 2018 Steve Grubb <sgrubb@redhat.com> 0.7.9-1
+- New upstream bugfix release
+
+* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.7.8-9
+- Switch to %%ldconfig_scriptlets
+
+* Fri Jan 05 2018 Iryna Shcherbina <ishcherb@redhat.com> - 0.7.8-8
+- Update Python 2 dependency declarations to new packaging standards
+  (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
+
+* Sun Aug 20 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.7.8-7
+- Add Provides for the old name without %%_isa
+
+* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.7.8-6
+- Python 2 binary package renamed to python2-libcap-ng
+  See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.8-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.8-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.8-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 0.7.8-2
+- Rebuild for Python 3.6
+
+* Sun Jul 24 2016 Steve Grubb <sgrubb@redhat.com> 0.7.8-1
+- New upstream bugfix release
+
+* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.7-5
+- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
+
+* Wed Feb 03 2016 Steve Grubb <sgrubb@redhat.com> 0.7.7-4
+- use python site arch macros (#1303610)
+
+* Tue Nov 10 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.7-3
+- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.7-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Wed May 13 2015 Steve Grubb <sgrubb@redhat.com> 0.7.7-1
+- New upstream bugfix release
+
+* Fri May 08 2015 Steve Grubb <sgrubb@redhat.com> 0.7.6-1
+- New upstream release adding python3 support
+
+* Thu May 07 2015 Steve Grubb <sgrubb@redhat.com> 0.7.5-1
+- New upstream release
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.4-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Thu Jul 17 2014 Tom Callaway <spot@fedoraproject.org> - 0.7.4-6
+- fix license handling
+
+* Mon Jun 23 2014 Kyle McMartin <kyle@redhat.com> 0.7.4-5
+- Clamp CAP_LAST_CAP at /proc/sys/kernel/cap_last_cap's value in the
+  Python bindings test if possible, otherwise use the value from
+  <linux/capability.h> since the kernel now has 37 capabilities upstream,
+  but our builders are not that up to date.
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.4-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Wed May 07 2014 Steve Grubb <sgrubb@redhat.com> 0.7.4-3
+- Add PR_SET_NO_NEW_PRIVS call back to capng_lock
+
+* Wed Apr 30 2014 Steve Grubb <sgrubb@redhat.com> 0.7.4-2
+- Remove PR_SET_NO_NEW_PRIVS call in capng_lock
+
+* Thu Apr 24 2014 Steve Grubb <sgrubb@redhat.com> 0.7.4-1
+- New upstream release
+
+* Thu Nov 14 2013 Steve Grubb <sgrubb@redhat.com> 0.7.3-6
+- Rebuild to pickup current CAP_LAST_CAP
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Tue Jul 02 2013 Karsten Hopp <karsten@redhat.com> 0.7.3-4
+- bump release and rebuild to fix dependencies on PPC
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Wed Dec 19 2012 Steve Grubb <sgrubb@redhat.com> 0.7.3-2
+- Remove useless code in pscap causing EBADFD
+
+* Fri Nov 09 2012 Steve Grubb <sgrubb@redhat.com> 0.7.3-1
+- New upstream release
+
+* Wed Oct 24 2012 Steve Grubb <sgrubb@redhat.com> 0.7.1-1
+- New upstream release
+
+* Tue Jul 24 2012 Steve Grubb <sgrubb@redhat.com> 0.7-1
+- New upstream release
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.6-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Fri Jun 24 2011 Steve Grubb <sgrubb@redhat.com> 0.6.6-1
+- New upstream release
+
+* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Wed Nov 03 2010 Steve Grubb <sgrubb@redhat.com> 0.6.5-1
+- New upstream release fixing 2.6.36 kernel header issue
+
+* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 0.6.4-4
+- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
+
+* Thu Jun 17 2010 Steve Grubb <sgrubb@redhat.com> 0.6.4-3
+- Only open regular files in filecap
+
+* Mon May 24 2010 Steve Grubb <sgrubb@redhat.com> 0.6.4-2
+- In utils subpackage added a requires statement.
+
+* Thu May 06 2010 Steve Grubb <sgrubb@redhat.com> 0.6.4-1
+- New upstream release fixing multi-threading issue
+
+* Wed Apr 28 2010 Steve Grubb <sgrubb@redhat.com> 0.6.3-2
+- filecap shows full capabilities if a file has any
+
+* Thu Mar 11 2010 Steve Grubb <sgrubb@redhat.com> 0.6.3-1
+- New upstream release
+
+* Tue Feb 16 2010 Steve Grubb <sgrubb@redhat.com> 0.6.2-4
+- Use global macro and require pkgconfig for devel subpackage
+
+* Fri Oct 09 2009 Steve Grubb <sgrubb@redhat.com> 0.6.2-3
+- Apply patch to retain setpcap only if clearing bounding set
+
+* Sat Oct 03 2009 Steve Grubb <sgrubb@redhat.com> 0.6.2-2
+- Apply patch correcting pscap and netcap acct detection
+
+* Mon Sep 28 2009 Steve Grubb <sgrubb@redhat.com> 0.6.2-1
+- New upstream release
+
+* Sun Jul 26 2009 Steve Grubb <sgrubb@redhat.com> 0.6.1-1
+- New upstream release
+
+* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Mon Jun 29 2009 Steve Grubb <sgrubb@redhat.com> 0.6-1
+- New upstream release
+
+* Sun Jun 21 2009 Steve Grubb <sgrubb@redhat.com> 0.5.1-1
+- New upstream release
+
+* Fri Jun 19 2009 Steve Grubb <sgrubb@redhat.com> 0.5-1
+- New upstream release
+
+* Fri Jun 12 2009 Steve Grubb <sgrubb@redhat.com> 0.4.2-1
+- New upstream release
+
+* Fri Jun 12 2009 Steve Grubb <sgrubb@redhat.com> 0.4.1-1
+- Initial build.
+