Sync from SUSE:SLFO:Main uid_wrapper revision 72ccab77b13692465db5af9d26f41a49

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

uid_wrapper-1.3.0.tar.gz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEjf9T4Y8qvI2PPJIjfuD8TcwBTj0FAmPGqIYACgkQfuD8TcwB
+Tj1n2xAAugnfwNIyCHmy/rcb/c6y5IYCFOgdtOdh6mGJhiEvpoa46Zovt6L621DG
+laCnfaRiutocHb9u2S+xLddNG8l1ZnUB5mp3QYhey0tNtcHZiU+QV6OkesLsrm6l
+98qBgZqoxaatR28SbXus5ypH3bCZIgturj8nme44Prck+V/vQuOAggGok02GwvuG
+7CyR9cYA9vg4RrL60ZDXhMB6jWCVnbgHHMjxp5iyeyTMphPKMzCcWDNC9O93RQFJ
+pe5AAwSIH8xmOZSb1Z+uVu3J0WnjubcK8PcoEIW/303d4XRvY+w1T+z1Qu+RxXCH
+tRTg2+ysRnWtxcKALzbHmbTaggJpsFZyRuu8Rf7E4H+6cCSvQv8qYiIY4wqcebBE
++Xxytb9BYUY24n4HwkpL/3OScNxV5H4S2o2lHd7QT190IW26CaOJx1WGm90EGQKC
+LUh8lPNJqETEIu5Dke3PiUoZJ0x7zd235NbmM3rmJ0B2bhtL/L3yP1H2zslMuus3
+5D3XU0IkUykd6wtgO1He+v1JRZl+mFzkeGPakS9IoIj4E4QVJ3jQAe9UeHL4h3Ac
+JG5Yl8T6BTyL72xJUjS0C1DOPSj13pZiUD4FTqHr7mUi9xT6Fmg+IK4xfIYMaqWh
+3Pf9q+SyHmaml58rxi5CFYvfkhAIa1Frr/VUHg4izuuA6Gc1IgI=
+=SrQO
+-----END PGP SIGNATURE-----

uid_wrapper-fix-cmocka-1.1.6+-support.patch

@@ -0,0 +1,31 @@
+From 850f24c6366abda30bfd77734b90330b8809d306 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Fri, 17 Feb 2023 17:51:27 +0100
+Subject: [PATCH] cmake: Fix cmocka >= 1.1.6 find_package() in CONFIG mode
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
+---
+ tests/CMakeLists.txt | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
+index 635e86e..68e050e 100644
+--- a/tests/CMakeLists.txt
++++ b/tests/CMakeLists.txt
+@@ -1,5 +1,9 @@
+ project(tests C)
+ 
++if (TARGET cmocka::cmocka)
++    set(CMOCKA_LIBRARY cmocka::cmocka)
++endif()
++
+ add_library(uwrap_fake_socket_wrapper SHARED uwrap_fake_socket_wrapper.c)
+ target_compile_options(uwrap_fake_socket_wrapper
+                        PRIVATE
+-- 
+2.39.2
+

uid_wrapper-rpmlintrc

@@ -0,0 +1,9 @@
+# This is a special library only for testing purposes. You cannot link this
+# library. It is only inteded to be used with LD_PRELOAD. This package is
+# the devel package.
+#
+# Learn more at http://cwrap.org
+#
+addFilter("shlib-policy-name-error")
+addFilter("shared-lib-calls-exit")
+addFilter("devel-file-in-non-devel-package")

uid_wrapper.changes

@@ -0,0 +1,162 @@
+-------------------------------------------------------------------
+Thu Mar  2 10:55:49 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Actually apply uid_wrapper-fix-cmocka-1.1.6+-support.patch (use
+  autosetup instead of setup).
+
+-------------------------------------------------------------------
+Mon Feb 27 09:32:20 UTC 2023 - Andreas Schneider <asn@cryptomilk.org>
+
+- Fix building with cmocka >= 1.1.6
+  * Added uid_wrapper-fix-cmocka-1.1.6+-support.patch
+
+-------------------------------------------------------------------
+Tue Jan 17 13:56:46 UTC 2023 - Andreas Schneider <asn@cryptomilk.org>
+
+- Update to version 1.3.0
+  * Added support to interact with socket_wrapper syscall()
+  * Fixed deadlocks with threads
+  * Improved log output
+
+-------------------------------------------------------------------
+Thu Dec  2 13:50:42 UTC 2021 - Andreas Schneider <asn@cryptomilk.org>
+
+- Update to version 1.2.9
+  * Add support for getgroups_chk()
+  * Added (de)contructor support on AIX with pragma init/finish
+
+-------------------------------------------------------------------
+Wed Apr  7 22:12:18 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- remove pkgconfig and cmake directory from filelist - provided by filesystem package
+
+-------------------------------------------------------------------
+Tue Jan 26 14:11:29 UTC 2021 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Replace system-user-nobody with user(nobody): be resilient to
+  package name changes.
+
+-------------------------------------------------------------------
+Thu Mar  5 15:16:09 UTC 2020 - Andreas Schneider <asn@cryptomilk.org>
+
+- Update to version 1.2.8
+  * Fix path in pkgconfig module
+  * Fix path in cmake find module
+
+-------------------------------------------------------------------
+Wed Aug 21 08:46:42 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>
+
+- Change BR to pkgconf
+- Change Requires to Recommends for pkgconf and cmake
+
+-------------------------------------------------------------------
+Tue Jul 16 09:18:30 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>
+
+- Update to version 1.2.7
+  * Fix unsetting initial XIDs
+- Fix running the tests
+
+-------------------------------------------------------------------
+Mon Jul 15 09:30:54 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>
+
+- Update to version 1.2.6
+  * Fix manpage installation
+  * Fix cmake-config installation
+  * Fixed running with sanitizers
+
+-------------------------------------------------------------------
+Tue Jul 25 09:17:48 UTC 2017 - asn@cryptomilk.org
+
+- Update to version 1.2.4
+  * Added deadlock workaround for glibc < 2.24
+  * Fixed a possible deadlock bug if uid_wrapper is turned off
+
+-------------------------------------------------------------------
+Fri Jul 14 13:24:08 UTC 2017 - asn@cryptomilk.org
+
+- Update to version 1.2.3
+  * Logging is always turned on now
+  * Fixed a memory leak
+  * Limited number of groups during fork+exec
+
+-------------------------------------------------------------------
+Thu Jul 13 06:54:57 UTC 2017 - asn@cryptomilk.org
+
+- Update to version 1.2.2
+  * Added support for fork'ed and then exec'ed processes
+  * Added support for Alpha
+
+-------------------------------------------------------------------
+Mon Mar 21 18:17:52 UTC 2016 - asn@cryptomilk.org
+
+- Update to version 1.2.1
+  * Documented missing options.
+  * Fixed a comipilation issue with -O3.
+
+-------------------------------------------------------------------
+Sun Feb 14 11:47:01 UTC 2016 - jengelh@inai.de
+
+- Editorial fixes to the description
+
+-------------------------------------------------------------------
+Thu Oct 29 11:57:14 UTC 2015 - asn@cryptomilk.org
+
+- Update to version 1.2.0
+  * Added privilege checks for all set*uid and set*gid functions.
+  * Added a lot more and accurate tests which work as root.
+  * Fixed some minor issues
+
+-------------------------------------------------------------------
+Wed Sep  2 11:30:45 UTC 2015 - asn@cryptomilk.org
+
+- Update to version 1.1.1
+  * Fixed getres(uid|gid) detection if unsupported.
+  * Fixed the configure on Solaris
+  * Added a lot more tests
+
+-------------------------------------------------------------------
+Fri Jun 26 06:52:03 UTC 2015 - mpluskal@suse.com
+
+- Rename rpmlintrc so that it complies with packaging guidelines
+- Add rpmlintrc as source 
+
+-------------------------------------------------------------------
+Thu Jun 25 15:30:48 UTC 2015 - asn@cryptomilk.org
+
+- Fix make install
+
+-------------------------------------------------------------------
+Mon May 11 08:35:22 CEST 2015 - asn@cryptomilk.org
+
+- Cleanup specfile
+
+-------------------------------------------------------------------
+Wed Jan 21 12:48:00 UTC 2015 - asn@cryptomilk.org
+
+- Update to version 1.1.0
+  * Added support for gesresuid().
+  * Added support for gesresgid().
+  * Added MacOSX support.
+  * Added fully working thread support.
+  * Added more tests.
+  * Fixed issues with older gcc versions.
+
+-------------------------------------------------------------------
+Mon Oct  6 08:50:39 UTC 2014 - asn@cryptomilk.org
+
+- Fix test on AArch64.
+
+-------------------------------------------------------------------
+Thu Jul 31 07:43:35 UTC 2014 - asn@cryptomilk.org
+
+- Update to version 1.0.2.
+  * Added better logging system.
+  * Added a mapnpage
+  * Added build and install instructions
+  * Fixed threading issue in the desctructor.
+
+-------------------------------------------------------------------
+Thu Feb 13 10:25:37 UTC 2014 - asn@cryptomilk.org
+
+- Initial package.
+

uid_wrapper.spec

@@ -0,0 +1,88 @@
+#
+# spec file for package uid_wrapper
+#
+# Copyright (c) 2023 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+############################# NOTE ##################################
+#
+# This is a special library. You are not able to link this library.
+# Do NOT create library package or a devel package!
+#
+############################# NOTE ##################################
+Name:           uid_wrapper
+Version:        1.3.0
+Release:        0
+Summary:        A wrapper for privilege seperation
+License:        GPL-3.0-or-later
+Group:          Development/Libraries/C and C++
+URL:            https://cwrap.org/
+Source0:        https://ftp.samba.org/pub/cwrap/%{name}-%{version}.tar.gz
+Source1:        %{name}-rpmlintrc
+Source2:        https://ftp.samba.org/pub/cwrap/%{name}-%{version}.tar.gz.asc
+Source3:        uid_wrapper.keyring
+Patch0:         uid_wrapper-fix-cmocka-1.1.6+-support.patch
+BuildRequires:  cmake
+BuildRequires:  libcmocka-devel
+BuildRequires:  pkgconf
+BuildRequires:  user(nobody)
+Recommends:     cmake
+Recommends:     pkgconf
+
+%description
+Some projects like a file server need privilege separation to be able to switch
+to the connnection user and do file operations. uid_wrapper convincingly lies
+to the application, letting it believe it is operating as root and even
+switching betwen UIDs and GIDs as needed.
+
+To use it, set the following environment variables:
+
+LD_PRELOAD=libuid_wrapper.so
+UID_WRAPPER=1
+
+This package does not have a devel package, because this project is for
+development/testing.
+
+%prep
+%autosetup -p1
+
+%build
+# CMAKE_SKIP_RPATH:BOOL=OFF is need to run the tests!
+%cmake \
+  -DUNIT_TESTING=ON \
+  -DCMAKE_SKIP_RPATH:BOOL=OFF
+
+%make_build
+
+%install
+%cmake_install
+
+%check
+%ctest
+
+%post -p /sbin/ldconfig
+%postun -p /sbin/ldconfig
+
+%files
+%doc AUTHORS README.md CHANGELOG
+%license LICENSE
+%{_libdir}/libuid_wrapper.so*
+%dir %{_libdir}/cmake/uid_wrapper
+%{_libdir}/cmake/uid_wrapper/uid_wrapper-config-version.cmake
+%{_libdir}/cmake/uid_wrapper/uid_wrapper-config.cmake
+%{_libdir}/pkgconfig/uid_wrapper.pc
+%{_mandir}/man1/uid_wrapper.1%{?ext_man}
+
+%changelog