2011-08-31 04:34:50 +02:00
|
|
|
#
|
2011-08-31 10:50:02 +02:00
|
|
|
# spec file for package libcap-ng
|
2011-08-31 04:34:50 +02:00
|
|
|
#
|
2024-01-09 15:56:25 +01:00
|
|
|
# Copyright (c) 2024 SUSE LLC
|
2011-08-31 04:34:50 +02:00
|
|
|
#
|
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
2019-08-08 14:44:47 +02:00
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
2011-08-31 04:34:50 +02:00
|
|
|
#
|
|
|
|
|
|
|
|
|
2018-02-19 09:04:27 +01:00
|
|
|
%define sover 0
|
Accepting request 975729 from home:polslinux:branches:security
- Update to 0.8.3:
* Add vararg support to python bindings for capng_updatev
* Add support for ambient capabilities
* Add support for V3 filesystem capabilities
* If procfs is not available, leave last_cap as CAP_LAST_CAP
* If bounding and ambient not found in status, try prctl method
* In capng_apply, move ambient caps to the end of the transaction
* In capng_apply, return errors more aggressively.
* In capng_apply, if the action includes the bounding set,resync with the kernel
* Fix signed/unsigned warning in cap-ng.c
* In capng_apply, return a unique error code to diagnose any failure
* In capng_have_capability, return 0 for failure
* Add the libdrop_ambient admin tool
* In capng_apply, if we blew up in bounding set, allow setting capabilities
* If PR_CAP_AMBIENT is not available, do not build libdrop_ambient
* Improve last_cap check
* Fix parameters to capng_updatev python bindings to be signed
* Detect capability options at runtime to make containerization easier (ntkme)
* Initialize the library when linked statically
* Add gcc function attributes for deallocation
- Update to 0.8.3:
* Add vararg support to python bindings for capng_updatev
* Add support for ambient capabilities
* Add support for V3 filesystem capabilities
* If procfs is not available, leave last_cap as CAP_LAST_CAP
* If bounding and ambient not found in status, try prctl method
* In capng_apply, move ambient caps to the end of the transaction
* In capng_apply, return errors more aggressively.
* In capng_apply, if the action includes the bounding set,resync with the kernel
OBS-URL: https://build.opensuse.org/request/show/975729
OBS-URL: https://build.opensuse.org/package/show/security/libcap-ng?expand=0&rev=40
2022-05-16 10:32:13 +02:00
|
|
|
%define ambient_sover 0
|
|
|
|
|
2014-05-15 15:27:52 +02:00
|
|
|
Name: libcap-ng
|
2024-05-21 12:20:38 +02:00
|
|
|
Version: 0.8.5
|
2014-05-15 15:27:52 +02:00
|
|
|
Release: 0
|
2018-02-19 09:04:27 +01:00
|
|
|
Summary: An alternate Linux/POSIX capabilities library
|
2019-08-08 14:44:47 +02:00
|
|
|
License: LGPL-2.1-or-later
|
2018-02-19 09:04:27 +01:00
|
|
|
Group: Development/Libraries/C and C++
|
2020-05-12 16:19:06 +02:00
|
|
|
URL: https://people.redhat.com/sgrubb/libcap-ng
|
2018-02-18 10:52:15 +01:00
|
|
|
Source0: https://people.redhat.com/sgrubb/%{name}/%{name}-%{version}.tar.gz
|
2014-05-15 15:27:52 +02:00
|
|
|
Source1: baselibs.conf
|
2011-08-31 04:34:50 +02:00
|
|
|
BuildRequires: kernel-headers >= 2.6.11
|
2018-02-18 10:52:15 +01:00
|
|
|
BuildRequires: pkgconfig
|
2010-04-23 01:41:07 +02:00
|
|
|
|
|
|
|
%description
|
2018-02-19 09:04:27 +01:00
|
|
|
libcap-ng is a library providing an alternate mechanism to libcap to
|
|
|
|
make use of Linux process and file capabilities.
|
2010-04-23 01:41:07 +02:00
|
|
|
|
2018-02-19 09:04:27 +01:00
|
|
|
%package -n %{name}%{sover}
|
|
|
|
Summary: An alternate Linux/POSIX capabilities library
|
2019-08-08 14:44:47 +02:00
|
|
|
License: LGPL-2.1-or-later
|
2011-08-31 04:34:50 +02:00
|
|
|
Group: System/Libraries
|
2010-04-23 01:41:07 +02:00
|
|
|
|
2018-02-19 09:04:27 +01:00
|
|
|
%description -n %{name}%{sover}
|
|
|
|
libcap-ng is a library providing an alternate mechanism to libcap to
|
|
|
|
inspect and set Linux process and file capabilities (modeled upon a
|
|
|
|
withdrawn POSIX.1e draft).
|
2010-04-23 01:41:07 +02:00
|
|
|
|
|
|
|
%package devel
|
2018-02-19 09:04:27 +01:00
|
|
|
Summary: Header files for the libcap-ng library
|
2019-08-08 14:44:47 +02:00
|
|
|
License: LGPL-2.1-or-later
|
2011-08-31 04:34:50 +02:00
|
|
|
Group: Development/Libraries/C and C++
|
2018-02-19 09:04:27 +01:00
|
|
|
Requires: %{name}%{sover} = %{version}
|
2013-03-14 10:30:37 +01:00
|
|
|
Requires: kernel-headers >= 2.6.11
|
2011-08-31 04:34:50 +02:00
|
|
|
Requires: pkgconfig
|
2010-04-23 01:41:07 +02:00
|
|
|
|
|
|
|
%description devel
|
|
|
|
The libcap-ng-devel package contains the files needed for developing
|
|
|
|
applications that need to use the libcap-ng library.
|
|
|
|
|
|
|
|
%package utils
|
2011-08-31 04:34:50 +02:00
|
|
|
Summary: Utilities for analysing and setting file capabilities
|
2019-08-08 14:44:47 +02:00
|
|
|
License: GPL-2.0-or-later
|
2011-08-31 04:34:50 +02:00
|
|
|
Group: System/Base
|
2010-04-23 01:41:07 +02:00
|
|
|
|
|
|
|
%description utils
|
|
|
|
The libcap-ng-utils package contains applications to analyse the
|
2018-02-19 09:04:27 +01:00
|
|
|
Linux process capabilities of programs running on a system. It also
|
|
|
|
lets you set the filesystem-based capabilities.
|
2010-04-23 01:41:07 +02:00
|
|
|
|
Accepting request 975729 from home:polslinux:branches:security
- Update to 0.8.3:
* Add vararg support to python bindings for capng_updatev
* Add support for ambient capabilities
* Add support for V3 filesystem capabilities
* If procfs is not available, leave last_cap as CAP_LAST_CAP
* If bounding and ambient not found in status, try prctl method
* In capng_apply, move ambient caps to the end of the transaction
* In capng_apply, return errors more aggressively.
* In capng_apply, if the action includes the bounding set,resync with the kernel
* Fix signed/unsigned warning in cap-ng.c
* In capng_apply, return a unique error code to diagnose any failure
* In capng_have_capability, return 0 for failure
* Add the libdrop_ambient admin tool
* In capng_apply, if we blew up in bounding set, allow setting capabilities
* If PR_CAP_AMBIENT is not available, do not build libdrop_ambient
* Improve last_cap check
* Fix parameters to capng_updatev python bindings to be signed
* Detect capability options at runtime to make containerization easier (ntkme)
* Initialize the library when linked statically
* Add gcc function attributes for deallocation
- Update to 0.8.3:
* Add vararg support to python bindings for capng_updatev
* Add support for ambient capabilities
* Add support for V3 filesystem capabilities
* If procfs is not available, leave last_cap as CAP_LAST_CAP
* If bounding and ambient not found in status, try prctl method
* In capng_apply, move ambient caps to the end of the transaction
* In capng_apply, return errors more aggressively.
* In capng_apply, if the action includes the bounding set,resync with the kernel
OBS-URL: https://build.opensuse.org/request/show/975729
OBS-URL: https://build.opensuse.org/package/show/security/libcap-ng?expand=0&rev=40
2022-05-16 10:32:13 +02:00
|
|
|
%package -n libdrop_ambient%{ambient_sover}
|
|
|
|
Summary: Library for dropping ambient capabilities
|
|
|
|
License: LGPL-2.1-or-later
|
|
|
|
Requires: %{name}%{sover} = %{version}
|
|
|
|
|
|
|
|
%description -n libdrop_ambient%{ambient_sover}
|
|
|
|
This library can be used via LD_PRELOAD to force an application started with ambient capabilities to drop them.
|
|
|
|
It leaves other capabilities intact. This can also be linked against and automatically does the right thing.
|
|
|
|
You do not need to make any calls into the library because all the work is done in the constructor which runs before main() is called.
|
|
|
|
|
|
|
|
%package -n libdrop_ambient-devel
|
|
|
|
Summary: Devel package for libdrop_ambient%{ambient_sover}
|
|
|
|
License: LGPL-2.1-or-later
|
|
|
|
Requires: libdrop_ambient%{ambient_sover}
|
|
|
|
|
|
|
|
%description -n libdrop_ambient-devel
|
|
|
|
This package contains the files needed for developing
|
|
|
|
applications that need to use the libdrop_ambient library.
|
|
|
|
|
2010-04-23 01:41:07 +02:00
|
|
|
%prep
|
2014-05-15 15:27:52 +02:00
|
|
|
%setup -q
|
2010-04-23 01:41:07 +02:00
|
|
|
|
|
|
|
%build
|
2020-05-12 16:19:06 +02:00
|
|
|
export LDFLAGS="$LDFLAGS -lpthread"
|
2014-05-15 15:27:52 +02:00
|
|
|
%configure \
|
|
|
|
--disable-static \
|
|
|
|
--without-python
|
|
|
|
make %{?_smp_mflags}
|
2010-04-23 01:41:07 +02:00
|
|
|
|
|
|
|
%install
|
2018-02-18 10:52:15 +01:00
|
|
|
%make_install
|
2014-05-15 15:27:52 +02:00
|
|
|
find %{buildroot} -type f -name "*.la" -delete -print
|
2011-08-31 04:34:50 +02:00
|
|
|
|
2018-02-19 09:04:27 +01:00
|
|
|
%post -n %{name}%{sover} -p /sbin/ldconfig
|
|
|
|
%postun -n %{name}%{sover} -p /sbin/ldconfig
|
2010-04-23 01:41:07 +02:00
|
|
|
|
Accepting request 975729 from home:polslinux:branches:security
- Update to 0.8.3:
* Add vararg support to python bindings for capng_updatev
* Add support for ambient capabilities
* Add support for V3 filesystem capabilities
* If procfs is not available, leave last_cap as CAP_LAST_CAP
* If bounding and ambient not found in status, try prctl method
* In capng_apply, move ambient caps to the end of the transaction
* In capng_apply, return errors more aggressively.
* In capng_apply, if the action includes the bounding set,resync with the kernel
* Fix signed/unsigned warning in cap-ng.c
* In capng_apply, return a unique error code to diagnose any failure
* In capng_have_capability, return 0 for failure
* Add the libdrop_ambient admin tool
* In capng_apply, if we blew up in bounding set, allow setting capabilities
* If PR_CAP_AMBIENT is not available, do not build libdrop_ambient
* Improve last_cap check
* Fix parameters to capng_updatev python bindings to be signed
* Detect capability options at runtime to make containerization easier (ntkme)
* Initialize the library when linked statically
* Add gcc function attributes for deallocation
- Update to 0.8.3:
* Add vararg support to python bindings for capng_updatev
* Add support for ambient capabilities
* Add support for V3 filesystem capabilities
* If procfs is not available, leave last_cap as CAP_LAST_CAP
* If bounding and ambient not found in status, try prctl method
* In capng_apply, move ambient caps to the end of the transaction
* In capng_apply, return errors more aggressively.
* In capng_apply, if the action includes the bounding set,resync with the kernel
OBS-URL: https://build.opensuse.org/request/show/975729
OBS-URL: https://build.opensuse.org/package/show/security/libcap-ng?expand=0&rev=40
2022-05-16 10:32:13 +02:00
|
|
|
%post -n libdrop_ambient%{ambient_sover} -p /sbin/ldconfig
|
|
|
|
%postun -n libdrop_ambient%{ambient_sover} -p /sbin/ldconfig
|
|
|
|
|
2018-02-19 09:04:27 +01:00
|
|
|
%files -n %{name}%{sover}
|
2018-02-20 11:29:37 +01:00
|
|
|
%license COPYING.LIB
|
2018-02-19 09:04:27 +01:00
|
|
|
%{_libdir}/%{name}.so.%{sover}
|
|
|
|
%{_libdir}/%{name}.so.%{sover}.*
|
2010-04-23 01:41:07 +02:00
|
|
|
|
Accepting request 975729 from home:polslinux:branches:security
- Update to 0.8.3:
* Add vararg support to python bindings for capng_updatev
* Add support for ambient capabilities
* Add support for V3 filesystem capabilities
* If procfs is not available, leave last_cap as CAP_LAST_CAP
* If bounding and ambient not found in status, try prctl method
* In capng_apply, move ambient caps to the end of the transaction
* In capng_apply, return errors more aggressively.
* In capng_apply, if the action includes the bounding set,resync with the kernel
* Fix signed/unsigned warning in cap-ng.c
* In capng_apply, return a unique error code to diagnose any failure
* In capng_have_capability, return 0 for failure
* Add the libdrop_ambient admin tool
* In capng_apply, if we blew up in bounding set, allow setting capabilities
* If PR_CAP_AMBIENT is not available, do not build libdrop_ambient
* Improve last_cap check
* Fix parameters to capng_updatev python bindings to be signed
* Detect capability options at runtime to make containerization easier (ntkme)
* Initialize the library when linked statically
* Add gcc function attributes for deallocation
- Update to 0.8.3:
* Add vararg support to python bindings for capng_updatev
* Add support for ambient capabilities
* Add support for V3 filesystem capabilities
* If procfs is not available, leave last_cap as CAP_LAST_CAP
* If bounding and ambient not found in status, try prctl method
* In capng_apply, move ambient caps to the end of the transaction
* In capng_apply, return errors more aggressively.
* In capng_apply, if the action includes the bounding set,resync with the kernel
OBS-URL: https://build.opensuse.org/request/show/975729
OBS-URL: https://build.opensuse.org/package/show/security/libcap-ng?expand=0&rev=40
2022-05-16 10:32:13 +02:00
|
|
|
%files -n libdrop_ambient%{ambient_sover}
|
|
|
|
%{_libdir}/libdrop_ambient.so.%{ambient_sover}
|
|
|
|
%{_libdir}/libdrop_ambient.so.%{ambient_sover}.*
|
|
|
|
|
|
|
|
%files -n libdrop_ambient-devel
|
|
|
|
%{_libdir}/libdrop_ambient.so
|
|
|
|
%{_mandir}/man7/libdrop_ambient.7%{ext_man}
|
|
|
|
|
2010-04-23 01:41:07 +02:00
|
|
|
%files devel
|
2014-05-15 15:27:52 +02:00
|
|
|
%{_mandir}/man3/*.3%{ext_man}
|
|
|
|
%{_includedir}/cap-ng.h
|
|
|
|
%{_libdir}/%{name}.so
|
2019-08-08 14:44:47 +02:00
|
|
|
%dir %{_datadir}/aclocal
|
2014-05-15 15:27:52 +02:00
|
|
|
%{_datadir}/aclocal/cap-ng.m4
|
|
|
|
%{_libdir}/pkgconfig/%{name}.pc
|
2010-04-23 01:41:07 +02:00
|
|
|
|
|
|
|
%files utils
|
2018-02-20 11:29:37 +01:00
|
|
|
%license COPYING
|
2014-05-15 15:27:52 +02:00
|
|
|
%{_bindir}/captest
|
|
|
|
%{_bindir}/filecap
|
|
|
|
%{_bindir}/netcap
|
|
|
|
%{_bindir}/pscap
|
|
|
|
%{_mandir}/man8/*.8%{ext_man}
|
2010-11-02 16:42:38 +01:00
|
|
|
|
2010-04-23 01:41:07 +02:00
|
|
|
%changelog
|