From 6da5c4781bfcfee2071023e33c0b31a08d2a633882d755686a082f08422701fd Mon Sep 17 00:00:00 2001 From: Takashi Iwai Date: Fri, 10 Jan 2020 16:37:07 +0000 Subject: [PATCH] Accepting request 762391 from home:pluskalm:branches:Base:System - Update to version 2.30: * BUGFIX: arm and i386 fixes C and Go setgroups choice - used wrong syscall in 2.29. * cleaned up make clean and make install to actually work as intended * updated Gentoo libpsx.pc file from Lars Wendler * refactored the way libpsx linkage with libcap performed mutual discovery. * Previously (2.28) libpsx had an API call overridden by libcap using weak linkage function in libpsx. In 2.30 this is reversed, namely libpsx provides the stronger function and libcap has a weak "no-op" version. * a bit more consistency in handling the 'all' sets in libcap (C) and libcap/cap (Go). Namely, they both dynamically discover the number of capabilities named by the kernel and use this as the definition of 'all' for the current runtime. + libcap (C) exports cap_max_bit() to export the number of supported capabilities + libcap/cap (Go) exports cap.MaxBits() for this same value. - For changes for older releases see: * https://sites.google.com/site/fullycapable/release-notes-for-libcap - Add glibc-static-devel as build requirement as tests need it - Install libpsx.a as it seems to be needed in some cases: * https://bugs.gentoo.org/703912 OBS-URL: https://build.opensuse.org/request/show/762391 OBS-URL: https://build.opensuse.org/package/show/Base:System/libcap?expand=0&rev=31 --- libcap-2.25.tar.xz | 3 --- libcap-2.30.tar.xz | 3 +++ libcap.changes | 28 ++++++++++++++++++++++++++++ libcap.spec | 30 ++++++++++++++++-------------- 4 files changed, 47 insertions(+), 17 deletions(-) delete mode 100644 libcap-2.25.tar.xz create mode 100644 libcap-2.30.tar.xz diff --git a/libcap-2.25.tar.xz b/libcap-2.25.tar.xz deleted file mode 100644 index 48b06f2..0000000 --- a/libcap-2.25.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:693c8ac51e983ee678205571ef272439d83afe62dd8e424ea14ad9790bc35162 -size 63672 diff --git a/libcap-2.30.tar.xz b/libcap-2.30.tar.xz new file mode 100644 index 0000000..7c74bcd --- /dev/null +++ b/libcap-2.30.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a287bae0b0d95e5230a1c4177b835c70774511b631f87c7bd29e91a03e027f11 +size 98528 diff --git a/libcap.changes b/libcap.changes index 32271bb..72554b6 100644 --- a/libcap.changes +++ b/libcap.changes @@ -1,3 +1,31 @@ +------------------------------------------------------------------- +Thu Jan 9 16:05:12 UTC 2020 - Martin Pluskal + +- Update to version 2.30: + * BUGFIX: arm and i386 fixes C and Go setgroups choice - used + wrong syscall in 2.29. + * cleaned up make clean and make install to actually work as + intended + * updated Gentoo libpsx.pc file from Lars Wendler + * refactored the way libpsx linkage with libcap performed mutual + discovery. + * Previously (2.28) libpsx had an API call overridden by libcap + using weak linkage function in libpsx. In 2.30 this is reversed, + namely libpsx provides the stronger function and libcap has a + weak "no-op" version. + * a bit more consistency in handling the 'all' sets in libcap + (C) and libcap/cap (Go). Namely, they both dynamically discover + the number of capabilities named by the kernel and use this as + the definition of 'all' for the current runtime. + + libcap (C) exports cap_max_bit() to export the number of + supported capabilities + + libcap/cap (Go) exports cap.MaxBits() for this same value. +- For changes for older releases see: + * https://sites.google.com/site/fullycapable/release-notes-for-libcap +- Add glibc-static-devel as build requirement as tests need it +- Install libpsx.a as it seems to be needed in some cases: + * https://bugs.gentoo.org/703912 + ------------------------------------------------------------------- Mon Dec 16 14:21:27 UTC 2019 - matthias.gerstner@suse.com diff --git a/libcap.spec b/libcap.spec index 4645f33..d4ecbe5 100644 --- a/libcap.spec +++ b/libcap.spec @@ -1,7 +1,7 @@ # # spec file for package libcap # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,16 +17,17 @@ Name: libcap +Version: 2.30 +Release: 0 Summary: Library for Capabilities (linux-privs) Support License: BSD-3-Clause AND GPL-2.0-only Group: Development/Libraries/C and C++ -Version: 2.25 -Release: 0 +URL: https://sites.google.com/site/fullycapable/ Source: https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/libcap-%{version}.tar.xz Source2: baselibs.conf -Url: https://sites.google.com/site/fullycapable/ BuildRequires: fdupes -BuildRequires: pkg-config +BuildRequires: glibc-devel-static +BuildRequires: pkgconfig %description Capabilities are a measure to limit the omnipotence of the superuser. @@ -48,8 +49,6 @@ control. Without kernel patches, you can use this library to drop capabilities within setuid binaries. If you use patches, this can be done automatically by the kernel. - - %package devel Summary: Development files for libcap Group: Development/Libraries/C and C++ @@ -76,9 +75,10 @@ libcap. %prep %setup -q + %build make prefix=%{_prefix} lib=%{_lib} LIBDIR=%{_libdir} SBINDIR=%{_sbindir} \ - INCDIR=%{_includedir} MANDIR=%{_mandir} DEBUG="-g %{optflags}" + INCDIR=%{_includedir} MANDIR=%{_mandir} DYNAMIC=yes DEBUG="-g %{optflags}" %install make install RAISE_SETFCAP=no \ @@ -88,34 +88,36 @@ make install RAISE_SETFCAP=no \ INCDIR=/%{_includedir} \ MANDIR=/%{_mandir}/ \ PKGCONFIGDIR=%{_libdir}/pkgconfig/ -find %{buildroot} -type f -name '*.la' -print -delete +find %{buildroot} -type f -name "*.la" -delete -print # do not provide static libs rm %{buildroot}%{_libdir}/libcap.a -%fdupes -s $RPM_BUILD_ROOT +%fdupes -s %{buildroot} + +%check +make test %post -n libcap2 -p /sbin/ldconfig - %postun -n libcap2 -p /sbin/ldconfig %files -n libcap2 -%defattr(-,root,root) %license License %{_libdir}/libcap.so.* %files progs -%defattr(-,root,root) %{_mandir}/man1/* %{_mandir}/man8/* %{_sbindir}/* %files devel -%defattr(-,root,root) %license License %doc README CHANGELOG %{_includedir}/sys/capability.h +%{_includedir}/sys/psx_syscall.h %{_libdir}/*.so +%{_libdir}/libpsx.a %{_libdir}/pkgconfig/%{name}.pc +%{_libdir}/pkgconfig/libpsx.pc %{_mandir}/man3/* %changelog