From d1fdc3428c44b53b8504923abf98abfb24f718b1afcecc9e6b403e60ae255708 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <lnussel@suse.com>
Date: Tue, 7 Feb 2012 12:50:47 +0000
Subject: [PATCH] - add scripts for automatic package sumission - drop
 zypp-refresh-wrapper (bnc#738677)

OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=75
---
 ...-run-time-fscaps-detection-bnc-728312.diff | 140 ------------------
 permissions-2011.09.23.1037.tar.bz2           |   3 -
 permissions-2012.02.07.1309.tar.bz2           |   3 +
 permissions.changes                           |   6 +
 permissions.spec                              |   6 +-
 5 files changed, 11 insertions(+), 147 deletions(-)
 delete mode 100644 0001-disable-run-time-fscaps-detection-bnc-728312.diff
 delete mode 100644 permissions-2011.09.23.1037.tar.bz2
 create mode 100644 permissions-2012.02.07.1309.tar.bz2

diff --git a/0001-disable-run-time-fscaps-detection-bnc-728312.diff b/0001-disable-run-time-fscaps-detection-bnc-728312.diff
deleted file mode 100644
index e402189..0000000
--- a/0001-disable-run-time-fscaps-detection-bnc-728312.diff
+++ /dev/null
@@ -1,140 +0,0 @@
-From 94311258bfdf3ad86938bd50aaef4a83ca04eae5 Mon Sep 17 00:00:00 2001
-From: Ludwig Nussel <ludwig.nussel@suse.de>
-Date: Mon, 7 Nov 2011 10:34:38 +0100
-Subject: [PATCH] disable run time fscaps detection (bnc#728312)
-
-PERMISSIONS_FSCAPS setting in /etc/sysconfig/security allows to enable
-them again.
----
- chkstat.8 |    5 +++--
- chkstat.c |   40 ++++++++++++++++++++++++++++------------
- 2 files changed, 31 insertions(+), 14 deletions(-)
-
-diff --git a/chkstat.8 b/chkstat.8
-index 3492e21..364a237 100644
---- a/chkstat.8
-+++ b/chkstat.8
-@@ -52,8 +52,9 @@ Opposite of --set, ie warn only but don't make actual changes
- Omit printing the output header lines.
- .TP
- .IR \-\-fscaps,\ \-\-no\-fscaps
--Force or disable use of fscaps. Default is to automatically
--determine whether the running kernel supports fscaps.
-+Enable or disable use of fscaps. In system mode the setting of
-+PERMISSIONS_FSCAPS determines whether fscaps are on or off when this
-+option is not set.
- .TP
- .IR \-\-examine\ file
- Check permissions for this file instead of all files listed in the permissions files.
-diff --git a/chkstat.c b/chkstat.c
-index e5c9b15..8682c3e 100644
---- a/chkstat.c
-+++ b/chkstat.c
-@@ -54,6 +54,7 @@ int nlevel;
- char** level;
- int do_set = -1;
- int default_set = 1;
-+int have_fscaps = -1;
- char** permfiles = NULL;
- int npermfiles = 0;
- char* force_level;
-@@ -281,6 +282,24 @@ parse_sysconf(const char* file)
- 	      //fprintf(stderr, "invalid value for CHECK_PERMISSIONS (must be 'set', 'warn' or 'no')\n");
- 	    }
- 	}
-+      else if (have_fscaps == -1 && !strncmp(p, "PERMISSIONS_FSCAPS=", 19))
-+	{
-+	  p+=19;
-+	  if (isquote(*p))
-+	    ++p;
-+	  if (!strncmp(p, "yes", 3))
-+	    {
-+	      p+=3;
-+	      if (isquote(*p) || !*p)
-+		have_fscaps=1;
-+	    }
-+	  else if (!strncmp(p, "no", 2))
-+	    {
-+	      p+=2;
-+	      if (isquote(*p) || !*p)
-+		have_fscaps=0;
-+	    }
-+	}
-     }
-   fclose(fp);
-   return 0;
-@@ -515,18 +534,18 @@ check_fscaps_enabled()
- {
-   FILE* fp;
-   char line[128];
--  int have_fscaps = FSCAPS_DEFAULT_ENABLED;
-+  int val = FSCAPS_DEFAULT_ENABLED;
-   if ((fp = fopen("/sys/kernel/fscaps", "r")) == 0)
-     {
-       goto out;
-     }
-   if (readline(fp, line, sizeof(line)))
-     {
--      have_fscaps = atoi(line);
-+      val = atoi(line);
-     }
-   fclose(fp);
- out:
--  return have_fscaps;
-+  return val;
- }
- 
- int
-@@ -552,7 +571,6 @@ main(int argc, char **argv)
-   int fd, r;
-   int errors = 0;
-   cap_t caps = NULL;
--  int have_fscaps = -1;
- 
-   while (argc > 1)
-     {
-@@ -692,9 +710,6 @@ main(int argc, char **argv)
-       break;
-     }
- 
--  if (have_fscaps == -1)
--      have_fscaps = check_fscaps_enabled();
--
-   if (systemmode)
-     {
-       const char file[] = "/etc/sysconfig/security";
-@@ -747,6 +762,11 @@ main(int argc, char **argv)
-       permfiles = &argv[1];
-     }
- 
-+  if (have_fscaps == 1 && !check_fscaps_enabled())
-+    {
-+      fprintf(stderr, "Warning: running kernel does not support fscaps\n");
-+    }
-+
-   if  (do_set == -1)
-     do_set = 0;
- 
-@@ -802,7 +822,7 @@ main(int argc, char **argv)
- 		}
- 	      if (!strncmp(p, "+capabilities ", 14))
- 		{
--		  if (!have_fscaps)
-+		  if (have_fscaps != 1)
- 		    continue;
- 		  p += 14;
- 		  caps = cap_from_text(p);
-@@ -900,10 +920,6 @@ main(int argc, char **argv)
- 	  printf("Checking permissions and ownerships - using the permissions files\n");
- 	  for (i = 0; i < npermfiles; i++)
- 	    printf("\t%s\n", permfiles[i]);
--	  if (!have_fscaps)
--	    {
--	      printf("kernel has fscaps support disabled.\n");
--	    }
- 	  if (rootl)
- 	    {
- 	      printf("Using root %s\n", root);
--- 
-1.7.3.4
-
diff --git a/permissions-2011.09.23.1037.tar.bz2 b/permissions-2011.09.23.1037.tar.bz2
deleted file mode 100644
index 393a018..0000000
--- a/permissions-2011.09.23.1037.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e54213911d37826ed7e9fa5170b3b74c36ada247a0a82110ef63acec40e562a6
-size 19062
diff --git a/permissions-2012.02.07.1309.tar.bz2 b/permissions-2012.02.07.1309.tar.bz2
new file mode 100644
index 0000000..f576bf5
--- /dev/null
+++ b/permissions-2012.02.07.1309.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2dc66fd5790d12d08b619d88585736e708965cef26a76be0ae694652ad1dad49
+size 20162
diff --git a/permissions.changes b/permissions.changes
index 4e83ca3..5a10cc7 100644
--- a/permissions.changes
+++ b/permissions.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Feb  7 12:09:17 UTC 2012 - lnussel@suse.de
+
+- add scripts for automatic package sumission
+- drop zypp-refresh-wrapper (bnc#738677)
+
 -------------------------------------------------------------------
 Mon Nov  7 09:39:43 UTC 2011 - lnussel@suse.de
 
diff --git a/permissions.spec b/permissions.spec
index 94dd734..668f12f 100644
--- a/permissions.spec
+++ b/permissions.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package permissions
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -24,13 +24,12 @@ Name:           permissions
 License:        GPL-2.0+
 Group:          Productivity/Security
 AutoReqProv:    on
-Version:        2011.09.23.1037
+Version:        2012.02.07.1309
 Release:        1
 Provides:       aaa_base:/etc/permissions
 PreReq:         %fillup_prereq
 Summary:        SUSE Linux Default Permissions
 Source:         permissions-%{version}.tar.bz2
-Patch0:         0001-disable-run-time-fscaps-detection-bnc-728312.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Url:            http://gitorious.org/opensuse/permissions
 
@@ -49,7 +48,6 @@ Authors:
 
 %prep
 %setup -q
-%patch0 -p1
 
 %build
 make %{?_smp_mflags} CFLAGS="-W -Wall $RPM_OPT_FLAGS" FSCAPS_DEFAULT_ENABLED=0