Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libcap-ng for openSUSE:Factory
checked in at 2021-12-14 22:01:45
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libcap-ng (Old)
and /work/SRC/openSUSE:Factory/.libcap-ng.new.2520 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libcap-ng"
Tue Dec 14 22:01:45 2021 rev:30 rq:939039 version:0.7.11
Changes:
--------
--- /work/SRC/openSUSE:Factory/libcap-ng/libcap-ng-python.changes
2020-05-13 22:55:01.378884986 +0200
+++ /work/SRC/openSUSE:Factory/.libcap-ng.new.2520/libcap-ng-python.changes
2021-12-14 22:01:47.115133871 +0100
@@ -1,0 +2,9 @@
+Thu Dec 9 22:05:19 UTC 2021 - Ferdinand Thiessen <r...@fthiessen.de>
+
+- Update to 0.7.11
+ * Really clear bounding set if asked in capng_change_id
+ * Add CAP_PERFMON, CAP_BPF, & CAP_CHECKPOINT_RESTORE
+ * Avoid malloc/free in capng_apply (Natanael Copa)
+ * If procfs is not available, get bounding set via prctl
+
+-------------------------------------------------------------------
--- /work/SRC/openSUSE:Factory/libcap-ng/libcap-ng.changes 2020-05-13
22:55:01.414885055 +0200
+++ /work/SRC/openSUSE:Factory/.libcap-ng.new.2520/libcap-ng.changes
2021-12-14 22:01:47.195133916 +0100
@@ -1,0 +2,10 @@
+Thu Dec 9 22:05:19 UTC 2021 - Ferdinand Thiessen <r...@fthiessen.de>
+
+- Update to 0.7.11
+ * Really clear bounding set if asked in capng_change_id
+ * Add CAP_PERFMON, CAP_BPF, & CAP_CHECKPOINT_RESTORE
+ * Avoid malloc/free in capng_apply (Natanael Copa)
+ * If procfs is not available, get bounding set via prctl
+- Removed unneeded rules from rpmlintrc
+
+-------------------------------------------------------------------
Old:
----
libcap-ng-0.7.10.tar.gz
New:
----
libcap-ng-0.7.11.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libcap-ng-python.spec ++++++
--- /var/tmp/diff_new_pack.zYsn9P/_old 2021-12-14 22:01:48.039134397 +0100
+++ /var/tmp/diff_new_pack.zYsn9P/_new 2021-12-14 22:01:48.043134400 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libcap-ng-python
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%bcond_without python2
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: libcap-ng-python
-Version: 0.7.10
+Version: 0.7.11
Release: 0
Summary: An alternate Linux/POSIX capabilities library
License: LGPL-2.1-or-later
@@ -59,7 +59,6 @@
The libcap-ng-python package contains the bindings so that libcap-ng
and can be used by Python applications.
-
%prep
%setup -q -n libcap-ng-%{version}
++++++ libcap-ng.spec ++++++
--- /var/tmp/diff_new_pack.zYsn9P/_old 2021-12-14 22:01:48.079134420 +0100
+++ /var/tmp/diff_new_pack.zYsn9P/_new 2021-12-14 22:01:48.087134425 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libcap-ng
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%define sover 0
Name: libcap-ng
-Version: 0.7.10
+Version: 0.7.11
Release: 0
Summary: An alternate Linux/POSIX capabilities library
License: LGPL-2.1-or-later
++++++ libcap-ng-0.7.10.tar.gz -> libcap-ng-0.7.11.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/ChangeLog
new/libcap-ng-0.7.11/ChangeLog
--- old/libcap-ng-0.7.10/ChangeLog 2019-10-01 20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/ChangeLog 2020-08-23 23:57:31.000000000 +0200
@@ -1,3 +1,10 @@
+0.7.11
+- Really clear bounding set if asked in capng_change_id
+- Add CAP_PERFMON, CAP_BPF, & CAP_CHECKPOINT_RESTORE
+- Avoid malloc/free in capng_apply (Natanael Copa)
+- If procfs is not available, get bounding set via prctl
+- Cleanup some compiler warnings
+
0.7.10
- Update capng_change_id man page
- Add capng_have_permitted_capabilities function
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/bindings/python/Makefile.in
new/libcap-ng-0.7.11/bindings/python/Makefile.in
--- old/libcap-ng-0.7.10/bindings/python/Makefile.in 2019-10-01
20:29:28.000000000 +0200
+++ new/libcap-ng-0.7.11/bindings/python/Makefile.in 2020-08-23
23:57:36.000000000 +0200
@@ -214,7 +214,7 @@
esac
am__py_compile = PYTHON=$(PYTHON) $(SHELL) $(py_compile)
am__pep3147_tweak = \
- sed -e 's|\.py$$||' -e 's|[^/]*$$|&.*.pyc\n&.*.pyo|'
+ sed -e 's|\.py$$||' -e 's|[^/]*$$|__pycache__/&.*.py|'
py_compile = $(top_srcdir)/py-compile
RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
@@ -581,15 +581,20 @@
dir='$(DESTDIR)$(pyexecdir)'; \
pyc_files=`echo "$$py_files" | sed 's|$$|c|'`; \
pyo_files=`echo "$$py_files" | sed 's|$$|o|'`; \
+ py_files_pep3147=`echo "$$py_files" | $(am__pep3147_tweak)`; \
+ echo "$$py_files_pep3147";\
+ pyc_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|c|'`; \
+ pyo_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|o|'`; \
st=0; \
- for files in "$$py_files" "$$pyc_files" "$$pyo_files"; do \
+ for files in \
+ "$$py_files" \
+ "$$pyc_files" \
+ "$$pyo_files" \
+ "$$pyc_files_pep3147" \
+ "$$pyo_files_pep3147" \
+ ; do \
$(am__uninstall_files_from_dir) || st=$$?; \
done; \
- dir='$(DESTDIR)$(pyexecdir)/__pycache__'; \
- echo "$$py_files" | $(am__pep3147_tweak) | $(am__base_list) | \
- while read files; do \
- $(am__uninstall_files_from_dir) || st=$$?; \
- done || exit $$?; \
exit $$st
# This directory's subdirectories are mostly independent; you can cd
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/bindings/python/capng.py
new/libcap-ng-0.7.11/bindings/python/capng.py
--- old/libcap-ng-0.7.10/bindings/python/capng.py 2019-10-01
20:29:32.000000000 +0200
+++ new/libcap-ng-0.7.11/bindings/python/capng.py 2020-08-23
23:57:39.000000000 +0200
@@ -1,85 +1,24 @@
# This file was automatically generated by SWIG (http://www.swig.org).
-# Version 3.0.12
+# Version 4.0.1
#
# Do not make changes to this file unless you know what you are doing--modify
# the SWIG interface file instead.
from sys import version_info as _swig_python_version_info
-if _swig_python_version_info >= (2, 7, 0):
- def swig_import_helper():
- import importlib
- pkg = __name__.rpartition('.')[0]
- mname = '.'.join((pkg, '_capng')).lstrip('.')
- try:
- return importlib.import_module(mname)
- except ImportError:
- return importlib.import_module('_capng')
- _capng = swig_import_helper()
- del swig_import_helper
-elif _swig_python_version_info >= (2, 6, 0):
- def swig_import_helper():
- from os.path import dirname
- import imp
- fp = None
- try:
- fp, pathname, description = imp.find_module('_capng',
[dirname(__file__)])
- except ImportError:
- import _capng
- return _capng
- try:
- _mod = imp.load_module('_capng', fp, pathname, description)
- finally:
- if fp is not None:
- fp.close()
- return _mod
- _capng = swig_import_helper()
- del swig_import_helper
+if _swig_python_version_info < (2, 7, 0):
+ raise RuntimeError("Python 2.7 or later required")
+
+# Import the low-level C/C++ module
+if __package__ or "." in __name__:
+ from . import _capng
else:
import _capng
-del _swig_python_version_info
-
-try:
- _swig_property = property
-except NameError:
- pass # Python < 2.2 doesn't have 'property'.
try:
import builtins as __builtin__
except ImportError:
import __builtin__
-def _swig_setattr_nondynamic(self, class_type, name, value, static=1):
- if (name == "thisown"):
- return self.this.own(value)
- if (name == "this"):
- if type(value).__name__ == 'SwigPyObject':
- self.__dict__[name] = value
- return
- method = class_type.__swig_setmethods__.get(name, None)
- if method:
- return method(self, value)
- if (not static):
- if _newclass:
- object.__setattr__(self, name, value)
- else:
- self.__dict__[name] = value
- else:
- raise AttributeError("You cannot add attributes to %s" % self)
-
-
-def _swig_setattr(self, class_type, name, value):
- return _swig_setattr_nondynamic(self, class_type, name, value, 0)
-
-
-def _swig_getattr(self, class_type, name):
- if (name == "thisown"):
- return self.this.own()
- method = class_type.__swig_getmethods__.get(name, None)
- if method:
- return method(self)
- raise AttributeError("'%s' object has no attribute '%s'" %
(class_type.__name__, name))
-
-
def _swig_repr(self):
try:
strthis = "proxy of " + self.this.__repr__()
@@ -87,13 +26,40 @@
strthis = ""
return "<%s.%s; %s >" % (self.__class__.__module__,
self.__class__.__name__, strthis,)
-try:
- _object = object
- _newclass = 1
-except __builtin__.Exception:
- class _object:
- pass
- _newclass = 0
+
+def _swig_setattr_nondynamic_instance_variable(set):
+ def set_instance_attr(self, name, value):
+ if name == "thisown":
+ self.this.own(value)
+ elif name == "this":
+ set(self, name, value)
+ elif hasattr(self, name) and isinstance(getattr(type(self), name),
property):
+ set(self, name, value)
+ else:
+ raise AttributeError("You cannot add instance attributes to %s" %
self)
+ return set_instance_attr
+
+
+def _swig_setattr_nondynamic_class_variable(set):
+ def set_class_attr(cls, name, value):
+ if hasattr(cls, name) and not isinstance(getattr(cls, name), property):
+ set(cls, name, value)
+ else:
+ raise AttributeError("You cannot add class attributes to %s" % cls)
+ return set_class_attr
+
+
+def _swig_add_metaclass(metaclass):
+ """Class decorator for adding a metaclass to a SWIG wrapped class - a
slimmed down version of six.add_metaclass"""
+ def wrapper(cls):
+ return metaclass(cls.__name__, cls.__bases__, cls.__dict__.copy())
+ return wrapper
+
+
+class _SwigNonDynamicMeta(type):
+ """Meta class to enforce nondynamic attributes (no new attributes) for a
class"""
+ __setattr__ = _swig_setattr_nondynamic_class_variable(type.__setattr__)
+
CAP_CHOWN = _capng.CAP_CHOWN
CAP_DAC_OVERRIDE = _capng.CAP_DAC_OVERRIDE
@@ -156,75 +122,56 @@
def capng_clear(set):
return _capng.capng_clear(set)
-capng_clear = _capng.capng_clear
def capng_fill(set):
return _capng.capng_fill(set)
-capng_fill = _capng.capng_fill
def capng_setpid(pid):
return _capng.capng_setpid(pid)
-capng_setpid = _capng.capng_setpid
def capng_get_caps_process():
return _capng.capng_get_caps_process()
-capng_get_caps_process = _capng.capng_get_caps_process
def capng_update(action, type, capability):
return _capng.capng_update(action, type, capability)
-capng_update = _capng.capng_update
-def capng_updatev(action, type, capability):
- return _capng.capng_updatev(action, type, capability)
-capng_updatev = _capng.capng_updatev
+def capng_updatev(*args):
+ return _capng.capng_updatev(*args)
def capng_apply(set):
return _capng.capng_apply(set)
-capng_apply = _capng.capng_apply
def capng_lock():
return _capng.capng_lock()
-capng_lock = _capng.capng_lock
def capng_change_id(uid, gid, flag):
return _capng.capng_change_id(uid, gid, flag)
-capng_change_id = _capng.capng_change_id
def capng_get_caps_fd(fd):
return _capng.capng_get_caps_fd(fd)
-capng_get_caps_fd = _capng.capng_get_caps_fd
def capng_apply_caps_fd(fd):
return _capng.capng_apply_caps_fd(fd)
-capng_apply_caps_fd = _capng.capng_apply_caps_fd
def capng_have_capabilities(set):
return _capng.capng_have_capabilities(set)
-capng_have_capabilities = _capng.capng_have_capabilities
def capng_have_permitted_capabilities():
return _capng.capng_have_permitted_capabilities()
-capng_have_permitted_capabilities = _capng.capng_have_permitted_capabilities
def capng_have_capability(which, capability):
return _capng.capng_have_capability(which, capability)
-capng_have_capability = _capng.capng_have_capability
def capng_print_caps_numeric(where, set):
return _capng.capng_print_caps_numeric(where, set)
-capng_print_caps_numeric = _capng.capng_print_caps_numeric
def capng_print_caps_text(where, which):
return _capng.capng_print_caps_text(where, which)
-capng_print_caps_text = _capng.capng_print_caps_text
def capng_name_to_capability(name):
return _capng.capng_name_to_capability(name)
-capng_name_to_capability = _capng.capng_name_to_capability
def capng_capability_to_name(capability):
return _capng.capng_capability_to_name(capability)
-capng_capability_to_name = _capng.capng_capability_to_name
-# This file is compatible with both classic and new-style classes.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/bindings/python/test/capng-test.py
new/libcap-ng-0.7.11/bindings/python/test/capng-test.py
--- old/libcap-ng-0.7.10/bindings/python/test/capng-test.py 2019-10-01
20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/bindings/python/test/capng-test.py 2020-08-23
23:57:31.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python2
import os
import sys
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/bindings/python3/Makefile.in
new/libcap-ng-0.7.11/bindings/python3/Makefile.in
--- old/libcap-ng-0.7.10/bindings/python3/Makefile.in 2019-10-01
20:29:28.000000000 +0200
+++ new/libcap-ng-0.7.11/bindings/python3/Makefile.in 2020-08-23
23:57:36.000000000 +0200
@@ -183,7 +183,7 @@
*) (install-info --version) >/dev/null 2>&1;; \
esac
am__pep3147_tweak = \
- sed -e 's|\.py$$||' -e 's|[^/]*$$|&.*.pyc\n&.*.pyo|'
+ sed -e 's|\.py$$||' -e 's|[^/]*$$|__pycache__/&.*.py|'
py_compile = $(top_srcdir)/py-compile
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
# Read a list of newline-separated strings from the standard input,
@@ -540,15 +540,20 @@
dir='$(DESTDIR)$(py3execdir)'; \
pyc_files=`echo "$$py_files" | sed 's|$$|c|'`; \
pyo_files=`echo "$$py_files" | sed 's|$$|o|'`; \
+ py_files_pep3147=`echo "$$py_files" | $(am__pep3147_tweak)`; \
+ echo "$$py_files_pep3147";\
+ pyc_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|c|'`; \
+ pyo_files_pep3147=`echo "$$py_files_pep3147" | sed 's|$$|o|'`; \
st=0; \
- for files in "$$py_files" "$$pyc_files" "$$pyo_files"; do \
+ for files in \
+ "$$py_files" \
+ "$$pyc_files" \
+ "$$pyo_files" \
+ "$$pyc_files_pep3147" \
+ "$$pyo_files_pep3147" \
+ ; do \
$(am__uninstall_files_from_dir) || st=$$?; \
done; \
- dir='$(DESTDIR)$(py3execdir)/__pycache__'; \
- echo "$$py_files" | $(am__pep3147_tweak) | $(am__base_list) | \
- while read files; do \
- $(am__uninstall_files_from_dir) || st=$$?; \
- done || exit $$?; \
exit $$st
ID: $(am__tagged_files)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/bindings/python3/capng.py
new/libcap-ng-0.7.11/bindings/python3/capng.py
--- old/libcap-ng-0.7.10/bindings/python3/capng.py 2019-10-01
20:29:32.000000000 +0200
+++ new/libcap-ng-0.7.11/bindings/python3/capng.py 2020-08-23
23:57:40.000000000 +0200
@@ -1,82 +1,24 @@
# This file was automatically generated by SWIG (http://www.swig.org).
-# Version 3.0.12
+# Version 4.0.1
#
# Do not make changes to this file unless you know what you are doing--modify
# the SWIG interface file instead.
from sys import version_info as _swig_python_version_info
-if _swig_python_version_info >= (2, 7, 0):
- def swig_import_helper():
- import importlib
- pkg = __name__.rpartition('.')[0]
- mname = '.'.join((pkg, '_capng')).lstrip('.')
- try:
- return importlib.import_module(mname)
- except ImportError:
- return importlib.import_module('_capng')
- _capng = swig_import_helper()
- del swig_import_helper
-elif _swig_python_version_info >= (2, 6, 0):
- def swig_import_helper():
- from os.path import dirname
- import imp
- fp = None
- try:
- fp, pathname, description = imp.find_module('_capng',
[dirname(__file__)])
- except ImportError:
- import _capng
- return _capng
- try:
- _mod = imp.load_module('_capng', fp, pathname, description)
- finally:
- if fp is not None:
- fp.close()
- return _mod
- _capng = swig_import_helper()
- del swig_import_helper
+if _swig_python_version_info < (2, 7, 0):
+ raise RuntimeError("Python 2.7 or later required")
+
+# Import the low-level C/C++ module
+if __package__ or "." in __name__:
+ from . import _capng
else:
import _capng
-del _swig_python_version_info
-
-try:
- _swig_property = property
-except NameError:
- pass # Python < 2.2 doesn't have 'property'.
try:
import builtins as __builtin__
except ImportError:
import __builtin__
-def _swig_setattr_nondynamic(self, class_type, name, value, static=1):
- if (name == "thisown"):
- return self.this.own(value)
- if (name == "this"):
- if type(value).__name__ == 'SwigPyObject':
- self.__dict__[name] = value
- return
- method = class_type.__swig_setmethods__.get(name, None)
- if method:
- return method(self, value)
- if (not static):
- object.__setattr__(self, name, value)
- else:
- raise AttributeError("You cannot add attributes to %s" % self)
-
-
-def _swig_setattr(self, class_type, name, value):
- return _swig_setattr_nondynamic(self, class_type, name, value, 0)
-
-
-def _swig_getattr(self, class_type, name):
- if (name == "thisown"):
- return self.this.own()
- method = class_type.__swig_getmethods__.get(name, None)
- if method:
- return method(self)
- raise AttributeError("'%s' object has no attribute '%s'" %
(class_type.__name__, name))
-
-
def _swig_repr(self):
try:
strthis = "proxy of " + self.this.__repr__()
@@ -85,15 +27,38 @@
return "<%s.%s; %s >" % (self.__class__.__module__,
self.__class__.__name__, strthis,)
-def _swig_setattr_nondynamic_method(set):
- def set_attr(self, name, value):
- if (name == "thisown"):
- return self.this.own(value)
- if hasattr(self, name) or (name == "this"):
+def _swig_setattr_nondynamic_instance_variable(set):
+ def set_instance_attr(self, name, value):
+ if name == "thisown":
+ self.this.own(value)
+ elif name == "this":
+ set(self, name, value)
+ elif hasattr(self, name) and isinstance(getattr(type(self), name),
property):
set(self, name, value)
else:
- raise AttributeError("You cannot add attributes to %s" % self)
- return set_attr
+ raise AttributeError("You cannot add instance attributes to %s" %
self)
+ return set_instance_attr
+
+
+def _swig_setattr_nondynamic_class_variable(set):
+ def set_class_attr(cls, name, value):
+ if hasattr(cls, name) and not isinstance(getattr(cls, name), property):
+ set(cls, name, value)
+ else:
+ raise AttributeError("You cannot add class attributes to %s" % cls)
+ return set_class_attr
+
+
+def _swig_add_metaclass(metaclass):
+ """Class decorator for adding a metaclass to a SWIG wrapped class - a
slimmed down version of six.add_metaclass"""
+ def wrapper(cls):
+ return metaclass(cls.__name__, cls.__bases__, cls.__dict__.copy())
+ return wrapper
+
+
+class _SwigNonDynamicMeta(type):
+ """Meta class to enforce nondynamic attributes (no new attributes) for a
class"""
+ __setattr__ = _swig_setattr_nondynamic_class_variable(type.__setattr__)
CAP_CHOWN = _capng.CAP_CHOWN
@@ -155,76 +120,58 @@
CAPNG_CLEAR_BOUNDING = _capng.CAPNG_CLEAR_BOUNDING
CAPNG_INIT_SUPP_GRP = _capng.CAPNG_INIT_SUPP_GRP
-def capng_clear(set: 'capng_select_t') -> "void":
+def capng_clear(set: "capng_select_t") -> "void":
return _capng.capng_clear(set)
-capng_clear = _capng.capng_clear
-def capng_fill(set: 'capng_select_t') -> "void":
+def capng_fill(set: "capng_select_t") -> "void":
return _capng.capng_fill(set)
-capng_fill = _capng.capng_fill
-def capng_setpid(pid: 'int') -> "void":
+def capng_setpid(pid: "int") -> "void":
return _capng.capng_setpid(pid)
-capng_setpid = _capng.capng_setpid
def capng_get_caps_process() -> "int":
return _capng.capng_get_caps_process()
-capng_get_caps_process = _capng.capng_get_caps_process
-def capng_update(action: 'capng_act_t', type: 'capng_type_t', capability:
'unsigned int') -> "int":
+def capng_update(action: "capng_act_t", type: "capng_type_t", capability:
"unsigned int") -> "int":
return _capng.capng_update(action, type, capability)
-capng_update = _capng.capng_update
-def capng_updatev(action: 'capng_act_t', type: 'capng_type_t', capability:
'unsigned int') -> "int":
- return _capng.capng_updatev(action, type, capability)
-capng_updatev = _capng.capng_updatev
+def capng_updatev(*args) -> "int":
+ return _capng.capng_updatev(*args)
-def capng_apply(set: 'capng_select_t') -> "int":
+def capng_apply(set: "capng_select_t") -> "int":
return _capng.capng_apply(set)
-capng_apply = _capng.capng_apply
def capng_lock() -> "int":
return _capng.capng_lock()
-capng_lock = _capng.capng_lock
-def capng_change_id(uid: 'int', gid: 'int', flag: 'capng_flags_t') -> "int":
+def capng_change_id(uid: "int", gid: "int", flag: "capng_flags_t") -> "int":
return _capng.capng_change_id(uid, gid, flag)
-capng_change_id = _capng.capng_change_id
-def capng_get_caps_fd(fd: 'int') -> "int":
+def capng_get_caps_fd(fd: "int") -> "int":
return _capng.capng_get_caps_fd(fd)
-capng_get_caps_fd = _capng.capng_get_caps_fd
-def capng_apply_caps_fd(fd: 'int') -> "int":
+def capng_apply_caps_fd(fd: "int") -> "int":
return _capng.capng_apply_caps_fd(fd)
-capng_apply_caps_fd = _capng.capng_apply_caps_fd
-def capng_have_capabilities(set: 'capng_select_t') -> "capng_results_t":
+def capng_have_capabilities(set: "capng_select_t") -> "capng_results_t":
return _capng.capng_have_capabilities(set)
-capng_have_capabilities = _capng.capng_have_capabilities
def capng_have_permitted_capabilities() -> "capng_results_t":
return _capng.capng_have_permitted_capabilities()
-capng_have_permitted_capabilities = _capng.capng_have_permitted_capabilities
-def capng_have_capability(which: 'capng_type_t', capability: 'unsigned int')
-> "int":
+def capng_have_capability(which: "capng_type_t", capability: "unsigned int")
-> "int":
return _capng.capng_have_capability(which, capability)
-capng_have_capability = _capng.capng_have_capability
-def capng_print_caps_numeric(where: 'capng_print_t', set: 'capng_select_t') ->
"char *":
+def capng_print_caps_numeric(where: "capng_print_t", set: "capng_select_t") ->
"char *":
return _capng.capng_print_caps_numeric(where, set)
-capng_print_caps_numeric = _capng.capng_print_caps_numeric
-def capng_print_caps_text(where: 'capng_print_t', which: 'capng_type_t') ->
"char *":
+def capng_print_caps_text(where: "capng_print_t", which: "capng_type_t") ->
"char *":
return _capng.capng_print_caps_text(where, which)
-capng_print_caps_text = _capng.capng_print_caps_text
-def capng_name_to_capability(name: 'char const *') -> "int":
+def capng_name_to_capability(name: "char const *") -> "int":
return _capng.capng_name_to_capability(name)
-capng_name_to_capability = _capng.capng_name_to_capability
-def capng_capability_to_name(capability: 'unsigned int') -> "char const *":
+def capng_capability_to_name(capability: "unsigned int") -> "char const *":
return _capng.capng_capability_to_name(capability)
-capng_capability_to_name = _capng.capng_capability_to_name
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/configure
new/libcap-ng-0.7.11/configure
--- old/libcap-ng-0.7.10/configure 2019-10-01 20:29:27.000000000 +0200
+++ new/libcap-ng-0.7.11/configure 2020-08-23 23:57:35.000000000 +0200
@@ -1,7 +1,7 @@
#! /bin/sh
# From configure.ac Revision: 1.3 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for libcap-ng 0.7.10.
+# Generated by GNU Autoconf 2.69 for libcap-ng 0.7.11.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -588,8 +588,8 @@
# Identity of this package.
PACKAGE_NAME='libcap-ng'
PACKAGE_TARNAME='libcap-ng'
-PACKAGE_VERSION='0.7.10'
-PACKAGE_STRING='libcap-ng 0.7.10'
+PACKAGE_VERSION='0.7.11'
+PACKAGE_STRING='libcap-ng 0.7.11'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -1350,7 +1350,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures libcap-ng 0.7.10 to adapt to many kinds of systems.
+\`configure' configures libcap-ng 0.7.11 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1421,7 +1421,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of libcap-ng 0.7.10:";;
+ short | recursive ) echo "Configuration of libcap-ng 0.7.11:";;
esac
cat <<\_ACEOF
@@ -1536,7 +1536,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-libcap-ng configure 0.7.10
+libcap-ng configure 0.7.11
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1901,7 +1901,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by libcap-ng $as_me 0.7.10, which was
+It was created by libcap-ng $as_me 0.7.11, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2880,7 +2880,7 @@
# Define the identity of the package.
PACKAGE='libcap-ng'
- VERSION='0.7.10'
+ VERSION='0.7.11'
cat >>confdefs.h <<_ACEOF
@@ -12965,6 +12965,61 @@
cat >>confdefs.h <<_ACEOF
#define HAVE_PTHREAD_H 1
_ACEOF
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing
pthread_atfork" >&5
+$as_echo_n "checking for library containing pthread_atfork... " >&6; }
+if ${ac_cv_search_pthread_atfork+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char pthread_atfork ();
+int
+main ()
+{
+return pthread_atfork ();
+ ;
+ return 0;
+}
+_ACEOF
+for ac_lib in '' pthread; do
+ if test -z "$ac_lib"; then
+ ac_res="none required"
+ else
+ ac_res=-l$ac_lib
+ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
+ fi
+ if ac_fn_c_try_link "$LINENO"; then :
+ ac_cv_search_pthread_atfork=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext
+ if ${ac_cv_search_pthread_atfork+:} false; then :
+ break
+fi
+done
+if ${ac_cv_search_pthread_atfork+:} false; then :
+
+else
+ ac_cv_search_pthread_atfork=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_pthread_atfork"
>&5
+$as_echo "$ac_cv_search_pthread_atfork" >&6; }
+ac_res=$ac_cv_search_pthread_atfork
+if test "$ac_res" != no; then :
+ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pthread.h not found" >&5
@@ -13240,7 +13295,7 @@
use_python=auto
fi
-if test x$use_python = xno ; then
+if test "x$use_python" = xno ; then
python_found="no"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
@@ -13248,6 +13303,62 @@
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: testing" >&5
$as_echo "testing" >&6; }
+# Try to find a versioned Python2 interpreter,
+# if not explicitly specified by the user.
+if test "x$PYTHON" = "x"; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for versioned Python2
interpreter" >&5
+$as_echo_n "checking for versioned Python2 interpreter... " >&6; }
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: " >&5
+$as_echo "" >&6; }
+ for python2 in python2 python2.7 python2.6 python2.5 python2.4 python2.3
python2.2 python2.1 python2.0; do
+ # Extract the first word of "$python2", so it can be a program name with
args.
+set dummy $python2; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_path_PYTHON+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ case $PYTHON in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_PYTHON="$PYTHON" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+ ac_cv_path_PYTHON="$as_dir/$ac_word$ac_exec_ext"
+ $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext"
>&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+fi
+PYTHON=$ac_cv_path_PYTHON
+if test -n "$PYTHON"; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON" >&5
+$as_echo "$PYTHON" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ if test "x$PYTHON" != "x"; then
+ break;
+ fi
+ done
+fi
+
+# Setup Python2 with the interpreter found previously.
+
@@ -13464,7 +13575,7 @@
$as_echo "$as_me: Python bindings will be built" >&6;}
else
python_found="no"
- if test x$use_python = xyes ; then
+ if test "x$use_python" = xyes ; then
as_fn_error $? "Python explicitly requested and python headers
were not found" "$LINENO" 5
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \"Python
headers not found - python bindings will not be made\"" >&5
@@ -14184,7 +14295,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by libcap-ng $as_me 0.7.10, which was
+This file was extended by libcap-ng $as_me 0.7.11, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -14250,7 +14361,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-libcap-ng config.status 0.7.10
+libcap-ng config.status 0.7.11
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/configure.ac
new/libcap-ng-0.7.11/configure.ac
--- old/libcap-ng-0.7.10/configure.ac 2019-10-01 20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/configure.ac 2020-08-23 23:57:31.000000000 +0200
@@ -1,7 +1,7 @@
dnl
define([AC_INIT_NOTICE],
[### Generated automatically using autoconf version] AC_ACVERSION [
-### Copyright 2009-2019 Steve Grubb <sgr...@redhat.com>
+### Copyright 2009-2020 Steve Grubb <sgr...@redhat.com>
###
### Permission is hereby granted, free of charge, to any person obtaining a
### copy of this software and associated documentation files (the "Software"),
@@ -29,7 +29,7 @@
])
AC_REVISION($Revision: 1.3 $)dnl
-AC_INIT(libcap-ng,0.7.10)
+AC_INIT(libcap-ng,0.7.11)
AC_PREREQ(2.12)dnl
AM_CONFIG_HEADER(config.h)
AC_CONFIG_MACRO_DIR([m4])
@@ -56,7 +56,9 @@
AC_CHECK_HEADERS(attr/xattr.h, [], [AC_MSG_WARN(attr/xattr.h not found,
disabling file system capabilities.)])
])
AC_CHECK_HEADERS(linux/securebits.h, [], [])
-AC_CHECK_HEADERS(pthread.h, [], [AC_MSG_WARN(pthread.h not found, disabling
pthread_atfork.)])
+AC_CHECK_HEADERS(pthread.h,
+ [AC_SEARCH_LIBS(pthread_atfork, pthread)],
+ [AC_MSG_WARN(pthread.h not found, disabling pthread_atfork.)])
AC_C_CONST
AC_C_INLINE
@@ -118,11 +120,26 @@
AS_HELP_STRING([--with-python],[enable building python bindings]),
use_python=$withval,
use_python=auto)
-if test x$use_python = xno ; then
+if test "x$use_python" = xno ; then
python_found="no"
AC_MSG_RESULT(no)
else
AC_MSG_RESULT(testing)
+
+# Try to find a versioned Python2 interpreter,
+# if not explicitly specified by the user.
+if test "x$PYTHON" = "x"; then
+ AC_MSG_CHECKING([for versioned Python2 interpreter])
+ AC_MSG_RESULT([])
+ for python2 in python2 python2.7 python2.6 python2.5 python2.4 python2.3
python2.2 python2.1 python2.0; do
+ AC_PATH_PROG([PYTHON], [$python2])
+ if test "x$PYTHON" != "x"; then
+ break;
+ fi
+ done
+fi
+
+# Setup Python2 with the interpreter found previously.
AM_PATH_PYTHON
PYINCLUDEDIR=`python${am_cv_python_version} -c "from distutils import
sysconfig; print(sysconfig.get_config_var('INCLUDEPY'))"`
if test -f ${PYINCLUDEDIR}/Python.h ; then
@@ -133,7 +150,7 @@
AC_MSG_NOTICE(Python bindings will be built)
else
python_found="no"
- if test x$use_python = xyes ; then
+ if test "x$use_python" = xyes ; then
AC_MSG_ERROR([Python explicitly requested and python headers
were not found])
else
AC_MSG_WARN("Python headers not found - python bindings will
not be made")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/docs/capng_capability_to_name.3
new/libcap-ng-0.7.11/docs/capng_capability_to_name.3
--- old/libcap-ng-0.7.10/docs/capng_capability_to_name.3 2019-10-01
20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/docs/capng_capability_to_name.3 2020-08-23
23:57:31.000000000 +0200
@@ -8,7 +8,7 @@
.SH "DESCRIPTION"
-capng_capabilityi_to_name will take the integer being passed and look it up to
see what its text string representation would be. The integer being input must
be in the valid range defined in linux/capabiliy.h. The string that is output
is the same as the define text from linux/capabiliy.h with the CAP_ prefix
removed and lower case. This is useful for taking integer representation and
converting it to something more user friendly for display.
+capng_capability_to_name will take the integer being passed and look it up to
see what its text string representation would be. The integer being input must
be in the valid range defined in linux/capabiliy.h. The string that is output
is the same as the define text from linux/capabiliy.h with the CAP_ prefix
removed and lower case. This is useful for taking integer representation and
converting it to something more user friendly for display.
.SH "RETURN VALUE"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/docs/capng_get_caps_fd.3
new/libcap-ng-0.7.11/docs/capng_get_caps_fd.3
--- old/libcap-ng-0.7.10/docs/capng_get_caps_fd.3 2019-10-01
20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/docs/capng_get_caps_fd.3 2020-08-23
23:57:31.000000000 +0200
@@ -1,6 +1,6 @@
.TH "CAPNG_GET_CAPS_FD" "3" "June 2009" "Red Hat" "Libcap-ng API"
.SH NAME
-capng_get_caps_fd \-
+capng_get_caps_fd \- Read file based capabilities
.SH "SYNOPSIS"
.B #include <cap-ng.h>
.sp
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/docs/capng_get_caps_process.3
new/libcap-ng-0.7.11/docs/capng_get_caps_process.3
--- old/libcap-ng-0.7.10/docs/capng_get_caps_process.3 2019-10-01
20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/docs/capng_get_caps_process.3 2020-08-23
23:57:31.000000000 +0200
@@ -18,6 +18,8 @@
If you are doing multi-threaded programming, calling this function will only
get capabilities on the calling thread. If you want to get overall capabilities
for a multi-threaded process, you can only do that before creating any threads.
Afterwards, threads may be able to independantly set capabilities.
+capng_get_caps_process needs a mounted /proc to read the current bounding set,
otherwise it will fail.
+
.SH "SEE ALSO"
.BR capng_setpid (3),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/docs/capng_restore_state.3
new/libcap-ng-0.7.11/docs/capng_restore_state.3
--- old/libcap-ng-0.7.10/docs/capng_restore_state.3 2019-10-01
20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/docs/capng_restore_state.3 2020-08-23
23:57:31.000000000 +0200
@@ -14,6 +14,13 @@
None.
+.SH NOTES
+
+capng_restore_state free's the previously malloc'd state, thus the state can't
be restored multiple times.
+
+The working pid is part of the restored state, if restoring the state to a
different thread, capng_setpid
+can be used to update it.
+
.SH "SEE ALSO"
.BR capng_save_state (3),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/docs/capng_save_state.3
new/libcap-ng-0.7.11/docs/capng_save_state.3
--- old/libcap-ng-0.7.10/docs/capng_save_state.3 2019-10-01
20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/docs/capng_save_state.3 2020-08-23
23:57:31.000000000 +0200
@@ -14,6 +14,10 @@
This returns NULL on failure and a non-NULL pointer otherwise.
+.SH NOTES
+
+The structure returned by capng_save_state is malloc'd; it should be free'd
if not used.
+
.SH "SEE ALSO"
.BR capng_restore_state (3),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/docs/capng_update.3
new/libcap-ng-0.7.11/docs/capng_update.3
--- old/libcap-ng-0.7.10/docs/capng_update.3 2019-10-01 20:29:23.000000000
+0200
+++ new/libcap-ng-0.7.11/docs/capng_update.3 2020-08-23 23:57:31.000000000
+0200
@@ -8,7 +8,7 @@
.SH "DESCRIPTION"
-capng_update will update the internal posix capabilities settings based on the
options passed to it. The action should be eith CAPNG_DROP to set the
capability bit to 0, or CAPNG_ADD to set the capability bit to 1. The operation
is performed on the capability set specified in the type parameter. The values
are: CAPNG_EFFECTIVE, CAPNG_PERMITTED, CAPNG_INHERITABLE, CAPNG_BOUNDING_SET.
The values may be or'ed together to perform the same operation on multiple
sets. The last paramter, capability, is the capability define as given in
linux/capability.h.
+capng_update will update the internal posix capabilities settings based on the
options passed to it. The action should be either CAPNG_DROP to set the
capability bit to 0, or CAPNG_ADD to set the capability bit to 1. The operation
is performed on the capability set specified in the type parameter. The values
are: CAPNG_EFFECTIVE, CAPNG_PERMITTED, CAPNG_INHERITABLE, CAPNG_BOUNDING_SET.
The values may be or'ed together to perform the same operation on multiple
sets. The last paramter, capability, is the capability define as given in
linux/capability.h.
.SH "RETURN VALUE"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/docs/capng_updatev.3
new/libcap-ng-0.7.11/docs/capng_updatev.3
--- old/libcap-ng-0.7.10/docs/capng_updatev.3 2019-10-01 20:29:23.000000000
+0200
+++ new/libcap-ng-0.7.11/docs/capng_updatev.3 2020-08-23 23:57:31.000000000
+0200
@@ -9,7 +9,7 @@
.SH "DESCRIPTION"
-capng_updatev will update the internal posix capabilities settings based on
the options passed to it. The action should be eith CAPNG_DROP to set the
capability bit to 0, or CAPNG_ADD to set the capability bit to 1. The operation
is performed on the capability set specified in the type parameter. The values
are: CAPNG_EFFECTIVE, CAPNG_PERMITTED, CAPNG_INHERITABLE, CAPNG_BOUNDING_SET.
The values may be or'ed together to perform the same operation on multiple
sets. The last paramter, capability, is the capability define as given in
linux/capability.h.
+capng_updatev will update the internal posix capabilities settings based on
the options passed to it. The action should be either CAPNG_DROP to set the
capability bit to 0, or CAPNG_ADD to set the capability bit to 1. The operation
is performed on the capability set specified in the type parameter. The values
are: CAPNG_EFFECTIVE, CAPNG_PERMITTED, CAPNG_INHERITABLE, CAPNG_BOUNDING_SET.
The values may be or'ed together to perform the same operation on multiple
sets. The last paramter, capability, is the capability define as given in
linux/capability.h.
This function differs from capng_update in that you may pass a list of
capabilities. This list must be terminated with a -1 value.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/libcap-ng.spec
new/libcap-ng-0.7.11/libcap-ng.spec
--- old/libcap-ng-0.7.10/libcap-ng.spec 2019-10-01 20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/libcap-ng.spec 2020-08-23 23:57:31.000000000 +0200
@@ -1,8 +1,6 @@
-%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from
distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
-
Summary: An alternate posix capabilities library
Name: libcap-ng
-Version: 0.7.10
+Version: 0.7.11
Release: 1
License: LGPLv2+
Group: System Environment/Libraries
@@ -27,22 +25,6 @@
The libcap-ng-devel package contains the files needed for developing
applications that need to use the libcap-ng library.
-%package -n python2-libcap-ng
-%{?python_provide:%python_provide python2-libcap-ng}
-# Remove in future
-Summary: Python2 bindings for libcap-ng library
-License: LGPLv2+
-Group: Development/Libraries
-BuildRequires: python2-devel swig
-Requires: %{name} = %{version}-%{release}
-Provides: %{name}-python = %{version}-%{release}
-Provides: %{name}-python%{?_isa} = %{version}-%{release}
-Obsoletes: %{name}-python < %{version}-%{release}
-
-%description python2-libcap-ng
-The python2-libcap-ng package contains the bindings so that libcap-ng
-and can be used by python2 applications.
-
%package python3
Summary: Python3 bindings for libcap-ng library
License: LGPLv2+
@@ -68,11 +50,10 @@
%setup -q
%build
-%configure --libdir=/%{_lib} --with-python --with-python3
+%configure --libdir=/%{_lib} --with-python=no --with-python3
make %{?_smp_mflags}
%install
-rm -rf $RPM_BUILD_ROOT
make DESTDIR="${RPM_BUILD_ROOT}" INSTALL='install -p' install
# Move the symlink
@@ -94,13 +75,7 @@
%check
make check
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%post -p /sbin/ldconfig
-
-%postun -p /sbin/ldconfig
-
+%ldconfig_scriptlets
%files
%defattr(-,root,root,-)
@@ -115,11 +90,6 @@
%attr(0644,root,root) %{_datadir}/aclocal/cap-ng.m4
%{_libdir}/pkgconfig/libcap-ng.pc
-%files -n python2-libcap-ng
-%defattr(-,root,root,-)
-%attr(755,root,root) %{python2_sitearch}/_capng.so
-%{python2_sitearch}/capng.py*
-
%files python3
%defattr(-,root,root,-)
%attr(755,root,root) %{python3_sitearch}/*
@@ -132,6 +102,6 @@
%attr(0644,root,root) %{_mandir}/man8/*
%changelog
-* Tue Oct 01 2019 Steve Grubb <sgr...@redhat.com> 0.7.10-1
+* Sun Aug 23 2020 Steve Grubb <sgr...@redhat.com> 0.7.11-1
- New upstream release
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/src/cap-ng.c
new/libcap-ng-0.7.11/src/cap-ng.c
--- old/libcap-ng-0.7.10/src/cap-ng.c 2019-10-01 20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/src/cap-ng.c 2020-08-23 23:57:31.000000000 +0200
@@ -1,5 +1,5 @@
/* libcap-ng.c --
- * Copyright 2009-10, 2013, 2017 Red Hat Inc., Durham, North Carolina.
+ * Copyright 2009-10, 2013, 2017, 2020 Red Hat Inc.
* All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
@@ -33,6 +33,7 @@
#include <sys/stat.h>
#include <errno.h>
#include <fcntl.h>
+#include <endian.h>
#include <byteswap.h>
#ifdef HAVE_PTHREAD_H
#include <pthread.h> // For pthread_atfork
@@ -57,6 +58,10 @@
extern int capset(cap_user_header_t header, cap_user_data_t data);
extern int capget(cap_user_header_t header, const cap_user_data_t data);
+// Local functions
+static void update_bounding_set(capng_act_t action, unsigned int capability,
+ unsigned int idx);
+
// Local defines
#define MASK(x) (1U << (x))
#ifdef PR_CAPBSET_DROP
@@ -68,7 +73,7 @@
// Re-define cap_valid so its uniform between V1 and V3
#undef cap_valid
-#define cap_valid(x) ((x) <= last_cap)
+#define cap_valid(x) ((x) <= (unsigned int)last_cap)
// If we don't have the xattr library, then we can't
// compile-in file system capabilities
@@ -166,7 +171,9 @@
static void init_lib(void) __attribute__ ((constructor));
static void init_lib(void)
{
+#ifdef HAVE_PTHREAD_H
pthread_atfork(NULL, NULL, deinit);
+#endif
}
static void init(void)
@@ -282,6 +289,7 @@
{
char buf[64];
FILE *f;
+ int rc;
snprintf(buf, sizeof(buf), "/proc/%d/status", m.hdr.pid ? m.hdr.pid :
#ifdef HAVE_SYSCALL_H
@@ -290,18 +298,34 @@
(int)getpid();
#endif
f = fopen(buf, "re");
- if (f == NULL)
- return -1;
- __fsetlocking(f, FSETLOCKING_BYCALLER);
- while (fgets(buf, sizeof(buf), f)) {
- if (strncmp(buf, "CapB", 4))
- continue;
- sscanf(buf, "CapBnd: %08x%08x", &m.bounds[1], &m.bounds[0]);
+ if (f) {
+ __fsetlocking(f, FSETLOCKING_BYCALLER);
+ while (fgets(buf, sizeof(buf), f)) {
+ if (strncmp(buf, "CapB", 4))
+ continue;
+ sscanf(buf, "CapBnd: %08x%08x",
+ &m.bounds[1], &m.bounds[0]);
+ fclose(f);
+ return 0;
+ }
fclose(f);
- return 0;
+ return -1;
}
- fclose(f);
- return -1;
+ // Might be in a container with no procfs - do it the hard way
+ memset(m.bounds, 0, sizeof(m.bounds));
+ unsigned int i = 0;
+ do {
+ rc = prctl(PR_CAPBSET_READ, i);
+ if (rc < 0)
+ return -1;
+
+ // Just add set bits
+ if (rc)
+ update_bounding_set(CAPNG_ADD, i%32, i>>5);
+ i++;
+ } while (cap_valid(i));
+
+ return 0;
}
#endif
@@ -522,11 +546,12 @@
if (set & CAPNG_SELECT_BOUNDS) {
#ifdef PR_CAPBSET_DROP
- void *s = capng_save_state();
+ struct cap_ng state;
+ memcpy(&state, &m, sizeof(state)); /* save state */
capng_get_caps_process();
if (capng_have_capability(CAPNG_EFFECTIVE, CAP_SETPCAP)) {
int i;
- capng_restore_state(&s);
+ memcpy(&m, &state, sizeof(m)); /* restore state */
rc = 0;
for (i=0; i <= last_cap && rc == 0; i++)
if (capng_have_capability(CAPNG_BOUNDING_SET,
@@ -535,7 +560,7 @@
if (rc == 0)
m.state = CAPNG_APPLIED;
} else
- capng_restore_state(&s);
+ memcpy(&m, &state, sizeof(m)); /* restore state */
#else
rc = 0;
#endif
@@ -654,7 +679,7 @@
// Clear bounding set if needed while we have CAP_SETPCAP
if (flag & CAPNG_CLEAR_BOUNDING) {
- capng_clear(CAPNG_BOUNDING_SET);
+ capng_clear(CAPNG_SELECT_BOUNDS);
rc = capng_apply(CAPNG_SELECT_BOUNDS);
if (rc)
return -8;
@@ -822,6 +847,7 @@
full = 1;
else
return CAPNG_PARTIAL;
+
if ((m.data.v3[1].permitted & UPPER_MASK) == 0 && !full)
empty = 1;
else if ((m.data.v3[1].permitted & UPPER_MASK) == UPPER_MASK && !empty)
@@ -833,7 +859,7 @@
return CAPNG_NONE;
else if (empty == 0 && full == 1)
return CAPNG_FULL;
-
+
return CAPNG_PARTIAL;
}
@@ -1009,7 +1035,7 @@
} else if (where == CAPNG_PRINT_BUFFER) {
int len;
if (once == 0) {
- ptr = malloc(last_cap*18);
+ ptr = malloc(last_cap*20);
if (ptr == NULL)
return ptr;
len = sprintf(ptr+cnt, "%s", n);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/src/captab.h
new/libcap-ng-0.7.11/src/captab.h
--- old/libcap-ng-0.7.10/src/captab.h 2019-10-01 20:29:23.000000000 +0200
+++ new/libcap-ng-0.7.11/src/captab.h 2020-08-23 23:57:31.000000000 +0200
@@ -1,5 +1,5 @@
/* captab.h --
- * Copyright 2009,2011-14 Red Hat Inc., Durham, North Carolina.
+ * Copyright 2009,2011-14,2020 Red Hat Inc.
* All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
@@ -78,4 +78,12 @@
#ifdef CAP_AUDIT_READ
_S(CAP_AUDIT_READ, "audit_read" )
#endif
-
+#ifdef CAP_PERFMON
+_S(CAP_PERFMON, "perfmon" )
+#endif
+#ifdef CAP_BPF
+_S(CAP_BPF, "bpf" )
+#endif
+#ifdef CAP_CHECKPOINT_RESTORE
+_S(CAP_CHECKPOINT_RESTORE, "checkpoint_restore")
+#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/src/lookup_table.c
new/libcap-ng-0.7.11/src/lookup_table.c
--- old/libcap-ng-0.7.10/src/lookup_table.c 2019-10-01 20:29:23.000000000
+0200
+++ new/libcap-ng-0.7.11/src/lookup_table.c 2020-08-23 23:57:31.000000000
+0200
@@ -32,7 +32,7 @@
extern int last_cap hidden;
#undef cap_valid
-#define cap_valid(x) ((x) <= last_cap)
+#define cap_valid(x) ((x) <= (unsigned int)last_cap)
struct transtab {
@@ -109,7 +109,7 @@
static char *ptr2 = NULL;
const char *capng_capability_to_name(unsigned int capability)
{
- char *ptr;
+ const char *ptr;
if (!cap_valid(capability))
return NULL;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libcap-ng-0.7.10/utils/filecap.c
new/libcap-ng-0.7.11/utils/filecap.c
--- old/libcap-ng-0.7.10/utils/filecap.c 2019-10-01 20:29:23.000000000
+0200
+++ new/libcap-ng-0.7.11/utils/filecap.c 2020-08-23 23:57:31.000000000
+0200
@@ -1,6 +1,6 @@
/*
* filecap.c - A program that lists running processes with capabilities
- * Copyright (c) 2009-10,2012, 2017 Red Hat Inc., Durham, North Carolina.
+ * Copyright (c) 2009-10,2012,2017,2020 Red Hat Inc.
* All Rights Reserved.
*
* This software may be freely redistributed and/or modified under the
@@ -15,7 +15,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to the
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
* Boston, MA 02110-1335, USA.
*
* Authors:
@@ -64,7 +64,8 @@
capng_clear(CAPNG_SELECT_BOTH);
if (capng_get_caps_fd(fd) < 0 && errno != ENODATA) {
- fprintf(stderr, "Unable to get capabilities of %s:
%s\n",
+ fprintf(stderr,
+ "Unable to get capabilities of %s: %s\n",
fpath, strerror(errno));
if (single_file)
ret = 1;
@@ -77,7 +78,8 @@
if (rc > CAPNG_NONE) {
if (header == 0) {
header = 1;
- printf("%-9s %-20s capabilities\n", "set",
"file");
+ printf("%-9s %-20s capabilities\n",
+ "set", "file");
}
printf("%s %s ",
permitted ? "permitted" : "effective", fpath);
@@ -95,7 +97,7 @@
// Use cases:
-// filecap
+// filecap
// filecap -a
// filecap /path/dir
// filecap /path/file
@@ -113,15 +115,16 @@
int i, rc = 0;
if (argc >1) {
- for (i=1; i<argc; i++) {
+ for (i=1; i<argc; i++) {
if (strcmp(argv[i], "-a") == 0) {
show_all = 1;
if (argc != 2)
usage();
} else if (strcmp(argv[i], "-d") == 0) {
- for (i=0; i<=CAP_LAST_CAP; i++) {
+ int j;
+ for (j=0; j<=CAP_LAST_CAP; j++) {
const char *n =
- capng_capability_to_name(i);
+ capng_capability_to_name(j);
if (n == NULL)
n = "unknown";
printf("%s\n", n);
@@ -129,7 +132,7 @@
return 0;
} else if (argv[i][0] == '/') {
if (lstat(argv[i], &sbuf) != 0) {
- fprintf(stderr,
+ fprintf(stderr,
"Error checking path %s (%s)\n",
argv[i], strerror(errno));
exit(1);
@@ -141,11 +144,11 @@
dir == NULL) {
path = argv[i];
capng_clear(CAPNG_SELECT_BOTH);
- } else if (S_ISDIR(sbuf.st_mode) && path ==
NULL
+ } else if (S_ISDIR(sbuf.st_mode) && path == NULL
&& dir == NULL)
dir = argv[i];
else {
- fprintf(stderr,
+ fprintf(stderr,
"Must be one regular file or "
"directory\n");
exit(1);
@@ -203,7 +206,8 @@
return 1;
}
if (capng_apply_caps_fd(fd) < 0) {
- fprintf(stderr, "Could not set capabilities on %s:
%s\n",
+ fprintf(stderr,
+ "Could not set capabilities on %s: %s\n",
path, strerror(errno));
rc = 1;
}
++++++ libcap-ng.rpmlintrc ++++++
--- /var/tmp/diff_new_pack.zYsn9P/_old 2021-12-14 22:01:48.303134548 +0100
+++ /var/tmp/diff_new_pack.zYsn9P/_new 2021-12-14 22:01:48.307134550 +0100
@@ -1,5 +1,2 @@
-addFilter("libcap-ng-utils.*: W: shlib-policy-missing-lib")
-addFilter("libcap-ng-utils.*: W: shlib-policy-nonversioned-dir .*")
-addFilter("python-capng..*: W: files-duplicate
/usr/lib.*/python.*/site-packages/.*")
addFilter("libcap-ng-devel..*: W: no-dependency-on
libcap-ng/libcap-ng-libs/liblibcap-ng")
