Control: tags 942114 + pending
Dear maintainer,
I've prepared an NMU for ganeti-instance-debootstrap (versioned as 0.16-6.1) and
uploaded it to DELAYED/02. Please feel free to tell me if I
should delay it longer.
Regards.
diff -Nru ganeti-instance-debootstrap-0.16/debian/changelog ganeti-instance-debootstrap-0.16/debian/changelog
--- ganeti-instance-debootstrap-0.16/debian/changelog 2018-06-20 06:57:18.0 -0400
+++ ganeti-instance-debootstrap-0.16/debian/changelog 2019-11-01 19:01:50.0 -0400
@@ -1,3 +1,10 @@
+ganeti-instance-debootstrap (0.16-6.1) unstable; urgency=medium
+
+ * Non-maintainer upload
+ * add patch to respect linux caps (Closes: #942114)
+
+ -- Antoine Beaupré Fri, 01 Nov 2019 19:01:50 -0400
+
ganeti-instance-debootstrap (0.16-6) unstable; urgency=medium
* Bump Standards-Version to 4.1.4; no changes needed
diff -Nru ganeti-instance-debootstrap-0.16/debian/patches/respect-Linux-capabilities-7-in-cache.patch ganeti-instance-debootstrap-0.16/debian/patches/respect-Linux-capabilities-7-in-cache.patch
--- ganeti-instance-debootstrap-0.16/debian/patches/respect-Linux-capabilities-7-in-cache.patch 1969-12-31 19:00:00.0 -0500
+++ ganeti-instance-debootstrap-0.16/debian/patches/respect-Linux-capabilities-7-in-cache.patch 2019-11-01 19:01:50.0 -0400
@@ -0,0 +1,48 @@
+From cd34bcc48a2af92f484535b81fba2d46dad1dbb6 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?=
+Date: Thu, 10 Oct 2019 11:07:51 -0400
+Subject: [PATCH] respect Linux capabilities(7) in cache
+
+The default GNU tar configuration does not carry fancy extended
+attributes and that is where, among other things, stuff like Linux
+capabilities(7) are stored. This is kind of important because that's
+how ping(8) works for regular users.
+
+We shove --selinux and --acls in there while we're at it, because why
+not. We never know what the future might bring, and it seems
+silly *not* to create a complete archive.
+
+Note that --xattrs-include='*' is important because, by default, GNU
+tar will not include capabilities /even/ if --xattrs is specified on
+the commandline, see this bug report for details:
+
+https://bugzilla.redhat.com/show_bug.cgi?id=771927
+---
+ create | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/create b/create
+index 607bab2..7526e71 100755
+--- a/create
b/create
+@@ -83,7 +83,7 @@ if [ "$CLEAN_CACHE" -a -d "$CACHE_DIR" ]; then
+ fi
+
+ if [ -f "$CACHE_FILE" ]; then
+- tar xf "$CACHE_FILE" -C $TMPDIR
++ tar --acls --selinux --xattrs --xattrs-include='*' -x -f "$CACHE_FILE" -C $TMPDIR
+ else
+ if [ "$PROXY" ]; then
+ export http_proxy="$PROXY"
+@@ -109,7 +109,7 @@ else
+
+ if [ "$GENERATE_CACHE" = "yes" ]; then
+ TMP_CACHE=`mktemp "${CACHE_FILE}.XX"`
+-tar cf "$TMP_CACHE" -C $TMPDIR .
++tar --acls --selinux --xattrs --xattrs-include='*' -c -f "$TMP_CACHE" -C $TMPDIR .
+ mv -f "$TMP_CACHE" "$CACHE_FILE"
+ fi
+ fi
+--
+2.20.1
+
diff -Nru ganeti-instance-debootstrap-0.16/debian/patches/series ganeti-instance-debootstrap-0.16/debian/patches/series
--- ganeti-instance-debootstrap-0.16/debian/patches/series 2018-06-20 06:57:18.0 -0400
+++ ganeti-instance-debootstrap-0.16/debian/patches/series 2019-11-01 19:01:50.0 -0400
@@ -1 +1,2 @@
+respect-Linux-capabilities-7-in-cache.patch
fix-sfdisk-BLKRRPART.patch
signature.asc
Description: PGP signature