From mboxrd@z Thu Jan  1 00:00:00 1970
From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] libcap: Update to version 2.66
Date: Thu, 29 Dec 2022 11:20:52 +0000
Message-ID: <5194ebd8-bff1-31c3-9cb0-598b4660454d@ipfire.org>
In-Reply-To: <20221227120002.12161-3-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5669567502281008562=="
List-Id: <development.lists.ipfire.org>

--===============5669567502281008562==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>

> - Update from version 2.64 to 2.66
> - Update of rootfile
> - Changelog
> 	Release notes for 2.66
> 	    Fix documentation typos in cap_from_text.3 (Bug: 216514 reported by Pa=
ulo
>              Andrade.)
> 	    Some getpcaps code clean up and a fix for PID argument parsing from Ja=
kub Wilk.
> 	    Slightly more robust Makefiles to address an error with make -j48 test
>              observed by Tomasz K=C5=82oczko.
> 	    Include a simple Go program, captrace, to trace kernel capability vali=
dation
>              checks
> 	        This program can be used to figure out what capabilities a program=
 needs
>                  to operate.
> 	        captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the =
kernel
>                  for capability checks and whether or not they succeed for =
the system, a
>                  specific PID or a program's direct execution.
> 	    Trim down the default file capabilities for contrib/sucap/su to those
>              actually needed and set USER and HOME environment variables so=
 bash doesn't
>              complain about a sourcing error.
> 	Release notes for 2.65
> 	    Fix syntax error in DEBUG build of protected code in setcap.c. (Bug re=
ported
>              by yixiangzhike.)
> 	    Prevent bash from reading the wrong startup files when the capsh --use=
r=3Dxxx
>              argument is used to invoke a shell as the user xxx. This is do=
ne by capsh
>              now changing the USER and HOME environment variables when --us=
er is
>              specified. The argument --noenv can be used to suppress this b=
ehavior to
>              what used to be the problematic default. (Bug: 215926)
> 	    Improved documentation:
> 	        Man page info for cap_get_pid() and cap_reset_ambient(). (Bug repo=
rts
>                  from nomonemo and Tinkerer One.)
> 	        Improve documentation and help for the captree program.
> 	    Updated go/Makefile comment about an unfixed Go runtime bug in go1.16 =
and
>              go1.17 (resolved in go1.18+), and the deadlock behavior of the=
 psx-fd test.
> 	    Refresh the signatures on the two GPG keys morgan@ uses. The 4096 bit =
one is
>              preferred, but the older one is also used for continuity reaso=
ns. This set
>              of signatures should also be available from the various key se=
rvers out there.
>=20
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
>  config/rootfiles/common/libcap | 4 ++--
>  lfs/libcap                     | 8 ++++----
>  2 files changed, 6 insertions(+), 6 deletions(-)
>=20
> diff --git a/config/rootfiles/common/libcap b/config/rootfiles/common/libcap
> index 1e104acf6..f0518d6aa 100644
> --- a/config/rootfiles/common/libcap
> +++ b/config/rootfiles/common/libcap
> @@ -1,8 +1,8 @@
>  lib/libcap.so.2
> -lib/libcap.so.2.64
> +lib/libcap.so.2.66
>  #lib/libpsx.so
>  #lib/libpsx.so.2
> -lib/libpsx.so.2.64
> +lib/libpsx.so.2.66
>  #lib/pkgconfig/libcap.pc
>  #lib/pkgconfig/libpsx.pc
>  lib/security/pam_cap.so
> diff --git a/lfs/libcap b/lfs/libcap
> index 21facbe01..f81b13c99 100644
> --- a/lfs/libcap
> +++ b/lfs/libcap
> @@ -1,7 +1,7 @@
>  ##########################################################################=
#####
>  #                                                                         =
    #
>  # IPFire.org - A linux based firewall                                     =
    #
> -# Copyright (C) 2007-2021  IPFire Team  <info(a)ipfire.org>               =
      #
> +# Copyright (C) 2007-2022  IPFire Team  <info(a)ipfire.org>               =
      #
>  #                                                                         =
    #
>  # This program is free software: you can redistribute it and/or modify    =
    #
>  # it under the terms of the GNU General Public License as published by    =
    #
> @@ -24,7 +24,7 @@
> =20
>  include Config
> =20
> -VER        =3D 2.64
> +VER        =3D 2.66
> =20
>  THISAPP    =3D libcap-$(VER)
>  DL_FILE    =3D $(THISAPP).tar.xz
> @@ -40,7 +40,7 @@ objects =3D $(DL_FILE)
> =20
>  $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
> =20
> -$(DL_FILE)_BLAKE2 =3D 078ce2505a79c1bd4ca0a8eaf3444178bc19a566f0505d28c695=
9f86fbbac2fe2fc88c06fd0d988087a6e20e8ec66a2633146cea957f0f3fd92eaff4f81d7c66
> +$(DL_FILE)_BLAKE2 =3D e79bf10c6a3dbffe96dc97aad0bed67caa0b3805d9dcaff1e4a8=
a833396ee5c6da4f7f0d321b254e99a00073bc39021b9f3a4b350d93094d0df4d74889b3ca56
> =20
>  install : $(TARGET)
> =20
> @@ -75,7 +75,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>  	cd $(DIR_APP) && make GOLANG=3Dno
>  	cd $(DIR_APP) && make install GOLANG=3Dno
>  	rm -vf /lib/libcap.so
> -	ln -svf /lib/libcap.so.2.64 /usr/lib/libcap.so
> +	ln -svf /lib/libcap.so.2.66 /usr/lib/libcap.so
>  	chmod +x /lib/libcap.so.*
>  	@rm -rf $(DIR_APP)
>  	@$(POSTBUILD)

--===============5669567502281008562==--