Package: libcap2 / 1:2.25-2

Metadata

Package Version Patches format
libcap2 1:2.25-2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
ldlibs.patch | (download)

pam_cap/Makefile | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 compile pam_cap with -lpam

A similar fix was in Debian but appears to have been accidentally
dropped. Drop this one if or when debian gets it back so we can
directly sync (Closes: #591410).

setcap error message.patch | (download)

progs/setcap.c | 22 21 + 1 - 0 !
1 file changed, 21 insertions(+), 1 deletion(-)

 refine setcap output on errors (closes: #633075)

The error message of setcap is a little confused. From the error message it is
hard to detect what is wrong. I removed the last 'usage' function call,
because at that code point the 'usage' can not provide any useful information.
Instead, I added a function 'mystrerror' which shall provide more information.

Don t hardcode build flags.patch | (download)

Make.Rules | 6 3 + 3 - 0 !
libcap/Makefile | 8 4 + 4 - 0 !
pam_cap/Makefile | 4 2 + 2 - 0 !
progs/Makefile | 4 2 + 2 - 0 !
4 files changed, 11 insertions(+), 11 deletions(-)

 don't hardcode build flags

Remove upstream's hardcoded build flags in Makefiles so that the build flags
passed on by dpkg-buildflags are honored. This enables hardening during build.

Syntax fixes for man pages.patch | (download)

doc/cap_clear.3 | 2 1 + 1 - 0 !
doc/cap_copy_ext.3 | 6 3 + 3 - 0 !
doc/cap_from_text.3 | 18 9 + 9 - 0 !
doc/cap_get_file.3 | 2 1 + 1 - 0 !
doc/cap_get_proc.3 | 14 7 + 7 - 0 !
doc/cap_init.3 | 2 1 + 1 - 0 !
doc/capsh.1 | 42 21 + 21 - 0 !
doc/getcap.8 | 8 4 + 4 - 0 !
doc/libcap.3 | 2 1 + 1 - 0 !
doc/setcap.8 | 12 6 + 6 - 0 !
10 files changed, 54 insertions(+), 54 deletions(-)

 syntax fixes for man pages

Hyphens used as minus signs must be escaped.

Hide private symbols.patch | (download)

libcap/Makefile | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 hide private symbols

Hide a symbol which is clearly meant to be private. This resolves a FTBFS in
combination with the new build dependency gperf.

Also update the signature of __cap_lookup_name for gperf 3.1.

Closes: #793311
Closes: #869588

Bug-Debian: https://bugs.debian.org/793311
Bug-Debian: https://bugs.debian.org/869588
Avoid sys capability.h on build architecture.patch | (download)

libcap/_makenames.c | 16 12 + 4 - 0 !
1 file changed, 12 insertions(+), 4 deletions(-)

 avoid sys/capability.h on build architecture

libcap/_makenames.c generates a build-time helper, and as such is compiled for
the build architecture. The use of sys/capability.h which depends on an arch-
specific Linux header eventually leads to a FTCBFS.

However, the only reason to use the header is to estimate the size of an array
"pointers" in _makenames.c. Rather than using this guess, the array can simply
be allocated dynamically.

Bug-Debian: https://bugs.debian.org/809467
Filter out PIE flags when building shared objects.patch | (download)

libcap/Makefile | 3 3 + 0 - 0 !
pam_cap/Makefile | 3 3 + 0 - 0 !
2 files changed, 6 insertions(+)

 filter out pie flags when building shared objects

Filter out -pie, -fpie, and -fPIE when building the shared library and the PAM
module. This way, hardening=+all can be used unconditionally in debian/rules.

Spelling fixes.patch | (download)

progs/capsh.c | 2 1 + 1 - 0 !
progs/getpcaps.c | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 spelling fixes