Opened 7 weeks ago

Closed 4 weeks ago

#15465 closed enhancement (fixed)

libcap-2.57 (wait for lfs)

Reported by: pierre Owned by: Bruce Dubbs
Priority: normal Milestone: 11.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

new minor

Change History (7)

comment:1 by pierre, 7 weeks ago

Release notes for 2.54
2021-08-25 21:09:19 -0700

    Fix for a corner case infinite loop handling long strings (patch provided by Samanta Navarro)

    Fixes to not ignore allocation failures (patch provided by Samanta Navarro)

    Evolving work from Samanta Navarro, found and fixed a memory leak in cap_iab_get_proc()

    More robust discovery of the name of the dynamic loader of the build target (patch provided by Arnout Vandecappelle)

    Revamped the Go capability comparison API for *cap.Set and *cap.IAB, and added cap.IABGetPID()

    Added libcap cap_iab_compare() and cap_iab_get_pid() APIs.

    Added a Go utility, captree, to display the process (and thread) graph along with the POSIX.1e and IAB capabilities of each PID{TID} tree.

        Extended getpcap to support the --iab command line argument, which outputs a PID's IAB tuple too (if non-default).

    Install *.so files as executable now that they are executable as binaries

        A feature of 2.52 but not extended to install rules at that time.

    Absorbed a lot of wisdom from a number of downstream package workarounds including wisdom from (Zhi Li and Arnout Vandecappelle and unknown others... Bugs 214023#c16, 214085)

        Support make FORCELINKPAM=yes or make FORCELINKPAM=no for those packagers that feel strongly about not letting this be dynamically discovered at build time.

    Fixed a compiler warnings from the GitHub build tester (Bug 214143)

comment:2 by pierre, 6 weeks ago

Summary: libcap-2.54 (wait for lfs)libcap-2.55 (wait for lfs)

Now 2.55

comment:3 by Bruce Dubbs, 6 weeks ago

Summary: libcap-2.55 (wait for lfs)libcap-2.56 (wait for lfs)

And now version 2.56.

comment:4 by pierre, 5 weeks ago

Summary: libcap-2.56 (wait for lfs)libcap-2.57 (wait for lfs)

Now 2.57.

comment:5 by Bruce Dubbs, 5 weeks ago

Four relesaes in August, two so far in September. Fixes do not seem to be critical:

2.54
    Fix for a corner case infinite loop handling long strings

    Fixes to not ignore allocation failures

    Evolving work from Samanta Navarro, found and fixed a memory leak in
    cap_iab_get_proc()

    More robust discovery of the name of the dynamic loader of the build target

    Revamped the Go capability comparison API for *cap.Set and *cap.IAB, and
    added cap.IABGetPID()

    Added libcap cap_iab_compare() and cap_iab_get_pid() APIs.

    Added a Go utility, captree, to display the process (and thread) graph
    along with the POSIX.1e and IAB capabilities of each PID{TID} tree.

        Extended getpcap to support the --iab command line argument, which
        outputs a PID's IAB tuple too (if non-default).

    Install *.so files as executable now that they are executable as binaries

        A feature of 2.52 but not extended to install rules at that time.

    Support make FORCELINKPAM=yes or make FORCELINKPAM=no for those
    packagers that feel strongly about not letting this be dynamically
    discovered at build time.

    Fixed a compiler warnings from the GitHub build tester

2.55

    Two rounds of fixes for the results of some static analysis

    Removed a clang compilation warning about memory allocation by rewriting
    the way cap_free() and the various libcap memory allocation mechanisms
    work.

        This generated a few broken builds until it was fixed.

    Cleanup of some man pages; some fixes and shorter URL to bugzilla link.

    Added libcap cap_proc_root() API function (to reach parity with the Go cap
    package).

        This is only potentially useful with the recently added 
        cap_iab_get_pid() function

    Revamped what the GOLANG=yes builds install - used to install local copies 
    of cap and psx, but these were effectively useless because of the Go module
    support in recent Go releases in favor of user controller GOPATH.

        Now make GOLANG=yes only installs the captree utility

        Added some features to captree and created a small article on it

        Added a man page for the captree utility
    Some small changes to the tests to account for the idiosyncrasies of some
    new testing environments I've accumulated.

        Included adding --has-b support to capsh
2.56
    Canonicalize the Makefile use

        In the process fixed a bug in pam_cap/test_pam_cap

    Doc fixes for cap_iab.3

    Added color support to captree, which helped make the following fix
    generate readable output:

        Fixed captree to not display duplicate copies of sub-trees if also
        exploring their ancestor

    Fixed contrib/sucap/su to correctly handle the Inheritable flag.

2.57
    capsh enhancements:

        --mode makes a guess at the libcap mode of the current process

        --strict makes capsh less permissive and expects the user to perform
        more deliberate capability transactions

            useful for learning all the steps; and helps this article be more
            pedagogical.

    Build system fixes

        Preserve $(WARNINGS)

        Don't ever build test binaries unless make test etc is invoked (speeds
        builds on slower systems)

        Support make -j12 for all, test and sudotest targets

    getcap -r / now generates readable output

    Some documentation cleanup: more consistency.

comment:6 by Bruce Dubbs, 5 weeks ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:7 by Bruce Dubbs, 4 weeks ago

Resolution: fixed
Status: assignedclosed

Fixed at commit cc1c942130b5032afd457ed09864f5ba4a70c74c

 Package updates
    Update to Python3-3.9.7.
    Update to libcap-2.57.
Note: See TracTickets for help on using tickets.