Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/libcap-ng.git#3c5cc435c97a9cf9631062f3168877c3443a5b0c

libcap-ng-0.8.2-apply-disable.patch

@@ -1,12 +1,50 @@
-diff -urp libcap-ng-0.8.2.orig/src/cap-ng.c libcap-ng-0.8.2/src/cap-ng.c
---- libcap-ng-0.8.2.orig/src/cap-ng.c	2020-11-20 15:04:09.000000000 -0500
-+++ libcap-ng-0.8.2/src/cap-ng.c	2020-11-20 16:04:55.425496426 -0500
-@@ -698,19 +698,19 @@ int capng_apply(capng_select_t set)
+diff -urp libcap-ng-0.8.3.orig/src/cap-ng.c libcap-ng-0.8.3/src/cap-ng.c
+--- libcap-ng-0.8.3.orig/src/cap-ng.c	2021-01-30 09:26:33.000000000 -0500
++++ libcap-ng-0.8.3/src/cap-ng.c	2021-01-30 09:52:43.507967643 -0500
+@@ -713,6 +713,36 @@ int capng_updatev(capng_act_t action, ca
+ 	return rc;
+ }
+ 
++#include <sys/param.h>
++static char *get_exename(char *exename, int size)
++{
++        char tmp[PATH_MAX+1];
++	int res;
++
++        /* get the name of the current executable */
++        if ((res = readlink("/proc/self/exe", tmp, PATH_MAX)) < -1)
++                strcpy(exename, "\"?\"");
++        else {
++                tmp[res] = '\0';
++                snprintf(exename, size, "\"%s\"", tmp);
++        }
++        return exename;
++}
++
++#include <syslog.h>
++static void log_problem(unsigned int msg)
++{
++	static const char *text[3] = {
++		"dropping bounding set",
++		"getting new bounding set",
++		"due to not having CAP_SETPCAP"
++	};
++	unsigned idx = msg - 2;
++	char exe[2048];
++	syslog(LOG_ERR, "libcap-ng used by %s failed %s in capng_apply",
++	       get_exename(exe, 2047), text[idx]);
++}
++
+ int capng_apply(capng_select_t set)
+ {
+ 	int rc = 0;
+@@ -733,19 +763,22 @@ int capng_apply(capng_select_t set)
  				if (capng_have_capability(CAPNG_BOUNDING_SET,
  								 i) == 0) {
  				    if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) <0) {
 -					rc = -2;
 +//					rc = -2;
++					log_problem(2);
  					goto try_caps;
  				    }
  				}
@@ -15,12 +53,14 @@ diff -urp libcap-ng-0.8.2.orig/src/cap-ng.c libcap-ng-0.8.2/src/cap-ng.c
  			if (get_bounding_set() < 0) {
 -				rc = -3;
 +//				rc = -3;
++				log_problem(3);
  				goto try_caps;
  			}
  		} else {
  			memcpy(&m, &state, sizeof(m)); /* restore state */
 -			rc = -4;
 +//			rc = -4;
++			log_problem(4);
  			goto try_caps;
  		}
  #endif

libcap-ng.spec

@@ -1,13 +1,14 @@
-Summary: An alternate posix capabilities library
+Summary: Alternate posix capabilities library
 Name: libcap-ng
 Version: 0.8.2
-Release: 1%{?dist}
+Release: 3%{?dist}
 License: LGPLv2+
-URL: http://people.redhat.com/sgrubb/libcap-ng
-Source0: http://people.redhat.com/sgrubb/libcap-ng/%{name}-%{version}.tar.gz
+URL: https://people.redhat.com/sgrubb/libcap-ng/
+Source0: https://people.redhat.com/sgrubb/libcap-ng/%{name}-%{version}.tar.gz
 # This patch can be removed when 1899540 is resolved
 Patch1: libcap-ng-0.8.2-apply-disable.patch
 BuildRequires: gcc
+BuildRequires: make
 BuildRequires: kernel-headers >= 2.6.11 
 BuildRequires: libattr-devel
 
@@ -18,7 +19,7 @@ Libcap-ng is a library that makes using posix capabilities easier
 Summary: Header files for libcap-ng library
 License: LGPLv2+
 Requires: kernel-headers >= 2.6.11
-Requires: %{name} = %{version}-%{release}
+Requires: %{name}%{?_isa} = %{version}-%{release}
 Requires: pkgconfig
 
 %description devel
@@ -29,7 +30,8 @@ applications that need to use the libcap-ng library.
 Summary: Python3 bindings for libcap-ng library
 License: LGPLv2+
 BuildRequires: python3-devel swig
-Requires: %{name} = %{version}-%{release}
+BuildRequires: make
+Requires: %{name}%{?_isa} = %{version}-%{release}
 
 %description python3
 The libcap-ng-python3 package contains the bindings so that libcap-ng
@@ -38,7 +40,7 @@ and can be used by python3 applications.
 %package utils
 Summary: Utilities for analyzing and setting file capabilities
 License: GPLv2+
-Requires: %{name} = %{version}-%{release}
+Requires: %{name}%{?_isa} = %{version}-%{release}
 
 %description utils
 The libcap-ng-utils package contains applications to analyze the
@@ -51,18 +53,18 @@ lets you set the file system based capabilities.
 
 %build
 %configure --libdir=%{_libdir} --with-python=no --with-python3
-make CFLAGS="%{optflags}" %{?_smp_mflags}
+%make_build CFLAGS="%{optflags}"
 
 %install
-make DESTDIR="${RPM_BUILD_ROOT}" INSTALL='install -p' install
+%make_install
 
 # Remove a couple things so they don't get picked up
-rm -f $RPM_BUILD_ROOT/%{_libdir}/libcap-ng.la
-rm -f $RPM_BUILD_ROOT/%{_libdir}/libcap-ng.a
-rm -f $RPM_BUILD_ROOT/%{_libdir}/libdrop_ambient.la
-rm -f $RPM_BUILD_ROOT/%{_libdir}/libdrop_ambient.a
-rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_capng.a
-rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_capng.la
+rm -f $RPM_BUILD_ROOT%{_libdir}/libcap-ng.la
+rm -f $RPM_BUILD_ROOT%{_libdir}/libcap-ng.a
+rm -f $RPM_BUILD_ROOT%{_libdir}/libdrop_ambient.la
+rm -f $RPM_BUILD_ROOT%{_libdir}/libdrop_ambient.a
+rm -f $RPM_BUILD_ROOT%{_libdir}/python?.?/site-packages/_capng.a
+rm -f $RPM_BUILD_ROOT%{_libdir}/python?.?/site-packages/_capng.la
 
 %check
 make check
@@ -70,10 +72,9 @@ make check
 %ldconfig_scriptlets
 
 %files
-%{!?_licensedir:%global license %%doc}
 %license COPYING.LIB
-/%{_libdir}/libcap-ng.so.*
-/%{_libdir}/libdrop_ambient.so.*
+%{_libdir}/libcap-ng.so.*
+%{_libdir}/libdrop_ambient.so.*
 %attr(0644,root,root) %{_mandir}/man7/*
 
 %files devel
@@ -89,12 +90,17 @@ make check
 %{python3_sitearch}/capng.py*
 
 %files utils
-%{!?_licensedir:%global license %%doc}
 %license COPYING
 %attr(0755,root,root) %{_bindir}/*
 %attr(0644,root,root) %{_mandir}/man8/*
 
 %changelog
+* Sat Jan 30 2021 Steve Grubb <sgrubb@redhat.com> 0.8.2-3
+- Add syslog warning for bad use of capng_apply
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
 * Wed Dec 09 2020 Steve Grubb <sgrubb@redhat.com> 0.8.2-1
 - New upstream bugfix release