diff options
author | Leo <thinkabit.ukim@gmail.com> | 2020-11-24 13:16:38 -0300 |
---|---|---|
committer | Leo <thinkabit.ukim@gmail.com> | 2020-11-24 13:18:30 -0300 |
commit | fd99f143e50e6412f8bdd889c89813f12f0f0ec5 (patch) | |
tree | 8be66626170e62aaa8730019d51dc6002bad8e28 | |
parent | db0a1b476d29cf2c5c3f1335573cbbe82e5e27c9 (diff) |
main/libcap-ng: fix starting gnome-keyring
https://github.com/stevegrubb/libcap-ng/issues/21
-rw-r--r-- | main/libcap-ng/APKBUILD | 11 | ||||
-rw-r--r-- | main/libcap-ng/apply-disable.patch | 29 | ||||
-rw-r--r-- | main/libcap-ng/apply.patch | 119 |
3 files changed, 156 insertions, 3 deletions
diff --git a/main/libcap-ng/APKBUILD b/main/libcap-ng/APKBUILD index 2bca9fcca17..9394be22ee2 100644 --- a/main/libcap-ng/APKBUILD +++ b/main/libcap-ng/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libcap-ng pkgver=0.8.1 -pkgrel=0 +pkgrel=1 pkgdesc="POSIX capabilities library" url="http://people.redhat.com/sgrubb/libcap-ng/index.html" arch="all" @@ -9,7 +9,10 @@ license="GPL-2.0-or-later LGPL-2.1-or-later" depends_dev="linux-headers" makedepends_host="$depends_dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-utils" -source="https://people.redhat.com/sgrubb/libcap-ng/libcap-ng-$pkgver.tar.gz" +source="https://people.redhat.com/sgrubb/libcap-ng/libcap-ng-$pkgver.tar.gz + apply.patch + apply-disable.patch + " build() { ac_cv_prog_swig_found=no \ @@ -41,4 +44,6 @@ utils() { mv "$pkgdir"/usr/bin/* "$subpkgdir"/usr/bin/ } -sha512sums="cd28ceb43e2cf5d3a0140fddbd2ea13dfda8eeea8a6de1817f3cc3b38df874ab8653917dbd405ad7aaaa71bcb9ec246d995079aa3cb0af1cffbdb37dfdd99232 libcap-ng-0.8.1.tar.gz" +sha512sums="cd28ceb43e2cf5d3a0140fddbd2ea13dfda8eeea8a6de1817f3cc3b38df874ab8653917dbd405ad7aaaa71bcb9ec246d995079aa3cb0af1cffbdb37dfdd99232 libcap-ng-0.8.1.tar.gz +47b6d7a61de15a9fc9c80ff8cd471723c74a010574ef3446c8895fb6e80b980672f16025ee94955a77f6088fcccf84b52e760a400c5239b637364caad391c0f7 apply.patch +5f362d5d3f791d1bddc5d9ef3b31e5089c54f852904e12bc3b58dcd22fa87086766cfc095ae8b485bee1b3c4fd854575b89821052b77967a6fdca4ff7e0a0397 apply-disable.patch" diff --git a/main/libcap-ng/apply-disable.patch b/main/libcap-ng/apply-disable.patch new file mode 100644 index 00000000000..a476c1ae5b1 --- /dev/null +++ b/main/libcap-ng/apply-disable.patch @@ -0,0 +1,29 @@ +Upstream: Fedora patch +Reason: Remove error codes that nobody handles and crashes everything + +diff -urp libcap-ng-0.8.2.orig/src/cap-ng.c libcap-ng-0.8.2/src/cap-ng.c +--- libcap-ng-0.8.2.orig/src/cap-ng.c 2020-11-20 15:04:09.000000000 -0500 ++++ libcap-ng-0.8.2/src/cap-ng.c 2020-11-20 16:04:55.425496426 -0500 +@@ -698,19 +698,19 @@ int capng_apply(capng_select_t set) + if (capng_have_capability(CAPNG_BOUNDING_SET, + i) == 0) { + if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) <0) { +- rc = -2; ++// rc = -2; + goto try_caps; + } + } + } + m.state = CAPNG_APPLIED; + if (get_bounding_set() < 0) { +- rc = -3; ++// rc = -3; + goto try_caps; + } + } else { + memcpy(&m, &state, sizeof(m)); /* restore state */ +- rc = -4; ++// rc = -4; + goto try_caps; + } + #endif diff --git a/main/libcap-ng/apply.patch b/main/libcap-ng/apply.patch new file mode 100644 index 00000000000..5fb9f189c09 --- /dev/null +++ b/main/libcap-ng/apply.patch @@ -0,0 +1,119 @@ +From fda0224fea4f01b77bd07ac195b3baaaf1a28fca Mon Sep 17 00:00:00 2001 +From: Steve Grubb <sgrubb@redhat.com> +Date: Fri, 20 Nov 2020 14:01:33 -0500 +Subject: [PATCH] In capng_apply, allow continuing in spite of errors + +In capng_apply, if we blow up trying to adjust the bounding set without +proper permissions, continue into the capabilities in case they called +with SELECT_BOTH and they don't bother checking the return code. This +will at least leave the application in a potentially safer state. +--- + src/cap-ng.c | 56 +++++++++++++++++++++++++++++++++++++++------------- + 1 file changed, 42 insertions(+), 14 deletions(-) + +diff --git a/src/cap-ng.c b/src/cap-ng.c +index a9de370..1474326 100644 +--- a/src/cap-ng.c ++++ b/src/cap-ng.c +@@ -680,6 +680,8 @@ int capng_updatev(capng_act_t action, capng_type_t type, + + int capng_apply(capng_select_t set) + { ++ int rc = 0; ++ + // Before updating, we expect that the data is initialized to something + if (m.state < CAPNG_INIT) + return -1; +@@ -695,52 +697,78 @@ int capng_apply(capng_select_t set) + for (i=0; i <= last_cap; i++) { + if (capng_have_capability(CAPNG_BOUNDING_SET, + i) == 0) { +- if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) <0) +- return -2; ++ if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) <0) { ++ rc = -2; ++ goto try_caps; ++ } + } + } + m.state = CAPNG_APPLIED; +- if (get_bounding_set() < 0) +- return -3; ++ if (get_bounding_set() < 0) { ++ rc = -3; ++ goto try_caps; ++ } + } else { + memcpy(&m, &state, sizeof(m)); /* restore state */ +- return -4; ++ rc = -4; ++ goto try_caps; + } + #endif + } ++ ++ // Try caps is here so that if someone had SELECT_BOTH and we blew up ++ // doing the bounding set, we at least try to set any capabilities ++ // before returning in case the caller also doesn't bother checking ++ // the return code. ++try_caps: + if (set & CAPNG_SELECT_CAPS) { + if (capset((cap_user_header_t)&m.hdr, + (cap_user_data_t)&m.data) == 0) + m.state = CAPNG_APPLIED; + else +- return -5; ++ rc = -5; + } +- // Put ambient last so that inheritable and permitted are set ++ ++ // Most programs do not and should not mess with ambient capabilities. ++ // Instead of returning here if rc is set, we'll let it try to ++ // do something with ambient capabilities in hopes that it's lowering ++ // capabilities. Again, this is for people that don't check their ++ // return codes. ++ // ++ // Do ambient last so that inheritable and permitted are set by the ++ // time we get here. + if (set & CAPNG_SELECT_AMBIENT) { + #ifdef PR_CAP_AMBIENT + if (capng_have_capabilities(CAPNG_SELECT_AMBIENT) == + CAPNG_NONE) { + if (prctl(PR_CAP_AMBIENT, +- PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0) < 0) +- return -6; ++ PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0) < 0) { ++ rc = -6; ++ goto out; ++ } + } else { + unsigned int i; + + // Clear them all + if (prctl(PR_CAP_AMBIENT, +- PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0) < 0) +- return -7; ++ PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0) < 0) { ++ rc = -7; ++ goto out; ++ } + for (i=0; i <= last_cap; i++) { + if (capng_have_capability(CAPNG_AMBIENT, i)) + if (prctl(PR_CAP_AMBIENT, +- PR_CAP_AMBIENT_RAISE, i, 0, 0) < 0) +- return -8; ++ PR_CAP_AMBIENT_RAISE, i, 0, 0) < 0){ ++ rc = -8; ++ goto out; ++ } + } + } + m.state = CAPNG_APPLIED; + #endif + } +- return 0; ++out: ++ return rc; + } + + #ifdef VFS_CAP_U32 |