[packages/libgcrypt] Disable capabilities usage
wiget
wiget at pld-linux.org
Sat Apr 20 22:05:10 CEST 2013
commit ffb9394c493d5a834391d5fbb54744eff201bcb4
Author: Artur Frysiak <artur at frysiak.net>
Date: Sat Apr 20 21:58:53 2013 +0200
Disable capabilities usage
When enable libgcrypt drop all capabilities and this brakes apps like
cryptsetup.
Test case:
-bash-4.2# dd if=/dev/zero of=raw bs=1024k count=256
256+0 records in
256+0 records out
268435456 bytes (268 MB) copied, 2.43644 s, 110 MB/s
-bash-4.2# dd if=/dev/urandom of=key bs=1k count=20
20+0 records in
20+0 records out
20480 bytes (20 kB) copied, 0.00640287 s, 3.2 MB/s
-bash-4.2# cryptsetup luksFormat raw key
WARNING!
========
This will overwrite data on raw irrevocably.
Are you sure? (Type uppercase yes): YES
-bash-4.2# strace -eioctl cryptsetup luksOpen raw x --key-file=key
ioctl(5, DM_VERSION, 0x156a930) = -1 EACCES (Permission denied)
Cannot initialize device-mapper. Is dm_mod kernel module loaded?
+++ exited with 1 +++
libgcrypt.spec | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/libgcrypt.spec b/libgcrypt.spec
index 93e1e8d..919bd92 100644
--- a/libgcrypt.spec
+++ b/libgcrypt.spec
@@ -1,7 +1,7 @@
#
# Conditional build:
%bcond_without dietlibc # don't build static dietlibc library
-%bcond_without libcap # Linux capabilities usage
+%bcond_with libcap # Linux capabilities usage
#
Summary: Cryptographic library based on the code from GnuPG
Summary(es.UTF-8): Libgcrypt es una biblioteca general de desarrole embasada em GnuPG
@@ -9,7 +9,7 @@ Summary(pl.UTF-8): Biblioteka kryptograficzna oparta na kodzie GnuPG
Summary(pt_BR.UTF-8): libgcrypt é uma biblioteca de criptografia de uso geral baseada no GnuPG
Name: libgcrypt
Version: 1.5.2
-Release: 1
+Release: 2
License: LGPL v2.1+
Group: Libraries
Source0: ftp://ftp.gnupg.org/gcrypt/libgcrypt/%{name}-%{version}.tar.bz2
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/libgcrypt.git/commitdiff/ffb9394c493d5a834391d5fbb54744eff201bcb4
More information about the pld-cvs-commit
mailing list