From 5b332262bd823453d76cc258cf10beeb3cb33733 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Apr 10 2018 05:26:21 +0000 Subject: import acl-2.2.51-14.el7 --- diff --git a/SOURCES/acl-2.2.52-setfacl-man-page.patch b/SOURCES/acl-2.2.52-setfacl-man-page.patch new file mode 100644 index 0000000..f86f9ee --- /dev/null +++ b/SOURCES/acl-2.2.52-setfacl-man-page.patch @@ -0,0 +1,60 @@ +From ecee95a94420d6b0336d4caec6bc66b53442367b Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Thu, 19 May 2016 10:28:13 +0200 +Subject: [PATCH] setfacl.1: document the meaning of '-' in perms + +[agruen: Description further clarified.] + +Upstream-commit: ea3c6bb711e76d91759f8bf5475e1900362a3142 +Signed-off-by: Kamil Dudka +--- + man/man1/setfacl.1 | 28 +++++++++++++++++++++------- + 1 file changed, 21 insertions(+), 7 deletions(-) + +diff --git a/man/man1/setfacl.1 b/man/man1/setfacl.1 +index 0c7c046..e092e51 100644 +--- a/man/man1/setfacl.1 ++++ b/man/man1/setfacl.1 +@@ -194,18 +194,32 @@ you can specify either a name or a number. + .PP + The + .I perms +-field is a combination of characters that indicate the permissions: read ++field is a combination of characters that indicate the read + .IR (r) , + write + .IR (w) , + execute +-.IR (x) , +-execute only if the file is a directory or already has execute permission +-for some user +-.IR (X) . +-Alternatively, the ++.IR (x) ++permissions. Dash characters in the + .I perms +-field can be an octal digit (0\-7). ++field ++.IR (\-) ++are ignored. The character ++.I X ++stands for the execute permission if the file is a directory or already has ++execute permission for some user. Alternatively, the ++.I perms ++field can define the permissions numerically, as a bit-wise combination of read ++.IR (4) , ++write ++.IR (2) , ++and execute ++.IR (1) . ++Zero ++.I perms ++fields or ++.I perms ++fields that only consist of dashes indicate no permissions. + .PP + .SS AUTOMATICALLY CREATED ENTRIES + Initially, files and directories contain only the three base ACL entries +-- +2.5.5 + diff --git a/SOURCES/acl-2.2.52-setfacl-restore-initialize.patch b/SOURCES/acl-2.2.52-setfacl-restore-initialize.patch new file mode 100644 index 0000000..2a6dd43 --- /dev/null +++ b/SOURCES/acl-2.2.52-setfacl-restore-initialize.patch @@ -0,0 +1,40 @@ +From eb123384d1e4001b62a578ec1df53aa23016aed3 Mon Sep 17 00:00:00 2001 +From: Andreas Gruenbacher +Date: Fri, 17 Mar 2017 10:17:01 +0100 +Subject: [PATCH] setfacl --restore: Silence valgrind + +Valgrind complains that setfacl --restore triggers uninitialized memory +accesses to cmd->c_tag and cmd->c_perm of CMD_REMOVE_ACL commands in +do_set (http://savannah.nongnu.org/bugs/?50566). In this case, the +uninitialized memory accesses have no effect. Silence valgrind by +initializing cmd->c_tag and cmd->c_perm anyway. + +Upstream-commit: 33f01b5d5bd98fceee0ba46cdbddb60b36fc650e +Signed-off-by: Kamil Dudka +--- + setfacl/sequence.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/setfacl/sequence.c b/setfacl/sequence.c +index a418b23..5ed182e 100644 +--- a/setfacl/sequence.c ++++ b/setfacl/sequence.c +@@ -29,7 +29,14 @@ cmd_t + cmd_init( + void) + { +- return (cmd_t)malloc(sizeof(struct cmd_obj)); ++ cmd_t cmd; ++ ++ cmd = malloc(sizeof(struct cmd_obj)); ++ if (cmd) { ++ cmd->c_tag = ACL_UNDEFINED_TAG; ++ cmd->c_perm = 0; ++ } ++ return cmd; + } + + +-- +2.9.4 + diff --git a/SPECS/acl.spec b/SPECS/acl.spec index 3eab8d6..36af094 100644 --- a/SPECS/acl.spec +++ b/SPECS/acl.spec @@ -1,7 +1,7 @@ Summary: Access control list utilities Name: acl Version: 2.2.51 -Release: 12%{?dist} +Release: 14%{?dist} BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: gawk BuildRequires: gettext @@ -20,6 +20,12 @@ Patch6: acl-2.2.49-bz675451.patch # fix SIGSEGV of getfacl -e on overly long group name Patch7: acl-2.2.51-getfacl-segv.patch +# setfacl.1: document the meaning of '-' in perms (#1337039) +Patch8: acl-2.2.52-setfacl-man-page.patch + +# fix spurious acl_check() failure on setfacl --restore (#1451820) +Patch9: acl-2.2.52-setfacl-restore-initialize.patch + License: GPLv2+ Group: System Environment/Base URL: http://acl.bestbits.at/ @@ -58,6 +64,8 @@ defined in POSIX 1003.1e draft standard 17. %patch4 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 +%patch9 -p1 %build touch .census @@ -74,6 +82,11 @@ make %{?_smp_mflags} LIBTOOL="libtool --tag=CC" if ./setfacl/setfacl -m u:`id -u`:rwx .; then make tests || exit $? if test 0 = `id -u`; then + # test/root/permissions.test requires the 'daemon' user to be a member + # of the 'bin' group in order not to fail. Prevent the test from + # running if we detect that its requirements are not met (#1085389). + id -nG daemon | grep bin >/dev/null || rm -f test/root/permissions.test + make root-tests || exit $? fi else @@ -120,6 +133,13 @@ chmod 0755 $RPM_BUILD_ROOT/%{_libdir}/libacl.so.*.*.* %{_libdir}/libacl.so.* %changelog +* Thu May 18 2017 Kamil Dudka - 2.2.51-14 +- fix spurious acl_check() failure on setfacl --restore (#1451820) + +* Thu May 19 2016 Kamil Dudka - 2.2.51-13 +- avoid failure of %%check when building as root (#1085389) +- setfacl.1: document the meaning of '-' in perms (#1337039) + * Tue Jan 28 2014 Daniel Mach - 2.2.51-12 - Mass rebuild 2014-01-24