[arch-commits] Commit in shadow/trunk (PKGBUILD shadow.install)
Dave Reisner
dreisner at archlinux.org
Thu Aug 1 18:04:21 UTC 2019
Date: Thursday, August 1, 2019 @ 18:04:21
Author: dreisner
Revision: 358862
upgpkg: shadow 4.7-2
- apply filecaps to newuidmap/newgidmap instead of setuid (FS#63248)
Added:
shadow/trunk/shadow.install
Modified:
shadow/trunk/PKGBUILD
----------------+
PKGBUILD | 3 ++-
shadow.install | 15 +++++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2019-08-01 14:12:28 UTC (rev 358861)
+++ PKGBUILD 2019-08-01 18:04:21 UTC (rev 358862)
@@ -3,7 +3,7 @@
pkgname=shadow
pkgver=4.7
-pkgrel=1
+pkgrel=2
pkgdesc="Password and account management tool suite with support for shadow files and PAM"
arch=('x86_64')
url='https://github.com/shadow-maint/shadow'
@@ -28,6 +28,7 @@
passwd
shadow.{timer,service}
useradd.defaults)
+install=shadow.install
sha1sums=('SKIP'
'33a6cf1e44a1410e5c9726c89e5de68b78f5f922'
'4ad0e059406a305c8640ed30d93c2a1f62c2f4ad'
Added: shadow.install
===================================================================
--- shadow.install (rev 0)
+++ shadow.install 2019-08-01 18:04:21 UTC (rev 358862)
@@ -0,0 +1,15 @@
+setcaps() {
+ # shadow ships these as setuid, but if we can apply file caps, use those instead.
+ setcap cap_setuid+ep usr/bin/newuidmap 2>/dev/null && chmod -s usr/bin/newuidmap
+ setcap cap_setgid+ep usr/bin/newgidmap 2>/dev/null && chmod -s usr/bin/newgidmap
+}
+
+post_install() {
+ setcaps
+}
+
+post_upgrade() {
+ setcaps
+}
+
+# vim:set ts=2 sw=2 et:
More information about the arch-commits
mailing list