diff -Nru libcap2-2.24/debian/changelog libcap2-2.24/debian/changelog --- libcap2-2.24/debian/changelog 2016-04-21 19:48:44.000000000 +0000 +++ libcap2-2.24/debian/changelog 2016-04-21 21:06:26.000000000 +0000 @@ -1,6 +1,7 @@ -libcap2 (1:2.24-12ubuntu1~ns1) xenial; urgency=medium +libcap2 (1:2.24-12ubuntu1~ns2) xenial; urgency=medium * support use of security.nscapability + * Clean up two compiler warnings -- Serge Hallyn Thu, 21 Apr 2016 14:48:23 -0500 diff -Nru libcap2-2.24/debian/patches/cleanups libcap2-2.24/debian/patches/cleanups --- libcap2-2.24/debian/patches/cleanups 1970-01-01 00:00:00.000000000 +0000 +++ libcap2-2.24/debian/patches/cleanups 2016-04-21 20:56:55.000000000 +0000 @@ -0,0 +1,27 @@ +Index: libcap2-2.24/libcap/cap_text.c +=================================================================== +--- libcap2-2.24.orig/libcap/cap_text.c ++++ libcap2-2.24/libcap/cap_text.c +@@ -288,7 +288,8 @@ char *cap_to_name(cap_value_t cap) + #endif + char *tmp, *result; + +- asprintf(&tmp, "%u", cap); ++ if (asprintf(&tmp, "%u", cap) < 0) ++ return NULL; + result = _libcap_strdup(tmp); + free(tmp); + +Index: libcap2-2.24/pam_cap/pam_cap.c +=================================================================== +--- libcap2-2.24.orig/pam_cap/pam_cap.c ++++ libcap2-2.24/pam_cap/pam_cap.c +@@ -210,7 +210,7 @@ static void _pam_log(int err, const char + + static void parse_args(int argc, const char **argv, struct pam_cap_s *pcs) + { +- int ctrl=0; ++ int ctrl; + + /* step through arguments */ + for (ctrl=0; argc-- > 0; ++argv) { diff -Nru libcap2-2.24/debian/patches/series libcap2-2.24/debian/patches/series --- libcap2-2.24/debian/patches/series 2016-04-21 18:42:21.000000000 +0000 +++ libcap2-2.24/debian/patches/series 2016-04-21 20:55:30.000000000 +0000 @@ -5,3 +5,4 @@ Syntax-fixes-for-man-pages.patch Hide-private-symbols.patch support-ns-capability.patch +cleanups diff -Nru libcap2-2.24/debian/patches/support-ns-capability.patch libcap2-2.24/debian/patches/support-ns-capability.patch --- libcap2-2.24/debian/patches/support-ns-capability.patch 2016-04-21 19:45:19.000000000 +0000 +++ libcap2-2.24/debian/patches/support-ns-capability.patch 2016-04-21 21:02:09.000000000 +0000 @@ -2,7 +2,15 @@ =================================================================== --- libcap2-2.24.orig/libcap/cap_file.c +++ libcap2-2.24/libcap/cap_file.c -@@ -26,6 +26,74 @@ +@@ -9,6 +9,7 @@ + #include + #include + #include ++#include + + #define XATTR_SECURITY_PREFIX "security." + +@@ -26,6 +27,73 @@ #define FIXUP_32BITS(x) (x) #endif @@ -10,8 +18,7 @@ +#define XATTR_NS_NAME_CAPS "security.nscapability" +#define VFS_NSCAP_FLAGS_EFFECTIVE (1 << 8) + -+/* todo - what is range values on 32-bit? */ -+int in_nonroot_userns(void) ++static int in_nonroot_userns(void) +{ + int retval = 0, ret, fd = open("/proc/self/uid_map", O_RDONLY); + unsigned int min, max, range; @@ -20,7 +27,7 @@ + if (fd < 0) + return 0; + ret = read(fd, buf, 200); -+ if (ret < 0) ++ if (ret < 0) + goto out; + ret = sscanf(buf, "%u %u %u\n", &min, &max, &range); + if (ret != 3) @@ -145,7 +152,7 @@ return 0; /* success */ } -+cap_t do_getfd_nscap(int fildes) ++static cap_t do_getfd_nscap(int fildes) +{ + cap_t result; + @@ -171,7 +178,7 @@ + return result; +} + -+cap_t do_getfile_nscap(const char *filename) ++static cap_t do_getfile_nscap(const char *filename) +{ + cap_t result; + @@ -224,7 +231,7 @@ return result; } -+int do_fd_nscap(int fildes, cap_t cap_d) ++static int do_fd_nscap(int fildes, cap_t cap_d) +{ + struct vfs_cap_data rawvfscap; + int sizeofcaps; @@ -241,7 +248,7 @@ + return fsetxattr(fildes, XATTR_NS_NAME_CAPS, &rawvfscap, sizeofcaps, 0); +} + -+int do_file_nscap(int fildes, cap_t cap_d) ++static int do_file_nscap(const char *filename, cap_t cap_d) +{ + struct vfs_cap_data rawvfscap; + int sizeofcaps;