[Git][archlinux/packaging/packages/sssd][main] Remove unnecessary capabilities from proxy_child (Fixes #5)

Fri, 25 Oct 2024 11:08:46 -0700 


Massimiliano Torromeo pushed to branch main at Arch Linux / Packaging / 
Packages / sssd


Commits:
b6e16d6b by Massimiliano Torromeo at 2024-10-25T19:43:39+02:00
Remove unnecessary capabilities from proxy_child (Fixes #5)

- - - - -


4 changed files:

- .SRCINFO
- PKGBUILD
- sssd-perms.service
- sssd-perms.tmpfile


Changes:

=====================================
.SRCINFO
=====================================
@@ -1,7 +1,7 @@
 pkgbase = sssd
        pkgdesc = System Security Services Daemon
        pkgver = 2.10.0
-       pkgrel = 4
+       pkgrel = 5
        url = https://github.com/SSSD/sssd
        arch = x86_64
        license = GPL-3.0-or-later
@@ -43,7 +43,7 @@ pkgbase = sssd
        validpgpkeys = C13CD07FFB2DB1408E457A3CD3D21B2910CF6759
        sha512sums = 
d237ff135fb21bcd1040787d6dfe8fa383290fbae1f15c6917284beb38dd95ecf6418335302e26be40c65e44e8b44135499eec0b98119ea53a38098ac0bc1e2c
        sha512sums = SKIP
-       sha512sums = 
197d43ab693cf875a2ae02de9973b812c134ab6086fd1e74c170b34bfbd48e2e7fa5987081f5ef39f2103750762be0d1502aa1a6e50b3b69e9e51ee6a06c970e
-       sha512sums = 
2f32c18f9f2f6c3a9197395186b9a5ea172f6deb56513e4348ea1176736c6796f13093b8d584bba9fb6d58bc12c5cd0c251b2941c0b294525483254721a9f70a
+       sha512sums = 
382b38070343440a5807d81993e696e28b04658c9f4c71cfafcd0032b79e2f0a70ec0283f0a40808f29395a8313e7f64a5cc095692bd05f8e2270876768c58b5
+       sha512sums = 
21646ea5900340c1b0a69c79fc72b0d3e360d56e04dc0daf7947024a420d214a931365e684e8f7cfd37c959327e6909ad4c0d6c3a8186153bca870f508dad486
 
 pkgname = sssd


=====================================
PKGBUILD
=====================================
@@ -3,7 +3,7 @@
 
 pkgname=sssd
 pkgver=2.10.0
-pkgrel=4
+pkgrel=5
 pkgdesc="System Security Services Daemon"
 arch=('x86_64')
 url="https://github.com/SSSD/sssd";
@@ -50,8 +50,8 @@ 
source=("https://github.com/SSSD/$pkgname/releases/download/$pkgver/$pkgname-$pk
         "sssd-perms.tmpfile")
 
sha512sums=('d237ff135fb21bcd1040787d6dfe8fa383290fbae1f15c6917284beb38dd95ecf6418335302e26be40c65e44e8b44135499eec0b98119ea53a38098ac0bc1e2c'
             'SKIP'
-            
'197d43ab693cf875a2ae02de9973b812c134ab6086fd1e74c170b34bfbd48e2e7fa5987081f5ef39f2103750762be0d1502aa1a6e50b3b69e9e51ee6a06c970e'
-            
'2f32c18f9f2f6c3a9197395186b9a5ea172f6deb56513e4348ea1176736c6796f13093b8d584bba9fb6d58bc12c5cd0c251b2941c0b294525483254721a9f70a')
+            
'382b38070343440a5807d81993e696e28b04658c9f4c71cfafcd0032b79e2f0a70ec0283f0a40808f29395a8313e7f64a5cc095692bd05f8e2270876768c58b5'
+            
'21646ea5900340c1b0a69c79fc72b0d3e360d56e04dc0daf7947024a420d214a931365e684e8f7cfd37c959327e6909ad4c0d6c3a8186153bca870f508dad486')
 validpgpkeys=('C13CD07FFB2DB1408E457A3CD3D21B2910CF6759')
 
 prepare() {
@@ -128,7 +128,6 @@ package() {
 
   setcap cap_chown,cap_dac_override,cap_setuid,cap_setgid=ep 
"$pkgdir"/usr/lib/sssd/sssd/krb5_child
   setcap cap_chown,cap_dac_override,cap_setuid,cap_setgid=ep 
"$pkgdir"/usr/lib/sssd/sssd/ldap_child
-  setcap cap_chown,cap_dac_override,cap_setuid,cap_setgid=ep 
"$pkgdir"/usr/lib/sssd/sssd/proxy_child
   setcap cap_dac_read_search=p "$pkgdir"/usr/lib/sssd/sssd/sssd_pam
 
   cd "$srcdir"


=====================================
sssd-perms.service
=====================================
@@ -4,7 +4,5 @@ ExecStartPre=+-/usr/bin/chgrp sssd /usr/lib/sssd/sssd/krb5_child
 ExecStartPre=+-/usr/bin/setcap 
cap_chown,cap_dac_override,cap_setuid,cap_setgid=ep 
/usr/lib/sssd/sssd/krb5_child
 ExecStartPre=+-/usr/bin/chgrp sssd /usr/lib/sssd/sssd/ldap_child
 ExecStartPre=+-/usr/bin/setcap 
cap_chown,cap_dac_override,cap_setuid,cap_setgid=ep 
/usr/lib/sssd/sssd/ldap_child
-ExecStartPre=+-/usr/bin/chgrp sssd /usr/lib/sssd/sssd/proxy_child
-ExecStartPre=+-/usr/bin/setcap 
cap_chown,cap_dac_override,cap_setuid,cap_setgid=ep 
/usr/lib/sssd/sssd/proxy_child
 ExecStartPre=+-/usr/bin/chgrp sssd /usr/lib/sssd/sssd/sssd_pam
 ExecStartPre=+-/usr/bin/setcap cap_dac_read_search=p 
/usr/lib/sssd/sssd/sssd_pam


=====================================
sssd-perms.tmpfile
=====================================
@@ -1,3 +1,4 @@
 z /etc/sssd/sssd.conf 600 sssd sssd -
 d /var/log/sssd - sssd sssd -
 Z /var/lib/sss - sssd sssd -
+z /usr/lib/sssd/sssd/proxy_child - - sssd -



View it on GitLab: 
https://gitlab.archlinux.org/archlinux/packaging/packages/sssd/-/commit/b6e16d6b4f15b514402f53a7249d4c44b5b48d16

-- 
View it on GitLab: 
https://gitlab.archlinux.org/archlinux/packaging/packages/sssd/-/commit/b6e16d6b4f15b514402f53a7249d4c44b5b48d16
You're receiving this email because of your account on gitlab.archlinux.org.

Reply via email to