Release notes for 2.29
Post date: Dec 14, 2019 6:28:52 PM
Bugs filed against this release:
cap_to_text() https://bugzilla.kernel.org/show_bug.cgi?id=206183 (fixed in 2.30)
fakeroot incompatibility (psx fallout) https://bugzilla.kernel.org/show_bug.cgi?id=206539 (fixed in 2.32)
Backward incompatibility in handling of 'all' in the cap_to/from_text() functions:
'all' now means 'all named capabilities' and not 'all possible capabilities'
the prior behavior of 'all' was no longer useful for process capabilities, and only useful for file-capabilities because of a kernel bug.
changes:
install libpsx.a in addition to libcap.a (the library is small and because of a need for linker wrapping, we don't plan to build it dynamically)
install the libcap/cap and libcap/psx Go packages (if built)
Tons of man page updates catching up and documenting new convenience functions
Added libcap functionality related to modes and some convenience functions:
Introduce the concept of a libcap mode: cap_get_mode(), cap_set_mode(), cap_mode_name():
PURE1E - disable setuid fixup mechanism for privilege-less uid=0, fully disabled ambient capabilities
PURE1E_INIT - PURE1E plus a clear Inheritable set
NOPRIV - PURE1E_INIT plus empty Permitted and Effective sets and an empty bounding set
Other modes are described as UNCERTAIN.
Add convenience functions for:
manipulating securebits (useful for implementing modes): cap_get_secbits(), cap_set_secbits().
setting all the *uid's: cap_setuid() without dropping process capabilities
setting all the *gid's: cap_setgroups() two calls in one: setgid() + setgroups()
The "libcap/cap" Go package is now at parity with libcap.
In the absence of native Go support for POSIX semantics on system calls, "libcap/cap" uses the psx mechanism via CGo linkage.
I've migrated the contrib/golang/go.patch from 2.28 to https://go-review.googlesource.com/c/go/+/210639 where I'll hopefully be able to get this into the mainstream Go runtime.
The PAM module pam_cap now supports (developed in collaboration with Knut Omang and Christoph Lameter):
@group syntax for identifying users collectively from the groups they are members of (as per getgroups())
As before, the first rule to match the authenticating user wins, so put users on lines before @groups
cap_foo syntax (as it did previously) means "raise this capability in the inheritable set for this user"
!cap_foo syntax to mean "drop this capability from the bounding set for this user"
^cap_bar syntax to mean "raise this capability in both the inheritable and ambient sets".