Similar to suid binaries, abuild will now error out if the package
includes binaries with setcap(8) capabilities but doesn't have `setcap`
in `$options`. This eases identifying package which ship binaries
with extra capabilities.
Furthermore, if these binaries are executable by others a warning is
emitted. This warning could be changed to an error in the future.
The recommendation is to make such binaries only executable by owner
and group, thereby requiring the system administrator to explicitly
add users to a specific group in order to give them accesses to these
capabilities.
See: https://gitlab.alpinelinux.org/alpine/tsc/-/issues/45
Discussion: This change requires abuild to depend on the `libcap`
package for the `getcap` binary. It does not seem to be possible
at the moment to use scanelf(1) to identify these binaries.
Packages installing python3 site packages for python3 in version 3.x.y
depend on python3~3.x. This automatically adds the required
dependencies.
Unit test cases have been added by reusing the `py3-foo-and-bar` test
package. However, the path of that has been renamed to contain spaces
to be extra sure the logic is safe in regrade to spaces in path
names.
Currently, abuild stores the license variable ad-verbatim in the PKGINFO
file. This causes many downstream systems to fail. For example, `apk
info` won't show anything after the newline, our webview that lists
licenses do not show these either.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
psykose
Sören Tempel
Sören Tempel
Marian Buschsieweke
Natanael Copa
Olliver Schinagl
Alex Xu (Hello71)
Alex D.
Leo
Kevin Daudt