* [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps
@ 2020-11-06 21:55 whoizit
2020-11-07 19:28 ` Piraty
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: whoizit @ 2020-11-06 21:55 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1481 bytes --]
New issue by whoizit on void-packages repository
https://github.com/void-linux/void-packages/issues/26188
Description:
<!-- Don't request update of package. We have a script for that. https://alpha.de.repo.voidlinux.org/void-updates/void-updates.txt . However, a quality pull request may help. -->
### System
* xuname:
*output of ``xuname`` (part of xtools)*
```
~ $ xuname
Do you want to import this public key? [Y/n] Y
Void 5.8.18_1 x86_64 AuthenticAMD notuptodate rF
```
* package:
*affected package(s) including the version*: ``xbps-query -p pkgver <pkgname>``
yggdrasil-0.3.14_2
### Expected behavior
### Actual behavior
### Steps to reproduce the behavior
```
~ $ doas /etc/sv/yggdrasil/run
setpriv: libcap-ng is too old for "all" caps
~ $ xrs libcap
[*] libcap-2.45_1 POSIX.1e capabilities suite
[-] libcap-devel-2.45_1 POSIX.1e capabilities suite - development files
[*] libcap-ng-0.8_2 Alternate POSIX capabilities library
[-] libcap-ng-devel-0.8_2 Alternate POSIX capabilities library - development files
[-] libcap-ng-progs-0.8_2 Alternate POSIX capabilities library - utilities
[-] libcap-ng-python-0.8_2 Alternate POSIX capabilities library - transitional dummy pkg
[-] libcap-ng-python3-0.8_2 Alternate POSIX capabilities library - Python3 bindings
[-] libcap-pam-2.34_1 POSIX.1e capabilities suite - PAM module
[*] libcap-progs-2.45_1 POSIX.1e capabilities suite - utilities
```
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: yggdrasil: setpriv: libcap-ng is too old for "all" caps
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
@ 2020-11-07 19:28 ` Piraty
2020-11-07 20:57 ` jcgruenhage
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Piraty @ 2020-11-07 19:28 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 155 bytes --]
New comment by Piraty on void-packages repository
https://github.com/void-linux/void-packages/issues/26188#issuecomment-723484844
Comment:
@jcgruenhage
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: yggdrasil: setpriv: libcap-ng is too old for "all" caps
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
2020-11-07 19:28 ` Piraty
@ 2020-11-07 20:57 ` jcgruenhage
2020-11-07 22:00 ` ericonr
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: jcgruenhage @ 2020-11-07 20:57 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 414 bytes --]
New comment by jcgruenhage on void-packages repository
https://github.com/void-linux/void-packages/issues/26188#issuecomment-723494668
Comment:
The bug is not in yggdrasil or our package. It needs to be fixed by rebuilding some lib with newer kernel headers, but tbh, I don't know enough about that.
The 0.3.15 update PR disables the dropping of all privileges, which works around this, but it's not merged yet
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: yggdrasil: setpriv: libcap-ng is too old for "all" caps
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
2020-11-07 19:28 ` Piraty
2020-11-07 20:57 ` jcgruenhage
@ 2020-11-07 22:00 ` ericonr
2020-11-07 22:19 ` ericonr
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: ericonr @ 2020-11-07 22:00 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 262 bytes --]
New comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/issues/26188#issuecomment-723500552
Comment:
The plan was to wait on the 5.10 release for a new `kernel-libc-headers` package. We could queue a libcap rebuild then.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: yggdrasil: setpriv: libcap-ng is too old for "all" caps
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
` (2 preceding siblings ...)
2020-11-07 22:00 ` ericonr
@ 2020-11-07 22:19 ` ericonr
2020-11-08 8:37 ` jcgruenhage
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: ericonr @ 2020-11-07 22:19 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 251 bytes --]
New comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/issues/26188#issuecomment-723502298
Comment:
> The bug is not in yggdrasil or our package.
It is our package, more specifically the yggdrasil service.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: yggdrasil: setpriv: libcap-ng is too old for "all" caps
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
` (3 preceding siblings ...)
2020-11-07 22:19 ` ericonr
@ 2020-11-08 8:37 ` jcgruenhage
2020-11-08 14:24 ` ericonr
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: jcgruenhage @ 2020-11-08 8:37 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 231 bytes --]
New comment by jcgruenhage on void-packages repository
https://github.com/void-linux/void-packages/issues/26188#issuecomment-723546597
Comment:
@ericonr Isn't this a bug in util-linux which causes things to break in our service?
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: yggdrasil: setpriv: libcap-ng is too old for "all" caps
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
` (4 preceding siblings ...)
2020-11-08 8:37 ` jcgruenhage
@ 2020-11-08 14:24 ` ericonr
2020-12-30 3:45 ` ericonr
2020-12-30 3:45 ` [ISSUE] [CLOSED] " ericonr
7 siblings, 0 replies; 9+ messages in thread
From: ericonr @ 2020-11-08 14:24 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 366 bytes --]
New comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/issues/26188#issuecomment-723584190
Comment:
Kinda? I'm not sure if it's a bug or intended, so I reached out to upstream util-linux, which might end up with me reaching out to upstream libcap-ng as well.
But still, we were the ones who added setpriv to the service.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: yggdrasil: setpriv: libcap-ng is too old for "all" caps
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
` (5 preceding siblings ...)
2020-11-08 14:24 ` ericonr
@ 2020-12-30 3:45 ` ericonr
2020-12-30 3:45 ` [ISSUE] [CLOSED] " ericonr
7 siblings, 0 replies; 9+ messages in thread
From: ericonr @ 2020-12-30 3:45 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 285 bytes --]
New comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/issues/26188#issuecomment-752317558
Comment:
This has been temporarily fixed; I will see about backporting the util-linux changes so we can re-enable dropping capabilities in the service.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [ISSUE] [CLOSED] yggdrasil: setpriv: libcap-ng is too old for "all" caps
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
` (6 preceding siblings ...)
2020-12-30 3:45 ` ericonr
@ 2020-12-30 3:45 ` ericonr
7 siblings, 0 replies; 9+ messages in thread
From: ericonr @ 2020-12-30 3:45 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1484 bytes --]
Closed issue by whoizit on void-packages repository
https://github.com/void-linux/void-packages/issues/26188
Description:
<!-- Don't request update of package. We have a script for that. https://alpha.de.repo.voidlinux.org/void-updates/void-updates.txt . However, a quality pull request may help. -->
### System
* xuname:
*output of ``xuname`` (part of xtools)*
```
~ $ xuname
Do you want to import this public key? [Y/n] Y
Void 5.8.18_1 x86_64 AuthenticAMD notuptodate rF
```
* package:
*affected package(s) including the version*: ``xbps-query -p pkgver <pkgname>``
yggdrasil-0.3.14_2
### Expected behavior
### Actual behavior
### Steps to reproduce the behavior
```
~ $ doas /etc/sv/yggdrasil/run
setpriv: libcap-ng is too old for "all" caps
~ $ xrs libcap
[*] libcap-2.45_1 POSIX.1e capabilities suite
[-] libcap-devel-2.45_1 POSIX.1e capabilities suite - development files
[*] libcap-ng-0.8_2 Alternate POSIX capabilities library
[-] libcap-ng-devel-0.8_2 Alternate POSIX capabilities library - development files
[-] libcap-ng-progs-0.8_2 Alternate POSIX capabilities library - utilities
[-] libcap-ng-python-0.8_2 Alternate POSIX capabilities library - transitional dummy pkg
[-] libcap-ng-python3-0.8_2 Alternate POSIX capabilities library - Python3 bindings
[-] libcap-pam-2.34_1 POSIX.1e capabilities suite - PAM module
[*] libcap-progs-2.45_1 POSIX.1e capabilities suite - utilities
```
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2020-12-30 3:45 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-06 21:55 [ISSUE] yggdrasil: setpriv: libcap-ng is too old for "all" caps whoizit
2020-11-07 19:28 ` Piraty
2020-11-07 20:57 ` jcgruenhage
2020-11-07 22:00 ` ericonr
2020-11-07 22:19 ` ericonr
2020-11-08 8:37 ` jcgruenhage
2020-11-08 14:24 ` ericonr
2020-12-30 3:45 ` ericonr
2020-12-30 3:45 ` [ISSUE] [CLOSED] " ericonr
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).