From 0fc6506ba8ce4b495a782285f706a4a7a88c55e8 Mon Sep 17 00:00:00 2001
From: Tomas Bzatek <tbzatek@redhat.com>
Date: Tue, 10 May 2011 14:54:54 +0200
Subject: [PATCH] Improved libcap-ng patches

---
 gnome-keyring-3.1.2-caps-ext-check.patch    | 49 ++++++++++++++++++++
 gnome-keyring-3.1.2-caps-warn-unavail.patch | 50 +++++++++++++++++++++
 gnome-keyring.spec                          | 12 ++++-
 3 files changed, 110 insertions(+), 1 deletion(-)
 create mode 100644 gnome-keyring-3.1.2-caps-ext-check.patch
 create mode 100644 gnome-keyring-3.1.2-caps-warn-unavail.patch

diff --git a/gnome-keyring-3.1.2-caps-ext-check.patch b/gnome-keyring-3.1.2-caps-ext-check.patch
new file mode 100644
index 0000000..50b4aa3
--- /dev/null
+++ b/gnome-keyring-3.1.2-caps-ext-check.patch
@@ -0,0 +1,49 @@
+From fd0bf3d36f3295fbc7c6d4bed34e2d2849764e68 Mon Sep 17 00:00:00 2001
+From: Vincent Untz <vuntz@gnome.org>
+Date: Fri, 6 May 2011 14:14:21 +0200
+Subject: [PATCH] Improved checks for fs capabilities, and drop unneeded ones
+
+If we have fs capabilities, we first need to check that we really do
+have ipc_lock, and if that's the case we just keep ipc_lock and drop
+everything else.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=649560
+---
+ daemon/gkd-capability.c |   19 +++++++++++++++++--
+ 1 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/daemon/gkd-capability.c b/daemon/gkd-capability.c
+index 5b47f4e..e15200a 100644
+--- a/daemon/gkd-capability.c
++++ b/daemon/gkd-capability.c
+@@ -71,11 +71,26 @@ gkd_capability_obtain_capability_and_drop_privileges (void)
+ 				early_error ("failed dropping capabilities");
+ 			break;
+ 		case CAPNG_FAIL:
+-		case CAPNG_NONE:
+ 			early_error ("error getting process capabilities");
+ 			break;
++		case CAPNG_NONE:
++			early_error ("insufficient process capabilities");
++			break;
+ 		case CAPNG_PARTIAL: /* File system based capabilities */
+-                        break;
++			if (!capng_have_capability (CAPNG_EFFECTIVE, CAP_IPC_LOCK)) {
++				early_error ("insufficient process capabilities");
++				break;
++			}
++
++			/* Drop all capabilities except ipc_lock */
++			capng_clear (CAPNG_SELECT_BOTH);
++			if (capng_update (CAPNG_ADD,
++					  CAPNG_EFFECTIVE|CAPNG_PERMITTED,
++					  CAP_IPC_LOCK) != 0)
++				early_error ("error dropping process capabilities");
++			if (capng_apply (CAPNG_SELECT_BOTH) != 0)
++				early_error ("error dropping process capabilities");
++			break;
+ 	}
+ #endif /* HAVE_LIBCAPNG */
+ }
+-- 
+1.7.4.2
diff --git a/gnome-keyring-3.1.2-caps-warn-unavail.patch b/gnome-keyring-3.1.2-caps-warn-unavail.patch
new file mode 100644
index 0000000..085de9d
--- /dev/null
+++ b/gnome-keyring-3.1.2-caps-warn-unavail.patch
@@ -0,0 +1,50 @@
+From 156f6f318daa782cd209c90ed69a0d24595af5d1 Mon Sep 17 00:00:00 2001
+From: Vincent Untz <vuntz@gnome.org>
+Date: Fri, 6 May 2011 14:18:00 +0200
+Subject: [PATCH] Accept to run if ipc_lock capability is not available
+
+We print a warning about potential use of unsecure memory, but still
+run (and drop unneeded capabilities if we have some). This is better
+than nothing.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=649560
+---
+ daemon/gkd-capability.c |   13 +++++++++++--
+ 1 files changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/daemon/gkd-capability.c b/daemon/gkd-capability.c
+index e15200a..92c000c 100644
+--- a/daemon/gkd-capability.c
++++ b/daemon/gkd-capability.c
+@@ -42,6 +42,12 @@ early_error (const char *err_string)
+ 	exit (1);
+ }
+ 
++static void
++early_warning (const char *warn_string)
++{
++	fprintf (stderr, "gnome-keyring-daemon: %s\n", warn_string);
++}
++
+ #endif /* HAVE_LIPCAPNG */
+ 
+ /*
+@@ -74,11 +80,14 @@ gkd_capability_obtain_capability_and_drop_privileges (void)
+ 			early_error ("error getting process capabilities");
+ 			break;
+ 		case CAPNG_NONE:
+-			early_error ("insufficient process capabilities");
++			early_warning ("insufficient process capabilities, unsecure memory might get used");
+ 			break;
+ 		case CAPNG_PARTIAL: /* File system based capabilities */
+ 			if (!capng_have_capability (CAPNG_EFFECTIVE, CAP_IPC_LOCK)) {
+-				early_error ("insufficient process capabilities");
++				early_warning ("insufficient process capabilities, unsecure memory might get used");
++				/* Drop all capabilities */
++				capng_clear (CAPNG_SELECT_BOTH);
++				capng_apply (CAPNG_SELECT_BOTH);
+ 				break;
+ 			}
+ 
+-- 
+1.7.4.2
diff --git a/gnome-keyring.spec b/gnome-keyring.spec
index f8891ab..ba97a9a 100644
--- a/gnome-keyring.spec
+++ b/gnome-keyring.spec
@@ -8,13 +8,18 @@
 Summary: Framework for managing passwords and other secrets
 Name: gnome-keyring
 Version: 3.1.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2+ and LGPLv2+
 Group: System Environment/Libraries
 #VCS: git:git://git.gnome.org/gnome-keyring
 Source: http://download.gnome.org/sources/gnome-keyring/3.0/gnome-keyring-%{version}.tar.bz2
 URL: http://www.gnome.org
 
+# Improve checks for fs capabilities
+# https://bugzilla.gnome.org/show_bug.cgi?id=649560
+Patch6: gnome-keyring-3.1.2-caps-ext-check.patch
+Patch7: gnome-keyring-3.1.2-caps-warn-unavail.patch
+
 BuildRequires: glib2-devel >= %{glib2_version}
 BuildRequires: gtk3-devel >= %{gtk3_version}
 BuildRequires: dbus-devel >= %{dbus_version}
@@ -65,6 +70,8 @@ automatically unlock the "login" keyring when the user logs in.
 
 %prep
 %setup -q -n gnome-keyring-%{version}
+%patch6 -p1 -b .caps-ext-check
+%patch7 -p1 -b .caps-warn-unavail
 
 %build
 autoreconf -i -f
@@ -138,6 +145,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas
 
 
 %changelog
+* Tue May 10 2011 Tomas Bzatek <tbzatek@redhat.com> - 3.1.1-2
+- Improved libcap-ng patches
+
 * Mon May  9 2011 Tomas Bzatek <tbzatek@redhat.com> - 3.1.1-1
 - Update to 3.1.1