- filecap shows full capabilities if a file has any

libcap-ng-0.6.4-file.patch

@@ -0,0 +1,16 @@
+diff -urp libcap-ng-0.6.4.orig/src/cap-ng.c libcap-ng-0.6.4/src/cap-ng.c
+--- libcap-ng-0.6.4.orig/src/cap-ng.c	2010-04-27 18:10:54.000000000 -0400
++++ libcap-ng-0.6.4/src/cap-ng.c	2010-04-27 18:43:27.000000000 -0400
+@@ -287,8 +287,10 @@ static int load_data(const struct vfs_ca
+ 	m.data.v3[0].inheritable = FIXUP(filedata->data[0].inheritable);
+ 	m.data.v3[1].inheritable = FIXUP(filedata->data[1].inheritable);
+ 	if (magic & VFS_CAP_FLAGS_EFFECTIVE) {
+-		m.data.v3[0].effective = 0xFFFFFFFFU;
+-		m.data.v3[1].effective = 0xFFFFFFFFU;
++		m.data.v3[0].effective =
++			m.data.v3[0].permitted | m.data.v3[0].inheritable;
++		m.data.v3[1].effective =
++			m.data.v3[1].permitted | m.data.v3[1].inheritable;
+ 	} else {
+ 		m.data.v3[0].effective = 0;
+ 		m.data.v3[1].effective = 0;

libcap-ng.spec

@@ -3,11 +3,12 @@
 Summary: An alternate posix capabilities library
 Name: libcap-ng
 Version: 0.6.3
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: LGPLv2+
 Group: System Environment/Libraries
 URL: http://people.redhat.com/sgrubb/libcap-ng
 Source0: http://people.redhat.com/sgrubb/libcap-ng/%{name}-%{version}.tar.gz
+Patch1: libcap-ng-0.6.4-file.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: kernel-headers >= 2.6.11 
 BuildRequires: libattr-devel
@@ -50,6 +51,7 @@ lets you set the file system based capabilities.
 
 %prep
 %setup -q
+%patch1 -p1
 
 %build
 %configure --libdir=/%{_lib}
@@ -108,6 +110,9 @@ rm -rf $RPM_BUILD_ROOT
 %attr(0644,root,root) %{_mandir}/man8/*
 
 %changelog
+* Wed Apr 28 2010 Steve Grubb <sgrubb@redhat.com> 0.6.3-2
+- filecap shows full capabilities if a file has any
+
 * Thu Mar 11 2010 Steve Grubb <sgrubb@redhat.com> 0.6.3-1
 - New upstream release