Linux From Scratch (w/Pacman) - Version r12.3-6-wip

Chapter 8. Installing Basic System Software

8.35. Libcap-2.75

The Libcap package implements the userspace interface to the POSIX 1003.1e capabilities available in Linux kernels. These capabilities partition the all-powerful root privilege into a set of distinct privileges.

Approximate build time: less than 0.1 SBU
Required disk space: 3.0 MB

8.35.1. Installation of Libcap

Create the PKGBUILD for the Libcap package with the following commands: 

mkdir /sources/libcap
cd /sources/libcap
cat > PKGBUILD << "REALEOF"
# Maintainer: Linux From Scratch <lfs-dev@lists.linuxfromscratch.org>

pkgname="libcap"
pkgver="2.75"
pkgrel="1"
pkgdesc="The Libcap package implements the user-space interfaces to the POSIX 1003.1e capabilities available in Linux kernels."
arch=('x86'
      'x86_64')
url="https://sites.google.com/site/fullycapable/"
license=('BSD3C'
         'GPLv2')
groups=('core')
depends=('glibc')
makedepends=('attr'
             'bash'
             'binutils'
             'coreutils'
             'gcc'
             'make'
             'perl'
             'sed')
optdepends=('linux-pam')
backup=('etc/security/capability.conf')
source=('https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/libcap-2.75.tar.xz')
md5sums=('9406193ddb794dfbf9e71490053085f9')
    
prepare() {
  cd "${pkgname}-${pkgver}"
  # Prevent installation of the static library
  sed -i '/install -m.*STA/d' libcap/Makefile
}

build() {
  cd "${pkgname}-${pkgver}"
  make pefix=/usr lib=lib
  make -C pam_cap
}

check() {
  cd "${pkgname}-${pkgver}"
  make test
}

package() {
  cd "${pkgname}-${pkgver}"
  make prefix=/usr lib=lib FAKEROOT="${pkgdir}" install
  install -vdm755 "${pkgdir}"/{etc,usr/lib}/security
  install -v -m755 pam_cap/pam_cap.so "${pkgdir}/usr/lib/security"
  install -v -m644 pam_cap/capability.conf "${pkgdir}/etc/security"
}
REALEOF

The meaning of the make option:

lib=lib

This parameter sets the library directory to /usr/lib rather than /usr/lib64 on x86_64. It has no effect on x86.

Prepare the build directory for the pacman user and build the package: 

chown -R root:pacman .
chmod 2775 .
chmod 664 PKGBUILD
su pacman -c 'makepkg -L --nodeps'

Add the newly created package to the central package repository: 

cp libcap-2.75-1-$(uname -m).pkg.tar.xz \
   /srv/pacman/repos/LFS/
repo-add /srv/pacman/repos/LFS/LFS.db.tar.xz \
         /srv/pacman/repos/LFS/libcap-2.75-1-$(uname -m).pkg.tar.xz

Update the local cache and install the Libcap package: 

pacman -Syu
pacman -S libcap --overwrite \* -dd --noconfirm

Finally, copy the source files into the source repository and clean up the build directory: 

mkdir /srv/pacman/source/LFS/libcap
cp PKGBUILD /srv/pacman/source/LFS/libcap
cd /sources
rm -rf libcap

8.35.2. Contents of Libcap

Installed programs: capsh, getcap, getpcaps, and setcap
Installed library: libcap.so, libpsx.so, and pam_cap.so

Short Descriptions

capsh

A shell wrapper to explore and constrain capability support

getcap

Examines file capabilities

getpcaps

Displays the capabilities of the queried process(es)

setcap

Sets file capabilities

libcap

Contains the library functions for manipulating POSIX 1003.1e capabilities

libpsx

Contains functions to support POSIX semantics for syscalls associated with the pthread library

pam_cap

Linux-PAM madule for libcap