From 96d68053a0a5f9153f68b9dabbaf533743efff36 Mon Sep 17 00:00:00 2001
From: Toshaan Bharvani <toshaan@powerel.org>
Date: Wed, 25 May 2022 00:24:46 +0200
Subject: [PATCH] initial package creation

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>
---
 ...001-pkg-config-Fix-installation-path.patch |  23 +++
 ...7-cmake-config-fix-installation-path.patch |   6 +
 SOURCES/uid_wrapper.keyring                   | Bin 0 -> 3432 bytes
 SPECS/uid_wrapper.spec                        | 192 ++++++++++++++++++
 4 files changed, 221 insertions(+)
 create mode 100644 SOURCES/0001-pkg-config-Fix-installation-path.patch
 create mode 100644 SOURCES/uid_wrapper-1.2.7-cmake-config-fix-installation-path.patch
 create mode 100644 SOURCES/uid_wrapper.keyring
 create mode 100644 SPECS/uid_wrapper.spec

diff --git a/SOURCES/0001-pkg-config-Fix-installation-path.patch b/SOURCES/0001-pkg-config-Fix-installation-path.patch
new file mode 100644
index 0000000..e9bcfb0
--- /dev/null
+++ b/SOURCES/0001-pkg-config-Fix-installation-path.patch
@@ -0,0 +1,23 @@
+From 7b3211858d07cb93f89c1fd5eaa178f14e1f1968 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Wed, 12 Feb 2020 09:52:40 +0100
+Subject: [PATCH] pkg-config: Fix installation path
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+---
+ uid_wrapper.pc.cmake | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/uid_wrapper.pc.cmake b/uid_wrapper.pc.cmake
+index c15d3be..7e0095c 100644
+--- a/uid_wrapper.pc.cmake
++++ b/uid_wrapper.pc.cmake
+@@ -1,4 +1,4 @@
+ Name: @PROJECT_NAME@
+ Description: The uid_wrapper library
+ Version: @PROJECT_VERSION@
+-Libs: @CMAKE_INSTALL_LIBDIR@/@UID_WRAPPER_LIB@
++Libs: @CMAKE_INSTALL_FULL_LIBDIR@/@UID_WRAPPER_LIB@
+-- 
+2.24.1
+
diff --git a/SOURCES/uid_wrapper-1.2.7-cmake-config-fix-installation-path.patch b/SOURCES/uid_wrapper-1.2.7-cmake-config-fix-installation-path.patch
new file mode 100644
index 0000000..d159122
--- /dev/null
+++ b/SOURCES/uid_wrapper-1.2.7-cmake-config-fix-installation-path.patch
@@ -0,0 +1,6 @@
+index 0a3e3fd..43ab1fa 100644
+--- a/uid_wrapper-config.cmake.in
++++ b/uid_wrapper-config.cmake.in
+@@ -1 +1 @@
+-set(UID_WRAPPER_LIBRARY @CMAKE_INSTALL_LIBDIR@/@UID_WRAPPER_LIB@)
++set(UID_WRAPPER_LIBRARY @CMAKE_INSTALL_FULL_LIBDIR@/@UID_WRAPPER_LIB@)
diff --git a/SOURCES/uid_wrapper.keyring b/SOURCES/uid_wrapper.keyring
new file mode 100644
index 0000000000000000000000000000000000000000..411bf36750f0fc4a8856034415e39c7116559ee4
GIT binary patch
literal 3432
zcma*p_ct4i!ocx}QL!m1M$D?3u}kf!7>&Kfo>jzNwfC+*)QGKCjjC0OQpBF2iW)Uz
zuiB;D=e_5i^FF`a_q_kZ=X}pM8%R!|t2L&GM+F!>lQPCyyIvl`cuN@$-G>|ou&}^A
zn93lyCo!q)4>ia3)el-n*1nj^vXJGQThLGx{NnCp;L^s1(PBlSFEXaSzqiqHCY|Id
zZL;oMaJk9*-Y}D^u@0LTMT-kB>#wDZL;*&GW~y!D9OJcT_H}-W3Uz%p8N&m4CUS7>
zD-$(<Q0Rin2ZbvT#4@%p*p-6Qpdn}&eXD!b!oW3Vdv^x`%vCCkv$DP~_2;fG63dDF
z)Vs*PTRs0wyTTsNR1PXoSSG@*;uag+hDv{3K1O>KGF!hH;-%I|{sgrT=$64vNgx3y
zk6cyafMfnTZk;oDS-&XwToz$?4HG2<BD)9|X7ff8jPsXm%i$S=KY8d3tEZznrNI)=
zqjaR2ssOtUGg1@3&Nq2i=-WuipLf^WR->@AT|d5v#;2?GmSH}<BXQipud9?v=-6?)
zEFl^7%MWlpPmdQYRRGfLVs}1vgvFDr6%@0(K300ZJTX!3RY`)`CaE)#hx`LVvr}%e
zw1yY=Vl9bO0{7wPt+iuxg<oG5>!`IX4V3Z4b)oAz=2pZRy9};;0<bn_kHW4QJPZ?9
zFgKvbSpU$^a#zQG7AK5?ngP4ulU-$2=Jd6T^k!DL6~I_`{q;q=hhIf)1TMT-6|QOK
z#hda}=ONmQm@=o48D>gB`uUi48bFN)z-#1IbhGocxAtPwvvqQ_e_?0u$tGj%<)&ck
z8Q|`Xa(&_QQV`|oC>IZuA-InR1aJeH@b8g=i0|P8@rdY%fglo60(u}m9uR^Dd=N$m
z)YY0y1%mMaBp|B4(I7_fG-dsvRDkl6bCGmiA5G$Wu-n+uzoaaMu@$LFQM>wT1WY?3
zkl`S1YZ{^K;Uc068akUF1?XQKYWin<?<+A|Y2ZU<kZ^2GPcRAH38F?<39)cFRo0M{
zfK)D$ybXdHo>R_qf+5tTaDS_T&5Ma%Qm@G;UzWb@ER&0dP!?BHkITj|CtGNKbVNej
z^lkm9-UehnIPes}p8v8%fo!NF=Q^yS+AIR;^i0_BpS^!=Kj~h~_;AMZ4aWG-`p&!R
zpR#c?AE884S%wnC0!E2!;Y>4$>5i8V5ANh!F7EuIOa^XfzIy*w!jmz`@A~n$ZZ3Kg
z_oO8&P2}g~Fh|=CGB}UT*PCi)s-!iX!EppqJumx>_>mJMVZVI0?SbIjgQ{c_NSakw
z`4M;YuIJ}Z9T^iUjIA37yxz}`Mmtk$DQGlQZ;o7J6d{8@R}%Vub^jQ{AoY1A!V6a}
zv)ZQ)9{<)V|MRryQ3(L|g3`GU8lUg+XGNQ0987ZjhsSeg755GLk>uV|j8CTO-17Gv
zp;H2@iV;>N2EwE?4A%-Jox5bFe5|m>t#R1^fctzM(v~NmEYbIh+dMvRX}aigPdaE%
z?Nu{Q8@b}hI16GDuQ{koe6uP1gVwzmj*n|oJw`I`<@$kdICa^!IpsB8Hl<_3bj@{R
zmU>q6v#(>p&V~FexOG?~`+s5PW$kKX{U2dc{}#si{}A?1UUBM_cZOh|e%=GAb4Kd6
zX+>srORAGXdV`JT-=yuy#W_)o!oK<w5n8|m4<5;?^L~}u)hu%kA`n62Cf3wg7lNVh
zQKuQrvg+-QJ_O+}Y^L8Z#vl`fv4QJuZN_L*mKxwri6mHuztuWXot>ZSI-9@xf^BSv
z%Hk}`Yyao{>7sq?s3>&C@=*tymxWj=yV^oAKmHzcTphuh`yDHy4=kVKb4hh>DFyk-
zU>-M>wcYvD^B8qsX(~3PB-dPhXkLknp5KaY-ZvbDy87eWgJ-Bw9f8=4N$8C91iw8`
zxj*TZjb$9wiJnswT}*k;O^OA**D2X9!-em&Su-eTo|Cn54lh)QPr;w+x&gCH@u7_-
zEQZR+2z`&wMOyH6uMiEFGewgo`PtW&$&<ujL+<=8NfYy%(%gz79oCu7Lb}g<rU!!s
zr6$F>5lODY-`63il0sKZbPatrF_~toqOs)!+e-?K*ID_Amsgsij+&6!VzOiML>Vxu
zrco_mQ;jwd<&lWc7-53eO(L}0lB|1YJ#F88*WM>ZZcrE#eiJEks%aCtQb%tjjR8BV
ze7pCKRwR=|cZgMesASEajgof2Q-(qgESH*UV_8zy#P7$N3%ykl@H*wxT&qn<Y2QS)
zb0!JEFN?I0uQb)=!x_P6ZykS$#hiDc5w{vyLh_9q|Am*Qy`7V_x1cS`_3wiH#}^^c
z@CIk{e=7T@FSsZbpvTa>ymykBQMd5%ow{~hF8%j}XMNe#iHeLGSoPE)gOBbfoSALf
zF?Id99)$^fWAle0j3GA8$=k(dm|1WKh^YXkr)_>fIZ>LNGUFuWq_5mS#HG@*PjJEQ
zACBeFxIa7yBjx`~J5-Doq1CXpq^eOvX?jP}k|sAm#uCHfwFU$pi%jP&lN)i$i<_<%
zI#iH+507AW6^$2<rFB>V7H8@fG~a&Wx-THchjmwYw&=@&@rvXivU!*&R<0WENa@&U
zw49x3)}*`1l7lmjgiRu1s^nx<&`BfX@d8O}pC=;Dm@oHpi!NUXN4qbJ(ywyFJOT%*
zGt*8_A;rAPm-So5$dFu#0;sp@%kpA->Z9tJ(U=;XJC|feP;3osXIaj=qvT`Ic%BEf
zMW1;8Wb||V1yWEW;B>RaL(dU%C6CpshsL)Z@IWA2<@He-4n)I~_vGcynDD7n(F%9M
ztLI{euUf!LrBHpc^W?3`t&vasi6N}_tKo*D_)WA=zE!@?{A&?VL$KoO)~|}TvfS7+
zUXclP7$|wNZ6!TZU{elwB=Wp2$7HA(H6Xwl4^tcrnF>Le61(<)4BH5lK`(He^UGy*
z%b`7!GiNz&5S>wD4`49*&E0Cr$t-DGPI5I&KYqekSA0EePKz{T#EXasY{9c6dv{yv
zL%{X<f3FEUcO4}anUf#2&WFuY9Dlxiy<hKu?~}3{>H@+be$s7xul(fTdfJuJ;uyp)
z6t3uCz<)`528o7Nyd$l2l|Y5&XPoxUyIdGMRwuhk6WWJ9^{u<7yf3T#u|{}N_jm0p
ziG*>B&4R**r*0}{4{oPZYS;#x*!+in_-dxU5>=M*(Q(>mhqs_R4`+9##H{rQDNmd$
z<3GL8m+<sdGPM2bt85rcnlbx3j&ys+ad~WnSHEpcNB8I?{?K>A2c+HN0Em|MzNi4e
zszZ^O3|CJCW&}y2kY0M)Q)(7n%-OHtW{!&MCPB`pRyAe6PtJ9^PT^+x5Ms?2lpEcg
zxLE42T2Q;)-@I2rN3bZf`ZGVsESUm*azDxK)1S)?X1dOY6Fk110>vSA>xs@(83LvN
zrqZ8RqPwhP2MbDS8dN(KLk<<PcIoI7CV{$~1iP)O)}3Dv#?U$O>M0^X91Y&-2YtVD
z7BEl8V*IU1za57kjLA}OZbyBE4RPh&y<U51m;K|*WkyL(d-Ze_B8|+AJ2#`{oy2p~
z%fX><C6}K?76V0o^C`_khP8GWv)*38V@BzX25k^&b_2E^DS0BY)Z@F1=8unNeq}hY
zxARwiM-i^4o2J$i>8`PFdQ<wg2&gHeMis)8M2ZRHuARlw*ihq+!WUbMBzb$s1MX)3
zzNUB}D*?mbHw5~h;Tcl|GLikW819plx6<MSCR1{4S$tQEiccC_9kqt}-@J)R@KO@2
zn?l>S*AN%(*I0Dhl5g_`w+fV-wDz^?%e-M<C3)!{^t4?_TS_UL^8wlmS0VjkPt0b0
z!2pFBbm^l_JIf1@?xcus3k^TE5jk9&CKbocB|@#VrP+QMzk%ap@W3IK(5a6k_Y;C@
zPo%@WHEP%btZO6Qe^okPJv4Zxfj7jfayx1{G7NeWeJaLAp|sVUSF}$RJ3^z*!VLRz
zvt_0Sp9q^0<xU>C+^^F)pKXO*>8GLAobn_18oHSlg1D@CVQ@t^{77jP+?~bsVsupi
zx!ysj!tWst*4B-=Dlp12NVb<o>B|9bzI+YYMDxj^+?*_K=k1?_vXW+YMq5Fgxu<yI
z73AXcQXG+%_Af+SWC4-kK~oR45ff-Lb1iWx_+rleU3#diM(^1R;zGf90!!plR61*C
zs=9p%aNF+C0P%>;00GLv7ozi8D%0m6&DgGm$ag&vThM`$#;S<X723K2s$e<|&q7lQ
zW1P`E+<>->ro4Abem9=|F=4Q<)fXi_hC?5-{)I4qJ<*-gGX^b5V}^M4xQA-l?J3`=
z+j%iAdqjf#6K6CNg}+~#7iki!4|J-=5~{hT*G;m(8i?A7`d1HoY>4HBTts484LyV#
WZDm2tMA4T=UAs2at-!xR8~z2&g;JCN

literal 0
HcmV?d00001

diff --git a/SPECS/uid_wrapper.spec b/SPECS/uid_wrapper.spec
new file mode 100644
index 0000000..5fbe6fd
--- /dev/null
+++ b/SPECS/uid_wrapper.spec
@@ -0,0 +1,192 @@
+Name:           uid_wrapper
+Version:        1.2.7
+Release:        7%{?dist}
+
+Summary:        A wrapper for privilege separation
+License:        GPLv3+
+Url:            http://cwrap.org/
+
+Source0:        https://ftp.samba.org/pub/cwrap/%{name}-%{version}.tar.gz
+Source1:        https://ftp.samba.org/pub/cwrap/%{name}-%{version}.tar.gz.asc
+Source2:        uid_wrapper.keyring
+
+Patch0:         0001-pkg-config-Fix-installation-path.patch
+Patch1:         uid_wrapper-1.2.7-cmake-config-fix-installation-path.patch
+
+BuildRequires:  gcc
+BuildRequires:  cmake
+BuildRequires:  gnupg2
+BuildRequires:  libcmocka-devel >= 1.1.0
+
+Recommends:     cmake
+Recommends:     pkgconfig
+
+%description
+Some projects like a file server need privilege separation to be able to switch
+to the connection user and do file operations. uid_wrapper convincingly lies
+to the application letting it believe it is operating as root and even
+switching between UIDs and GIDs as needed.
+
+To use it set the following environment variables:
+
+LD_PRELOAD=libuid_wrapper.so
+UID_WRAPPER=1
+
+This package doesn't have a devel package cause this project is for
+development/testing.
+
+%prep
+gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
+%autosetup -p1
+
+%build
+%cmake \
+  -DUNIT_TESTING=ON
+%cmake_build
+
+%install
+%cmake_install
+
+%ldconfig_scriptlets
+
+%check
+%ctest
+
+%files
+%doc AUTHORS README.md ChangeLog
+%license LICENSE
+%{_libdir}/libuid_wrapper.so*
+%dir %{_libdir}/cmake
+%dir %{_libdir}/cmake/uid_wrapper
+%{_libdir}/cmake/uid_wrapper/uid_wrapper-config-version.cmake
+%{_libdir}/cmake/uid_wrapper/uid_wrapper-config.cmake
+%dir %{_libdir}/pkgconfig
+%{_libdir}/pkgconfig/uid_wrapper.pc
+%{_mandir}/man1/uid_wrapper.1*
+
+%changelog
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.7-7
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.7-6
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.7-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.7-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Mar 03 2020 Anderson Sasaki <ansasaki@redhat.com> - 1.2.7-3
+- Fix invalid library path in cmake configuration file (bz#1809275)
+
+* Wed Feb 12 2020 Andreas Schneider <asn@redhat.com> - 1.2.7-2
+- resolves: #1801869 - Fix invalid lib pkg-config lib path
+
+* Tue Feb 11 2020 Andreas Schneider <asn@redhat.com> - 1.2.7-1
+- Update to version 1.2.7
+  * Fix unsetting initial XIDs
+  * Fix manpage installation
+  * Fix cmake-config installation
+  * Fixed running with sanitizers
+- resolves: #1690028 - Allow running without RTLD_DEEPBIND
+
+* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Mon Jul 31 2017 Andreas Schneider <asn@redhat.com> - 1.2.4-1
+- Update to version 1.2.4
+  * Added deadlock workaround for glibc < 2.24
+  * Fixed a possible deadlock bug if uid_wrapper is turned off
+  * Logging is always turned on now
+  * Fixed a memory leak
+  * Limited number of groups during fork+exec
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Thu Jul 13 2017 Andreas Schneider <asn@redhat.com> - 1.2.2-1
+- Update to version 1.2.2:
+  * Added support for fork'ed and then exec'ed processes
+  * Added support for Alpha
+
+* Tue Jun 27 2017 Nils Philippsen <nils@redhat.com> - 1.2.1-3
+- drop requirements on cmake, pkgconfig and rather own the directories for the
+  files augmenting these packages
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Wed Mar 23 2016 Andreas Schneider <asn@redhat.com> - 1.2.1-1
+- Update to version 1.2.1
+  * Documented missing options.
+  * Fixed a comipilation issue with -O3.
+
+* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Thu Oct 29 2015 Andreas Schneider <asn@redhat.com> - 1.2.0-1
+- Update to version 1.2.0
+  * Added privilege checks for all set*uid and set*gid functions.
+  * Added a lot more and accurate tests which work as root.
+  * Fixed some minor issues
+
+* Wed Sep 02 2015 Andreas Schneider <asn@redhat.com> - 1.1.1-1
+- Update to version 1.1.1
+
+* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Wed Jan 21 2015 Andreas Schneider <asn@redhat.com> - 1.1.0-1
+- Update to version 1.1.0
+
+* Mon Dec 15 2014 Michael Adam <madam@redhat.com> - 1.0.2-5
+- Fix format errors in changelog.
+- Require cmake.
+- Don't own _libdir/pkgconfig, and require pkgconfig instead.
+
+* Thu Oct 02 2014 Andreas Schneider <asn@redhat.com> - 1.0.2-4
+- resolves: #1146410 - Do not own /usr/lib64/cmake.
+
+* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Mon Aug 04 2014 Marcin Juszkiewicz <mjuszkiewicz@redhat.com> - 1.0.2-2
+- Handle lack of SYS_access on AArch64
+
+* Thu Jul 31 2014 Andreas Schneider <asn@redhat.com> - 1.0.2-1
+- Update to version 1.0.2.
+
+* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Tue Mar 11 2014 Andreas Schneider <asn@redhat.com> - 1.0.1-3
+- Fix some typos.
+- resolves: #1060910 - Fedora import
+
+* Tue Feb 11 2014 Andreas Schneider <asn@redhat.com> - 1.0.1-2
+- Remove Group
+- Remove glibc-devel build requirement
+- Do not create a subpackage.
+
+* Tue Feb 04 2014 Andreas Schneider <asn@redhat.com> - 1.0.1-1
+- Update to version 1.0.1
+  * Added --libs to pkg-config.
+  * Added socket_wrapper-config.cmake
+  * Fixed a bug packaging the obj directory.
+
+* Mon Feb 03 2014 Andreas Schneider <asn@redhat.com> - 1.0.0-1
+- Initial version 1.0.0