New features with AN-2013-05-10: This is the first localization step for the schily source consolidation. Many programs now (hopefully) call gettext() for all strings that need localization. - The next step will include dgettext() calls for the libraries and the missing programs - The following step will include the extracted strings - The last step will include German translations and install support for the resulting binary message object files. ----------> Please test and report compilation problems! <--------- ***** NOTE: As mentioned since 2004, frontends to the tools should ***** ***** call all programs in the "C" locale ***** ***** by e.g. calling: LC_ALL=C cdrecord .... ***** ***** unless these frontends support localized strings ***** ***** used by the cdrtools with NLS support. ***** - Fixed a typo in include/schily/stat.h that caused setting nanoseonds in timestamps to be impossible for NetBSD and OpenBSD. Thanks to a hint from Thomas Klausner - -new-dir-mode in mkisofs now just superseeds the effect of -dir-mode on directories that have been "invented" by mkisofs. This is a more intuitive behavior. - The job processing code has been moved from smake/make.c -> smake/job.c This is another preparation to allow to deal with future versions os smake that will unclude support for parallel job execution. - Fixed a typo in the sccs.1 man page - cdrtools version bumped to 3.01a14 - New autoconf tests for sys/capability.h and cap_*() functions from Linux -lcap WARNING: If you do not see this: checking for sys/capability.h... yes ... checking for cap_get_proc in -lcap... yes checking for cap_get_proc... yes checking for cap_set_proc... yes checking for cap_set_flag... yes checking for cap_clear_flag... yes your Linux installation is insecure in case you ever use the command "setcap" to set up file capabilities for executable commands. Note that cdrtools (as any other command) need to be capabylity aware in order to avoid security leaks with enhanced privileges. In most cases, privileges are only needed for a very limited set of operations. If cdrtools (cdrecord, cdda2wav, readcd) are installed suid-root, the functions to control privileges are in the basic set of supported functions and thus there is no problem for any program to control it's privileges - if they have been obtained via suid root, you are on a secure system. If you are however on an incomplete installation, that supports to raise privileges via fcaps but that does not include developer support for caps, the programs get the privileges without being able to know about the additional privileges and thus keep them because they cannot control them. WARNING: If you are on a Linux system that includes support for fcaps (this is seems to be true for all newer systems with Linux >= 2.6.24) and there is no development support for capabilities in the base system, you are on an inherently insecure system that allows to compile and set up programs with enhanced privileges that cannot control them. In such a case, try to educate the security manager for the related Linux distribution. Note that you may turn your private installation into a secure installation by installing development support for libcap. - Allow to compile without Linux libcap using "smake COPTX=-DNO_LINUX_CAPS LIB_CAP=" - The autofconf tests for broken Linux kernel headers now avoid to warn for /usr/src/linux/include if this directory is missing. - include/schily/priv.h now includes sys/capabilitiy.h if available. - Trying to support suid-root-less installation of librscg users on Linux. librscg now understands that a non-root program may be able to create sockets for a privileged port. - Trying to support suid-root-less installation of cdrecord on Linux. NOTE: You need "file caps" support built into your Linux installation. Call: setcap cap_sys_resource,cap_dac_override,cap_sys_admin,cap_sys_nice,cap_net_bind_service,cap_ipc_lock,cap_sys_rawio+ep /opt/schily/bin/cdrecord To set up the capabilities on Linux. - Trying to support suid-root-less installation of cdda2wav on Linux. NOTE: You need "file caps" support built into your Linux installation. Call: setcap cap_dac_override,cap_sys_admin,cap_sys_nice,cap_net_bind_service,cap_sys_rawio+ep /opt/schily/bin/cdda2wav To set up the capabilities on Linux. - Trying to support suid-root-less installation of readcd on Linux. NOTE: You need "file caps" support built into your Linux installation. Call: setcap cap_dac_override,cap_sys_admin,cap_net_bind_service,cap_sys_rawio+ep /opt/schily/bin/readcd To set up the capabilities on Linux. - Btcflash, scgcheck and scgckeleton now link against $(LIB_CAP) also as librscg needs it on Linux - mkisofs now links now $(LIB_CAP) also as librscg needs it on Linux - Trying to support suid-root-less installation of librmt users on Linux. librmt now understands that a non-root program may be able to create sockets for a privileged port. - Several small man page and -help fixes for star and spax. - WARNING: the include structure of include/schily/*.h and several sources has been restructured to cause less warnings with older OS platforms. If you see any new problem on your personal platform, please report. - New includefiles: schily/poll.h Support poll() schily/stdarg.h An alias to schily/varargs.h (but using the std name) schily/sunos4_proto.h Missing prototypes for SunOS-4.x to make gcc quiet schily/timeb.h Needed for users of ftime() - Many minor bug-fixes for the files include/schily/*.h - Added #include to libdeflt - Rename variable "utime" to "uxtime" in libhfs_iso to avoid a compiler warning - Added #include to libschily/fnmatch.c - Added #include to libedc - dirname -> dir_name in libfind to avoid a gcc warning - Include file reordering in cdda2wav to avoid warnings on older platforms - Make mkisofs compile without -DUDF and without -DDVD_VIDEO Thanks to a hint from rmd4work@mail.ru - Include file reordering in smake to avoid warnings on older platforms - dirname -> dir_name in smake to avoid a gcc warning - Include file reordering in copy to avoid warnings on older platforms - Added #include to lndir - Include file reordering in match to avoid warnings on older platforms - Include file reordering in sformat to avoid warnings on older platforms - Include file reordering in star to avoid warnings on older platforms - Include file reordering in ved to avoid warnings on older platforms - Include file reordering SCCS defines.h to avoid warnings on older platforms - Include file reordering SCCS delta.c to avoid warnings on older platforms - Include file reordering SCCS xtzset.c to avoid warnings on older platforms - dirname -> dir_name in SCCS fatal.c to avoid a gcc warning - Include file reordering in the Bourne Shell to avoid warnings on older platforms - Include file reordering in bsh to avoid warnings on older platforms Author: Joerg Schilling D-13353 Berlin Germany Email: joerg@schily.isdn.cs.tu-berlin.de, js@cs.tu-berlin.de joerg.schilling@fokus.fraunhofer.de Please mail bugs and suggestions to me.