Your message dated Wed, 1 Jul 2015 09:57:35 -0400
with message-id <[email protected]>
and subject line was dealt with awhile back
has caused the Debian Bug report #690040,
regarding freeipmi: Build with PIE, bindnow, openfiles with O_EXCL and check
return status
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
690040: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690040
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: freeipmi
Version: 1.1.5-3
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu quantal ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following:
* debian/rules: Build with "-pie,-bindnow"
* debian/patches/0002_excel_when_opening_tmp.patch: Open files with O_EXCL.
* debian/patches/fix-Wunused-result.patch: Resolve -Wunused-result's
warnings, by checking for non-0 return.
I'm not sure fix-Wunused-result.patch adds any value to the latest experimental
package.
Thanks for considering the patch.
-- System Information:
Debian Release: wheezy/sid
APT prefers quantal-updates
APT policy: (500, 'quantal-updates'), (500, 'quantal-security'), (500,
'quantal')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.5.0-10-generic (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru freeipmi-1.1.5/debian/changelog freeipmi-1.1.5/debian/changelog
diff -Nru freeipmi-1.1.5/debian/patches/0002_excel_when_opening_tmp.patch freeipmi-1.1.5/debian/patches/0002_excel_when_opening_tmp.patch
--- freeipmi-1.1.5/debian/patches/0002_excel_when_opening_tmp.patch 1970-01-01 01:00:00.000000000 +0100
+++ freeipmi-1.1.5/debian/patches/0002_excel_when_opening_tmp.patch 2012-10-07 20:17:11.000000000 +0100
@@ -0,0 +1,26 @@
+Index: freeipmi-1.1.5/libipmiconsole/ipmiconsole_debug.c
+===================================================================
+--- freeipmi-1.1.5.orig/libipmiconsole/ipmiconsole_debug.c 2012-05-17 15:08:55.000000000 -0400
++++ freeipmi-1.1.5/libipmiconsole/ipmiconsole_debug.c 2012-10-02 10:32:04.755269452 -0400
+@@ -84,7 +84,7 @@
+ IPMICONSOLE_DEBUG_DIRECTORY,
+ IPMICONSOLE_DEBUG_FILENAME);
+
+- if ((console_debug_fd = open (filename, O_CREAT | O_APPEND | O_WRONLY, 0600)) < 0)
++ if ((console_debug_fd = open (filename, O_CREAT | O_APPEND | O_WRONLY | O_EXCL, 0600)) < 0)
+ {
+ console_debug_flags &= ~IPMICONSOLE_DEBUG_FILE;
+ IPMICONSOLE_DEBUG (("open: %s", strerror (errno)));
+Index: freeipmi-1.1.5/libipmiconsole/ipmiconsole_ctx.c
+===================================================================
+--- freeipmi-1.1.5.orig/libipmiconsole/ipmiconsole_ctx.c 2012-05-17 15:08:55.000000000 -0400
++++ freeipmi-1.1.5/libipmiconsole/ipmiconsole_ctx.c 2012-10-02 10:34:50.559273698 -0400
+@@ -351,7 +351,7 @@
+ c->config.hostname);
+
+ if ((c->debug.debug_fd = open (filename,
+- O_CREAT | O_APPEND | O_WRONLY,
++ O_CREAT | O_APPEND | O_WRONLY | O_EXCL,
+ 0600)) < 0)
+ {
+ c->config.debug_flags &= ~IPMICONSOLE_DEBUG_FILE;
diff -Nru freeipmi-1.1.5/debian/patches/fix-Wunused-result.patch freeipmi-1.1.5/debian/patches/fix-Wunused-result.patch
--- freeipmi-1.1.5/debian/patches/fix-Wunused-result.patch 1970-01-01 01:00:00.000000000 +0100
+++ freeipmi-1.1.5/debian/patches/fix-Wunused-result.patch 2012-10-09 12:27:26.000000000 +0100
@@ -0,0 +1,54 @@
+Description: Resolve -Wunused-result's warnings, by checking for non-0 return.
+ Patch not upstreamed, as trunk has refactored this case out.
+Author: Dave Walker (Daviey) <[email protected]>
+Forwarded: not-needed
+
+--- a/bmc-watchdog/bmc-watchdog.c
++++ b/bmc-watchdog/bmc-watchdog.c
+@@ -1692,7 +1692,8 @@
+ {
+ /* parent terminates */
+ char buf;
+- read(fds[0], &buf, 1);
++ if (read(fds[0], &buf, 1) < 0)
++ _err_exit ("read: %s", strerror (errno));
+ close(fds[1]);
+ close(fds[0]);
+ exit (0);
+@@ -1718,7 +1719,8 @@
+
+ umask (0);
+
+- write(fds[1], "a", 1);
++ if (write(fds[1], "a", 1) < 0)
++ _err_exit ("write: %s", strerror (errno));
+ close(fds[1]);
+ close(fds[0]);
+ for (i = 0; i < 64; i++)
+--- a/ipmidetectd/ipmidetectd.c
++++ b/ipmidetectd/ipmidetectd.c
+@@ -69,7 +69,8 @@
+ {
+ /* Terminate Parent */
+ char buf;
+- read(fds[0], &buf, 1);
++ if (read(fds[0], &buf, 1) < 0)
++ IPMIDETECTD_EXIT (("read: %s", strerror (errno)));
+ close(fds[1]);
+ close(fds[0]);
+ exit (0);
+@@ -86,10 +87,12 @@
+ if (pid != 0) /* Terminate 1st Child */
+ exit (0);
+
+- chdir ("/");
++ if (chdir ("/") < 0)
++ IPMIDETECTD_EXIT (("chdir: %s", strerror (errno)));
+
+ umask (0);
+- write(fds[1], "a", 1);
++ if (write(fds[1], "a", 1) < 0)
++ IPMIDETECTD_EXIT (("write: %s", strerror (errno)));
+ close(fds[1]);
+ close(fds[0]);
+
diff -Nru freeipmi-1.1.5/debian/patches/series freeipmi-1.1.5/debian/patches/series
--- freeipmi-1.1.5/debian/patches/series 2012-06-15 02:41:57.000000000 +0100
+++ freeipmi-1.1.5/debian/patches/series 2012-10-07 22:17:30.000000000 +0100
@@ -1,3 +1,5 @@
up_fixmanpages
deb_bmc-watchdog_noRUN
0001-Fix-Wformat-security-warnings.patch
+0002_excel_when_opening_tmp.patch
+fix-Wunused-result.patch
diff -Nru freeipmi-1.1.5/debian/rules freeipmi-1.1.5/debian/rules
--- freeipmi-1.1.5/debian/rules 2012-06-15 02:41:57.000000000 +0100
+++ freeipmi-1.1.5/debian/rules 2012-10-07 20:17:11.000000000 +0100
@@ -4,6 +4,8 @@
# We use some bashisms
SHELL=/bin/bash
+export DEB_BUILD_MAINT_OPTIONS=hardening=+pie,+bindnow
+
# mega rule -- Joey knows how to do the rest
%:
dh $@ --with autotools_dev
--- End Message ---
--- Begin Message ---
Version: 1.2.3
--
Yaroslav O. Halchenko, Ph.D.
http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org
Research Scientist, Psychological and Brain Sciences Dept.
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419
WWW: http://www.linkedin.com/in/yarik
--- End Message ---
