OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 25-Dec-2006 15:46:21
Branch: HEAD Handle: 2006122514462000
Modified files:
openpkg-src/phpbb phpbb.spec
Log:
introduce runtime directory to fix security issue
Summary:
Revision Changes Path
1.2 +28 -25 openpkg-src/phpbb/phpbb.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/phpbb/phpbb.spec
============================================================================
$ cvs diff -u -r1.1 -r1.2 phpbb.spec
--- openpkg-src/phpbb/phpbb.spec 25 Dec 2006 10:16:23 -0000 1.1
+++ openpkg-src/phpbb/phpbb.spec 25 Dec 2006 14:46:20 -0000 1.2
@@ -85,7 +85,7 @@
%{l_shtool} mkdir -f -p -m 755 \
$RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
$RPM_BUILD_ROOT%{l_prefix}/etc/phpbb \
- $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb \
+ $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime \
$RPM_BUILD_ROOT%{l_prefix}/var/phpbb/db \
$RPM_BUILD_ROOT%{l_prefix}/var/phpbb/log \
$RPM_BUILD_ROOT%{l_prefix}/var/phpbb/run
@@ -94,29 +94,34 @@
%{l_shtool} subst %{l_value -s -a} \
install/install_install.php
find . -name ".#*" -print | xargs rm -f
- cp -rp * $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/
- mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/install \
- $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/install.d
- mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/cache \
+ cp -rp * $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/
+
+ # post-adjustment: move risky install area out of runtime area
+ # (will be dynmically linked in again later)
+ mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/install \
+ $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/install
+
+ # post-adjustment: move writable areas out of runtime area
+ mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/cache \
$RPM_BUILD_ROOT%{l_prefix}/var/phpbb/db/cache
- ln -s ../../var/phpbb/db/cache \
- $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/cache
- mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/files \
+ ln -s ../../../var/phpbb/db/cache \
+ $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/cache
+ mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/files \
$RPM_BUILD_ROOT%{l_prefix}/var/phpbb/db/files
- ln -s ../../var/phpbb/db/files \
- $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/files
- mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/store \
+ ln -s ../../../var/phpbb/db/files \
+ $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/files
+ mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/store \
$RPM_BUILD_ROOT%{l_prefix}/var/phpbb/db/store
- ln -s ../../var/phpbb/db/store \
- $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/store
- mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/images/avatars/upload \
+ ln -s ../../../var/phpbb/db/store \
+ $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/store
+ mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/images/avatars/upload \
$RPM_BUILD_ROOT%{l_prefix}/var/phpbb/db/upload
- ln -s ../../../../var/phpbb/db/store \
- $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/images/avatars/upload
- mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/config.php \
+ ln -s ../../../../../var/phpbb/db/store \
+ $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/images/avatars/upload
+ mv $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/config.php \
$RPM_BUILD_ROOT%{l_prefix}/etc/phpbb/config.php
- ln -s ../../etc/phpbb/config.php \
- $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/config.php
+ ln -s ../../../etc/phpbb/config.php \
+ $RPM_BUILD_ROOT%{l_prefix}/lib/phpbb/runtime/config.php
# install run-command script
%{l_shtool} install -c -m 755 %{l_value -s -a} \
@@ -137,10 +142,11 @@
%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
%{l_files_std} \
'%config %{l_prefix}/etc/phpbb/*' \
- '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/etc/phpbb/config.php' \
+ '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/etc/phpbb/*' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/lib/phpbb' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/lib/phpbb/*' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/lib/phpbb/*/*' \
+ '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/lib/phpbb/*/*/*' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/phpbb' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/phpbb/*'
@@ -152,7 +158,7 @@
%post
if [ $1 -eq 1 ]; then
# display final hints on initial installation
- ln -s install.d $RPM_INSTALL_PREFIX/lib/phpbb/install
+ ln -s ../install $RPM_INSTALL_PREFIX/lib/phpbb/runtime/install
( echo "To complete the phpBB installation:"
echo "1. start the phpBB Apache:"
echo " \$ $RPM_INSTALL_PREFIX/etc/rc phpbb start"
@@ -160,7 +166,7 @@
echo " following URL and proceeding through its menus:"
echo " http://localhost:8080/phpbb/install/";
echo "3. cleanup after installation to enable run-time:"
- echo " \$ rm -f $RPM_INSTALL_PREFIX/lib/phpbb/install"
+ echo " \$ rm -f $RPM_INSTALL_PREFIX/lib/phpbb/runtime/install"
) | %{l_rpmtool} msg -b -t notice
elif [ $1 -eq 2 ]; then
# after upgrade, restart service
@@ -175,9 +181,6 @@
# before erase, stop service
%{l_rc} phpbb stop 2>/dev/null
- # uninstall
- $RPM_INSTALL_PREFIX/sbin/phpbb-setup uninstall
-
# remove run-time files
rm -f $RPM_INSTALL_PREFIX/var/phpbb/db/* >/dev/null 2>&1 || true
rm -f $RPM_INSTALL_PREFIX/var/phpbb/db/*/* >/dev/null 2>&1 || true
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
