Hello community, here is the log from the commit of package at for openSUSE:Factory checked in at 2013-11-20 10:23:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/at (Old) and /work/SRC/openSUSE:Factory/.at.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "at" Changes: -------- --- /work/SRC/openSUSE:Factory/at/at.changes 2013-10-22 14:50:20.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.at.new/at.changes 2013-11-20 10:23:26.000000000 +0100 @@ -1,0 +2,8 @@ +Tue Nov 12 15:37:29 UTC 2013 - mvysko...@suse.com + +- use old privs model (fixes bnc#849720) + * at-backport-old-privs.patch +- do not install sysvinit script and service file together +- add sticky bit to atjobs + +------------------------------------------------------------------- New: ---- at-backport-old-privs.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ at.spec ++++++ --- /var/tmp/diff_new_pack.zsUHR9/_old 2013-11-20 10:23:27.000000000 +0100 +++ /var/tmp/diff_new_pack.zsUHR9/_new 2013-11-20 10:23:27.000000000 +0100 @@ -62,6 +62,8 @@ #PATCH-FIX-OPENSUSE Set pid dir to /run not /var/run Patch22: at-piddir.patch Patch23: at-secure_getenv.patch +#PATCH-FIX-OPENSUSE backport privs from 3.1.8 (bnc#849720) +Patch24: at-backport-old-privs.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %{_sbindir}/useradd %{_sbindir}/groupadd %fillup_prereq %insserv_prereq PreReq: permissions @@ -98,6 +100,8 @@ %patch21 -p1 %patch22 %patch23 -p1 +%patch24 -p1 + %build rm -fv y.tab.c y.tab.h lex.yy.c lex.yy.o y.tab.o autoreconf -fiv @@ -107,10 +111,11 @@ --with-selinux \ --with-daemon_username=at \ --with-daemon_groupname=at + make %{?_smp_mflags} %install -mkdir -p $RPM_BUILD_ROOT/etc/{init.d,pam.d} +mkdir -p $RPM_BUILD_ROOT/etc/pam.d mkdir -p $RPM_BUILD_ROOT/usr/{bin,sbin,share/man/man{1,5,8}} mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates export CFLAGS="$RPM_OPT_FLAGS" @@ -119,15 +124,20 @@ # Don't install docs here in this way mkdir docs mv $RPM_BUILD_ROOT/%{_prefix}/doc/at/* docs/ + +%if ! %{has_systemd} +mkdir -p $RPM_BUILD_ROOT/etc/init.d install %SOURCE1 $RPM_BUILD_ROOT/etc/init.d/atd ln -sf ../../etc/init.d/atd $RPM_BUILD_ROOT%{_sbindir}/rcatd -install -m644 %SOURCE2 $RPM_BUILD_ROOT/etc/pam.d/atd -install -m644 %SOURCE3 $RPM_BUILD_ROOT/var/adm/fillup-templates -%if 0%{?has_systemd} +%else install -D -m 0644 %{S:5} %{buildroot}%{_unitdir}/atd.service %{__install} -D -m 0755 %{S:4} %{buildroot}%{_prefix}/lib/systemd/system-sleep/atd.sh +ln -sf ../../%{_sbindir}/service $RPM_BUILD_ROOT%{_sbindir}/rcatd %endif +install -m644 %SOURCE2 $RPM_BUILD_ROOT/etc/pam.d/atd +install -m644 %SOURCE3 $RPM_BUILD_ROOT/var/adm/fillup-templates + %pre %{_sbindir}/groupadd -g 25 -o -r at 2> /dev/null || : %{_sbindir}/useradd -r -o -g at -u 25 -s /bin/bash -c "Batch jobs daemon" -d /var/spool/atjobs at 2> /dev/null || : @@ -148,20 +158,22 @@ rm -f etc/init.d/at %{insserv_cleanup} fi -%{fillup_and_insserv -n atd atd } %set_permissions /usr/bin/at %if 0%{?has_systemd} %service_add_post atd.service +%else +%{fillup_and_insserv -n atd atd } %endif %verifyscript %verify_permissions -e /usr/bin/at %postun -%restart_on_update atd %insserv_cleanup %if 0%{?has_systemd} %service_del_postun atd.service +%else +%restart_on_update atd %endif %files @@ -169,7 +181,6 @@ %doc Problems Copyright COPYING README ChangeLog timespec %config(noreplace) /etc/at.deny %{_sbindir}/rcatd -%config /etc/init.d/atd %config %attr(644,root,root) /etc/pam.d/atd %verify(not mode) %attr(4750,root,trusted) %{_bindir}/at %{_bindir}/atq @@ -179,12 +190,14 @@ %{_sbindir}/atd %{_sbindir}/atrun %attr(700,at,at) %dir /var/spool/atspool -%attr(700,at,at) %dir /var/spool/atjobs +%attr(1770,at,at) %dir /var/spool/atjobs %attr(600,at,at) /var/spool/atjobs/.SEQ /var/adm/fillup-templates/sysconfig.atd %if 0%{?has_systemd} %{_unitdir}/atd.service %{_prefix}/lib/systemd/system-sleep/atd.sh +%else +%config /etc/init.d/atd %endif %changelog ++++++ at-backport-old-privs.patch ++++++ From: Michal Vyskocil <mvysko...@suse.com> Subject: Backport old privs at since 3.10 have substantially changed the priviledge model, which is tied to Debian setup of at. As SUSE does use a different layout, this patch introduces back the PRIV_START/PRIV_END + fchown where needed. References: https://bugzilla.novell.com/show_bug.cgi?id=849720 --- at.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) Index: at-3.1.13/at.c =================================================================== --- at-3.1.13.orig/at.c +++ at-3.1.13/at.c @@ -154,18 +154,11 @@ sigc(int signo) /* If the user presses ^C, remove the spool file and exit */ if (fcreated) { - /* PRIV_START - We need the unprivileged uid here since the file is owned by the real - (not effective) uid. - */ - setregid(real_gid, effective_gid); unlink(atfile); - setregid(effective_gid, real_gid); - /* + PRIV_END - */ } exit(EXIT_FAILURE); } @@ -325,18 +318,14 @@ writefile(time_t runtimer, char queue) * bit. Yes, this is a kluge. */ cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR); - seteuid(real_uid); if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY, S_IRUSR)) == -1) perr("Cannot create atjob file %.500s", atfile); - seteuid(effective_uid); if ((fd2 = dup(fd)) < 0) perr("Error in dup() of job file"); - /* if (fchown(fd2, real_uid, real_gid) != 0) perr("Cannot give away file"); - */ PRIV_END @@ -679,11 +668,7 @@ process_jobs(int argc, char **argv, int switch (what) { case ATRM: - /* - We need the unprivileged uid here since the file is owned by the real - (not effective) uid. - */ - setregid(real_gid, effective_gid); + PRIV_START if (queue == '=') { fprintf(stderr, "Warning: deleting running job\n"); @@ -693,7 +678,7 @@ process_jobs(int argc, char **argv, int rc = EXIT_FAILURE; } - setregid(effective_gid, real_gid); + PRIV_END done = 1; break; @@ -703,21 +688,25 @@ process_jobs(int argc, char **argv, int FILE *fp; int ch; - setregid(real_gid, effective_gid); - fp = fopen(dirent->d_name, "r"); + PRIV_START + + fp = fopen(dirent->d_name, "r"); + + PRIV_END if (fp) { while ((ch = getc(fp)) != EOF) { putchar(ch); } done = 1; + PRIV_START fclose(fp); + PRIV_END } else { perr("Cannot open %.500s", dirent->d_name); rc = EXIT_FAILURE; } - setregid(effective_gid, real_gid); } break; -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org