[ypserv] Use O_CLOEXEC when opening pid file to avoid SELinux issues Resolves: #809120
Honza Horak
hhorak at fedoraproject.org
Mon Apr 16 10:33:40 UTC 2012
commit 55ad40a9b9597e132fdc25e068d450dc64c194d9
Author: Honza HorĂ¡k <hhorak at redhat.com>
Date: Mon Apr 16 12:33:17 2012 +0200
Use O_CLOEXEC when opening pid file to avoid SELinux issues
Resolves: #809120
ypserv-2.27-cloexec.patch | 12 ++++++++++++
ypserv.spec | 8 +++++++-
2 files changed, 19 insertions(+), 1 deletions(-)
---
diff --git a/ypserv-2.27-cloexec.patch b/ypserv-2.27-cloexec.patch
new file mode 100644
index 0000000..874f895
--- /dev/null
+++ b/ypserv-2.27-cloexec.patch
@@ -0,0 +1,12 @@
+diff -up ypserv-2.26/lib/pidfile.c.cloexec ypserv-2.26/lib/pidfile.c
+--- ypserv-2.26/lib/pidfile.c.cloexec 2011-04-15 16:49:41.000000000 +0200
++++ ypserv-2.26/lib/pidfile.c 2012-04-13 20:49:55.643903727 +0200
+@@ -33,7 +33,7 @@ create_pidfile (const char *filename, co
+ char pbuf[50], *ptr;
+ struct flock lock;
+
+- fd = open (filename, O_CREAT | O_RDWR,
++ fd = open (filename, O_CREAT | O_RDWR | O_CLOEXEC,
+ S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+ if (fd < 0)
+ {
diff --git a/ypserv.spec b/ypserv.spec
index 687d7b2..79354c7 100644
--- a/ypserv.spec
+++ b/ypserv.spec
@@ -2,7 +2,7 @@ Summary: The NIS (Network Information Service) server
Url: http://www.linux-nis.org/nis/ypserv/index.html
Name: ypserv
Version: 2.27
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Group: System Environment/Daemons
Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/ypserv-%{version}.tar.bz2
@@ -32,6 +32,7 @@ Patch12: ypserv-2.26-shadow.patch
Patch13: ypserv-2.26-errmsg.patch
Patch14: ypserv-2.26-emptydomain.patch
Patch16: ypserv-2.27-confpost.patch
+Patch17: ypserv-2.27-cloexec.patch
BuildRequires: compat-gdbm-devel
BuildRequires: systemd-units
@@ -72,6 +73,7 @@ machines.
%patch13 -p1 -b .errmsg
%patch14 -p1 -b .emptydomain
%patch16 -p1 -b .confpost
+%patch17 -p1 -b .cloexec
autoreconf
@@ -176,6 +178,10 @@ exit 0
%{_includedir}/*/*
%changelog
+* Fri Apr 13 2012 Honza Horak <hhorak at redhat.com> - 2.27-2
+- Use O_CLOEXEC when opening pid file to avoid SELinux issues
+ Resolves: #809120
+
* Wed Feb 01 2012 Honza Horak <hhorak at redhat.com> - 2.27-1
- Update to new upstream version, which fixes several bugs
(removing patches that aren't needed any more)
More information about the scm-commits
mailing list