rpms/scsi-target-utils/F-11 sysconfig.tgtd, NONE, 1.1 targets.conf, NONE, 1.1 tgt-snprintf-fix.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 scsi-target-utils.spec, 1.11, 1.12 sources, 1.6, 1.7 tgtd.init, 1.1, 1.2
Mike Christie
michaelc at fedoraproject.org
Fri Apr 9 04:21:45 UTC 2010
- Previous message: rpms/scsi-target-utils/F-12 sysconfig.tgtd, NONE, 1.1 targets.conf, NONE, 1.1 tgt-snprintf-fix.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 scsi-target-utils.spec, 1.13, 1.14 sources, 1.6, 1.7 tgtd.init, 1.1, 1.2
- Next message: rpms/mesa/F-13 .cvsignore, 1.51, 1.52 mesa.spec, 1.288, 1.289 sources, 1.54, 1.55
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: michaelc
Update of /cvs/pkgs/rpms/scsi-target-utils/F-11
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv3979
Modified Files:
.cvsignore scsi-target-utils.spec sources tgtd.init
Added Files:
sysconfig.tgtd targets.conf tgt-snprintf-fix.patch
Log Message:
Fix format string vulnerability (CVE-2010-0743)
--- NEW FILE sysconfig.tgtd ---
# configuration file
#TGTD_CONFIG=/etc/tgt/targets.conf
--- NEW FILE targets.conf ---
# This is a sample config file for tgt-admin.
# By default, tgt-admin looks for its config file in /etc/tgt/targets.conf
#
# The "#" symbol disables the processing of a line.
# This one includes other config files:
#include /etc/tgt/temp/*.conf
# Set the driver. If not specified, defaults to "iscsi".
default-driver iscsi
# Continue if tgtadm exits with non-zero code (equivalent of
# --ignore-errors command line option)
#ignore-errors yes
# Sample target with one LUN only. Defaults to allow access for all initiators:
#<target iqn.2008-09.com.example:server.target1>
# backing-store /dev/LVM/somedevice
#</target>
# Similar, but we use "direct-store" instead of "backing-store".
# "direct-store" reads drive parameters with sg_inq command and sets them to
# the target.
# Parameters fatched with sg_inq are:
# - Vendor identification
# - Product identification
# - Product revision level
# - Unit serial number (if present)
# We also specify "incominguser".
#<target iqn.2008-09.com.example:server.target2>
# direct-store /dev/sdd
# incominguser someuser secretpass12
#</target>
# An example with multiple LUNs, disabled write-cache (tgtd enables write-cache
# by default) and vendor identification set to "MyVendor"
#<target iqn.2008-09.com.example:server.target3>
# backing-store /dev/LVM/somedevice1 # Becomes LUN 1
# backing-store /dev/LVM/somedevice2 # Becomes LUN 2
# backing-store /dev/LVM/somedevice3 # Becomes LUN 3
# write-cache off
# vendor_id MyCompany Inc.
#</target>
# Similar to the one above, but we fetch vendor_id, product_id, product_rev and
# scsi_sn from the disks.
# Vendor identification (vendor_id) is replaced in all disks by "MyVendor"
#<target iqn.2008-09.com.example:server.target4>
# direct-store /dev/sdb # Becomes LUN 1
# direct-store /dev/sdc # Becomes LUN 2
# direct-store /dev/sdd # Becomes LUN 3
# write-cache off
# vendor_id MyCompany Inc.
#</target>
# Note that "first-device-first-lun numbering" will work only for simple
# scenarios above, where _only_ direct-store _or_ backing-store is used.
# If you mix backing-store and direct-store, then all backing-store entries
# are processed before direct-store-entries.
#<target iqn.2008-09.com.example:server.target4>
# direct-store /dev/sdb # Becomes LUN 3
# backing-store /dev/sdc # Becomes LUN 1
# direct-store /dev/sdd # Becomes LUN 4
# backing-store /dev/sde # Becomes LUN 2
#</target>
# Even more complicated example - each device has different parameters.
# You can use indentation to make the config file more readable.
# Note that LUNs will be assigned more or less randomly here (and still
# backing-store get LUNs assigned before drect-store).
# You can specify multiple mode_page parameters (they are commented out
# in this example).
# Note that some parameters (write-cache, scsi_sn) were specified "globally".
# "Global" parameters will be applied to all LUNs; they can be overwritten
# "locally", per LUN.
# If lun is not specified, it will be allocated automatically (first available).
#<target iqn.2008-09.com.example:server.target5>
# <direct-store /dev/sdd>
# vendor_id VENDOR1
# removable 1
# device-type cd
# lun 1
# </direct-store>
# <direct-store /dev/sda>
# vendor_id VENDOR2
# lun 2
# </direct-store>
# <backing-store /dev/sdb1>
# vendor_id back1
# scsi_sn SERIAL
# write-cache on
# lun 3 # lun is commented out - will be allocated automatically
# </backing-store>
# <backing-store /dev/sdd1>
# vendor_id back2
#mode_page 8:0:18:0x10:0:0xff....
#mode_page 8:0:18:0x10:0:0xff....
#bs-type aio
# lun 15
# </backing-store>
# Some more parameters which can be specified locally or globally:
#scsi_id ...
#scsi_sn ...
#vendor_id ...
#product_id ...
#product_rev ...
#sense_format ...
#removable ...
#online ...
#path ...
#mode_page 8:0:18:0x10:0:0xff....
#mode_page 8:0:18:0x10:0:0xff....
#device-type ...
#bs-type ... # backing store type - default rdwr, can be aio, mmap, etc...
#allow-in-use yes # if specified globally, can't be overwritten locally
# write-cache off
# scsi_sn multipath-10
# Parameters below are only global. They can't be configured per LUN.
# Only allow connections from 192.168.100.1 and 192.168.200.5
# initiator-address 192.168.100.1
# initiator-address 192.168.200.5
# Tuning parameters (global, per target)
#MaxRecvDataSegmentLength 8192
#MaxXmitDataSegmentLength 8192
#HeaderDigest None
#DataDigest None
#InitialR2T Yes
#MaxOutstandingR2T 1
#ImmediateData Yes
#FirstBurstLength 65536
#MaxBurstLength 262144
#DataPDUInOrder Yes
#DataSequenceInOrder Yes
#ErrorRecoveryLevel 0
#IFMarker No
#OFMarker No
#DefaultTime2Wait 2
#DefaultTime2Retain 20
#OFMarkInt Reject
#IFMarkInt Reject
#MaxConnections 1
# Allowed incoming users
# incominguser user1 secretpass12
# incominguser user2 secretpass23
# Outgoing user
# outgoinguser userA secretpassA
#</target>
# The device will have lun 1 unless you specify something else
#<target iqn.2008-09.com.example:server.target6>
# backing-store /dev/LVM/somedevice
# lun 10
#</target>
# Devices which are in use (by system: mounted, for swap, part of RAID, or by
# userspace: dd, by tgtd for another target etc.) can't be used, unless you use
# --force flag or add 'allow-in-use yes' option
#<target iqn.2008-09.com.example:server.target7>
# backing-store /dev/LVM/somedevice
# allow-in-use yes
#</target>
#<target iqn.2008-09.com.example:server.target8>
# <backing-store /dev/LVM/somedevice>
# scsi_sn serial1
# </backing-store>
# <backing-store /dev/LVM/somedevice2>
# scsi_sn serial2
# </backing-store>
# allow-in-use yes
#</target>
# Not supported configurations, and therefore, commented out:
#<target iqn.2008-09.com.example:server.target9>
# backing-store /dev/LVM/somedevice1
# backing-store /dev/LVM/somedevice2
# lun 10
# lun 11
#</target>
#<target iqn.2008-09.com.example:server.target10>
# <direct-store /dev/sdd>
# vendor_id VENDOR1
# </direct-store>
#
# direct-store /dev/sdc
#</target>
# This one will break the parser:
#<target iqn.2008-09.com.example:server.target11>
# <direct-store /dev/sdd>
# vendor_id VENDOR1
# </direct-store>
#
# direct-store /dev/sdc
#
# <direct-store /dev/sdd>
# vendor_id VENDOR1
# </direct-store>
#</target>
tgt-snprintf-fix.patch:
isns.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE tgt-snprintf-fix.patch ---
--- tgt-1.0.1/usr/iscsi/isns.c.org 2010-03-22 17:18:59.788314323 -0600
+++ tgt-1.0.1/usr/iscsi/isns.c 2010-03-22 17:19:30.833004428 -0600
@@ -316,7 +316,7 @@ static int isns_attr_query(char *name)
tlv = (struct isns_tlv *) hdr->pdu;
if (name)
- snprintf(mgmt->name, sizeof(mgmt->name), name);
+ snprintf(mgmt->name, sizeof(mgmt->name), "%s", name);
else {
mgmt->name[0] = '\0';
target = list_first_entry(&iscsi_targets_list,
@@ -690,7 +690,7 @@ found:
ini = malloc(sizeof(*ini));
if (!ini)
goto free_qry_mgmt;
- snprintf(ini->name, sizeof(ini->name), name);
+ snprintf(ini->name, sizeof(ini->name), "%s", name);
list_add(&ini->ilist, &target->isns_list);
} else
name = NULL;
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/scsi-target-utils/F-11/.cvsignore,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -p -r1.6 -r1.7
--- .cvsignore 17 Mar 2009 08:23:28 -0000 1.6
+++ .cvsignore 9 Apr 2010 04:21:43 -0000 1.7
@@ -1 +1,2 @@
tgt-0.9.5.tar.bz2
+tgt-1.0.1.tar.gz
Index: scsi-target-utils.spec
===================================================================
RCS file: /cvs/pkgs/rpms/scsi-target-utils/F-11/scsi-target-utils.spec,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- scsi-target-utils.spec 17 Mar 2009 08:23:28 -0000 1.11
+++ scsi-target-utils.spec 9 Apr 2010 04:21:44 -0000 1.12
@@ -1,15 +1,18 @@
Name: scsi-target-utils
-Version: 0.9.5
-Release: 1%{?dist}
+Version: 1.0.1
+Release: 0%{?dist}
Summary: The SCSI target daemon and utility programs
Group: System Environment/Daemons
License: GPLv2
-URL: http://stgt.berlios.de
-Source0: http://stgt.berlios.de/releases/tgt-%{version}.tar.bz2
+URL: http://stgt.sourceforge.net/
+Source0: http://stgt.sourceforge.net/releases/tgt-%{version}.tar.gz
Source1: tgtd.init
+Source2: sysconfig.tgtd
+Source3: targets.conf
Patch0: tgt-20080805-shebang.patch
-Patch1: tgt-0.9.5-makefile.patch
+Patch1: tgt-snprintf-fix.patch
+
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openssl-devel pkgconfig
@@ -39,14 +42,21 @@ pushd usr
%{__install} -d %{buildroot}%{_sbindir}
%{__install} -d %{buildroot}%{_mandir}/man8
%{__install} -d %{buildroot}%{_initrddir}
+%{__install} -d %{buildroot}%{_sysconfdir}/tgt
+%{__install} -d %{buildroot}%{_sysconfdir}/sysconfig
+%{__install} -p -m 0755 scripts/tgt-setup-lun %{buildroot}%{_sbindir}
%{__install} -p -m 0755 %{SOURCE1} %{buildroot}%{_initrddir}/tgtd
%{__install} -p -m 0755 scripts/tgt-admin %{buildroot}/%{_sbindir}/tgt-admin
%{__install} -p -m 0644 doc/manpages/tgtadm.8 %{buildroot}/%{_mandir}/man8
%{__install} -p -m 0644 doc/manpages/tgt-admin.8 %{buildroot}/%{_mandir}/man8
+%{__install} -p -m 0644 doc/manpages/tgt-setup-lun.8 %{buildroot}/%{_mandir}/man8
+%{__install} -p -m 0600 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/tgtd
+%{__install} -p -m 0600 %{SOURCE3} %{buildroot}%{_sysconfdir}/tgt
pushd usr
-%{__make} install DESTDIR=%{buildroot}
+%{__make} install DESTDIR=%{buildroot} sbindir=%{_sbindir}
+
# we ship these by doc macro
%{__rm} -rf %{buildroot}/usr/share/doc/tgt
@@ -70,8 +80,7 @@ fi
%files
%defattr(-, root, root, -)
-%doc README doc/README.* doc/targets.conf.example doc/tmf.txt doc/TODO
-%doc scripts/tgt-core-test
+%doc README doc/README.iscsi doc/README.iser doc/README.lu_configuration doc/README.mmc doc/README.ssc
%{_sbindir}/tgtd
%{_sbindir}/tgtadm
%{_sbindir}/tgt-setup-lun
@@ -79,8 +88,15 @@ fi
%{_sbindir}/tgtimg
%{_mandir}/man8/*
%{_initrddir}/tgtd
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/tgtd
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/tgt/targets.conf
+
%changelog
+* Thu Apr 8 2010 Mike Christie <mchristi at redhat.com> - 1.0.1
+- Fix format string vulnerability (CVE-2010-0743)
+- Sync to upstream tgt-1.0.1
+
* Mon Mar 16 2009 Terje Rosten <terje.rosten at ntnu.no> - 0.9.5-1
- 0.9.5
- remove patch now upstream
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/scsi-target-utils/F-11/sources,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -p -r1.6 -r1.7
--- sources 17 Mar 2009 08:23:28 -0000 1.6
+++ sources 9 Apr 2010 04:21:44 -0000 1.7
@@ -1 +1 @@
-43d95cb4163de21459ffee300764d11a tgt-0.9.5.tar.bz2
+46f5bf01f9002b32a57e5def3f5e4543 tgt-1.0.1.tar.gz
Index: tgtd.init
===================================================================
RCS file: /cvs/pkgs/rpms/scsi-target-utils/F-11/tgtd.init,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- tgtd.init 11 Oct 2007 17:41:40 -0000 1.1
+++ tgtd.init 9 Apr 2010 04:21:45 -0000 1.2
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# chkconfig: - 39 35
+# chkconfig: - 11 89
#
### BEGIN INIT INFO
# Provides: tgtd
@@ -17,73 +17,200 @@
. /etc/init.d/functions
PATH=/sbin:/bin:/usr/sbin:/usr/bin
+TGTD_CONFIG=/etc/tgt/targets.conf
-RETVAL=0
+prog="SCSI target daemon"
+exec=tgtd
+lockfile=/var/lock/subsys/$exec
+
+# Check for and source configuration file otherwise use defaults above
+[ -f /etc/sysconfig/$exec ] && . /etc/sysconfig/$exec
start()
{
- echo -n $"Starting SCSI target daemon: "
- if [ -f /var/lock/subsys/tgtd ]; then
+ [ -x /usr/sbin/$exec ] || exit 5
+ echo -n $"Starting $prog: "
+ # Note /dev/null redirection to silence rdma not found messages
+ daemon $exec >/dev/null 2>&1
+ retval=$?
+ if [ $retval -ne 0 ] ; then
+ failure
echo
- success
- return
+ return $retval
fi
- daemon tgtd
+ success
echo
- RETVAL=$?
- if [ $RETVAL -eq "0" ]; then
- touch /var/lock/subsys/tgtd
- fi
+ touch $lockfile
+
+ # Put tgtd into "offline" state until all the targets are configured.
+ # We don't want initiators to (re)connect and fail the connection
+ # if it's not ready.
+ tgtadm --op update --mode sys --name State -v offline
+ # Configure the targets.
+ tgt-admin -e -c $TGTD_CONFIG
+ # Put tgtd into "ready" state.
+ tgtadm --op update --mode sys --name State -v ready
+
+ return 0
}
stop()
{
- echo -n $"Stopping SCSI target daemon: "
+ if [ "$RUNLEVEL" == 0 -o "$RUNLEVEL" == 6 ] ; then
+ force_stop
+ return $?
+ fi
+
+ echo -n $"Stopping $prog: "
+ # Remove all targets. It only removes targets which are not in use.
+ tgt-admin --update ALL -c /dev/null >/dev/null 2>&1
+ # tgtd will exit if all targets were removed
+ tgtadm --op delete --mode system >/dev/null 2>&1
+ retval=$?
+ if [ "$retval" -eq 107 ] ; then
+ echo -n $"not running"
+ failure
+ echo
+ return 7
+ elif [ "$retval" -ne 0 ] ; then
+ echo -n $"initiators still connected"
+ failure
+ echo
+ return 1
+ fi
+
+ success
+ echo
+ rm -f $lockfile
+ return 0
+}
- if [ ! -f /var/lock/subsys/tgtd ]; then
+force_stop()
+{
+ # NOTE: Forced shutdown of the iscsi target may cause data corruption
+ # for initiators that are connected.
+ echo -n $"Force-stopping $prog: "
+ # Offline everything first. May be needed if we're rebooting, but
+ # expect the initiators to reconnect cleanly when we boot again
+ # (i.e. we don't want them to reconnect to a tgtd which is still
+ # working, but the target is gone).
+ tgtadm --op update --mode sys --name State -v offline >/dev/null 2>&1
+ retval=$?
+ if [ "$retval" -eq 107 ] ; then
+ echo -n $"not running"
+ failure
echo
- success
- return
+ return 7
+ else
+ tgt-admin --offline ALL
+ # Remove all targets, even if they are still in use.
+ tgt-admin --update ALL -c /dev/null -f
+ # It will shut down tgtd only after all targets were removed.
+ tgtadm --op delete --mode system
+ retval=$?
+ if [ "$retval" -ne 0 ] ; then
+ failure
+ echo
+ return 1
+ fi
fi
- if tgtadm --op show -m target | grep "Target" >/dev/null ; then
- echo $"Targets still in use. Cannot shutdown service."
- RETVAL=1
- return
+ success
+ echo
+ rm -f $lockfile
+ return 0
+}
+
+reload() {
+ echo -n $"Updating $prog configuration: "
+ # Update configuration for targets. Only targets which
+ # are not in use will be updated.
+ tgt-admin --update ALL -c $TGTD_CONFIG >/dev/null 2>&1
+ retval=$?
+ if [ "$retval" -eq 107 ] ; then
+ echo -n $"not running"
+ failure
+ echo
+ return 7
+ elif [ "$retval" -ne 0 ] ; then
+ failure
+ echo
+ return 1
fi
- killproc tgtd
+ success
echo
- RETVAL=$?
- [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/tgtd
+ return 0
}
-restart()
-{
- stop
- start
+force_reload() {
+ echo -n $"Force-updating $prog configuration: "
+ # Update configuration for targets, even those in use.
+ tgt-admin --update ALL -f -c $TGTD_CONFIG >/dev/null 2>&1
+ retval=$?
+ if [ "$retval" -eq 107 ] ; then
+ echo -n $"not running"
+ failure
+ echo
+ return 7
+ elif [ "$retval" -ne 0 ] ; then
+ failure
+ echo
+ return 1
+ fi
+
+ success
+ echo
+ return 0
+}
+
+rh_status() {
+ # run checks to determine if the service is running or use generic status
+ status $exec
+}
+
+rh_status_q() {
+ rh_status >/dev/null 2>&1
}
+
case "$1" in
start)
- start
+ rh_status_q && exit 0
+ $1
;;
stop)
- stop
+ rh_status_q || exit 0
+ $1
+ ;;
+ force-stop)
+ force_stop
;;
restart)
- restart
+ stop
+ start
+ ;;
+ force-restart)
+ force_stop
+ start
+ ;;
+ reload)
+ rh_status_q || exit 7
+ $1
+ ;;
+ force-reload)
+ force_reload
;;
status)
- status tgtd
- RETVAL=$?
+ rh_status
;;
- condrestart)
- [ -f /var/lock/subsys/tgtd ] && restart
+ condrestart|try-restart)
+ rh_status_q || exit 0
+ restart
;;
*)
- echo $"Usage: $0 {start|stop|restart|status|condrestart}"
- exit 1
+ echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-stop|force-restart|force-reload}"
+ exit 2
esac
-exit $RETVAL
+exit $?
- Previous message: rpms/scsi-target-utils/F-12 sysconfig.tgtd, NONE, 1.1 targets.conf, NONE, 1.1 tgt-snprintf-fix.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 scsi-target-utils.spec, 1.13, 1.14 sources, 1.6, 1.7 tgtd.init, 1.1, 1.2
- Next message: rpms/mesa/F-13 .cvsignore, 1.51, 1.52 mesa.spec, 1.288, 1.289 sources, 1.54, 1.55
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list