rpms/usermode/devel usermode-1.102-PAM_TTY.patch, NONE, 1.1 usermode-1.102-paranoia.patch, NONE, 1.1 usermode.spec, 1.93, 1.94
Miloslav Trmac
mitr at fedoraproject.org
Fri Feb 5 15:05:00 UTC 2010
Author: mitr
Update of /cvs/pkgs/rpms/usermode/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv5574
Modified Files:
usermode.spec
Added Files:
usermode-1.102-PAM_TTY.patch usermode-1.102-paranoia.patch
Log Message:
* Fri Feb 5 2010 Miloslav Trmač <mitr at redhat.com> - 1.102-2
- Use %%{?_smp_mflags}
- Use the four-parameter version of %%defattr
- Be more paranoid about dropping privileges
- Set PAM_TTY
usermode-1.102-PAM_TTY.patch:
ChangeLog | 5 +++++
userhelper.c | 45 ++++++++++++++++++++++++++++-----------------
2 files changed, 33 insertions(+), 17 deletions(-)
--- NEW FILE usermode-1.102-PAM_TTY.patch ---
# HG changeset patch
# User Miloslav Trmač <mitr at redhat.com>
# Date 1265372688 -3600
# Node ID 9a7b1e69d0a8213092caf45beb52c07a8d334ea3
# Parent 8a897830e2d8745a72eb4236f02a981cfdc95528
Set PAM_TTY if known.
2010-02-05 Miloslav Trmač <mitr at redhat.com>
* userhelper.c (set_pam_items): New function.
(passwd, chfn, wrap): Use pam_set_items.
diff -r 8a897830e2d8 -r 9a7b1e69d0a8 ChangeLog
--- a/ChangeLog Thu Feb 04 23:00:17 2010 +0100
+++ b/ChangeLog Fri Feb 05 13:24:48 2010 +0100
@@ -1,3 +1,8 @@
+2010-02-05 Miloslav Trmač <mitr at redhat.com>
+
+ * userhelper.c (set_pam_items): New function.
+ (passwd, chfn, wrap): Use pam_set_items.
+
2010-02-04 Miloslav Trmač <mitr at redhat.com>
* userhelper.c (become_super): Check for failures of the system
diff -r 8a897830e2d8 -r 9a7b1e69d0a8 userhelper.c
--- a/userhelper.c Thu Feb 04 23:00:17 2010 +0100
+++ b/userhelper.c Fri Feb 05 13:24:48 2010 +0100
@@ -1102,6 +1102,31 @@
return NULL;
}
+/* Set various attributes of DATA, including the requesting user USER. */
+static void
+set_pam_items(struct app_data *data, const char *user)
+{
+ int retval;
+ char *tty;
+
+ retval = pam_set_item(data->pamh, PAM_RUSER, user);
+ if (retval != PAM_SUCCESS) {
+ debug_msg("userhelper: pam_set_item(PAM_RUSER) failed\n");
+ fail_exit(data, retval);
+ }
+
+ tty = ttyname(STDIN_FILENO);
+ if (tty != NULL) {
+ if (strncmp(tty, "/dev/", 5) == 0)
+ tty += 5;
+ retval = pam_set_item(data->pamh, PAM_TTY, tty);
+ if (retval != PAM_SUCCESS) {
+ debug_msg("userhelper: pam_set_item(PAM_TTY) failed\n");
+ fail_exit(data, retval);
+ }
+ }
+}
+
/* Change the user's password using the indicated conversation function and
* application data (which includes the ability to cancel if the user requests
* it. For this task, we don't retry on failure. */
@@ -1118,11 +1143,7 @@
fail_exit(conv->appdata_ptr, retval);
}
- retval = pam_set_item(data->pamh, PAM_RUSER, user);
- if (retval != PAM_SUCCESS) {
- debug_msg("userhelper: pam_set_item(PAM_RUSER) failed\n");
- fail_exit(conv->appdata_ptr, retval);
- }
+ set_pam_items(data, user);
debug_msg("userhelper: changing password for \"%s\"\n", user);
retval = pam_chauthtok(data->pamh, 0);
@@ -1195,12 +1216,7 @@
fail_exit(conv->appdata_ptr, retval);
}
- /* Set the requesting user. */
- retval = pam_set_item(data->pamh, PAM_RUSER, user);
- if (retval != PAM_SUCCESS) {
- debug_msg("userhelper: pam_set_item(PAM_RUSER) failed\n");
- fail_exit(conv->appdata_ptr, retval);
- }
+ set_pam_items(data, user);
/* Try to authenticate the user. */
do {
@@ -1742,12 +1758,7 @@
fail_exit(conv->appdata_ptr, retval);
}
- /* Set the requesting user. */
- retval = pam_set_item(data->pamh, PAM_RUSER, user);
- if (retval != PAM_SUCCESS) {
- debug_msg("userhelper: pam_set_item(PAM_RUSER) failed\n");
- fail_exit(conv->appdata_ptr, retval);
- }
+ set_pam_items(data, user);
/* Try to authenticate the user. */
do {
usermode-1.102-paranoia.patch:
ChangeLog | 8 ++++++++
userhelper.c | 38 +++++++++++++++++++++++++-------------
2 files changed, 33 insertions(+), 13 deletions(-)
--- NEW FILE usermode-1.102-paranoia.patch ---
# HG changeset patch
# User Miloslav Trmač <mitr at redhat.com>
# Date 1265320817 -3600
# Node ID 8a897830e2d8745a72eb4236f02a981cfdc95528
# Parent 0dcd3edc6d56d65d8f02b31a9c807b1c152232c5
Be more paranoid about manipulating user/group IDs.
2010-02-04 Miloslav Trmač <mitr at redhat.com>
* userhelper.c (become_super): Check for failures of the system
calls in addition to verifying the expected results.
(become_normal): Check for failures of the system
calls in addition to verifying the expected results. Call setregid()
as well. Verify the real gid/uid values.
diff -r 0dcd3edc6d56 -r 8a897830e2d8 ChangeLog
--- a/ChangeLog Sun Dec 06 17:02:50 2009 +0000
+++ b/ChangeLog Thu Feb 04 23:00:17 2010 +0100
@@ -1,3 +1,11 @@
+2010-02-04 Miloslav Trmač <mitr at redhat.com>
+
+ * userhelper.c (become_super): Check for failures of the system
+ calls in addition to verifying the expected results.
+ (become_normal): Check for failures of the system
+ calls in addition to verifying the expected results. Call setregid()
+ as well. Verify the real gid/uid values.
+
2009-10-05 Miloslav Trmač <mitr at redhat.com>
* configure.ac: Release 1.102.
diff -r 0dcd3edc6d56 -r 8a897830e2d8 userhelper.c
--- a/userhelper.c Sun Dec 06 17:02:50 2009 +0000
+++ b/userhelper.c Thu Feb 04 23:00:17 2010 +0100
@@ -985,17 +985,20 @@
static void
become_super(void)
{
- /* Become the superuser. */
- setgroups(0, NULL);
- setregid(0, 0);
- setreuid(0, 0);
- /* Yes, setuid() and friends can fail, even for superusers. */
+ /* Become the superuser.
+ Yes, setuid() and friends can fail, even for superusers. */
+ if (setgroups(0, NULL) != 0 ||
+ setregid(0, 0) != 0 ||
+ setreuid(0, 0) != 0) {
+ debug_msg("userhelper: set*id() failure: %s\n",
+ strerror(errno));
+ exit(ERR_EXEC_FAILED);
+ }
if ((geteuid() != 0) ||
(getuid() != 0) ||
(getegid() != 0) ||
(getgid() != 0)) {
- debug_msg("userhelper: set*id() failure: %s\n",
- strerror(errno));
+ debug_msg("userhelper: set*id() didn't work\n");
exit(ERR_EXEC_FAILED);
}
}
@@ -1003,17 +1006,26 @@
static void
become_normal(const char *user)
{
- /* Join the groups of the user who invoked us. */
- initgroups(user, getgid());
+ gid_t gid;
+ uid_t uid;
+
+ gid = getgid();
+ uid = getuid();
+ /* Become the user who invoked us. */
+ if (initgroups(user, gid) != 0 ||
+ setregid(gid, gid) != 0 ||
+ setreuid(uid, uid) != 0) {
+ debug_msg("userhelper: set*id() failure: %s\n",
+ strerror(errno));
+ exit(ERR_EXEC_FAILED);
+ }
/* Verify that we're back to normal. */
- if (getegid() != getgid()) {
+ if (getegid() != gid || getgid() != gid) {
debug_msg("userhelper: still setgid()\n");
exit(ERR_EXEC_FAILED);
}
- /* Become the user who invoked us. */
- setreuid(getuid(), getuid());
/* Yes, setuid() can fail. */
- if (geteuid() != getuid()) {
+ if (geteuid() != uid || getuid() != uid) {
debug_msg("userhelper: still setuid()\n");
exit(ERR_EXEC_FAILED);
}
Index: usermode.spec
===================================================================
RCS file: /cvs/pkgs/rpms/usermode/devel/usermode.spec,v
retrieving revision 1.93
retrieving revision 1.94
diff -u -p -r1.93 -r1.94
--- usermode.spec 5 Oct 2009 18:52:42 -0000 1.93
+++ usermode.spec 5 Feb 2010 15:05:00 -0000 1.94
@@ -1,11 +1,15 @@
Summary: Tools for certain user account management tasks
Name: usermode
Version: 1.102
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: Applications/System
URL: https://fedorahosted.org/usermode/
Source: https://fedorahosted.org/releases/u/s/usermode/usermode-%{version}.tar.bz2
+# Committed upstream
+Patch0: usermode-1.102-paranoia.patch
+# Committed upstream
+Patch1: usermode-1.102-PAM_TTY.patch
Requires: pam, passwd, util-linux
BuildRequires: desktop-file-utils, gettext, glib2-devel, gtk2-devel, intltool
BuildRequires: libblkid-devel, libSM-devel, libselinux-devel, libuser-devel
@@ -35,11 +39,13 @@ graphical tools for certain account mana
%prep
%setup -q
+%patch0 -p1 -b .paranoia
+%patch1 -p1 -b .PAM_TTY
%build
%configure --with-selinux
-make
+make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
@@ -74,7 +80,7 @@ done
rm -rf $RPM_BUILD_ROOT
%files -f %{name}.lang
-%defattr(-,root,root)
+%defattr(-,root,root,-)
%doc COPYING ChangeLog NEWS README
%attr(4711,root,root) /usr/sbin/userhelper
%{_bindir}/consolehelper
@@ -94,7 +100,7 @@ rm -rf $RPM_BUILD_ROOT
%config(noreplace) /etc/security/console.apps/poweroff
%files gtk
-%defattr(-,root,root)
+%defattr(-,root,root,-)
%{_bindir}/usermount
%{_mandir}/man1/usermount.1*
%{_bindir}/userformat
@@ -112,6 +118,12 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/applications/*
%changelog
+* Fri Feb 5 2010 Miloslav Trmač <mitr at redhat.com> - 1.102-2
+- Use %%{?_smp_mflags}
+- Use the four-parameter version of %%defattr
+- Be more paranoid about dropping privileges
+- Set PAM_TTY
+
* Mon Oct 5 2009 Miloslav Trmač <mitr at redhat.com> - 1.102-1
- Update to usermode-1.102
More information about the scm-commits
mailing list