rpms/ejabberd/F-11 ejabberd.init, 1.10, 1.11 ejabberd.spec, 1.47, 1.48 import.log, 1.20, 1.21
Peter Lemenkov
peter at fedoraproject.org
Thu Mar 18 11:09:29 UTC 2010
Author: peter
Update of /cvs/pkgs/rpms/ejabberd/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv11480/F-11
Modified Files:
ejabberd.init ejabberd.spec import.log
Log Message:
Fixed rhbz #564686 and some security-related issues (NOT critical)
Index: ejabberd.init
===================================================================
RCS file: /cvs/pkgs/rpms/ejabberd/F-11/ejabberd.init,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -p -r1.10 -r1.11
--- ejabberd.init 18 Mar 2010 10:32:10 -0000 1.10
+++ ejabberd.init 18 Mar 2010 11:09:29 -0000 1.11
@@ -27,6 +27,9 @@ if [ ! "$CONFIG_FILE" ]; then
CONFIG_FILE=/etc/ejabberd/ejabberd.cfg
fi
+# we're using symlinked consolehelper to check user's rights
+progctl=/usr/bin/ejabberdctl
+
start() {
echo -n $"Starting ejabberd: "
if [ "$ULIMIT_MAX_FILES" ]; then
@@ -34,12 +37,12 @@ start() {
fi
# check whether ejabberd was already started
- if /usr/sbin/ejabberdctl status > /dev/null 2>&1 ; then
+ if $progctl status > /dev/null 2>&1 ; then
echo -n "already running" && warning && echo
return 0
fi
- daemon /usr/sbin/ejabberdctl start
+ daemon $progctl start
--config $CONFIG_FILE \
--ctl-config /etc/ejabberd/ejabberdctl.cfg \
--logs "/var/log/ejabberd" \
@@ -60,12 +63,12 @@ stop() {
echo -n "Shutting down ejabberd: "
# check whether ejabberd was already stopped
- if ! /usr/sbin/ejabberdctl status > /dev/null 2>&1 ; then
+ if ! $progctl status > /dev/null 2>&1 ; then
echo -n "already stopped" && warning && echo
return 0
fi
- daemon /usr/sbin/ejabberdctl stop 2>/dev/null
+ daemon $progctl stop 2>/dev/null
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/ejabberd
echo
@@ -82,6 +85,9 @@ restart() {
start
}
+# In order to prevent issues with "File operation error: eacces."
+cd /
+
# See how we were called.
case "$1" in
start)
@@ -97,7 +103,7 @@ case "$1" in
[ -f /var/lock/subsys/ejabberd ] && restart || :
;;
status)
- /usr/sbin/ejabberdctl status
+ $progctl status
;;
*)
echo "Usage: ejabberd {start|stop|restart|force-reload|condrestart|try-restart|status}"
Index: ejabberd.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ejabberd/F-11/ejabberd.spec,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -p -r1.47 -r1.48
--- ejabberd.spec 18 Mar 2010 10:32:10 -0000 1.47
+++ ejabberd.spec 18 Mar 2010 11:09:29 -0000 1.48
@@ -12,7 +12,7 @@
Name: ejabberd
Version: 2.1.3
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: A distributed, fault-tolerant Jabber/XMPP server
Group: Applications/Internet
@@ -186,6 +186,8 @@ install -p -m 0644 src/odbc/pg.sql %{bui
# removed files, which would be packaged later (see 'files' section)
rm -rf %{buildroot}%{_docdir}/%{name}
+# Clean up false security measure
+chmod 755 %{buildroot}%{_sbindir}/ejabberdctl
%pre
%{__fe_groupadd} %{uid} -r %{name} &>/dev/null || :
@@ -369,6 +371,12 @@ rm -rf %{buildroot}
%doc doc/yozhikheader.png
%changelog
+* Thu Mar 18 2010 Peter Lemenkov <lemenkov at gmail.com> 2.1.3-3
+- Relax access rights of /usr/sbin/ejabberdctl (from 0550 to 0755)
+- Invoke symlinked consolehelper instead of /usr/sbin/ejabberdctl
+ in init-script
+- Fixed "File operation error: eacces" issue. See rhbz #564686.
+
* Thu Mar 18 2010 Peter Lemenkov <lemenkov at gmail.com> 2.1.3-2
- Init-script enhancements
Index: import.log
===================================================================
RCS file: /cvs/pkgs/rpms/ejabberd/F-11/import.log,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -p -r1.20 -r1.21
--- import.log 18 Mar 2010 10:32:10 -0000 1.20
+++ import.log 18 Mar 2010 11:09:29 -0000 1.21
@@ -18,3 +18,4 @@ ejabberd-2_1_2-1_fc12:F-11:ejabberd-2.1.
ejabberd-2_1_2-2_fc12:F-11:ejabberd-2.1.2-2.fc12.src.rpm:1264770903
ejabberd-2_1_3-1_fc12:F-11:ejabberd-2.1.3-1.fc12.src.rpm:1268409828
ejabberd-2_1_3-2_fc12:F-11:ejabberd-2.1.3-2.fc12.src.rpm:1268908304
+ejabberd-2_1_3-3_fc12:F-11:ejabberd-2.1.3-3.fc12.src.rpm:1268910520
More information about the scm-commits
mailing list