[BackupPC] - add patch that causes getpwnam to return only uid to fix selinux denials (bz #827854)
Bernard Johnson
bjohnson at fedoraproject.org
Sat Feb 22 23:44:27 UTC 2014
commit 03b31624d0e2a148b25596e9ad58bd37ae5babc2
Author: Bernard Johnson <bjohnson at symetrix.com>
Date: Fri Feb 21 22:54:13 2014 -0700
- add patch that causes getpwnam to return only uid to fix selinux denials
(bz #827854)
BackupPC-3.3.0-fix-shadow-access.patch | 24 ++++++++++++++++++++++++
BackupPC.spec | 4 ++++
2 files changed, 28 insertions(+), 0 deletions(-)
---
diff --git a/BackupPC-3.3.0-fix-shadow-access.patch b/BackupPC-3.3.0-fix-shadow-access.patch
new file mode 100644
index 0000000..5dc2755
--- /dev/null
+++ b/BackupPC-3.3.0-fix-shadow-access.patch
@@ -0,0 +1,24 @@
+diff -Naur BackupPC-3.3.0-pristine/lib/BackupPC/CGI/Lib.pm BackupPC-3.3.0/lib/BackupPC/CGI/Lib.pm
+--- BackupPC-3.3.0-pristine/lib/BackupPC/CGI/Lib.pm 2013-04-14 14:43:32.000000000 -0600
++++ BackupPC-3.3.0/lib/BackupPC/CGI/Lib.pm 2014-02-21 22:42:25.844412429 -0700
+@@ -144,7 +144,7 @@
+ # Verify we are running as the correct user
+ #
+ if ( $Conf{BackupPCUserVerify}
+- && $> != (my $uid = (getpwnam($Conf{BackupPCUser}))[2]) ) {
++ && $> != (my $uid = (getpwnam($Conf{BackupPCUser}))) ) {
+ ErrorExit(eval("qq{$Lang->{Wrong_user__my_userid_is___}}"), <<EOF);
+ This script needs to run as the user specified in \$Conf{BackupPCUser},
+ which is set to $Conf{BackupPCUser}.
+diff -Naur BackupPC-3.3.0-pristine/lib/BackupPC/Lib.pm BackupPC-3.3.0/lib/BackupPC/Lib.pm
+--- BackupPC-3.3.0-pristine/lib/BackupPC/Lib.pm 2013-04-14 14:43:32.000000000 -0600
++++ BackupPC-3.3.0/lib/BackupPC/Lib.pm 2014-02-21 22:39:24.037478780 -0700
+@@ -160,7 +160,7 @@
+ #
+ if ( !$noUserCheck
+ && $bpc->{Conf}{BackupPCUserVerify}
+- && $> != (my $uid = (getpwnam($bpc->{Conf}{BackupPCUser}))[2]) ) {
++ && $> != (my $uid = (getpwnam($bpc->{Conf}{BackupPCUser}))) ) {
+ print(STDERR "$0: Wrong user: my userid is $>, instead of $uid"
+ . " ($bpc->{Conf}{BackupPCUser})\n");
+ print(STDERR "Please su $bpc->{Conf}{BackupPCUser} first\n");
diff --git a/BackupPC.spec b/BackupPC.spec
index 70fe22c..816a7d0 100644
--- a/BackupPC.spec
+++ b/BackupPC.spec
@@ -25,6 +25,7 @@ Source0: http://downloads.sourceforge.net/backuppc/%{name}-%{version}.tar
Patch0: BackupPC-3.2.1-locatedb.patch
Patch1: BackupPC-3.2.1-rundir.patch
Patch2: BackupPC-3.2.1-piddir.patch
+Patch3: BackupPC-3.3.0-fix-shadow-access.patch
Source1: BackupPC.htaccess
Source2: BackupPC.logrotate
Source3: BackupPC-README.fedora
@@ -90,6 +91,7 @@ configurable and easy to install and maintain.
%patch0 -p1 -b .locatedb
%patch1 -p1 -b .rundir
%patch2 -p1 -b .piddir
+%patch3 -p1 -b .shadow-access
sed -i "s|\"backuppc\"|\"$LOGNAME\"|g" configure.pl
for f in ChangeLog doc/BackupPC.pod doc/BackupPC.html; do
@@ -369,6 +371,8 @@ fi
* Fri Feb 21 2014 Bernard Johnson <bjohnson at symetrix.com> 3.3.0-2
- fix typo in README.RHEL
- enable PIE build (bz #965523)
+- add patch that causes getpwnam to return only uid to fix selinux denials
+ (bz #827854)
* Fri Feb 21 2014 Johan Cwiklinski <johan AT x-tnd DOT be> 3.3.0-1
- Last upstream release
More information about the scm-commits
mailing list