[BackupPC] - add patch that causes getpwnam to return only uid to fix selinux denials (bz #827854)

Sat Feb 22 23:44:27 UTC 2014

commit 03b31624d0e2a148b25596e9ad58bd37ae5babc2
Author: Bernard Johnson <bjohnson at symetrix.com>
Date:   Fri Feb 21 22:54:13 2014 -0700

    - add patch that causes getpwnam to return only uid to fix selinux denials
      (bz #827854)

 BackupPC-3.3.0-fix-shadow-access.patch |   24 ++++++++++++++++++++++++
 BackupPC.spec                          |    4 ++++
 2 files changed, 28 insertions(+), 0 deletions(-)
---

diff --git a/BackupPC-3.3.0-fix-shadow-access.patch b/BackupPC-3.3.0-fix-shadow-access.patch
new file mode 100644
index 0000000..5dc2755
--- /dev/null
+++ b/BackupPC-3.3.0-fix-shadow-access.patch
@@ -0,0 +1,24 @@
+diff -Naur BackupPC-3.3.0-pristine/lib/BackupPC/CGI/Lib.pm BackupPC-3.3.0/lib/BackupPC/CGI/Lib.pm
+--- BackupPC-3.3.0-pristine/lib/BackupPC/CGI/Lib.pm	2013-04-14 14:43:32.000000000 -0600
++++ BackupPC-3.3.0/lib/BackupPC/CGI/Lib.pm	2014-02-21 22:42:25.844412429 -0700
+@@ -144,7 +144,7 @@
+     # Verify we are running as the correct user
+     #
+     if ( $Conf{BackupPCUserVerify}
+-	    && $> != (my $uid = (getpwnam($Conf{BackupPCUser}))[2]) ) {
++	    && $> != (my $uid = (getpwnam($Conf{BackupPCUser}))) ) {
+ 	ErrorExit(eval("qq{$Lang->{Wrong_user__my_userid_is___}}"), <<EOF);
+ This script needs to run as the user specified in \$Conf{BackupPCUser},
+ which is set to $Conf{BackupPCUser}.
+diff -Naur BackupPC-3.3.0-pristine/lib/BackupPC/Lib.pm BackupPC-3.3.0/lib/BackupPC/Lib.pm
+--- BackupPC-3.3.0-pristine/lib/BackupPC/Lib.pm	2013-04-14 14:43:32.000000000 -0600
++++ BackupPC-3.3.0/lib/BackupPC/Lib.pm	2014-02-21 22:39:24.037478780 -0700
+@@ -160,7 +160,7 @@
+     #
+     if ( !$noUserCheck
+ 	    && $bpc->{Conf}{BackupPCUserVerify}
+-	    && $> != (my $uid = (getpwnam($bpc->{Conf}{BackupPCUser}))[2]) ) {
++	    && $> != (my $uid = (getpwnam($bpc->{Conf}{BackupPCUser}))) ) {
+ 	print(STDERR "$0: Wrong user: my userid is $>, instead of $uid"
+ 	    . " ($bpc->{Conf}{BackupPCUser})\n");
+ 	print(STDERR "Please su $bpc->{Conf}{BackupPCUser} first\n");
diff --git a/BackupPC.spec b/BackupPC.spec
index 70fe22c..816a7d0 100644
--- a/BackupPC.spec
+++ b/BackupPC.spec
@@ -25,6 +25,7 @@ Source0:        http://downloads.sourceforge.net/backuppc/%{name}-%{version}.tar
 Patch0:         BackupPC-3.2.1-locatedb.patch
 Patch1:         BackupPC-3.2.1-rundir.patch
 Patch2:         BackupPC-3.2.1-piddir.patch
+Patch3:         BackupPC-3.3.0-fix-shadow-access.patch
 Source1:        BackupPC.htaccess
 Source2:        BackupPC.logrotate
 Source3:        BackupPC-README.fedora
@@ -90,6 +91,7 @@ configurable and easy to install and maintain.
 %patch0 -p1 -b .locatedb
 %patch1 -p1 -b .rundir
 %patch2 -p1 -b .piddir
+%patch3 -p1 -b .shadow-access
 
 sed -i "s|\"backuppc\"|\"$LOGNAME\"|g" configure.pl
 for f in ChangeLog doc/BackupPC.pod doc/BackupPC.html; do
@@ -369,6 +371,8 @@ fi
 * Fri Feb 21 2014 Bernard Johnson <bjohnson at symetrix.com> 3.3.0-2
 - fix typo in README.RHEL
 - enable PIE build (bz #965523)
+- add patch that causes getpwnam to return only uid to fix selinux denials
+  (bz #827854)
 
 * Fri Feb 21 2014 Johan Cwiklinski <johan AT x-tnd DOT be> 3.3.0-1
 - Last upstream release
