diff --git a/coreutils-5.2.1-runuser.patch b/coreutils-5.2.1-runuser.patch index 3356638..ae050d3 100644 --- a/coreutils-5.2.1-runuser.patch +++ b/coreutils-5.2.1-runuser.patch @@ -1,5 +1,93 @@ ---- coreutils-5.92/src/su.c.runuser 2005-10-27 09:13:53.000000000 +0100 -+++ coreutils-5.92/src/su.c 2005-10-27 09:17:11.000000000 +0100 +--- /dev/null 2005-10-10 09:36:06.437701000 +0100 ++++ coreutils-5.93/man/runuser.1 2005-11-14 10:54:44.000000000 +0000 +@@ -0,0 +1,59 @@ ++.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33. ++.TH RUNUSER "1" "September 2004" "runuser (coreutils) 5.2.1" "User Commands" ++.SH NAME ++runuser \- run a shell with substitute user and group IDs, similar to su, but will not prompt for password. ++.SH SYNOPSIS ++.B runuser ++[\fIOPTION\fR]... [\fI-\fR] [\fIUSER \fR[\fIARG\fR]...] ++.SH DESCRIPTION ++.\" Add any additional description here ++.PP ++Change the effective user id and group id to that of USER. ++.TP ++-, \fB\-l\fR, \fB\-\-login\fR ++make the shell a login shell ++.TP ++\fB\-c\fR, \fB\-\-commmand\fR=\fICOMMAND\fR ++pass a single COMMAND to the shell with \fB\-c\fR ++.TP ++\fB\-f\fR, \fB\-\-fast\fR ++pass \fB\-f\fR to the shell (for csh or tcsh) ++.TP ++\fB\-m\fR, \fB\-\-preserve\-environment\fR ++do not reset environment variables ++.TP ++\fB\-p\fR ++same as \fB\-m\fR ++.TP ++\fB\-s\fR, \fB\-\-shell\fR=\fISHELL\fR ++run SHELL if /etc/shells allows it ++.TP ++\fB\-\-help\fR ++display this help and exit ++.TP ++\fB\-\-version\fR ++output version information and exit ++.PP ++A mere - implies \fB\-l\fR. If USER not given, assume root. ++.SH AUTHOR ++Written by David MacKenzie, Dan Walsh. ++.SH "REPORTING BUGS" ++Report bugs to . ++.SH COPYRIGHT ++Copyright \(co 2004 Free Software Foundation, Inc. ++.br ++This is free software; see the source for copying conditions. There is NO ++warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ++.SH "SEE ALSO" ++Since this command is trimmed down version of su use you can use the su manual. ++The full documentation for ++.B su ++is maintained as a Texinfo manual. If the ++.B info ++and ++.B su ++programs are properly installed at your site, the command ++.IP ++.B info coreutils su ++.PP ++should give you access to the complete manual. +--- coreutils-5.93/man/Makefile.am.runuser 2005-10-13 15:12:51.000000000 +0100 ++++ coreutils-5.93/man/Makefile.am 2005-11-14 10:54:44.000000000 +0000 +@@ -7,7 +7,7 @@ + link.1 ln.1 logname.1 \ + ls.1 md5sum.1 mkdir.1 mkfifo.1 mknod.1 mv.1 nice.1 nl.1 nohup.1 od.1 \ + paste.1 pathchk.1 pinky.1 pr.1 printenv.1 printf.1 ptx.1 pwd.1 readlink.1 \ +- rm.1 rmdir.1 seq.1 sha1sum.1 shred.1 sleep.1 sort.1 split.1 stat.1 stty.1 \ ++ rm.1 rmdir.1 runuser.1 seq.1 sha1sum.1 shred.1 sleep.1 sort.1 split.1 stat.1 stty.1 \ + su.1 sum.1 sync.1 tac.1 tail.1 tee.1 test.1 touch.1 tr.1 true.1 tsort.1 \ + tty.1 uname.1 unexpand.1 uniq.1 unlink.1 uptime.1 users.1 vdir.1 wc.1 \ + who.1 whoami.1 yes.1 +@@ -81,6 +81,7 @@ + readlink.1: $(common_dep) $(srcdir)/readlink.x ../src/readlink.c + rm.1: $(common_dep) $(srcdir)/rm.x ../src/rm.c + rmdir.1: $(common_dep) $(srcdir)/rmdir.x ../src/rmdir.c ++runuser.1: $(common_dep) $(srcdir)/runuser.x ../src/runuser.c + seq.1: $(common_dep) $(srcdir)/seq.x ../src/seq.c + sha1sum.1: $(common_dep) $(srcdir)/sha1sum.x ../src/md5sum.c + shred.1: $(common_dep) $(srcdir)/shred.x ../src/shred.c +--- /dev/null 2005-10-10 09:36:06.437701000 +0100 ++++ coreutils-5.93/man/runuser.x 2005-11-14 10:54:45.000000000 +0000 +@@ -0,0 +1,4 @@ ++[NAME] ++runuser \- run a shell with substitute user and group IDs ++[DESCRIPTION] ++.\" Add any additional description here +--- coreutils-5.93/src/su.c.runuser 2005-11-14 10:54:44.000000000 +0000 ++++ coreutils-5.93/src/su.c 2005-11-14 10:54:44.000000000 +0000 @@ -134,7 +134,9 @@ /* The official name of this program (e.g., no `g' prefix). */ #define PROGRAM_NAME "su" @@ -21,7 +109,7 @@ char *getpass (); char *getusershell (); void endusershell (); -@@ -730,7 +736,7 @@ +@@ -746,7 +752,7 @@ : DEFAULT_SHELL); endpwent (); @@ -30,8 +118,8 @@ { #ifdef SYSLOG_FAILURE log_su (pw, false); ---- coreutils-5.92/src/Makefile.am.runuser 2005-10-27 09:13:53.000000000 +0100 -+++ coreutils-5.92/src/Makefile.am 2005-10-27 09:13:53.000000000 +0100 +--- coreutils-5.93/src/Makefile.am.runuser 2005-11-14 10:54:44.000000000 +0000 ++++ coreutils-5.93/src/Makefile.am 2005-11-14 10:54:44.000000000 +0000 @@ -17,7 +17,7 @@ ## along with this program; if not, write to the Free Software Foundation, ## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. @@ -59,8 +147,8 @@ installed_su = $(DESTDIR)$(bindir)/`echo su|sed '$(transform)'` --- /dev/null 2005-10-10 09:36:06.437701000 +0100 -+++ coreutils-5.92/src/runuser.c 2005-10-27 09:17:34.000000000 +0100 -@@ -0,0 +1,54 @@ ++++ coreutils-5.93/src/runuser.c 2005-11-14 10:55:29.000000000 +0000 +@@ -0,0 +1,57 @@ +#define CHECKPASSWD 0 +#define pam_start my_pam_start +#define pam_end my_pam_end @@ -83,6 +171,9 @@ + return PAM_SUCCESS; +} +int pam_open_session(pam_handle_t *pamh, int flags){ ++ if (getuid() != geteuid()) ++ /* safety net: deny operation if we are suid by accident */ ++ error(EXIT_FAIL, 1, "runuser may not be setuid"); + return PAM_SUCCESS; +} +int pam_close_session(pam_handle_t *pamh, int flags){ @@ -115,96 +206,8 @@ +int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) { + return PAM_SUCCESS; +} ---- /dev/null 2005-10-10 09:36:06.437701000 +0100 -+++ coreutils-5.92/man/runuser.1 2005-10-27 09:13:53.000000000 +0100 -@@ -0,0 +1,59 @@ -+.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33. -+.TH RUNUSER "1" "September 2004" "runuser (coreutils) 5.2.1" "User Commands" -+.SH NAME -+runuser \- run a shell with substitute user and group IDs, similar to su, but will not prompt for password. -+.SH SYNOPSIS -+.B runuser -+[\fIOPTION\fR]... [\fI-\fR] [\fIUSER \fR[\fIARG\fR]...] -+.SH DESCRIPTION -+.\" Add any additional description here -+.PP -+Change the effective user id and group id to that of USER. -+.TP -+-, \fB\-l\fR, \fB\-\-login\fR -+make the shell a login shell -+.TP -+\fB\-c\fR, \fB\-\-commmand\fR=\fICOMMAND\fR -+pass a single COMMAND to the shell with \fB\-c\fR -+.TP -+\fB\-f\fR, \fB\-\-fast\fR -+pass \fB\-f\fR to the shell (for csh or tcsh) -+.TP -+\fB\-m\fR, \fB\-\-preserve\-environment\fR -+do not reset environment variables -+.TP -+\fB\-p\fR -+same as \fB\-m\fR -+.TP -+\fB\-s\fR, \fB\-\-shell\fR=\fISHELL\fR -+run SHELL if /etc/shells allows it -+.TP -+\fB\-\-help\fR -+display this help and exit -+.TP -+\fB\-\-version\fR -+output version information and exit -+.PP -+A mere - implies \fB\-l\fR. If USER not given, assume root. -+.SH AUTHOR -+Written by David MacKenzie, Dan Walsh. -+.SH "REPORTING BUGS" -+Report bugs to . -+.SH COPYRIGHT -+Copyright \(co 2004 Free Software Foundation, Inc. -+.br -+This is free software; see the source for copying conditions. There is NO -+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -+.SH "SEE ALSO" -+Since this command is trimmed down version of su use you can use the su manual. -+The full documentation for -+.B su -+is maintained as a Texinfo manual. If the -+.B info -+and -+.B su -+programs are properly installed at your site, the command -+.IP -+.B info coreutils su -+.PP -+should give you access to the complete manual. ---- coreutils-5.92/man/Makefile.am.runuser 2005-10-13 15:12:26.000000000 +0100 -+++ coreutils-5.92/man/Makefile.am 2005-10-27 09:13:53.000000000 +0100 -@@ -7,7 +7,7 @@ - link.1 ln.1 logname.1 \ - ls.1 md5sum.1 mkdir.1 mkfifo.1 mknod.1 mv.1 nice.1 nl.1 nohup.1 od.1 \ - paste.1 pathchk.1 pinky.1 pr.1 printenv.1 printf.1 ptx.1 pwd.1 readlink.1 \ -- rm.1 rmdir.1 seq.1 sha1sum.1 shred.1 sleep.1 sort.1 split.1 stat.1 stty.1 \ -+ rm.1 rmdir.1 runuser.1 seq.1 sha1sum.1 shred.1 sleep.1 sort.1 split.1 stat.1 stty.1 \ - su.1 sum.1 sync.1 tac.1 tail.1 tee.1 test.1 touch.1 tr.1 true.1 tsort.1 \ - tty.1 uname.1 unexpand.1 uniq.1 unlink.1 uptime.1 users.1 vdir.1 wc.1 \ - who.1 whoami.1 yes.1 -@@ -81,6 +81,7 @@ - readlink.1: $(common_dep) $(srcdir)/readlink.x ../src/readlink.c - rm.1: $(common_dep) $(srcdir)/rm.x ../src/rm.c - rmdir.1: $(common_dep) $(srcdir)/rmdir.x ../src/rmdir.c -+runuser.1: $(common_dep) $(srcdir)/runuser.x ../src/runuser.c - seq.1: $(common_dep) $(srcdir)/seq.x ../src/seq.c - sha1sum.1: $(common_dep) $(srcdir)/sha1sum.x ../src/md5sum.c - shred.1: $(common_dep) $(srcdir)/shred.x ../src/shred.c ---- /dev/null 2005-10-10 09:36:06.437701000 +0100 -+++ coreutils-5.92/man/runuser.x 2005-10-27 09:13:53.000000000 +0100 -@@ -0,0 +1,4 @@ -+[NAME] -+runuser \- run a shell with substitute user and group IDs -+[DESCRIPTION] -+.\" Add any additional description here ---- coreutils-5.92/tests/help-version.runuser 2005-01-05 22:08:48.000000000 +0000 -+++ coreutils-5.92/tests/help-version 2005-10-27 09:13:53.000000000 +0100 +--- coreutils-5.93/tests/help-version.runuser 2005-01-05 22:08:48.000000000 +0000 ++++ coreutils-5.93/tests/help-version 2005-11-14 10:54:45.000000000 +0000 @@ -136,6 +136,7 @@ seq_args=10 sleep_args=0 @@ -213,8 +216,8 @@ test_args=foo # This is necessary in the unusual event that there is ---- coreutils-5.92/README.runuser 2005-09-28 19:34:03.000000000 +0100 -+++ coreutils-5.92/README 2005-10-27 09:13:53.000000000 +0100 +--- coreutils-5.93/README.runuser 2005-09-28 19:34:26.000000000 +0100 ++++ coreutils-5.93/README 2005-11-14 10:54:45.000000000 +0000 @@ -11,7 +11,7 @@ df dir dircolors dirname du echo env expand expr factor false fmt fold ginstall groups head hostid hostname id join kill link ln logname ls @@ -224,8 +227,8 @@ split stat stty su sum sync tac tail tee test touch tr true tsort tty uname unexpand uniq unlink uptime users vdir wc who whoami yes ---- coreutils-5.92/AUTHORS.runuser 2004-11-03 23:10:50.000000000 +0000 -+++ coreutils-5.92/AUTHORS 2005-10-27 09:13:53.000000000 +0100 +--- coreutils-5.93/AUTHORS.runuser 2004-11-03 23:10:50.000000000 +0000 ++++ coreutils-5.93/AUTHORS 2005-11-14 10:54:45.000000000 +0000 @@ -59,6 +59,7 @@ readlink: Dmitry V. Levin rm: Paul Rubin, David MacKenzie, Richard Stallman, Jim Meyering diff --git a/coreutils-setsid.patch b/coreutils-setsid.patch new file mode 100644 index 0000000..4de88d1 --- /dev/null +++ b/coreutils-setsid.patch @@ -0,0 +1,43 @@ +--- coreutils-5.93/src/su.c.setsid 2005-11-14 10:35:48.000000000 +0000 ++++ coreutils-5.93/src/su.c 2005-11-14 10:53:03.000000000 +0000 +@@ -497,6 +497,8 @@ + if (child == 0) { /* child shell */ + change_identity (pw); + pam_end(pamh, 0); ++ if (command) ++ setsid (); + #endif + + if (simulate_login) +@@ -551,13 +553,27 @@ + sigemptyset(&action.sa_mask); + action.sa_flags = 0; + sigemptyset(&ourset); +- if (sigaddset(&ourset, SIGTERM) +- || sigaddset(&ourset, SIGALRM) +- || sigaction(SIGTERM, &action, NULL) +- || sigprocmask(SIG_UNBLOCK, &ourset, NULL)) { ++ if (command) ++ { ++ if (sigaddset(&ourset, SIGINT) || sigaddset(&ourset, SIGQUIT)) ++ { ++ fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME); ++ caught = 1; ++ } ++ } ++ if (!caught && (sigaddset(&ourset, SIGTERM) ++ || sigaddset(&ourset, SIGALRM) ++ || sigaction(SIGTERM, &action, NULL) ++ || sigprocmask(SIG_UNBLOCK, &ourset, NULL))) { + fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME); + caught = 1; + } ++ if (!caught && command && (sigaction(SIGINT, &action, NULL) ++ || sigaction(SIGQUIT, &action, NULL))) ++ { ++ fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME); ++ caught = 1; ++ } + } + if (!caught) { + do { diff --git a/coreutils.spec b/coreutils.spec index 995cbf7..caaab83 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,7 +1,7 @@ Summary: The GNU core utilities: a set of tools commonly used in shell scripts Name: coreutils Version: 5.93 -Release: 1 +Release: 2 License: GPL Group: System Environment/Base Url: http://www.gnu.org/software/coreutils/ @@ -35,6 +35,7 @@ Patch715: coreutils-4.5.3-sysinfo.patch # (sb) lin18nux/lsb compliance Patch800: coreutils-i18n.patch +Patch900: coreutils-setsid.patch Patch907: coreutils-5.2.1-runuser.patch Patch908: coreutils-getgrouplist.patch Patch912: coreutils-overflow.patch @@ -85,6 +86,7 @@ the old GNU fileutils, sh-utils, and textutils packages. %patch800 -p1 -b .i18n # Coreutils +%patch900 -p1 -b .setsid %patch907 -p1 -b .runuser %patch908 -p1 -b .getgrouplist %patch912 -p1 -b .overflow @@ -254,6 +256,10 @@ fi /sbin/runuser %changelog +* Mon Nov 14 2005 Tim Waugh 5.93-2 +- Call setsid() in su under some circumstances (bug #173008). +- Prevent runuser operating when setuid (bug #173113). + * Tue Nov 8 2005 Tim Waugh 5.93-1 - 5.93. - No longer need alt-md5sum-binary, dircolors, mkdir, mkdir2 or tac patches.