update to 20140127gitf2753b
This commit is contained in:
parent
f8d5e9ad38
commit
48a3b2f5f6
1
.gitignore
vendored
1
.gitignore
vendored
@ -6,3 +6,4 @@
|
|||||||
/gpsd-3.8.tar.gz
|
/gpsd-3.8.tar.gz
|
||||||
/gpsd-3.9.tar.gz
|
/gpsd-3.9.tar.gz
|
||||||
/gpsd-3.10.tar.gz
|
/gpsd-3.10.tar.gz
|
||||||
|
/gpsd-20140127gitf2753b.tar.gz
|
||||||
|
@ -1,25 +0,0 @@
|
|||||||
commit 14ad8ddef480df52e090bfea65b4ae081c241506
|
|
||||||
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
||||||
Date: Fri Nov 22 18:19:42 2013 +0100
|
|
||||||
|
|
||||||
Set time stamp in chrony SOCK sample correctly.
|
|
||||||
|
|
||||||
The tv field should be the local time when was the sample received, not
|
|
||||||
the reference time. Otherwise the sample could be ignored as coming from
|
|
||||||
future.
|
|
||||||
|
|
||||||
Signed-off-by: Eric S. Raymond <esr@thyrsus.com>
|
|
||||||
|
|
||||||
diff --git a/ntpshm.c b/ntpshm.c
|
|
||||||
index 109e4ea..fe8e450 100644
|
|
||||||
--- a/ntpshm.c
|
|
||||||
+++ b/ntpshm.c
|
|
||||||
@@ -351,7 +351,7 @@ static void chrony_send(struct gps_device_t *session, struct timedrift_t *td)
|
|
||||||
sample.leap = session->context->leap_notify;
|
|
||||||
sample.magic = SOCK_MAGIC;
|
|
||||||
/*@-type@*//* splint is confused about struct timespec */
|
|
||||||
- TSTOTV(&sample.tv, &td->real);
|
|
||||||
+ TSTOTV(&sample.tv, &td->clock);
|
|
||||||
/*@-compdef@*/
|
|
||||||
sample.offset = timespec_diff_ns(td->real, td->clock) / 1e9;
|
|
||||||
/*@+compdef@*/
|
|
@ -1,30 +0,0 @@
|
|||||||
commit 0583730e98906f9c779f8705138adb2572d305c2
|
|
||||||
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
||||||
Date: Fri Nov 22 18:19:40 2013 +0100
|
|
||||||
|
|
||||||
Allow multiple options in LINKFLAGS.
|
|
||||||
|
|
||||||
Signed-off-by: Eric S. Raymond <esr@thyrsus.com>
|
|
||||||
|
|
||||||
diff --git a/SConstruct b/SConstruct
|
|
||||||
index b7627e7..4332fe4 100644
|
|
||||||
--- a/SConstruct
|
|
||||||
+++ b/SConstruct
|
|
||||||
@@ -239,7 +239,7 @@ env['PYTHON'] = sys.executable
|
|
||||||
env['STRIP'] = "strip"
|
|
||||||
env['PKG_CONFIG'] = "pkg-config"
|
|
||||||
env['CHRPATH'] = 'chrpath'
|
|
||||||
-for i in ["AR", "ARFLAGS", "CCFLAGS", "CFLAGS", "CC", "CXX", "CXXFLAGS", "STRIP", "PKG_CONFIG", "CHRPATH", "LD", "TAR"]:
|
|
||||||
+for i in ["AR", "ARFLAGS", "CCFLAGS", "CFLAGS", "CC", "CXX", "CXXFLAGS", "LINKFLAGS", "STRIP", "PKG_CONFIG", "CHRPATH", "LD", "TAR"]:
|
|
||||||
if os.environ.has_key(i):
|
|
||||||
j = i
|
|
||||||
if i == "LD":
|
|
||||||
@@ -248,7 +248,7 @@ for i in ["AR", "ARFLAGS", "CCFLAGS", "CFLAGS", "CC", "CXX", "CXXFLAGS", "STRIP"
|
|
||||||
env.Replace(**{j: Split(os.getenv(i))})
|
|
||||||
else:
|
|
||||||
env.Replace(**{j: os.getenv(i)})
|
|
||||||
-for flag in ["LDFLAGS", "LINKFLAGS", "SHLINKFLAGS", "CPPFLAGS"]:
|
|
||||||
+for flag in ["LDFLAGS", "SHLINKFLAGS", "CPPFLAGS"]:
|
|
||||||
if os.environ.has_key(flag):
|
|
||||||
env.MergeFlags({flag : [os.getenv(flag)]})
|
|
||||||
|
|
@ -1,99 +0,0 @@
|
|||||||
commit a128248dbcab3d15da72bdc77c53cbde8de0baa1
|
|
||||||
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
||||||
Date: Fri Nov 22 18:19:43 2013 +0100
|
|
||||||
|
|
||||||
Don't keep cap_sys_time capability.
|
|
||||||
|
|
||||||
It's not necessary to keep the capability since time_pps_setparams is
|
|
||||||
called before root privileges are dropped.
|
|
||||||
|
|
||||||
Signed-off-by: Eric S. Raymond <esr@thyrsus.com>
|
|
||||||
|
|
||||||
diff --git a/SConstruct b/SConstruct
|
|
||||||
index 4332fe4..c5120ae 100644
|
|
||||||
--- a/SConstruct
|
|
||||||
+++ b/SConstruct
|
|
||||||
@@ -455,7 +455,6 @@ if env.GetOption("clean") or env.GetOption("help"):
|
|
||||||
rtlibs = []
|
|
||||||
usblibs = []
|
|
||||||
bluezlibs = []
|
|
||||||
- caplibs = []
|
|
||||||
ncurseslibs = []
|
|
||||||
confdefs = []
|
|
||||||
manbuilder = False
|
|
||||||
@@ -558,14 +557,6 @@ else:
|
|
||||||
confdefs.append("/* #undef HAVE_LIBRT */\n")
|
|
||||||
rtlibs = []
|
|
||||||
|
|
||||||
- if config.CheckLib('libcap'):
|
|
||||||
- confdefs.append("#define HAVE_LIBCAP 1\n")
|
|
||||||
- # System library - no special flags
|
|
||||||
- caplibs = ["-lcap"]
|
|
||||||
- else:
|
|
||||||
- confdefs.append("/* #undef HAVE_LIBCAP */\n")
|
|
||||||
- caplibs = []
|
|
||||||
-
|
|
||||||
if env['dbus_export'] and config.CheckPKG('dbus-1'):
|
|
||||||
confdefs.append("#define HAVE_DBUS 1\n")
|
|
||||||
dbus_libs = pkg_config('dbus-1')
|
|
||||||
@@ -957,7 +948,7 @@ if qt_env:
|
|
||||||
# The libraries have dependencies on system libraries
|
|
||||||
|
|
||||||
gpslibs = ["-lgps", "-lm"]
|
|
||||||
-gpsdlibs = ["-lgpsd"] + usblibs + bluezlibs + gpslibs + caplibs
|
|
||||||
+gpsdlibs = ["-lgpsd"] + usblibs + bluezlibs + gpslibs
|
|
||||||
|
|
||||||
|
|
||||||
# We need to be able to make a static client library for ad-hoc testing.
|
|
||||||
diff --git a/gpsd.c b/gpsd.c
|
|
||||||
index 76d1850..d7fce5f 100644
|
|
||||||
--- a/gpsd.c
|
|
||||||
+++ b/gpsd.c
|
|
||||||
@@ -44,11 +44,6 @@
|
|
||||||
|
|
||||||
#include "gpsd_config.h"
|
|
||||||
|
|
||||||
-#if defined(HAVE_LIBCAP) && !defined(S_SPLINT_S)
|
|
||||||
-#include <sys/capability.h>
|
|
||||||
-#include <sys/prctl.h>
|
|
||||||
-#endif /* HAVE_LIBCAP */
|
|
||||||
-
|
|
||||||
#include "gpsd.h"
|
|
||||||
#include "sockaddr.h"
|
|
||||||
#include "gps_json.h"
|
|
||||||
@@ -2039,13 +2034,6 @@ int main(int argc, char *argv[])
|
|
||||||
struct passwd *pw;
|
|
||||||
struct stat stb;
|
|
||||||
|
|
||||||
-#if defined(HAVE_LIBCAP) && !defined(S_SPLINT_S)
|
|
||||||
- /* set flag: keep privileges across setuid() call */
|
|
||||||
- if (prctl(PR_SET_KEEPCAPS, 1L, 0L, 0L, 0L) == -1)
|
|
||||||
- gpsd_report(context.debug, LOG_ERR,
|
|
||||||
- "prctl(PR_SET_KEEPCAPS, 1L ) failed\n");
|
|
||||||
-#endif /* HAVE_LIBCAP */
|
|
||||||
-
|
|
||||||
/* make default devices accessible even after we drop privileges */
|
|
||||||
for (i = optind; i < argc; i++)
|
|
||||||
/* coverity[toctou] */
|
|
||||||
@@ -2091,21 +2079,6 @@ int main(int argc, char *argv[])
|
|
||||||
"setuid() failed, errno %s\n",
|
|
||||||
strerror(errno));
|
|
||||||
/*@+type@*/
|
|
||||||
-
|
|
||||||
- #if defined(HAVE_LIBCAP) && !defined(S_SPLINT_S)
|
|
||||||
- /* drop root capabilities, except CAP_SYS_TIME for 1PPS support */
|
|
||||||
- {
|
|
||||||
- cap_t caps = cap_from_text("cap_sys_time=pe");
|
|
||||||
-
|
|
||||||
- if (!caps)
|
|
||||||
- gpsd_report(context.debug, LOG_ERR, "cap_from_text() failed.\n");
|
|
||||||
- else if (cap_set_proc(caps) == -1) {
|
|
||||||
- gpsd_report(context.debug, LOG_ERR,
|
|
||||||
- "cap_set_proc() failed to drop root privs\n");
|
|
||||||
- cap_free(caps);
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
-#endif /* HAVE_LIBCAP */
|
|
||||||
}
|
|
||||||
gpsd_report(context.debug, LOG_INF,
|
|
||||||
"running with effective group ID %d\n", getegid());
|
|
@ -1,23 +0,0 @@
|
|||||||
commit c3f7db262c8e2e615dae9c3db6f0385bddc48df2
|
|
||||||
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
||||||
Date: Fri Nov 22 18:19:41 2013 +0100
|
|
||||||
|
|
||||||
Drop also supplementary groups when dropping privileges.
|
|
||||||
|
|
||||||
Signed-off-by: Eric S. Raymond <esr@thyrsus.com>
|
|
||||||
|
|
||||||
diff --git a/gpsd.c b/gpsd.c
|
|
||||||
index c77f684..76d1850 100644
|
|
||||||
--- a/gpsd.c
|
|
||||||
+++ b/gpsd.c
|
|
||||||
@@ -2059,6 +2059,10 @@ int main(int argc, char *argv[])
|
|
||||||
* of any compromises in the code. It requires that all GPS
|
|
||||||
* devices have their group read/write permissions set.
|
|
||||||
*/
|
|
||||||
+ if (setgroups(0, NULL) != 0)
|
|
||||||
+ gpsd_report(context.debug, LOG_ERROR,
|
|
||||||
+ "setgroups() failed, errno %s\n",
|
|
||||||
+ strerror(errno));
|
|
||||||
/*@-type@*/
|
|
||||||
#ifdef GPSD_GROUP
|
|
||||||
{
|
|
18
gpsd.spec
18
gpsd.spec
@ -1,4 +1,5 @@
|
|||||||
%global _hardened_build 1
|
%global _hardened_build 1
|
||||||
|
%global gitrev 20140127gitf2753b
|
||||||
|
|
||||||
Name: gpsd
|
Name: gpsd
|
||||||
Version: 3.10
|
Version: 3.10
|
||||||
@ -8,18 +9,11 @@ Summary: Service daemon for mediating access to a GPS
|
|||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
License: BSD
|
License: BSD
|
||||||
URL: http://catb.org/gpsd/
|
URL: http://catb.org/gpsd/
|
||||||
Source0: http://download.savannah.gnu.org/releases/gpsd/%{name}-%{version}.tar.gz
|
#Source0: http://download.savannah.gnu.org/releases/gpsd/%{name}-%{version}.tar.gz
|
||||||
|
Source0: gpsd-%{gitrev}.tar.gz
|
||||||
Source10: gpsd.service
|
Source10: gpsd.service
|
||||||
Source11: gpsd.sysconfig
|
Source11: gpsd.sysconfig
|
||||||
Source12: gpsdctl.service
|
Source12: gpsdctl.service
|
||||||
# PPS seems to be working without cap_sys_time
|
|
||||||
Patch1: gpsd-nolibcap.patch
|
|
||||||
# allow multiple options in LINKFLAGS
|
|
||||||
Patch2: gpsd-linkflags.patch
|
|
||||||
# set time stamp in chrony SOCK sample correctly
|
|
||||||
Patch3: gpsd-chronyts.patch
|
|
||||||
# drop also supplementary groups when dropping privileges
|
|
||||||
Patch4: gpsd-setgroups.patch
|
|
||||||
|
|
||||||
BuildRequires: dbus-devel dbus-glib-devel ncurses-devel xmlto python-devel
|
BuildRequires: dbus-devel dbus-glib-devel ncurses-devel xmlto python-devel
|
||||||
BuildRequires: scons desktop-file-utils bluez-libs-devel pps-tools-devel
|
BuildRequires: scons desktop-file-utils bluez-libs-devel pps-tools-devel
|
||||||
@ -81,11 +75,7 @@ can run on a serial terminal or terminal emulator.
|
|||||||
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q -n %{name}
|
||||||
%patch1 -p1 -b .nolibcap
|
|
||||||
%patch2 -p1 -b .linkflags
|
|
||||||
%patch3 -p1 -b .chronyts
|
|
||||||
%patch4 -p1 -b .setgroups
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
export CCFLAGS="%{optflags}"
|
export CCFLAGS="%{optflags}"
|
||||||
|
Loading…
Reference in New Issue
Block a user