update to 20140127gitf2753b

This commit is contained in:
Miroslav Lichvar 2014-02-20 14:10:09 +01:00
parent f8d5e9ad38
commit 48a3b2f5f6
7 changed files with 6 additions and 192 deletions

1
.gitignore vendored
View File

@ -6,3 +6,4 @@
/gpsd-3.8.tar.gz
/gpsd-3.9.tar.gz
/gpsd-3.10.tar.gz
/gpsd-20140127gitf2753b.tar.gz

View File

@ -1,25 +0,0 @@
commit 14ad8ddef480df52e090bfea65b4ae081c241506
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date: Fri Nov 22 18:19:42 2013 +0100
Set time stamp in chrony SOCK sample correctly.
The tv field should be the local time when was the sample received, not
the reference time. Otherwise the sample could be ignored as coming from
future.
Signed-off-by: Eric S. Raymond <esr@thyrsus.com>
diff --git a/ntpshm.c b/ntpshm.c
index 109e4ea..fe8e450 100644
--- a/ntpshm.c
+++ b/ntpshm.c
@@ -351,7 +351,7 @@ static void chrony_send(struct gps_device_t *session, struct timedrift_t *td)
sample.leap = session->context->leap_notify;
sample.magic = SOCK_MAGIC;
/*@-type@*//* splint is confused about struct timespec */
- TSTOTV(&sample.tv, &td->real);
+ TSTOTV(&sample.tv, &td->clock);
/*@-compdef@*/
sample.offset = timespec_diff_ns(td->real, td->clock) / 1e9;
/*@+compdef@*/

View File

@ -1,30 +0,0 @@
commit 0583730e98906f9c779f8705138adb2572d305c2
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date: Fri Nov 22 18:19:40 2013 +0100
Allow multiple options in LINKFLAGS.
Signed-off-by: Eric S. Raymond <esr@thyrsus.com>
diff --git a/SConstruct b/SConstruct
index b7627e7..4332fe4 100644
--- a/SConstruct
+++ b/SConstruct
@@ -239,7 +239,7 @@ env['PYTHON'] = sys.executable
env['STRIP'] = "strip"
env['PKG_CONFIG'] = "pkg-config"
env['CHRPATH'] = 'chrpath'
-for i in ["AR", "ARFLAGS", "CCFLAGS", "CFLAGS", "CC", "CXX", "CXXFLAGS", "STRIP", "PKG_CONFIG", "CHRPATH", "LD", "TAR"]:
+for i in ["AR", "ARFLAGS", "CCFLAGS", "CFLAGS", "CC", "CXX", "CXXFLAGS", "LINKFLAGS", "STRIP", "PKG_CONFIG", "CHRPATH", "LD", "TAR"]:
if os.environ.has_key(i):
j = i
if i == "LD":
@@ -248,7 +248,7 @@ for i in ["AR", "ARFLAGS", "CCFLAGS", "CFLAGS", "CC", "CXX", "CXXFLAGS", "STRIP"
env.Replace(**{j: Split(os.getenv(i))})
else:
env.Replace(**{j: os.getenv(i)})
-for flag in ["LDFLAGS", "LINKFLAGS", "SHLINKFLAGS", "CPPFLAGS"]:
+for flag in ["LDFLAGS", "SHLINKFLAGS", "CPPFLAGS"]:
if os.environ.has_key(flag):
env.MergeFlags({flag : [os.getenv(flag)]})

View File

@ -1,99 +0,0 @@
commit a128248dbcab3d15da72bdc77c53cbde8de0baa1
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date: Fri Nov 22 18:19:43 2013 +0100
Don't keep cap_sys_time capability.
It's not necessary to keep the capability since time_pps_setparams is
called before root privileges are dropped.
Signed-off-by: Eric S. Raymond <esr@thyrsus.com>
diff --git a/SConstruct b/SConstruct
index 4332fe4..c5120ae 100644
--- a/SConstruct
+++ b/SConstruct
@@ -455,7 +455,6 @@ if env.GetOption("clean") or env.GetOption("help"):
rtlibs = []
usblibs = []
bluezlibs = []
- caplibs = []
ncurseslibs = []
confdefs = []
manbuilder = False
@@ -558,14 +557,6 @@ else:
confdefs.append("/* #undef HAVE_LIBRT */\n")
rtlibs = []
- if config.CheckLib('libcap'):
- confdefs.append("#define HAVE_LIBCAP 1\n")
- # System library - no special flags
- caplibs = ["-lcap"]
- else:
- confdefs.append("/* #undef HAVE_LIBCAP */\n")
- caplibs = []
-
if env['dbus_export'] and config.CheckPKG('dbus-1'):
confdefs.append("#define HAVE_DBUS 1\n")
dbus_libs = pkg_config('dbus-1')
@@ -957,7 +948,7 @@ if qt_env:
# The libraries have dependencies on system libraries
gpslibs = ["-lgps", "-lm"]
-gpsdlibs = ["-lgpsd"] + usblibs + bluezlibs + gpslibs + caplibs
+gpsdlibs = ["-lgpsd"] + usblibs + bluezlibs + gpslibs
# We need to be able to make a static client library for ad-hoc testing.
diff --git a/gpsd.c b/gpsd.c
index 76d1850..d7fce5f 100644
--- a/gpsd.c
+++ b/gpsd.c
@@ -44,11 +44,6 @@
#include "gpsd_config.h"
-#if defined(HAVE_LIBCAP) && !defined(S_SPLINT_S)
-#include <sys/capability.h>
-#include <sys/prctl.h>
-#endif /* HAVE_LIBCAP */
-
#include "gpsd.h"
#include "sockaddr.h"
#include "gps_json.h"
@@ -2039,13 +2034,6 @@ int main(int argc, char *argv[])
struct passwd *pw;
struct stat stb;
-#if defined(HAVE_LIBCAP) && !defined(S_SPLINT_S)
- /* set flag: keep privileges across setuid() call */
- if (prctl(PR_SET_KEEPCAPS, 1L, 0L, 0L, 0L) == -1)
- gpsd_report(context.debug, LOG_ERR,
- "prctl(PR_SET_KEEPCAPS, 1L ) failed\n");
-#endif /* HAVE_LIBCAP */
-
/* make default devices accessible even after we drop privileges */
for (i = optind; i < argc; i++)
/* coverity[toctou] */
@@ -2091,21 +2079,6 @@ int main(int argc, char *argv[])
"setuid() failed, errno %s\n",
strerror(errno));
/*@+type@*/
-
- #if defined(HAVE_LIBCAP) && !defined(S_SPLINT_S)
- /* drop root capabilities, except CAP_SYS_TIME for 1PPS support */
- {
- cap_t caps = cap_from_text("cap_sys_time=pe");
-
- if (!caps)
- gpsd_report(context.debug, LOG_ERR, "cap_from_text() failed.\n");
- else if (cap_set_proc(caps) == -1) {
- gpsd_report(context.debug, LOG_ERR,
- "cap_set_proc() failed to drop root privs\n");
- cap_free(caps);
- }
- }
-#endif /* HAVE_LIBCAP */
}
gpsd_report(context.debug, LOG_INF,
"running with effective group ID %d\n", getegid());

View File

@ -1,23 +0,0 @@
commit c3f7db262c8e2e615dae9c3db6f0385bddc48df2
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date: Fri Nov 22 18:19:41 2013 +0100
Drop also supplementary groups when dropping privileges.
Signed-off-by: Eric S. Raymond <esr@thyrsus.com>
diff --git a/gpsd.c b/gpsd.c
index c77f684..76d1850 100644
--- a/gpsd.c
+++ b/gpsd.c
@@ -2059,6 +2059,10 @@ int main(int argc, char *argv[])
* of any compromises in the code. It requires that all GPS
* devices have their group read/write permissions set.
*/
+ if (setgroups(0, NULL) != 0)
+ gpsd_report(context.debug, LOG_ERROR,
+ "setgroups() failed, errno %s\n",
+ strerror(errno));
/*@-type@*/
#ifdef GPSD_GROUP
{

View File

@ -1,4 +1,5 @@
%global _hardened_build 1
%global gitrev 20140127gitf2753b
Name: gpsd
Version: 3.10
@ -8,18 +9,11 @@ Summary: Service daemon for mediating access to a GPS
Group: System Environment/Daemons
License: BSD
URL: http://catb.org/gpsd/
Source0: http://download.savannah.gnu.org/releases/gpsd/%{name}-%{version}.tar.gz
#Source0: http://download.savannah.gnu.org/releases/gpsd/%{name}-%{version}.tar.gz
Source0: gpsd-%{gitrev}.tar.gz
Source10: gpsd.service
Source11: gpsd.sysconfig
Source12: gpsdctl.service
# PPS seems to be working without cap_sys_time
Patch1: gpsd-nolibcap.patch
# allow multiple options in LINKFLAGS
Patch2: gpsd-linkflags.patch
# set time stamp in chrony SOCK sample correctly
Patch3: gpsd-chronyts.patch
# drop also supplementary groups when dropping privileges
Patch4: gpsd-setgroups.patch
BuildRequires: dbus-devel dbus-glib-devel ncurses-devel xmlto python-devel
BuildRequires: scons desktop-file-utils bluez-libs-devel pps-tools-devel
@ -81,11 +75,7 @@ can run on a serial terminal or terminal emulator.
%prep
%setup -q
%patch1 -p1 -b .nolibcap
%patch2 -p1 -b .linkflags
%patch3 -p1 -b .chronyts
%patch4 -p1 -b .setgroups
%setup -q -n %{name}
%build
export CCFLAGS="%{optflags}"

View File

@ -1 +1 @@
fc5b03aae38b9b5b6880b31924d0ace3 gpsd-3.10.tar.gz
3edd642ec507f85700a5c9ebb1ef6218 gpsd-20140127gitf2753b.tar.gz