diff --git a/man-pages-6.05-unix.7-SO_PEERCRED.patch b/man-pages-6.05-unix.7-SO_PEERCRED.patch new file mode 100644 index 0000000..b807da8 --- /dev/null +++ b/man-pages-6.05-unix.7-SO_PEERCRED.patch @@ -0,0 +1,41 @@ +From b34c2340657cfe467a0c2cde4933422bddf4348b Mon Sep 17 00:00:00 2001 +From: Alexey Tikhonov +Date: Wed, 20 Dec 2023 18:28:34 +0100 +Subject: [PATCH] unix.7: SO_PEERCRED: Mention listen(2) + +In case of connected AF_UNIX stream sockets, server-side credentials are +set at the time of a call to listen(2), not when client-side calls +connect(2). + +This is important if server side process changes UID/GID after listen(2) +and before connect(2). + +Reproducer is available in [1]. +Behavior was confirmed in the email thread [2]. + +Link: [1] +Link: [2] +Signed-off-by: Alexey Tikhonov +Reviewed-by: Kuniyuki Iwashima +Signed-off-by: Alejandro Colomar +--- + man7/unix.7 | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/man7/unix.7 b/man7/unix.7 +index e9edad467..71cdfc758 100644 +--- a/man7/unix.7 ++++ b/man7/unix.7 +@@ -331,7 +331,8 @@ This read-only socket option returns the + credentials of the peer process connected to this socket. + The returned credentials are those that were in effect at the time + of the call to +-.BR connect (2) ++.BR connect (2), ++.BR listen (2), + or + .BR socketpair (2). + .IP +-- +2.41.0 + diff --git a/man-pages.spec b/man-pages.spec index e3d2338..1500226 100644 --- a/man-pages.spec +++ b/man-pages.spec @@ -51,6 +51,10 @@ BuildArch: noarch # https://bugzilla.kernel.org/show_bug.cgi?id=53781 Patch21: man-pages-3.42-close.patch +# resolves: #2247682 +# upstream commit b34c2340657cfe467a0c2cde4933422bddf4348b +Patch22: man-pages-6.05-unix.7-SO_PEERCRED.patch + %description A large collection of manual pages from the Linux Documentation Project (LDP). @@ -58,6 +62,7 @@ A large collection of manual pages from the Linux Documentation Project (LDP). %setup -q -a 1 %patch -P 21 -p1 +%patch -P 22 -p1 ## Remove man pages we are not going to use ##