rpms/quota
7
0
Fork 0
Code Issues Pull Requests Releases Activity

4.03 bump

Browse Source
This commit is contained in:
Petr Písař 2016-01-06 17:20:36 +01:00
parent f2af6cfa86
commit 67a767db05
10 changed files with 199 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -3,3 +3,5 @@ quota-3.17.tar.gz
/quota-4.00.tar.gz
/quota-4.01.tar.gz
/quota-4.02.tar.gz
/quota-4.03.tar.gz
/ldap-scripts.tar.gz

11
quota-3.13-wrong-ports.patch
View File

@ -1,11 +0,0 @@
--- quota-tools/rquota_svc.c.orig 2005-06-01 03:21:30.000000000 -0400
+++ quota-tools/rquota_svc.c 2006-11-01 15:11:29.161101000 -0500
@@ -140,7 +140,7 @@ static void parse_options(int argc, char
break;
case 'p':
port = strtol(optarg, &endptr, 0);
- if (*endptr || port <= 0) {
+ if (*endptr || port <= 0 || port > 0xffff) {
errstr(_("Illegal port number: %s\n"), optarg);
show_help();
exit(1);

39
quota-4.00_pre1-get_qf_name-does-not-check-quota-file-presence.patch
View File

@ -1,39 +0,0 @@
From 1c3bc6d34439f353ea00239dc1ca31239823bb4f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Fri, 1 Jul 2011 10:22:10 +0200
Subject: [PATCH 2/2] get_qf_name() does not check quota file presence
Old error messsage stated a quota file does not exist despite fact
get_qf_name() does not check the file existence. It constructs the
file name only.
This lead to misleading message when running initial `quotacheck -c'
on extended file system mounted with usrquota option only.
Signed-off-by: Jan Kara <jack@suse.cz>
---
quotacheck.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/quotacheck.c b/quotacheck.c
index 112596b..d8515af 100644
--- a/quotacheck.c
+++ b/quotacheck.c
@@ -873,12 +873,12 @@ static int sub_quota_file(struct mntent *mnt, int qtype, int ftype)
debug(FL_DEBUG, _("Substracting space used by old %s quota file.\n"), type2name(ftype));
if (get_qf_name(mnt, ftype, cfmt, 0, &filename) < 0) {
- debug(FL_VERBOSE, _("Old %s file not found. Usage will not be substracted.\n"), type2name(ftype));
+ debug(FL_VERBOSE, _("Old %s file name could not been determined. Usage will not be substracted.\n"), type2name(ftype));
return 0;
}
if (stat(filename, &st) < 0) {
- debug(FL_VERBOSE, _("Cannot stat old %s quota file: %s\n"), type2name(ftype), strerror(errno));
+ debug(FL_VERBOSE, _("Cannot stat old %s quota file %s: %s. Usage will not be substracted.\n"), type2name(ftype), filename, strerror(errno));
free(filename);
return 0;
}
--
1.7.6

49
quota-4.02-Build-rpc.rquotad-as-PIE.patch
View File

@ -1,49 +0,0 @@
From f9e56db59fde6e6eccd4c51c5c158ce4eed3b922 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Wed, 26 Nov 2014 13:00:18 +0100
Subject: [PATCH] Build rpc.rquotad as PIE
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
Makefile.in | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/Makefile.in b/Makefile.in
index 7d25930..25f1203 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -48,6 +48,9 @@ LIBOBJS += @LIBMALLOC@
all: $(PROGS)
+svc_socket.o rquota_server.o rquota_svc.o $(filter-out rquota_xdr.o,$(LIBOBJS)): %.o: %.c
+ $(CC) $(CFLAGS) -fpie -c $<
+
clean:
-rm -f core *.o .*.d
@@ -141,7 +144,8 @@ convertquota: convertquota.o $(LIBOBJS)
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
rpc.rquotad: rquota_server.o rquota_svc.o svc_socket.o $(LIBOBJS)
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS)
+ $(CC) $(CFLAGS) -pie $(LDFLAGS) -o $@ $^ $(LIBS)
+ @if readelf -d $@|fgrep -q TEXTREL; then echo "*** Text relocation"; false; else true; fi
ifneq ($(NETLINKLIBS),)
quota_nld: quota_nld.o $(LIBOBJS)
@@ -157,7 +161,7 @@ rquota_xdr.c: rquota.x
$(RPCGEN) -c -o $@ $<
rquota_xdr.o: rquota_xdr.c rquota.h
- $(CC) $(CFLAGS) -Wno-unused -c $<
+ $(CC) $(CFLAGS) -Wno-unused -fpie -c $<
rquota_clnt.c: rquota.x
$(RPCGEN) -l -o $@ $<
--
1.9.3

53
quota-4.03-Build-rpc.rquotad-as-PIE.patch Normal file
View File

@ -0,0 +1,53 @@
From cc25319e5e179da1c1d9455ab4760dcbcb66b591 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Wed, 6 Jan 2016 17:14:08 +0100
Subject: [PATCH] Build rpc.rquotad as PIE
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Harden executables due to rpc.rquotad and quota_nld daemons.
Recent distribution enabled hardening globally. This patch preserves the
test to catch a regression.
<https://bugzilla.redhat.com/show_bug.cgi?id=983179>
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
Makefile.am | 2 ++
test-hardened | 9 +++++++++
2 files changed, 11 insertions(+)
create mode 100644 test-hardened
diff --git a/Makefile.am b/Makefile.am
index eb62617..1414f8d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -232,6 +232,8 @@ quota_nld_LDADD = \
$(DBUS_LIBS) \
$(LIBNL3_LIBS)
+TEST=test-hardended
+
# ------------------
# Rpcgen conversions
# ------------------
diff --git a/test-hardened b/test-hardened
new file mode 100644
index 0000000..b8f63bf
--- /dev/null
+++ b/test-hardened
@@ -0,0 +1,9 @@
+#!/bin/sh
+# Check rpc.rquotad and quota_nld daemons are hardened (bug #983179)
+
+for D in rpc.rquotad quota_nld; do
+ if readelf -d "$D" | fgrep -q TEXTREL; then
+ echo "*** Text relocation found in ${D}"
+ exit 1;
+ fi
+done
--
2.5.0

32
quota-4.03-Respect-enviroment-CFLAGS.patch Normal file
View File

@ -0,0 +1,32 @@
From 27a7f0020b0965a83559de04673551cf92eb4cbc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Thu, 7 Jan 2016 08:54:35 +0100
Subject: [PATCH] Respect enviroment CFLAGS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Configure fails if LDFLAGS carries -pie and CFLAGS -fPIC. That's
because confifgure.ac resets CFLAGS.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 960a618..bb33774 100644
--- a/configure.ac
+++ b/configure.ac
@@ -53,7 +53,7 @@ AS_IF([test "x${prefix}" = "xNONE"], [
# ================
# Check for cflags
# ================
-CFLAGS="-D_GNU_SOURCE -Wall -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
+CFLAGS="${CFLAGS} -D_GNU_SOURCE -Wall -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
AC_ARG_ENABLE([werror],
[AS_HELP_STRING([--enable-werror], [Treat all warnings as errors, useful for development])],
[enable_werror="$enableval"],
--
2.5.0

29
quota-4.03-Validate-upper-bound-of-RPC-port.patch Normal file
View File

@ -0,0 +1,29 @@
From c9a2a6fea0668579f5fb8d77cb219f51d104581f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Wed, 6 Jan 2016 17:58:22 +0100
Subject: [PATCH] Validate upper bound of RPC port
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
rquota_svc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rquota_svc.c b/rquota_svc.c
index 338b70f..93472e0 100644
--- a/rquota_svc.c
+++ b/rquota_svc.c
@@ -142,7 +142,7 @@ static void parse_options(int argc, char **argv)
break;
case 'p':
port = strtol(optarg, &endptr, 0);
- if (*endptr || port <= 0) {
+ if (*endptr || port <= 0 || port > 0xffff) {
errstr(_("Illegal port number: %s\n"), optarg);
show_help();
exit(1);
--
2.5.0

12
quota-4.02-warnquota.patch → quota-4.03-warnquota-configuration-tunes.patch
View File

@ -1,4 +1,4 @@
From b3df689acc31c91dbfbfdc0b03a357e6b0eda2ac Mon Sep 17 00:00:00 2001
From 7b44aa5bd3a10f2073c96ffc1eb0d2dce45585ab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Tue, 23 Aug 2011 13:45:15 +0200
Subject: [PATCH] warnquota configuration tunes
@ -17,20 +17,20 @@ Signed-off-by: Petr Písař <ppisar@redhat.com>
2 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/warnquota.c b/warnquota.c
index 009d9e9..93ed1ff 100644
index 3734f0e..ff626b5 100644
--- a/warnquota.c
+++ b/warnquota.c
@@ -825,7 +825,7 @@ static int readconfigfile(const char *filename, struct configparams *config)
@@ -821,7 +821,7 @@ static int readconfigfile(const char *filename, struct configparams *config)
verify_format(config->group_signature, "GROUP_SIGNATURE");
}
else if (!strcmp(var, "LDAP_MAIL")) {
- if(strcasecmp(value, "true") == 0)
+ if(strncasecmp(value, "true", 4) == 0)
+ if(strncasecmp(value, "true", 4) == 0)
config->use_ldap_mail = 1;
else
config->use_ldap_mail = 0;
diff --git a/warnquota.conf b/warnquota.conf
index 59d4f5f..aee2fca 100644
index b06f81f..7e00947 100644
--- a/warnquota.conf
+++ b/warnquota.conf
@@ -4,17 +4,16 @@
@ -72,5 +72,5 @@ index 59d4f5f..aee2fca 100644
GROUP_MESSAGE = Hello,|\
your group %i is using too much disk space at %h.|\
--
1.9.3
2.5.0

115
quota.spec
View File

@ -1,16 +1,27 @@
#allow remote set quota by defined rpcsetquota to 1(set to 0 to disabled it)
%{!?rpcsetquota:%define rpcsetquota 1}
# Allow setting quota remotely by default
%bcond_without rpcsetquota
Name: quota
Epoch: 1
Version: 4.02
Release: 4%{?dist}
Version: 4.03
Release: 1%{?dist}
Summary: System administration tools for monitoring users' disk usage
# quota_nld.c, quotaio_xfs.h: GPLv2
# bylabel.c copied from util-linux: GPLv2+
# svc_socket.c copied from glibc: LGPLv2+
# doc/quotas.ms, quotaops.c, quot.c, quotaon.c, edquota.c, quot.h, quota.c,
# quotaio_v1.c: BSD
# COPYING: GPLv2 text and license declaration
## Not involved in the binary package
# m4/iconv.m4: GPL+ with exception
# ar-lib: GPLv2 with exception
# missing: GPLv2+ with exception
# config.guess: GPLv3+ with exception
# config.rpath: LGPLv2+
# install-sh: MIT
# configure: FSFUL
# aclocal.m4: FSFULLR and (GPLv2+ with exception)
# mkinstalldirs: Public Domain
License: BSD and LGPLv2+ and GPLv2 and GPLv2+
Group: System Environment/Base
URL: http://sourceforge.net/projects/linuxquota/
@ -19,15 +30,28 @@ Source1: quota_nld.service
Source2: quota_nld.sysconfig
Source3: rpc-rquotad.service
Source4: rpc-rquotad.sysconfig
# LDAP scripts forgotten in 4.03, taken from upstream git
# 861154efb90ed049e0473cc36935b8d03c78a869, fixed in upstream after 4.03
Source5: ldap-scripts.tar.gz
# Not accepted changes (378a64006bb1e818e84a1c77808563b802b028fa)
# Some of the lines have been superseded by other commits probably.
Patch0: quota-4.02-warnquota.patch
Patch1: quota-4.02-Build-rpc.rquotad-as-PIE.patch
Patch2: quota-3.13-wrong-ports.patch
BuildRequires: dbus-devel
Patch0: quota-4.03-warnquota-configuration-tunes.patch
Patch1: quota-4.03-Build-rpc.rquotad-as-PIE.patch
Patch2: quota-4.03-Validate-upper-bound-of-RPC-port.patch
# Fix build script to work with hardended flags, submitted to upstream
# <https://sourceforge.net/p/linuxquota/bugs/121/>
Patch3: quota-4.03-Respect-enviroment-CFLAGS.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: bash
BuildRequires: coreutils
BuildRequires: e2fsprogs-devel
BuildRequires: gettext
BuildRequires: gcc
BuildRequires: gettext-devel
# glibc-common for rpcgen tool
BuildRequires: glibc-common
BuildRequires: make
BuildRequires: openldap-devel
BuildRequires: pkgconfig(dbus-1)
BuildRequires: pkgconfig(libnl-3.0) >= 3.1
BuildRequires: pkgconfig(libnl-genl-3.0)
BuildRequires: systemd
@ -68,7 +92,7 @@ Conflicts: quota < 1:4.02-3
%description rpc
The RPC daemon allows to query and set disk quotas over network. If you run
the deamon on NFSserver, you could use quota tools to manage the quotas from
the daemon on NFSserver, you could use quota tools to manage the quotas from
NFS client.
@ -118,37 +142,41 @@ Linux/UNIX environment.
%prep
%setup -q -n quota-tools
%setup -q
%patch0 -p1
%ifnarch ppc ppc64
%patch1 -p1
%endif
%patch2 -p1
%patch3 -p1
# Unpack forgotten LDAP scripts
tar -xzkf %{SOURCE5}
# Regenerate build scripts, also because of Respect-enviroment-CFLAGS.patch
autoreconf -f -i
%build
%global _hardened_build 1
%configure \
--enable-bsd-behaviour \
--enable-ext2direct=yes \
--enable-ldapmail=yes \
--enable-libwrap=yes \
--enable-netlink=yes \
--enable-rootsbin=no \
%if %{rpcsetquota}
--enable-nls \
--disable-rpath \
%if %{with rpcsetquota}
--enable-rpcsetquota=yes \
%else
--disable-rpcsetquota \
%endif
--enable-strip-binaries=no
--disable-silent-rules \
--disable-xfs-roothack
make
%install
mkdir -p %{buildroot}%{_sysconfdir}
mkdir -p %{buildroot}%{_sbindir}
mkdir -p %{buildroot}%{_bindir}
mkdir -p %{buildroot}%{_mandir}/{man1,man3,man5,man8}
make install INSTALL='install -p' ROOTDIR=%{buildroot}
install -m 644 warnquota.conf %{buildroot}%{_sysconfdir}
ln -s quotaon.8.gz \
%{buildroot}%{_mandir}/man8/quotaoff.8
make install DESTDIR=%{buildroot}
rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}
install -p -m644 -D %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/quota_nld.service
install -p -m644 -D %{SOURCE2} \
@ -160,6 +188,10 @@ install -p -m644 -D %{SOURCE4} \
%find_lang %{name}
%check
make check
%post nld
%systemd_post quota_nld.service
@ -181,39 +213,39 @@ install -p -m644 -D %{SOURCE4} \
%files
%attr(0755,root,root) %{_bindir}/*
%attr(0755,root,root) %{_sbindir}/*
%{_bindir}/*
%{_sbindir}/*
%exclude %{_sbindir}/quota_nld
%exclude %{_sbindir}/rpc.rquotad
%exclude %{_sbindir}/warnquota
%attr(0644,root,root) %{_mandir}/man1/*
%attr(0644,root,root) %{_mandir}/man8/*
%{_mandir}/man1/*
%{_mandir}/man8/*
%exclude %{_mandir}/man8/quota_nld.8*
%exclude %{_mandir}/man8/rpc.rquotad.8*
%exclude %{_mandir}/man8/warnquota.8*
%doc Changelog
%files nld
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/quota_nld
%config(noreplace) %{_sysconfdir}/sysconfig/quota_nld
%{_unitdir}/quota_nld.service
%attr(0755,root,root) %{_sbindir}/quota_nld
%attr(0644,root,root) %{_mandir}/man8/quota_nld.8*
%{_sbindir}/quota_nld
%{_mandir}/man8/quota_nld.8*
%doc Changelog
%files rpc
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/rpc-rquotad
%config(noreplace) %{_sysconfdir}/sysconfig/rpc-rquotad
%{_unitdir}/rpc-rquotad.service
%{_sbindir}/rpc.rquotad
%{_mandir}/man8/rpc.rquotad.8*
%doc Changelog
%files warnquota
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/quotagrpadmins
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/quotatab
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/warnquota.conf
%attr(0755,root,root) %{_sbindir}/warnquota
%attr(0644,root,root) %{_mandir}/man5/*
%attr(0644,root,root) %{_mandir}/man8/warnquota.8*
%config(noreplace) %{_sysconfdir}/quotagrpadmins
%config(noreplace) %{_sysconfdir}/quotatab
%config(noreplace) %{_sysconfdir}/warnquota.conf
%{_sbindir}/warnquota
%{_mandir}/man5/*
%{_mandir}/man8/warnquota.8*
%doc Changelog README.ldap-support README.mailserver
%files nls -f %{name}.lang
@ -222,13 +254,16 @@ install -p -m644 -D %{SOURCE4} \
%files devel
%dir %{_includedir}/rpcsvc
%{_includedir}/rpcsvc/*
%attr(0644,root,root) %{_mandir}/man3/*
%{_mandir}/man3/*
%files doc
%doc doc/* ldap-scripts
%changelog
* Wed Jan 06 2016 Petr Pisar <ppisar@redhat.com> - 1:4.03-1
- 4.03 bump
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:4.02-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
@ -395,7 +430,7 @@ install -p -m644 -D %{SOURCE4} \
- Package additional documentation into `doc' sub-package
* Thu Nov 11 2010 Petr Pisar <ppisar@redhat.com> - 1:3.17-15
- Add quota_nld deamon init script (bug #634169)
- Add quota_nld daemon init script (bug #634169)
- Sub-package quota_nld files to weak dependecies
- Sub-package warnquota files to weak dependecies

3
sources
View File

@ -1 +1,2 @@
a8a5df262261e659716ccad2a5d6df0d quota-4.02.tar.gz
95b900db79931806bc6dc9f89c615a1b ldap-scripts.tar.gz
6b09f9c93515c25a528be5754cdfb6f5 quota-4.03.tar.gz