rpms/rpm
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- also strip POSIX file capabilities from hardlinks on upgrade/erase

Browse Source 
(#598775)
This commit is contained in:
Panu Matilainen 2010-06-03 08:18:21 +00:00
parent 8c454e468a
commit aaf4885601
2 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
rpm-4.8.0-fsm-sbits.patch
View File

@ -1,24 +1,29 @@
diff -up rpm-4.8.0/lib/fsm.c.fsm-sbits rpm-4.8.0/lib/fsm.c diff -up rpm-4.8.0/lib/fsm.c.fsm-sbits rpm-4.8.0/lib/fsm.c
--- rpm-4.8.0/lib/fsm.c.fsm-sbits 2009-12-07 16:36:49.000000000 +0200 --- rpm-4.8.0/lib/fsm.c.fsm-sbits 2009-12-07 16:36:49.000000000 +0200
+++ rpm-4.8.0/lib/fsm.c 2010-06-02 09:25:52.000000000 +0300 +++ rpm-4.8.0/lib/fsm.c 2010-06-03 11:14:53.000000000 +0300
@@ -1320,6 +1320,16 @@ static const char * rpmteTypeString(rpmt @@ -1320,6 +1320,21 @@ static const char * rpmteTypeString(rpmt
} }
} }
+static void removeSBITS(const char *path) +static void removeSBITS(const char *path)
+{ +{
+ struct stat stb; + struct stat stb;
+ if (lstat(path, &stb) == 0) { + if (lstat(path, &stb) == 0 && S_ISREG(stb.st_mode)) {
+ if (S_ISREG(stb.st_mode) && (stb.st_mode & 06000) != 0) { + if ((stb.st_mode & 06000) != 0) {
+ (void) chmod(path, stb.st_mode & 0777); + (void) chmod(path, stb.st_mode & 0777);
+ } + }
+#if WITH_CAP
+ if (stb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) {
+ (void) cap_set_file(path, NULL);
+ }
+#endif
+ } + }
+} +}
+ +
#define IS_DEV_LOG(_x) \ #define IS_DEV_LOG(_x) \
((_x) != NULL && strlen(_x) >= (sizeof("/dev/log")-1) && \ ((_x) != NULL && strlen(_x) >= (sizeof("/dev/log")-1) && \
rstreqn((_x), "/dev/log", sizeof("/dev/log")-1) && \ rstreqn((_x), "/dev/log", sizeof("/dev/log")-1) && \
@@ -2024,11 +2034,8 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS @@ -2024,11 +2039,8 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS
break; break;
case FSM_UNLINK: case FSM_UNLINK:
@ -32,7 +37,7 @@ diff -up rpm-4.8.0/lib/fsm.c.fsm-sbits rpm-4.8.0/lib/fsm.c
rc = unlink(fsm->path); rc = unlink(fsm->path);
if (_fsm_debug && (stage & FSM_SYSCALL)) if (_fsm_debug && (stage & FSM_SYSCALL))
rpmlog(RPMLOG_DEBUG, " %8s (%s) %s\n", cur, rpmlog(RPMLOG_DEBUG, " %8s (%s) %s\n", cur,
@@ -2037,6 +2044,8 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS @@ -2037,6 +2049,8 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS
rc = (errno == ENOENT ? CPIOERR_ENOENT : CPIOERR_UNLINK_FAILED); rc = (errno == ENOENT ? CPIOERR_ENOENT : CPIOERR_UNLINK_FAILED);
break; break;
case FSM_RENAME: case FSM_RENAME:

5
rpm.spec
View File

@ -21,7 +21,7 @@
Summary: The RPM package management system Summary: The RPM package management system
Name: rpm Name: rpm
Version: %{rpmver} Version: %{rpmver}
Release: 18%{?dist} Release: 19%{?dist}
Group: System Environment/Base Group: System Environment/Base
Url: http://www.rpm.org/ Url: http://www.rpm.org/
Source0: http://rpm.org/releases/testing/%{name}-%{srcver}.tar.bz2 Source0: http://rpm.org/releases/testing/%{name}-%{srcver}.tar.bz2
@ -430,6 +430,9 @@ exit 0
%doc doc/librpm/html/* %doc doc/librpm/html/*
%changelog %changelog
* Thu Jun 03 2010 Panu Matilainen <pmatilai@redhat.com> - 4.8.0-19
- also strip POSIX file capabilities from hardlinks on upgrade/erase (#598775)
* Wed Jun 02 2010 Panu Matilainen <pmatilai@redhat.com> - 4.8.0-18 * Wed Jun 02 2010 Panu Matilainen <pmatilai@redhat.com> - 4.8.0-18
- remove s-bits on upgrade too (#598775) - remove s-bits on upgrade too (#598775)