From c7a6ac86838a5b76fe608e5208d8ceb5f04702c9 Mon Sep 17 00:00:00 2001 From: Peter Vrabec Date: Fri, 24 Aug 2007 10:06:57 +0000 Subject: [PATCH] new upstream release with CVE-2007-4134 fix --- .cvsignore | 2 +- sources | 2 +- star-1.5-newMake.patch | 18 +- star-1.5-selinux.patch | 478 +++++++++++++++++++++++------------------ star.spec | 13 +- 5 files changed, 290 insertions(+), 223 deletions(-) diff --git a/.cvsignore b/.cvsignore index b7982c2..2b5b181 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -star-1.5a76.tar.bz2 +star-1.5a84.tar.bz2 diff --git a/sources b/sources index 4bb29c9..4f63876 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f4707cf0eb469e877cbcfc84f9e18227 star-1.5a76.tar.bz2 +7b3860592468e46396fe34157f338d42 star-1.5a84.tar.bz2 diff --git a/star-1.5-newMake.patch b/star-1.5-newMake.patch index b6cde2c..d2406d4 100644 --- a/star-1.5-newMake.patch +++ b/star-1.5-newMake.patch @@ -1,5 +1,5 @@ ---- star-1.5/DEFAULTS/Defaults.linux.newMake 2006-07-21 14:53:23.000000000 +0200 -+++ star-1.5/DEFAULTS/Defaults.linux 2007-01-18 15:41:19.000000000 +0100 +--- star-1.5/DEFAULTS/Defaults.linux.fix 2007-08-23 13:35:54.000000000 +0200 ++++ star-1.5/DEFAULTS/Defaults.linux 2007-08-23 13:51:33.000000000 +0200 @@ -8,8 +8,8 @@ # Compiler stuff # @@ -11,16 +11,14 @@ ########################################################################### # -@@ -28,21 +28,21 @@ - ########################################################################### - CWARNOPTS= +@@ -40,20 +40,20 @@ __LINUX_SRC_INCLUDE= $(_LINUX_SRC_INCLUD + LINUX_SRC_INCLUDE= $(__LINUX_SRC_INCLUDE:$(_UNIQ)no%=%) --DEFINCDIRS= $(SRCROOT)/include /usr/src/linux/include + DEFINCDIRS= $(SRCROOT)/include -LDPATH= -L/opt/schily/lib --RUNPATH= -R $(INS_BASE)/lib -R /opt/schily/lib -R $(OLIBSDIR) -+DEFINCDIRS= $(SRCROOT)/include -+LDPATH= -+RUNPATH= +-RUNPATH= -R$(INS_BASE)/lib -R/opt/schily/lib -R$(OLIBSDIR) ++LDPATH= ++RUNPATH= ########################################################################### # diff --git a/star-1.5-selinux.patch b/star-1.5-selinux.patch index 09ab3c0..3c2b9b9 100644 --- a/star-1.5-selinux.patch +++ b/star-1.5-selinux.patch @@ -1,205 +1,14 @@ ---- star-1.5/conf/configure.in.selinux 2006-10-20 15:33:49.000000000 +0200 -+++ star-1.5/conf/configure.in 2007-01-18 15:51:43.000000000 +0100 -@@ -401,6 +401,15 @@ - echo no - fi - -+AC_CHECK_HEADERS(selinux/selinux.h) -+if test "$ac_cv_header_selinux_selinux_h" = yes; then -+ AC_CHECKING(for SELinux support) -+ AC_CHECK_LIB(selinux, is_selinux_enabled, lib_selinux="-lselinux -lattr") -+ ac_save_LIBS="$LIBS" -+ LIBS="$LIBS $lib_selinux" -+ AC_CHECK_FUNCS(is_selinux_enabled) -+fi -+ - dnl Checks for OS madness. - AC_BROKEN_LINUX_EXT2_FS_H - AC_BROKEN_SRC_LINUX_EXT2_FS_H -@@ -420,5 +429,6 @@ - AC_SUBST(lib_secdb) - AC_SUBST(lib_pthread) - AC_SUBST(lib_rt) -+AC_SUBST(lib_selinux) - - AC_OUTPUT(rules.cnf) ---- star-1.5/conf/rules.cnf.in.selinux 2006-09-16 22:01:41.000000000 +0200 -+++ star-1.5/conf/rules.cnf.in 2007-01-18 15:52:05.000000000 +0100 -@@ -14,3 +14,4 @@ - LIB_SECDB = @lib_secdb@ - LIB_PTHREAD = @lib_pthread@ - LIB_RT = @lib_rt@ -+LIB_SELINUX = @lib_selinux@ ---- star-1.5/star/pax.mk.selinux 2006-11-05 02:52:19.000000000 +0100 -+++ star-1.5/star/pax.mk 2007-01-18 15:53:07.000000000 +0100 -@@ -17,6 +17,7 @@ - CPPOPTS += -DUSE_LARGEFILES +--- star-1.5/star/suntar.mk.selinux 2007-02-17 15:51:23.000000000 +0100 ++++ star-1.5/star/suntar.mk 2007-08-24 11:51:13.000000000 +0200 +@@ -18,6 +18,7 @@ CPPOPTS += -DUSE_ACL CPPOPTS += -DUSE_XATTR -+CPPOPTS += -DWITH_SELINUX CPPOPTS += -DUSE_FFLAGS - CPPOPTS += -DPAX - CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \ -@@ -35,7 +36,7 @@ - checkerr.h dumpdate.h bitstring.h - #LIBS= -lunos - #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib --LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) -+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) - XMK_FILE= spaxman.mk - - ########################################################################### ---- star-1.5/star/star.mk.selinux 2006-11-05 02:52:19.000000000 +0100 -+++ star-1.5/star/star.mk 2007-01-18 15:54:11.000000000 +0100 -@@ -19,6 +19,7 @@ - CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS - CPPOPTS += -DCOPY_LINKS_DELAYED -+CPPOPTS += -DWITH_SELINUX - CFILES= star.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ - remove.c star_unix.c acl_unix.c acltext.c fflags.c \ -@@ -35,7 +36,7 @@ - checkerr.h dumpdate.h bitstring.h - #LIBS= -lunos - #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib --LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) -+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) - XMK_FILE= Makefile.man starformatman.mk - - ########################################################################### ---- star-1.5/star/star_fat.mk.selinux 2006-11-05 02:52:19.000000000 +0100 -+++ star-1.5/star/star_fat.mk 2007-01-18 15:54:39.000000000 +0100 -@@ -29,6 +29,7 @@ - CPPOPTS += -DCOPY_LINKS_DELAYED - CPPOPTS += -DSTAR_FAT ++CPPOPTS += -DWITH_SELINUX CPPOPTS += -DSCHILY_PRINT -+CPPOPTS += -DWITH_SELINUX - CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ - remove.c star_unix.c acl_unix.c acltext.c fflags.c \ -@@ -49,7 +50,7 @@ - find.h gettnum.h fetchdir.h walk.h find_list.h find_misc.h - #LIBS= -lunos - #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib --LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) -+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) - XMK_FILE= Makefile.man starformatman.mk scpioman.mk gnutarman.mk \ - spaxman.mk suntarman.mk Makefile.dfl - ---- star-1.5/star/Makefile.selinux 2006-11-05 02:52:19.000000000 +0100 -+++ star-1.5/star/Makefile 2007-01-18 15:55:29.000000000 +0100 -@@ -25,6 +25,7 @@ - CPPOPTS += -DUSE_FIND - CPPOPTS += -DUSE_ACL - CPPOPTS += -DUSE_XATTR -+CPPOPTS += -DWITH_SELINUX - CPPOPTS += -DUSE_FFLAGS - CPPOPTS += -DCOPY_LINKS_DELAYED - CPPOPTS += -DSTAR_FAT -@@ -49,7 +50,7 @@ - find.h gettnum.h fetchdir.h walk.h find_list.h find_misc.h - #LIBS= -lunos - #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib --LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) -+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) - XMK_FILE= Makefile.man starformatman.mk scpioman.mk gnutarman.mk \ - spaxman.mk suntarman.mk Makefile.dfl - ---- star-1.5/star/star.c.selinux 2006-11-20 14:31:30.000000000 +0100 -+++ star-1.5/star/star.c 2007-01-18 15:56:46.000000000 +0100 -@@ -45,6 +45,10 @@ - #include "starsubs.h" - #include "checkerr.h" - -+#ifdef WITH_SELINUX -+int selinux_enabled=0; -+#endif -+ - EXPORT int main __PR((int ac, char **av)); - LOCAL void star_create __PR((int ac, char *const *av)); - LOCAL void checkdumptype __PR((GINFO *gp)); -@@ -382,6 +386,11 @@ - comerr("Panic cannot set back effective uid.\n"); - } - my_uid = geteuid(); -+ -+#ifdef WITH_SELINUX -+ selinux_enabled=is_selinux_enabled()>0; -+#endif -+ - /* - * WARNING: We now are no more able to open a new remote connection - * unless we have been called by root. ---- star-1.5/star/extract.c.selinux 2006-10-15 15:51:44.000000000 +0200 -+++ star-1.5/star/extract.c 2007-01-18 15:57:57.000000000 +0100 -@@ -233,6 +233,17 @@ - continue; - } - #endif -+ -+#ifdef WITH_SELINUX -+ if (!to_stdout && selinux_enabled) { -+ if (setselinux(&finfo) == FALSE) { -+ errmsgno(EX_BAD, -+ "Can not setup security context for '%s'. Not created.\n", -+ finfo.f_name); -+ } -+ } -+#endif -+ - if (finfo.f_flags & F_BAD_META) { - if (!void_bad(&finfo)) - break; ---- star-1.5/star/cpio.mk.selinux 2006-11-05 02:52:19.000000000 +0100 -+++ star-1.5/star/cpio.mk 2007-01-18 15:58:23.000000000 +0100 -@@ -18,6 +18,7 @@ - CPPOPTS += -DUSE_ACL - CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS -+CPPOPTS += -DWITH_SELINUX - CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ - remove.c star_unix.c acl_unix.c acltext.c fflags.c \ -@@ -34,7 +35,7 @@ - checkerr.h dumpdate.h bitstring.h - #LIBS= -lunos - #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib --LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) -+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) - XMK_FILE= scpioman.mk - - ########################################################################### ---- star-1.5/star/gnutar.mk.selinux 2006-11-05 02:52:19.000000000 +0100 -+++ star-1.5/star/gnutar.mk 2007-01-18 15:59:13.000000000 +0100 -@@ -18,6 +18,7 @@ - CPPOPTS += -DUSE_ACL - CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS -+CPPOPTS += -DWITH_SELINUX - CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \ - list.c extract.c create.c append.c diff.c restore.c \ - remove.c star_unix.c acl_unix.c acltext.c fflags.c \ -@@ -34,7 +35,7 @@ - checkerr.h dumpdate.h bitstring.h - #LIBS= -lunos - #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib --LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) -+LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) - XMK_FILE= gnutarman.mk - - ########################################################################### ---- star-1.5/star/suntar.mk.selinux 2006-11-05 02:52:19.000000000 +0100 -+++ star-1.5/star/suntar.mk 2007-01-18 15:59:56.000000000 +0100 -@@ -18,6 +18,7 @@ - CPPOPTS += -DUSE_ACL - CPPOPTS += -DUSE_XATTR - CPPOPTS += -DUSE_FFLAGS -+CPPOPTS += -DWITH_SELINUX CFILES= suntar.c header.c cpiohdr.c xheader.c xattr.c \ list.c extract.c create.c append.c diff.c restore.c \ - remove.c star_unix.c acl_unix.c acltext.c fflags.c \ -@@ -34,7 +35,7 @@ +@@ -35,7 +36,7 @@ checkerr.h dumpdate.h bitstring.h #LIBS= -lunos #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib @@ -208,9 +17,48 @@ XMK_FILE= suntarman.mk ########################################################################### ---- star-1.5/star/starsubs.h.selinux 2006-11-05 02:48:13.000000000 +0100 -+++ star-1.5/star/starsubs.h 2007-01-18 16:01:07.000000000 +0100 -@@ -296,6 +296,11 @@ +--- star-1.5/star/extract.c.selinux 2007-06-03 17:06:52.000000000 +0200 ++++ star-1.5/star/extract.c 2007-08-24 11:51:13.000000000 +0200 +@@ -246,6 +246,17 @@ + continue; + } + #endif ++ ++#ifdef WITH_SELINUX ++ if (!to_stdout && selinux_enabled) { ++ if (setselinux(&finfo) == FALSE) { ++ errmsgno(EX_BAD, ++ "Can not setup security context for '%s'. Not created.\n", ++ finfo.f_name); ++ } ++ } ++#endif ++ + if (finfo.f_flags & F_BAD_META) { + if (!void_bad(&finfo)) + break; +--- star-1.5/star/cpio.mk.selinux 2007-02-17 15:51:23.000000000 +0100 ++++ star-1.5/star/cpio.mk 2007-08-24 11:51:13.000000000 +0200 +@@ -18,6 +18,7 @@ + CPPOPTS += -DUSE_ACL + CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS ++CPPOPTS += -DWITH_SELINUX + CPPOPTS += -DSCHILY_PRINT + CFILES= cpio.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ +@@ -35,7 +36,7 @@ + checkerr.h dumpdate.h bitstring.h + #LIBS= -lunos + #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib +-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) ++LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) + XMK_FILE= scpioman.mk + + ########################################################################### +--- star-1.5/star/starsubs.h.selinux 2007-07-15 19:38:52.000000000 +0200 ++++ star-1.5/star/starsubs.h 2007-08-24 11:51:13.000000000 +0200 +@@ -297,6 +297,11 @@ extern BOOL get_xattr __PR((register FINFO *info)); extern BOOL set_xattr __PR((register FINFO *info)); extern void free_xattr __PR((star_xattr_t **xattr)); @@ -222,13 +70,170 @@ #endif /* +--- star-1.5/star/Makefile.selinux 2007-06-16 16:46:18.000000000 +0200 ++++ star-1.5/star/Makefile 2007-08-24 11:51:13.000000000 +0200 +@@ -1,64 +1,19 @@ +-#ident @(#)star_fat.mk 1.21 07/06/16 ++#ident @(#)all.mk 1.1 05/02/16 + ########################################################################### +-#include $(MAKE_M_ARCH).def + SRCROOT= .. + RULESDIR= RULES + include $(SRCROOT)/$(RULESDIR)/rules.top + ########################################################################### + + # +-# This is star_fat.mk, it creates one "fat" binary for all functionality. ++# This is all.mk, it creates sevral binaries, one for each function. + # +-# If you like to create non "fat" binaries, remove Makefile +-# and copy all.mk to Makefile. ++# If you like to create one single "fat" binary, remove Makefile ++# and copy star_fat.mk to Makefile. + # +-INSDIR= bin +-TARGET= star +-#SYMLINKS= ustar tar +-SYMLINKS= ustar tar gnutar suntar scpio spax +-CPPOPTS += -D__STAR__ +-CPPOPTS += -DSET_CTIME -DFIFO -DUSE_MMAP -DUSE_REMOTE -DUSE_RCMD_RSH +-#CPPOPTS += -DSET_CTIME -DFIFO -DUSE_MMAP +-#CPPOPTS += -DSET_CTIME -DUSE_MMAP +-#CPPOPTS += -DFIFO -DUSE_MMAP +-CPPOPTS += -DUSE_LARGEFILES +-CPPOPTS += -DUSE_FIND +-CPPOPTS += -DUSE_ACL +-CPPOPTS += -DUSE_XATTR +-CPPOPTS += -DUSE_FFLAGS +-CPPOPTS += -DCOPY_LINKS_DELAYED +-CPPOPTS += -DSTAR_FAT +-CPPOPTS += -DSCHILY_PRINT +-CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \ +- list.c extract.c create.c append.c diff.c restore.c \ +- remove.c star_unix.c acl_unix.c acltext.c fflags.c \ +- buffer.c dirtime.c lhash.c \ +- hole.c longnames.c names.c \ +- movearch.c table.c props.c \ +- fetchdir.c \ +- unicode.c \ +- subst.c volhdr.c \ +- chdir.c match.c defaults.c dumpdate.c \ +- fifo.c device.c checkerr.c \ +- \ +- findinfo.c find.c walk.c find_list.c find_misc.c +-HFILES= star.h starsubs.h dirtime.h xtab.h xutimes.h \ +- movearch.h table.h props.h fifo.h diff.h restore.h \ +- checkerr.h dumpdate.h bitstring.h \ +- \ +- find.h fetchdir.h walk.h find_list.h find_misc.h +-#LIBS= -lunos +-#LIBS= -lschily -lc /usr/local/lib/gcc-gnulib +-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) +-XMK_FILE= Makefile.man starformatman.mk scpioman.mk gnutarman.mk \ +- spaxman.mk suntarman.mk Makefile.dfl Makefile.doc + +-star_fat.c: star.c +- $(RM) $(RM_FORCE) $@; cp star.c $@ ++MK_FILES= star.mk pax.mk suntar.mk gnutar.mk cpio.mk + + ########################################################################### +-include $(SRCROOT)/$(RULESDIR)/rules.cmd ++include $(SRCROOT)/$(RULESDIR)/rules.mks + ########################################################################### +-count: $(CFILES) $(HFILES) +- count $r1 +- +--- star-1.5/star/pax.mk.selinux 2007-02-17 15:51:23.000000000 +0100 ++++ star-1.5/star/pax.mk 2007-08-24 11:51:13.000000000 +0200 +@@ -18,8 +18,10 @@ + CPPOPTS += -DUSE_ACL + CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS ++CPPOPTS += -DWITH_SELINUX + CPPOPTS += -DPAX + CPPOPTS += -DSCHILY_PRINT ++ + CFILES= pax.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ + remove.c star_unix.c acl_unix.c acltext.c fflags.c \ +@@ -36,7 +38,7 @@ + checkerr.h dumpdate.h bitstring.h + #LIBS= -lunos + #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib +-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) ++LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) + XMK_FILE= spaxman.mk + + ########################################################################### +--- star-1.5/star/star_fat.mk.selinux 2007-06-16 16:46:18.000000000 +0200 ++++ star-1.5/star/star_fat.mk 2007-08-24 11:51:13.000000000 +0200 +@@ -29,6 +29,7 @@ + CPPOPTS += -DCOPY_LINKS_DELAYED + CPPOPTS += -DSTAR_FAT + CPPOPTS += -DSCHILY_PRINT ++CPPOPTS += -DWITH_SELINUX + CFILES= star_fat.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ + remove.c star_unix.c acl_unix.c acltext.c fflags.c \ +@@ -49,7 +50,7 @@ + find.h fetchdir.h walk.h find_list.h find_misc.h + #LIBS= -lunos + #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib +-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) ++LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) + XMK_FILE= Makefile.man starformatman.mk scpioman.mk gnutarman.mk \ + spaxman.mk suntarman.mk Makefile.dfl Makefile.doc + +--- star-1.5/star/star.c.selinux 2007-07-16 09:43:14.000000000 +0200 ++++ star-1.5/star/star.c 2007-08-24 11:51:13.000000000 +0200 +@@ -45,6 +45,10 @@ + #include "starsubs.h" + #include "checkerr.h" + ++#ifdef WITH_SELINUX ++int selinux_enabled=0; ++#endif ++ + EXPORT int main __PR((int ac, char **av)); + LOCAL void star_create __PR((int ac, char *const *av)); + LOCAL void checkdumptype __PR((GINFO *gp)); +@@ -384,6 +388,11 @@ + comerr("Panic cannot set back effective uid.\n"); + } + my_uid = geteuid(); ++ ++#ifdef WITH_SELINUX ++ selinux_enabled=is_selinux_enabled()>0; ++#endif ++ + /* + * WARNING: We now are no more able to open a new remote connection + * unless we have been called by root. +--- star-1.5/star/star.mk.selinux 2007-02-17 15:51:23.000000000 +0100 ++++ star-1.5/star/star.mk 2007-08-24 11:51:13.000000000 +0200 +@@ -19,6 +19,7 @@ + CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS + CPPOPTS += -DCOPY_LINKS_DELAYED ++CPPOPTS += -DWITH_SELINUX + CPPOPTS += -DSCHILY_PRINT + CFILES= star.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ +@@ -36,7 +37,7 @@ + checkerr.h dumpdate.h bitstring.h + #LIBS= -lunos + #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib +-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) ++LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) + XMK_FILE= Makefile.man starformatman.mk + + ########################################################################### --- star-1.5/star/xattr.c.selinux 2006-09-13 18:24:20.000000000 +0200 -+++ star-1.5/star/xattr.c 2007-01-18 16:02:59.000000000 +0100 -@@ -184,6 +184,29 @@ ++++ star-1.5/star/xattr.c 2007-08-24 11:53:56.000000000 +0200 +@@ -184,6 +184,28 @@ #endif /* USE_XATTR */ } -+ +#ifdef WITH_SELINUX +EXPORT BOOL +setselinux(info) @@ -254,14 +259,77 @@ /* ARGSUSED */ EXPORT BOOL set_xattr(info) -@@ -197,6 +220,10 @@ +@@ -197,6 +219,10 @@ return (TRUE); for (xap = info->f_xattr; xap->name != NULL; xap++) { +#ifdef WITH_SELINUX -+ if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0)) -+ continue; ++ if (selinux_enabled && (strcmp(xap->name, "security.selinux") == 0)) ++ continue; +#endif if (lsetxattr(info->f_name, xap->name, xap->value, xap->value_len, 0) != 0) { if (!errhidden(E_SETXATTR, info->f_name)) { +--- star-1.5/star/gnutar.mk.selinux 2007-02-17 15:51:23.000000000 +0100 ++++ star-1.5/star/gnutar.mk 2007-08-24 11:51:13.000000000 +0200 +@@ -18,6 +18,7 @@ + CPPOPTS += -DUSE_ACL + CPPOPTS += -DUSE_XATTR + CPPOPTS += -DUSE_FFLAGS ++CPPOPTS += -DWITH_SELINUX + CPPOPTS += -DSCHILY_PRINT + CFILES= gnutar.c header.c cpiohdr.c xheader.c xattr.c \ + list.c extract.c create.c append.c diff.c restore.c \ +@@ -35,7 +36,7 @@ + checkerr.h dumpdate.h bitstring.h + #LIBS= -lunos + #LIBS= -lschily -lc /usr/local/lib/gcc-gnulib +-LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) ++LIBS= -ldeflt -lrmt -lschily $(LIB_ACL) $(LIB_ATTR) $(LIB_SOCKET) $(LIB_SELINUX) + XMK_FILE= gnutarman.mk + + ########################################################################### +--- star-1.5/conf/rules.cnf.in.selinux 2007-05-19 14:52:46.000000000 +0200 ++++ star-1.5/conf/rules.cnf.in 2007-08-24 11:51:13.000000000 +0200 +@@ -20,3 +20,4 @@ + LIB_SECDB = @lib_secdb@ + LIB_PTHREAD = @lib_pthread@ + LIB_RT = @lib_rt@ ++LIB_SELINUX = @lib_selinux@ +--- star-1.5/conf/configure.in.selinux 2007-07-10 05:58:54.000000000 +0200 ++++ star-1.5/conf/configure.in 2007-08-24 11:51:13.000000000 +0200 +@@ -403,6 +403,8 @@ + LIBS="$ac_save_LIBS" + fi + ++ ++ + AC_CHECKING(for RBAC support) + AC_CHECK_LIB(secdb, getuserattr, lib_secdb="-lsecdb") + ac_save_LIBS="$LIBS" +@@ -441,6 +443,18 @@ + else + echo no + fi ++ ++AC_CHECK_HEADERS(selinux/selinux.h) ++if test "$ac_cv_header_selinux_selinux_h" = yes; then ++ AC_CHECKING(for SELinux support) ++ AC_CHECK_LIB(selinux, is_selinux_enabled, lib_selinux="-lselinux -lattr") ++ ac_save_LIBS="$LIBS" ++ LIBS="$LIBS $lib_selinux" ++ AC_CHECK_FUNCS(is_selinux_enabled) ++fi ++ ++ ++ + AC_MSG_CHECKING(for /dev/null) + if test -r /dev/null; then + echo yes +@@ -523,5 +537,6 @@ + AC_SUBST(lib_secdb) + AC_SUBST(lib_pthread) + AC_SUBST(lib_rt) ++AC_SUBST(lib_selinux) + + AC_OUTPUT(rules.cnf) diff --git a/star.spec b/star.spec index 71fcdfa..1a3964a 100644 --- a/star.spec +++ b/star.spec @@ -3,8 +3,8 @@ %endif Summary: An archiving tool with ACL support Name: star -Version: 1.5a76 -Release: 3%{?dist} +Version: 1.5a84 +Release: 1%{?dist} URL: http://cdrecord.berlios.de/old/private/star.html Source: ftp://ftp.berlios.de/pub/star/alpha/%{name}-%{version}.tar.bz2 Patch1: star-1.5-newMake.patch @@ -57,6 +57,7 @@ rm -rf ${RPM_BUILD_ROOT} mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1 %makeinstall RPM_INSTALLDIR=${RPM_BUILD_ROOT} PARCH=%{_target_cpu} K_ARCH=%{_target_cpu} < /dev/null rm -rf $RPM_BUILD_ROOT/usr/share/man +rm -rf $RPM_BUILD_ROOT/usr/share/doc/rmt mv $RPM_BUILD_ROOT/usr/man $RPM_BUILD_ROOT%{_mandir} # XXX Nuke unpackaged files. @@ -85,10 +86,7 @@ rm -rf ${RPM_BUILD_ROOT} %files %defattr(-,root,root) -%doc README AN* COPYING CDDL.Schily.txt README.ACL README.crash README.largefiles README.linux -%doc README.otherbugs README.pattern README.posix-2001 README.SSPM -%doc STARvsGNUTAR -%doc STATUS.alpha TODO +%doc README AN* COPYING CDDL.Schily.txt README.SSPM STATUS.alpha TODO %{_bindir}/star %{_bindir}/ustar %{_bindir}/spax @@ -96,6 +94,9 @@ rm -rf ${RPM_BUILD_ROOT} %{_mandir}/man1/spax.1* %changelog +* Fri Aug 24 2007 Peter Vrabec 1.5a84-1 +- new upstream release with CVE-2007-4134 fix + * Sun Jun 24 2007 Peter Vrabec 1.5a76-3 - build star on ARM platforms (#245465)