- Add debian patches

- Add tmux group for improved socket handling
2009-11-01 18:46:32 +00:00 · 2009-11-01 18:46:32 +00:00 · 580ca581cb
commit 580ca581cb
parent 90415ddc5d
6 changed files with 214 additions and 28 deletions
--- a/tmux-1.0-02_fix_wrong_location.diff
+++ b/tmux-1.0-02_fix_wrong_location.diff
@ -0,0 +1,59 @@
 # correct directory /usr/local 
 --- a/GNUmakefile
 +++ b/GNUmakefile
@@ -8,7 +8,7 @@
 CC?= gcc
 CFLAGS+= -DBUILD="\"$(VERSION)\""
 -LDFLAGS+= -L/usr/local/lib
 +LDFLAGS+= -L/usr/lib
 LIBS+=
 ifdef FDEBUG
@@ -30,7 +30,7 @@
 endif
 endif
 -PREFIX?= /usr/local
 +PREFIX?= /usr/
 INSTALLDIR= install -d
 INSTALLBIN= install -g bin -o root -m 555
 INSTALLMAN= install -g bin -o root -m 444
@@ -59,7 +59,7 @@
 install:	all
 		$(INSTALLDIR) $(DESTDIR)$(PREFIX)/bin
 		$(INSTALLBIN) tmux $(DESTDIR)$(PREFIX)/bin/tmux
 -		$(INSTALLDIR) $(DESTDIR)$(PREFIX)/man/man1
 -		$(INSTALLMAN) tmux.1 $(DESTDIR)$(PREFIX)/man/man1/tmux.1
 +		$(INSTALLDIR) $(DESTDIR)$(PREFIX)share/man/man1
 +		$(INSTALLMAN) tmux.1 $(DESTDIR)$(PREFIX)share/man/man1/tmux.1
 -include .depend
 --- a/Makefile
 +++ b/Makefile
@@ -9,7 +9,7 @@
 CC?= cc
 CFLAGS+= -DBUILD="\"$(VERSION)\""
 -LDFLAGS+= -L/usr/local/lib
 +LDFLAGS+= -L/usr/lib
 LIBS+=
 .ifdef FDEBUG
@@ -32,7 +32,7 @@
 .endif
 .endif
 -PREFIX?= /usr/local
 +PREFIX?= /usr
 INSTALLDIR= install -d
 INSTALLBIN= install -g bin -o root -m 555
 INSTALLMAN= install -g bin -o root -m 444
@@ -64,5 +64,5 @@
 install:	all
 		${INSTALLDIR} ${DESTDIR}${PREFIX}/bin
 		${INSTALLBIN} tmux ${DESTDIR}${PREFIX}/bin/
 -		${INSTALLDIR} ${DESTDIR}${PREFIX}/man/man1
 -		${INSTALLMAN} tmux.1 ${DESTDIR}${PREFIX}/man/man1/
 +		${INSTALLDIR} ${DESTDIR}${PREFIX}/share/man/man1
 +		${INSTALLMAN} tmux.1 ${DESTDIR}${PREFIX}/share/man/man1/
--- a/tmux-1.0-03_proper_socket_handling.diff
+++ b/tmux-1.0-03_proper_socket_handling.diff
@ -0,0 +1,45 @@
 # setting /usr/bin/tmux with sgid and proper location of socket
 --- a/GNUmakefile
 +++ b/GNUmakefile
@@ -32,7 +32,7 @@
 PREFIX?= /usr/
 INSTALLDIR= install -d
 -INSTALLBIN= install -g bin -o root -m 555
 +INSTALLBIN= install -g utmp -o root -m 2755
 INSTALLMAN= install -g bin -o root -m 444
 SRCS= $(shell echo *.c|sed 's|osdep-[a-z0-9]*.c||g')
 --- a/Makefile
 +++ b/Makefile
@@ -34,7 +34,7 @@
 PREFIX?= /usr
 INSTALLDIR= install -d
 -INSTALLBIN= install -g bin -o root -m 555
 +INSTALLBIN= install -g utmp -o root -m 2755
 INSTALLMAN= install -g bin -o root -m 444
 SRCS!= echo *.c|sed 's|osdep-[a-z0-9]*.c||g'
 --- a/compat.h
 +++ b/compat.h
@@ -25,7 +25,7 @@
 #ifndef HAVE_PATHS_H
 #define	_PATH_BSHELL	"/bin/sh"
 -#define	_PATH_TMP	"/tmp/"
 +#define _PATH_VARRUN    "/var/run/"
 #define _PATH_DEVNULL	"/dev/null"
 #define _PATH_TTY	"/dev/tty"
 #define _PATH_DEV	"/dev/"
 --- a/tmux.c
 +++ b/tmux.c
@@ -239,7 +239,7 @@
 	u_int		uid;
 	uid = getuid();
 -	xsnprintf(base, MAXPATHLEN, "%s/tmux-%d", _PATH_TMP, uid);
 +	xsnprintf(base, MAXPATHLEN, "%s/%s/%s-%d", _PATH_VARRUN, __progname, __progname, uid);
 	if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
 		return (NULL);
--- a/tmux-1.0-04_dropping_unnecessary_privileges.diff
+++ b/tmux-1.0-04_dropping_unnecessary_privileges.diff
@ -0,0 +1,26 @@
 # using setresgid() for safely dropping utmp group membership.
 --- a/tmux.c
 +++ b/tmux.c
@@ -236,9 +236,11 @@
 {
 	char		base[MAXPATHLEN], *path;
 	struct stat	sb;
 -	u_int		uid;
 +	u_int		uid,gid;
 	uid = getuid();
 +	gid = getgid();
 +
 	xsnprintf(base, MAXPATHLEN, "%s/%s/%s-%d", _PATH_VARRUN, __progname, __progname, uid);
 	if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
@@ -254,6 +256,9 @@
 		errno = EACCES;
 		return (NULL);
 	}
 +	/* drop unnecessary privileges */
 + 	if (setresgid(gid, gid, gid) != 0)
 + 		return (NULL);
 	xasprintf(&path, "%s/%s", base, label);
 	return (path);
--- a/tmux-1.0-06_hardening_write_return.diff
+++ b/tmux-1.0-06_hardening_write_return.diff
@ -0,0 +1,56 @@
 # Harden write and chdir because of ignored return value
 --- a/tty.c
 +++ b/tty.c
@@ -336,7 +336,8 @@
 void
 tty_raw(struct tty *tty, const char *s)
 {
 -	write(tty->fd, s, strlen(s));
 +	if (write(tty->fd, s, strlen(s)) == -1)
 +		fatal("write failed");
 }
 void
@@ -369,7 +370,8 @@
 	buffer_write(tty->out, s, strlen(s));
 	if (tty->log_fd != -1)
 -		write(tty->log_fd, s, strlen(s));
 +		if (write(tty->log_fd, s, strlen(s)) == -1)
 +			fatal("write failed");
 }
 void
@@ -394,7 +396,8 @@
 	}
 	if (tty->log_fd != -1)
 -		write(tty->log_fd, &ch, 1);
 +		if (write(tty->log_fd, &ch, 1) == -1)
 +			fatal("write failed");
 }
 void
@@ -407,7 +410,8 @@
 			break;
 		buffer_write8(tty->out, gu->data[i]);
 		if (tty->log_fd != -1)
 -			write(tty->log_fd, &gu->data[i], 1);
 +			if (write(tty->log_fd, &gu->data[i], 1) == -1)
 +				fatal("write failed");
 	}
 	width = utf8_width(gu->data);
 --- a/window.c
 +++ b/window.c
@@ -490,7 +490,9 @@
 		return (-1);
 	case 0:
 		if (chdir(wp->cwd) != 0)
 -			chdir("/");
 +			if (chdir("/") <0 )
 +				fatal("chdir failed");
 +
 		if (tcgetattr(STDIN_FILENO, &tio2) != 0)
 			fatal("tcgetattr failed");
--- a/tmux-1.0-fixmanpagedir.patch
+++ b/tmux-1.0-fixmanpagedir.patch
@ -1,22 +0,0 @@
 diff --git a/GNUmakefile b/GNUmakefile
 index 5528a9f..96e7088 100644
 --- a/GNUmakefile
 +++ b/GNUmakefile
@@ -31,6 +31,7 @@ endif
 endif
 PREFIX?= /usr/local
 +MANDIR?= ${PREFIX}/man
 INSTALLDIR= install -d
 INSTALLBIN= install -g bin -o root -m 555
 INSTALLMAN= install -g bin -o root -m 444
@@ -59,7 +60,7 @@ clean-all:	clean clean-depend
 install:	all
 		$(INSTALLDIR) $(DESTDIR)$(PREFIX)/bin
 		$(INSTALLBIN) tmux $(DESTDIR)$(PREFIX)/bin/tmux
 -		$(INSTALLDIR) $(DESTDIR)$(PREFIX)/man/man1
 -		$(INSTALLMAN) tmux.1 $(DESTDIR)$(PREFIX)/man/man1/tmux.1
 +		$(INSTALLDIR) $(DESTDIR)$(MANDIR)/man1
 +		$(INSTALLMAN) tmux.1 $(DESTDIR)$(MANDIR)/man1/tmux.1
 -include .depend
--- a/tmux.spec
+++ b/tmux.spec
@ -1,6 +1,6 @@
 Name:           tmux
 Version:        1.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        A terminal multiplexer
 Group:          Applications/System
@ -8,10 +8,15 @@ Group:          Applications/System
 # 3 clause BSD licensed.
 License:        ISC and BSD
 URL:            http://sourceforge.net/projects/tmux
 Requires(pre):  /usr/sbin/groupadd
 Requires(preun): /usr/sbin/groupdel
 Source0:        http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
 # This first patch creates MANDIR in the GNUmakefile.  This has been sent
 # upstream via email but upstream replied and said would not change.
-Patch0:         tmux-1.0-fixmanpagedir.patch
+Patch0:         tmux-1.0-02_fix_wrong_location.diff
 Patch1:         tmux-1.0-03_proper_socket_handling.diff
 Patch2:         tmux-1.0-04_dropping_unnecessary_privileges.diff
 Patch3:         tmux-1.0-06_hardening_write_return.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:  ncurses-devel
@ -24,7 +29,10 @@ as GNU Screen.
 %prep
 %setup -q
-%patch0 -p1 -b .fixmanpagedir
+%patch0 -p1 -b .location
 %patch1 -p1 -b .sockethandling
 %patch2 -p1 -b .dropprivs
 %patch3 -p1 -b .writehard
 %build
 %configure
@ -32,18 +40,32 @@ make %{?_smp_mflags} LDFLAGS="%{optflags}"
 %install
 rm -rf %{buildroot}
-make install PREFIX=%{_prefix} MANDIR=%{_mandir} DESTDIR=%{buildroot} INSTALLBIN="install -p -m 755" INSTALLMAN="install -p -m 644"
+make install DESTDIR=%{buildroot} INSTALLBIN="install -p -m 755" INSTALLMAN="install -p -m 644"
 # Create the socket dir
 mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/%{name}
 %clean
 rm -rf %{buildroot}
 %pre
 %{_sbindir}/groupadd -r tmux &>/dev/null || :
 %postun
 %{_sbindir}/groupdel tmux || :
 %files
 %defattr(-,root,root,-)
 %doc CHANGES FAQ NOTES TODO examples/
-%{_bindir}/tmux
+%attr(2755,root,tmux) %{_bindir}/tmux
-%{_mandir}/man1/tmux.1.gz
+%{_mandir}/man1/tmux.1.*
 %attr(775,root,tmux) %{_localstatedir}/run/tmux
 %changelog
 * Sun Nov 01 2009 Sven Lankes <sven@lank.es> 1.0-2
 - Add debian patches
 - Add tmux group for improved socket handling
 * Sat Oct 24 2009 Sven Lankes <sven@lank.es> 1.0-1
 - New upstream release