RHEL-9: 2.37.3-2: (rpm -V, pam_env, logger, partnames, tmpfiles.d)
Resolves: #2021462 #2033622 #2000137 #2000477 #2047952
This commit is contained in:
parent
9912060ab6
commit
101ae82b5f
@ -0,0 +1,51 @@
|
||||
From 533d6957a87a52b8088ad87daf7d6dbfaececf02 Mon Sep 17 00:00:00 2001
|
||||
From: Portisch <hugo.portisch@yahoo.de>
|
||||
Date: Mon, 8 Nov 2021 12:31:39 +0100
|
||||
Subject: sysfs: fallback for partitions not including parent name
|
||||
|
||||
Upstream: http://github.com/util-linux/util-linux/commit/9b59641bcec3df9c451eea4c7057751a153a3fcb
|
||||
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2021462
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
lib/sysfs.c | 12 +++++++-----
|
||||
1 file changed, 7 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/lib/sysfs.c b/lib/sysfs.c
|
||||
index bb7183319..191d870f6 100644
|
||||
--- a/lib/sysfs.c
|
||||
+++ b/lib/sysfs.c
|
||||
@@ -210,9 +210,10 @@ int sysfs_blkdev_is_partition_dirent(DIR *dir, struct dirent *d, const char *par
|
||||
d->d_type != DT_UNKNOWN)
|
||||
return 0;
|
||||
#endif
|
||||
+ size_t len = 0;
|
||||
+
|
||||
if (parent_name) {
|
||||
const char *p = parent_name;
|
||||
- size_t len;
|
||||
|
||||
/* /dev/sda --> "sda" */
|
||||
if (*parent_name == '/') {
|
||||
@@ -223,14 +224,15 @@ int sysfs_blkdev_is_partition_dirent(DIR *dir, struct dirent *d, const char *par
|
||||
}
|
||||
|
||||
len = strlen(p);
|
||||
- if (strlen(d->d_name) <= len)
|
||||
- return 0;
|
||||
+ if ((strlen(d->d_name) <= len) || (strncmp(p, d->d_name, len) != 0))
|
||||
+ len = 0;
|
||||
+ }
|
||||
|
||||
+ if (len > 0) {
|
||||
/* partitions subdir name is
|
||||
* "<parent>[:digit:]" or "<parent>p[:digit:]"
|
||||
*/
|
||||
- return strncmp(p, d->d_name, len) == 0 &&
|
||||
- ((*(d->d_name + len) == 'p' && isdigit(*(d->d_name + len + 1)))
|
||||
+ return ((*(d->d_name + len) == 'p' && isdigit(*(d->d_name + len + 1)))
|
||||
|| isdigit(*(d->d_name + len)));
|
||||
}
|
||||
|
||||
--
|
||||
2.34.1
|
||||
|
61
0008-logger-fix-size-use-for-stdin.patch
Normal file
61
0008-logger-fix-size-use-for-stdin.patch
Normal file
@ -0,0 +1,61 @@
|
||||
From cac75d851c5e6ba1afb3bf55552fd10666a03ea9 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Thu, 21 Oct 2021 18:47:40 +0200
|
||||
Subject: logger: fix --size use for stdin
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The stdin version counts log header into the message size, but
|
||||
for example when it reads message from argv[] it counts only message
|
||||
itself.
|
||||
|
||||
$ logger --stderr --size 3 "abcd"
|
||||
<13>Oct 21 18:48:29 kzak: abc
|
||||
|
||||
$ echo "abcd" | logger --stderr --size 3
|
||||
logger: cannot allocate 18446744073709551597 bytes: Cannot allocate memory
|
||||
|
||||
Upstream: http://github.com/util-linux/util-linux/commit/58e4ee082bca100034791a4a74481f263bb30a25
|
||||
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2033622
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
misc-utils/logger.c | 9 +++------
|
||||
1 file changed, 3 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/misc-utils/logger.c b/misc-utils/logger.c
|
||||
index 5b122de79..43284caeb 100644
|
||||
--- a/misc-utils/logger.c
|
||||
+++ b/misc-utils/logger.c
|
||||
@@ -976,8 +976,7 @@ static void logger_stdin(struct logger_ctl *ctl)
|
||||
int has_header = 1;
|
||||
int default_priority = ctl->pri;
|
||||
int last_pri = default_priority;
|
||||
- size_t max_usrmsg_size = ctl->max_message_size - strlen(ctl->hdr);
|
||||
- char *const buf = xmalloc(max_usrmsg_size + 2 + 2);
|
||||
+ char *buf = xmalloc(ctl->max_message_size + 2 + 2);
|
||||
int pri;
|
||||
int c;
|
||||
size_t i;
|
||||
@@ -1004,16 +1003,14 @@ static void logger_stdin(struct logger_ctl *ctl)
|
||||
ctl->pri = default_priority;
|
||||
|
||||
if (ctl->pri != last_pri) {
|
||||
- has_header = 0;
|
||||
- max_usrmsg_size =
|
||||
- ctl->max_message_size - strlen(ctl->hdr);
|
||||
+ generate_syslog_header(ctl);
|
||||
last_pri = ctl->pri;
|
||||
}
|
||||
if (c != EOF && c != '\n')
|
||||
c = getchar();
|
||||
}
|
||||
|
||||
- while (c != EOF && c != '\n' && i < max_usrmsg_size) {
|
||||
+ while (c != EOF && c != '\n' && i < ctl->max_message_size) {
|
||||
buf[i++] = c;
|
||||
c = getchar();
|
||||
}
|
||||
--
|
||||
2.34.1
|
||||
|
@ -1,4 +1,5 @@
|
||||
#%PAM-1.0
|
||||
auth required pam_env.so
|
||||
auth sufficient pam_rootok.so
|
||||
# Uncomment the following line to implicitly trust users in the "wheel" group.
|
||||
#auth sufficient pam_wheel.so trust use_uid
|
||||
|
@ -2,7 +2,7 @@
|
||||
Summary: A collection of basic system utilities
|
||||
Name: util-linux
|
||||
Version: 2.37.3
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
|
||||
URL: http://en.wikipedia.org/wiki/Util-linux
|
||||
|
||||
@ -51,6 +51,7 @@ Source0: ftp://ftp.kernel.org/pub/linux/utils/util-linux/v%{upstream_major}/util
|
||||
Source1: util-linux-login.pamd
|
||||
Source2: util-linux-remote.pamd
|
||||
Source3: util-linux-chsh-chfn.pamd
|
||||
Source4: uuidd-tmpfiles.conf
|
||||
Source5: adjtime
|
||||
Source12: util-linux-su.pamd
|
||||
Source13: util-linux-su-l.pamd
|
||||
@ -88,6 +89,9 @@ Requires: libsmartcols = %{version}-%{release}
|
||||
Requires: libfdisk = %{version}-%{release}
|
||||
Requires: util-linux-core = %{version}-%{release}
|
||||
|
||||
|
||||
### RHEL-9.0.0
|
||||
#
|
||||
# 151635 - makeing /var/log/lastlog
|
||||
Patch0: 0000-login-create-var-log-lastlog.patch
|
||||
# Add `/run/motd.d` to the hardcoded MOTD_FILE
|
||||
@ -101,6 +105,10 @@ Patch4: 0004-tests-make-eject-umount-tests-more-robust.patch
|
||||
Patch5: 0005-Complete-Linux-PAM-compliance-for-forked-child-in-su.patch
|
||||
# 2040366 - uuidd can't access lock/status file
|
||||
Patch6: 0006-uuidd-fix-open-lock-state-issue.patch
|
||||
# 2021462 - partitons detection broken on systems not including the parent name in partition name
|
||||
Patch7: 0007-sysfs-fallback-for-partitions-not-including-parent-n.patch
|
||||
# 2033622 - logger from util-linux incorrectly handles long messages
|
||||
Patch8: 0008-logger-fix-size-use-for-stdin.patch
|
||||
|
||||
|
||||
%description
|
||||
@ -342,14 +350,13 @@ mkdir -p ${RPM_BUILD_ROOT}%{_bindir}
|
||||
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man{1,6,8,5}
|
||||
mkdir -p ${RPM_BUILD_ROOT}%{_sbindir}
|
||||
mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/{pam.d,security/console.apps}
|
||||
mkdir -p ${RPM_BUILD_ROOT}/var/log
|
||||
touch ${RPM_BUILD_ROOT}/var/log/lastlog
|
||||
chmod 0644 ${RPM_BUILD_ROOT}/var/log/lastlog
|
||||
mkdir -p ${RPM_BUILD_ROOT}/usr/lib/tmpfiles.d
|
||||
|
||||
# install util-linux
|
||||
%make_install
|
||||
|
||||
# And a dirs uuidd needs that the makefiles don't create
|
||||
install -m 644 %{SOURCE4} ${RPM_BUILD_ROOT}/usr/lib/tmpfiles.d/uuidd.conf
|
||||
install -d ${RPM_BUILD_ROOT}/run/uuidd
|
||||
install -d ${RPM_BUILD_ROOT}/var/lib/libuuid
|
||||
|
||||
@ -432,24 +439,6 @@ find $RPM_BUILD_ROOT%{_mandir}/man8 -regextype posix-egrep \
|
||||
-printf "%{_mandir}/man8/%f*\n" >> %{name}.files
|
||||
|
||||
|
||||
%post
|
||||
# only for minimal buildroots without /var/log
|
||||
[ -d /var/log ] || mkdir -p /var/log
|
||||
touch /var/log/lastlog
|
||||
chown root:root /var/log/lastlog
|
||||
chmod 0644 /var/log/lastlog
|
||||
# Fix the file context, do not use restorecon
|
||||
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
|
||||
SECXT=$( /usr/sbin/matchpathcon -n /var/log/lastlog 2> /dev/null )
|
||||
if [ -n "$SECXT" ]; then
|
||||
# Selinux enabled, but without policy? It's true for buildroots
|
||||
# without selinux stuff on host machine with enabled selinux.
|
||||
# We don't want to use any RPM dependence on selinux policy for
|
||||
# matchpathcon(2). SELinux policy should be optional.
|
||||
/usr/bin/chcon "$SECXT" /var/log/lastlog >/dev/null 2>&1 || :
|
||||
fi
|
||||
fi
|
||||
|
||||
%post -n util-linux-core
|
||||
if [ ! -L /etc/mtab ]; then
|
||||
ln -sf ../proc/self/mounts /etc/mtab || :
|
||||
@ -516,8 +505,6 @@ fi
|
||||
%attr(755,root,root) %{_bindir}/login
|
||||
%attr(2755,root,tty) %{_bindir}/write
|
||||
|
||||
%ghost %attr(0644,root,root) %verify(not md5 size mtime) /var/log/lastlog
|
||||
|
||||
%{_unitdir}/fstrim.*
|
||||
|
||||
%{_bindir}/cal
|
||||
@ -876,6 +863,7 @@ fi
|
||||
%dir %attr(2775, uuidd, uuidd) /var/lib/libuuid
|
||||
%dir %attr(2775, uuidd, uuidd) /run/uuidd
|
||||
%{compldir}/uuidd
|
||||
/usr/lib/tmpfiles.d/uuidd.conf
|
||||
|
||||
|
||||
%files -n libfdisk
|
||||
@ -951,6 +939,13 @@ fi
|
||||
%{_libdir}/python*/site-packages/libmount/
|
||||
|
||||
%changelog
|
||||
* Mon Feb 07 2022 Karel Zak <kzak@redhat.com> 2.37.3-2
|
||||
- fix #2021462 - partitons detection broken on systems not including the parent name in partition name
|
||||
- fix #2033622 - logger from util-linux incorrectly handles long messages
|
||||
- fix #2000137 - pam_env bypassed for root user when using su
|
||||
- fix #2000477 - rpm -V setup fail on /var/log/lastlog
|
||||
- fix #2047952 - rpm -V / --verify reports bad user/group/mtime for /run/uuidd
|
||||
|
||||
* Tue Jan 25 2022 Karel Zak <kzak@redhat.com> 2.37.3-1
|
||||
- upgrade to v2.37.3 (fix CVE-2021-3996, CVE-2021-3995)
|
||||
- fix #2040366 - uuidd can't access lock/status file
|
||||
|
1
uuidd-tmpfiles.conf
Normal file
1
uuidd-tmpfiles.conf
Normal file
@ -0,0 +1 @@
|
||||
d /run/uuidd 2775 uuidd uuidd
|
Loading…
Reference in New Issue
Block a user