2.23-0.1: upgrade to uspream 2.23-rc1
Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
parent
c2496a27a2
commit
27a5499f1e
1
.gitignore
vendored
1
.gitignore
vendored
@ -22,3 +22,4 @@
|
||||
/util-linux-2.22.tar.xz
|
||||
/util-linux-2.22.1.tar.xz
|
||||
/util-linux-2.22.2.tar.xz
|
||||
/util-linux-2.23-rc1.tar.xz
|
||||
|
@ -1,34 +0,0 @@
|
||||
From 6eeca6c7170295f325b814ee0cd1576da885cd30 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Mon, 15 Oct 2012 11:10:50 +0200
|
||||
Subject: [PATCH 01/11] libmount: don't use umount optimization for -l or -f
|
||||
|
||||
The options -l (lazy) and -f (force) means that the mountpoint may be
|
||||
unreadable (for example because NFS server is unreadable). So we
|
||||
should not try to be smart in this case and we should try to minimize
|
||||
number of situations when stat() or readlink() is used for the
|
||||
mountpoint.
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
libmount/src/context_umount.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libmount/src/context_umount.c b/libmount/src/context_umount.c
|
||||
index ce095bf..2c2e64c 100644
|
||||
--- a/libmount/src/context_umount.c
|
||||
+++ b/libmount/src/context_umount.c
|
||||
@@ -83,7 +83,9 @@ static int lookup_umount_fs(struct libmnt_context *cxt)
|
||||
* where LABEL, UUID or symlinks are to canonicalized. It means that
|
||||
* it's usable only for canonicalized stuff (e.g. kernel mountinfo).
|
||||
*/
|
||||
- if (!cxt->mtab_writable && *tgt == '/') {
|
||||
+ if (!cxt->mtab_writable && *tgt == '/' &&
|
||||
+ !mnt_context_is_force(cxt) && !mnt_context_is_lazy(cxt)) {
|
||||
+
|
||||
struct stat st;
|
||||
|
||||
if (stat(tgt, &st) == 0 && S_ISDIR(st.st_mode)) {
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,27 +0,0 @@
|
||||
From 9faf9c8494cf37fdcf68b1dfe10fd7900e93ec00 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Mon, 15 Oct 2012 12:38:09 +0200
|
||||
Subject: [PATCH 02/11] wipefs: use O_EXCL
|
||||
|
||||
Address: https://bugzilla.redhat.com/show_bug.cgi?id=865961
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
misc-utils/wipefs.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/misc-utils/wipefs.c b/misc-utils/wipefs.c
|
||||
index cddad8a..0ddc148 100644
|
||||
--- a/misc-utils/wipefs.c
|
||||
+++ b/misc-utils/wipefs.c
|
||||
@@ -309,7 +309,7 @@ static void do_wipe_real(blkid_probe pr, const char *devname, struct wipe_desc *
|
||||
static struct wipe_desc *
|
||||
do_wipe(struct wipe_desc *wp, const char *devname, int noact, int all, int quiet)
|
||||
{
|
||||
- blkid_probe pr = new_probe(devname, O_RDWR);
|
||||
+ blkid_probe pr = new_probe(devname, O_RDWR | O_EXCL);
|
||||
struct wipe_desc *w, *wp0 = clone_offset(wp);
|
||||
int zap = all ? 1 : wp->zap;
|
||||
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,37 +0,0 @@
|
||||
From 10a9cbcf36d43c0d4a13bf5e91315b4ffd29e636 Mon Sep 17 00:00:00 2001
|
||||
From: Sami Kerola <kerolasa@iki.fi>
|
||||
Date: Mon, 8 Oct 2012 08:08:20 +0100
|
||||
Subject: [PATCH 03/11] swapon: remove loop declaration [smatch scan]
|
||||
|
||||
sys-utils/swapon.c:677:2: error: 'for' loop initial declarations are
|
||||
only allowed in C99 mode
|
||||
|
||||
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
||||
---
|
||||
sys-utils/swapon.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/sys-utils/swapon.c b/sys-utils/swapon.c
|
||||
index c9cabc1..0e1ab66 100644
|
||||
--- a/sys-utils/swapon.c
|
||||
+++ b/sys-utils/swapon.c
|
||||
@@ -642,6 +642,7 @@ static int swapon_all(void)
|
||||
|
||||
static void __attribute__ ((__noreturn__)) usage(FILE * out)
|
||||
{
|
||||
+ size_t i;
|
||||
fputs(USAGE_HEADER, out);
|
||||
|
||||
fprintf(out, _(" %s [options] [<spec>]\n"), program_invocation_short_name);
|
||||
@@ -674,7 +675,7 @@ static void __attribute__ ((__noreturn__)) usage(FILE * out)
|
||||
" <file> name of file to be used\n"), out);
|
||||
|
||||
fputs(_("\nAvailable columns (for --show):\n"), out);
|
||||
- for (size_t i = 0; i < NCOLS; i++)
|
||||
+ for (i = 0; i < NCOLS; i++)
|
||||
fprintf(out, " %4s %s\n", infos[i].name, _(infos[i].help));
|
||||
|
||||
fprintf(out, USAGE_MAN_TAIL("swapon(8)"));
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,35 +0,0 @@
|
||||
From 9f6c8591eeffb6591dc6a18512e618f0acf09890 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Mon, 15 Oct 2012 17:01:30 +0200
|
||||
Subject: [PATCH 04/11] libblkid: fix compiler warning [-Wstrict-aliasing]
|
||||
|
||||
libblkid/src/superblocks/befs.c: In function 'get_uuid':
|
||||
libblkid/src/superblocks/befs.c:353:6: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
libblkid/src/superblocks/befs.c | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/libblkid/src/superblocks/befs.c b/libblkid/src/superblocks/befs.c
|
||||
index a7f4317..452da1e 100644
|
||||
--- a/libblkid/src/superblocks/befs.c
|
||||
+++ b/libblkid/src/superblocks/befs.c
|
||||
@@ -348,9 +348,11 @@ static int get_uuid(blkid_probe pr, const struct befs_super_block *bs,
|
||||
&& FS16_TO_CPU(sd->name_size, fs_le) == strlen(KEY_NAME)
|
||||
&& FS16_TO_CPU(sd->data_size, fs_le) == KEY_SIZE
|
||||
&& strcmp(sd->name, KEY_NAME) == 0) {
|
||||
- *uuid = *(uint64_t *) ((uint8_t *) sd->name
|
||||
- + FS16_TO_CPU(sd->name_size, fs_le)
|
||||
- + 3);
|
||||
+
|
||||
+ memcpy(uuid,
|
||||
+ sd->name + FS16_TO_CPU(sd->name_size, fs_le) + 3,
|
||||
+ sizeof(uint64_t));
|
||||
+
|
||||
break;
|
||||
} else if (FS32_TO_CPU(sd->type, fs_le) == 0
|
||||
&& FS16_TO_CPU(sd->name_size, fs_le) == 0
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,31 +0,0 @@
|
||||
From 532116d4dd16632806ed4a036c2e89b966221031 Mon Sep 17 00:00:00 2001
|
||||
From: Bill Pemberton <wfp5p@virginia.edu>
|
||||
Date: Wed, 10 Oct 2012 16:54:01 -0400
|
||||
Subject: [PATCH 05/11] mount: add -c abbreviation for --no-canonicalize to
|
||||
man page
|
||||
|
||||
The --no-canonicalize option can also be set using -c. The --help for
|
||||
mount shows this option but the man page did not. Add -c to the man
|
||||
page.
|
||||
|
||||
Signed-off-by: Bill Pemberton <wfp5p@virginia.edu>
|
||||
---
|
||||
sys-utils/mount.8 | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/sys-utils/mount.8 b/sys-utils/mount.8
|
||||
index dce4b8c..83a4518 100644
|
||||
--- a/sys-utils/mount.8
|
||||
+++ b/sys-utils/mount.8
|
||||
@@ -552,7 +552,7 @@ Mount without writing in
|
||||
This is necessary for example when
|
||||
.I /etc
|
||||
is on a read-only filesystem.
|
||||
-.IP "\fB\-\-no\-canonicalize\fP"
|
||||
+.IP "\fB\-c, \-\-no\-canonicalize\fP"
|
||||
Don't canonicalize paths. The mount command canonicalizes all paths
|
||||
(from command line or fstab) and stores canonicalized paths to the
|
||||
.IR /etc/mtab
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,33 +0,0 @@
|
||||
From b426209c5ba2126a9038363a269fec884af470fb Mon Sep 17 00:00:00 2001
|
||||
From: Bill Pemberton <wfp5p@virginia.edu>
|
||||
Date: Wed, 10 Oct 2012 16:54:02 -0400
|
||||
Subject: [PATCH 06/11] mount: add long options for -L and -U to man page
|
||||
|
||||
The -L and -U flags both have long options too (--label and --uuid).
|
||||
The usage() function will show them but the man page didn't list them.
|
||||
|
||||
Signed-off-by: Bill Pemberton <wfp5p@virginia.edu>
|
||||
---
|
||||
sys-utils/mount.8 | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/sys-utils/mount.8 b/sys-utils/mount.8
|
||||
index 83a4518..0b40bf7 100644
|
||||
--- a/sys-utils/mount.8
|
||||
+++ b/sys-utils/mount.8
|
||||
@@ -586,10 +586,10 @@ set the block device to read-only mode, see command
|
||||
.IP "\fB\-w, \-\-rw\fP"
|
||||
Mount the filesystem read/write. This is the default. A synonym is
|
||||
.BR "\-o rw" .
|
||||
-.IP "\fB\-L \fIlabel\fP"
|
||||
+.IP "\fB\-L, \-\-label \fIlabel\fP"
|
||||
Mount the partition that has the specified
|
||||
.IR label .
|
||||
-.IP "\fB\-U \fIuuid\fP"
|
||||
+.IP "\fB\-U, \-\-uuid \fIuuid\fP"
|
||||
Mount the partition that has the specified
|
||||
.IR uuid .
|
||||
These two options require the file
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,107 +0,0 @@
|
||||
From deb0e659451d4ade29df3dbb842607edd6080c0d Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Wed, 17 Oct 2012 11:42:21 +0200
|
||||
Subject: [PATCH 07/11] lib/loopdev: improve debug messages
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
lib/loopdev.c | 22 ++++++++++++++++++----
|
||||
sys-utils/losetup.c | 2 --
|
||||
2 files changed, 18 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/lib/loopdev.c b/lib/loopdev.c
|
||||
index a9f6df2..0e6033a 100644
|
||||
--- a/lib/loopdev.c
|
||||
+++ b/lib/loopdev.c
|
||||
@@ -87,8 +87,10 @@ int loopcxt_set_device(struct loopdev_cxt *lc, const char *device)
|
||||
if (!lc)
|
||||
return -EINVAL;
|
||||
|
||||
- if (lc->fd >= 0)
|
||||
+ if (lc->fd >= 0) {
|
||||
close(lc->fd);
|
||||
+ DBG(lc, loopdev_debug("closing old open fd"));
|
||||
+ }
|
||||
lc->fd = -1;
|
||||
lc->mode = 0;
|
||||
lc->has_info = 0;
|
||||
@@ -158,19 +160,26 @@ int loopcxt_init(struct loopdev_cxt *lc, int flags)
|
||||
memcpy(lc, &dummy, sizeof(dummy));
|
||||
lc->flags = flags;
|
||||
|
||||
+ if (getenv("LOOPDEV_DEBUG"))
|
||||
+ loopcxt_enable_debug(lc, TRUE);
|
||||
+
|
||||
rc = loopcxt_set_device(lc, NULL);
|
||||
if (rc)
|
||||
return rc;
|
||||
|
||||
if (!(lc->flags & LOOPDEV_FL_NOSYSFS) &&
|
||||
- get_linux_version() >= KERNEL_VERSION(2,6,37))
|
||||
+ get_linux_version() >= KERNEL_VERSION(2,6,37)) {
|
||||
/*
|
||||
* Use only sysfs for basic information about loop devices
|
||||
*/
|
||||
lc->flags |= LOOPDEV_FL_NOIOCTL;
|
||||
+ DBG(lc, loopdev_debug("init: ignore ioctls"));
|
||||
+ }
|
||||
|
||||
- if (!(lc->flags & LOOPDEV_FL_CONTROL) && !stat(_PATH_DEV_LOOPCTL, &st))
|
||||
+ if (!(lc->flags & LOOPDEV_FL_CONTROL) && !stat(_PATH_DEV_LOOPCTL, &st)) {
|
||||
lc->flags |= LOOPDEV_FL_CONTROL;
|
||||
+ DBG(lc, loopdev_debug("init: loop-control detected "));
|
||||
+ }
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -272,7 +281,9 @@ int loopcxt_get_fd(struct loopdev_cxt *lc)
|
||||
if (lc->fd < 0) {
|
||||
lc->mode = lc->flags & LOOPDEV_FL_RDWR ? O_RDWR : O_RDONLY;
|
||||
lc->fd = open(lc->device, lc->mode);
|
||||
- DBG(lc, loopdev_debug("open %s", lc->fd < 0 ? "failed" : "ok"));
|
||||
+ DBG(lc, loopdev_debug("open %s [%s]: %s", lc->device,
|
||||
+ lc->flags & LOOPDEV_FL_RDWR ? "rw" : "ro",
|
||||
+ lc->fd < 0 ? "failed" : "ok"));
|
||||
}
|
||||
return lc->fd;
|
||||
}
|
||||
@@ -576,6 +587,7 @@ int loopcxt_next(struct loopdev_cxt *lc)
|
||||
* of loop devices). This is enough for 99% of all cases.
|
||||
*/
|
||||
if (iter->default_check) {
|
||||
+ DBG(lc, loopdev_debug("iter: next: default check"));
|
||||
for (++iter->ncur; iter->ncur < LOOPDEV_DEFAULT_NNODES;
|
||||
iter->ncur++) {
|
||||
char name[16];
|
||||
@@ -590,6 +602,7 @@ int loopcxt_next(struct loopdev_cxt *lc)
|
||||
/* C) the worst possibility, scan whole /dev or /dev/loop/<N>
|
||||
*/
|
||||
if (!iter->minors) {
|
||||
+ DBG(lc, loopdev_debug("iter: next: scan /dev"));
|
||||
iter->nminors = (lc->flags & LOOPDEV_FL_DEVSUBDIR) ?
|
||||
loop_scandir(_PATH_DEV_LOOP, &iter->minors, 0) :
|
||||
loop_scandir(_PATH_DEV, &iter->minors, 1);
|
||||
@@ -1150,6 +1163,7 @@ int loopcxt_setup_device(struct loopdev_cxt *lc)
|
||||
DBG(lc, loopdev_debug("setup: backing file open: OK"));
|
||||
|
||||
if (lc->fd != -1 && lc->mode != mode) {
|
||||
+ DBG(lc, loopdev_debug("closing already open device (mode mismatch)"));
|
||||
close(lc->fd);
|
||||
lc->fd = -1;
|
||||
lc->mode = 0;
|
||||
diff --git a/sys-utils/losetup.c b/sys-utils/losetup.c
|
||||
index fdcc0be..a8381a8 100644
|
||||
--- a/sys-utils/losetup.c
|
||||
+++ b/sys-utils/losetup.c
|
||||
@@ -250,8 +250,6 @@ int main(int argc, char **argv)
|
||||
if (loopcxt_init(&lc, 0))
|
||||
err(EXIT_FAILURE, _("failed to initialize loopcxt"));
|
||||
|
||||
- loopcxt_enable_debug(&lc, getenv("LOOPDEV_DEBUG") ? TRUE : FALSE);
|
||||
-
|
||||
while ((c = getopt_long(argc, argv, "ac:d:De:E:fhj:o:p:PrvV",
|
||||
longopts, NULL)) != -1) {
|
||||
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,35 +0,0 @@
|
||||
From 939636dd664cc608232c272de77be96e6f089235 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Wed, 17 Oct 2012 11:43:39 +0200
|
||||
Subject: [PATCH 08/11] lib/loopdev: check for /sys
|
||||
|
||||
The current loopdev code prefers /sys to get information about
|
||||
loop devices. The old methods like scan /dev are fallback solution
|
||||
only. Unfortunately, the code does not check if /sys is mounted.
|
||||
|
||||
Addresses: http://blog.flameeyes.eu/2012/10/sophistication-can-be-bad
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
lib/loopdev.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/lib/loopdev.c b/lib/loopdev.c
|
||||
index 0e6033a..f62af83 100644
|
||||
--- a/lib/loopdev.c
|
||||
+++ b/lib/loopdev.c
|
||||
@@ -167,6 +167,12 @@ int loopcxt_init(struct loopdev_cxt *lc, int flags)
|
||||
if (rc)
|
||||
return rc;
|
||||
|
||||
+ if (stat(_PATH_SYS_BLOCK, &st) || !S_ISDIR(st.st_mode)) {
|
||||
+ lc->flags |= LOOPDEV_FL_NOSYSFS;
|
||||
+ lc->flags &= ~LOOPDEV_FL_NOIOCTL;
|
||||
+ DBG(lc, loopdev_debug("init: disable /sys usage"));
|
||||
+ }
|
||||
+
|
||||
if (!(lc->flags & LOOPDEV_FL_NOSYSFS) &&
|
||||
get_linux_version() >= KERNEL_VERSION(2,6,37)) {
|
||||
/*
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,49 +0,0 @@
|
||||
From 75f03f036011003c2a9e8e634ca3ce7930873318 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Mon, 22 Oct 2012 10:10:55 +0200
|
||||
Subject: [PATCH 09/11] fsck.cramfs: compile with -DINCLUDE_FS_TESTS for make
|
||||
check
|
||||
|
||||
make check
|
||||
sudo su -
|
||||
cd tests
|
||||
./run.sh cramfs
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
disk-utils/Makemodule.am | 5 +++++
|
||||
tests/commands.sh | 2 +-
|
||||
2 files changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/disk-utils/Makemodule.am b/disk-utils/Makemodule.am
|
||||
index f2360bf..b329a99 100644
|
||||
--- a/disk-utils/Makemodule.am
|
||||
+++ b/disk-utils/Makemodule.am
|
||||
@@ -97,6 +97,11 @@ fsck_cramfs_LDADD = $(LDADD) -lz libcommon.la
|
||||
sbin_PROGRAMS += mkfs.cramfs
|
||||
mkfs_cramfs_SOURCES = disk-utils/mkfs.cramfs.c $(cramfs_common_sources)
|
||||
mkfs_cramfs_LDADD = $(LDADD) -lz libcommon.la
|
||||
+
|
||||
+check_PROGRAMS += test_fsck.cramfs
|
||||
+test_fsck_cramfs_SOURCES = $(fsck_cramfs_SOURCES)
|
||||
+test_fsck_cramfs_LDADD = $(fsck_cramfs_LDADD)
|
||||
+test_fsck_cramfs_CFLAGS = $(AM_CFLAGS) -DINCLUDE_FS_TESTS
|
||||
endif
|
||||
|
||||
|
||||
diff --git a/tests/commands.sh b/tests/commands.sh
|
||||
index 8a1577e..db1d4ac 100644
|
||||
--- a/tests/commands.sh
|
||||
+++ b/tests/commands.sh
|
||||
@@ -37,7 +37,7 @@ TS_CMD_LOSETUP=${TS_CMD_LOSETUP:-"$top_builddir/losetup"}
|
||||
TS_CMD_MKSWAP=${TS_CMD_MKSWAP:-"$top_builddir/mkswap"}
|
||||
TS_CMD_MKCRAMFS=${TS_CMD_MKCRAMFS:-"$top_builddir/mkfs.cramfs"}
|
||||
TS_CMD_MKMINIX=${TS_CMD_MKMINIX:-"$top_builddir/mkfs.minix"}
|
||||
-TS_CMD_FSCKCRAMFS=${TS_CMD_FSCKCRAMFS:-"$top_builddir/fsck.cramfs"}
|
||||
+TS_CMD_FSCKCRAMFS=${TS_CMD_FSCKCRAMFS:-"$top_builddir/test_fsck.cramfs"}
|
||||
TS_CMD_FSCKMINIX=${TS_CMD_FSCKMINIX:-"$top_builddir/fsck.minix"}
|
||||
|
||||
TS_CMD_IPCS=${TS_CMD_IPCS:-"$top_builddir/ipcs"}
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,44 +0,0 @@
|
||||
From ed68f1e2f5609a3f42492df407d62b8fc006ea17 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Mon, 22 Oct 2012 13:13:02 +0200
|
||||
Subject: [PATCH 10/11] login: fix compiler warning [-Wunused-result]
|
||||
|
||||
It's probably unnecessary paranoia, but let's check if we're able to
|
||||
restore the original IDs after ~/.hushlogin file check.
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
login-utils/login.c | 16 ++++++++++------
|
||||
1 file changed, 10 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/login-utils/login.c b/login-utils/login.c
|
||||
index 8ae5266..f5896da 100644
|
||||
--- a/login-utils/login.c
|
||||
+++ b/login-utils/login.c
|
||||
@@ -1031,13 +1031,17 @@ static int get_hushlogin_status(struct passwd *pwd)
|
||||
gid_t egid = getegid();
|
||||
|
||||
sprintf(buf, "%s/%s", pwd->pw_dir, file);
|
||||
- setregid(-1, pwd->pw_gid);
|
||||
- setreuid(0, pwd->pw_uid);
|
||||
- ok = effective_access(buf, O_RDONLY) == 0;
|
||||
- setuid(0); /* setreuid doesn't do it alone! */
|
||||
- setreuid(ruid, 0);
|
||||
- setregid(-1, egid);
|
||||
|
||||
+ if (setregid(-1, pwd->pw_gid) == 0 &&
|
||||
+ setreuid(0, pwd->pw_uid) == 0)
|
||||
+ ok = effective_access(buf, O_RDONLY) == 0;
|
||||
+
|
||||
+ if (setuid(0) != 0 ||
|
||||
+ setreuid(ruid, 0) != 0 ||
|
||||
+ setregid(-1, egid) != 0) {
|
||||
+ syslog(LOG_ALERT, _("hush login status: restore original IDs failed"));
|
||||
+ exit(EXIT_FAILURE);
|
||||
+ }
|
||||
if (ok)
|
||||
return 1; /* enabled by user */
|
||||
}
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,63 +0,0 @@
|
||||
From a3528342bc716ecdabdd86609ae5a3198f560870 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Tue, 23 Oct 2012 12:40:39 +0200
|
||||
Subject: [PATCH 11/11] misc: make readlink() usage more robust
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
misc-utils/lsblk.c | 4 ++--
|
||||
misc-utils/lslocks.c | 2 +-
|
||||
sys-utils/eject.c | 2 +-
|
||||
3 files changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/misc-utils/lsblk.c b/misc-utils/lsblk.c
|
||||
index cc97c05..9c25dd0 100644
|
||||
--- a/misc-utils/lsblk.c
|
||||
+++ b/misc-utils/lsblk.c
|
||||
@@ -962,7 +962,7 @@ static int get_wholedisk_from_partition_dirent(DIR *dir, const char *dirname,
|
||||
int len;
|
||||
|
||||
if ((len = readlink_at(dirfd(dir), dirname,
|
||||
- d->d_name, path, sizeof(path))) < 0)
|
||||
+ d->d_name, path, sizeof(path) - 1)) < 0)
|
||||
return 0;
|
||||
|
||||
path[len] = '\0';
|
||||
@@ -1075,7 +1075,7 @@ static char *devno_to_sysfs_name(dev_t devno, char *devname, char *buf, size_t b
|
||||
return NULL;
|
||||
}
|
||||
|
||||
- len = readlink(path, buf, buf_size);
|
||||
+ len = readlink(path, buf, buf_size - 1);
|
||||
if (len < 0) {
|
||||
warn(_("%s: failed to read link"), path);
|
||||
return NULL;
|
||||
diff --git a/misc-utils/lslocks.c b/misc-utils/lslocks.c
|
||||
index 45fb6de..495eb80 100644
|
||||
--- a/misc-utils/lslocks.c
|
||||
+++ b/misc-utils/lslocks.c
|
||||
@@ -196,7 +196,7 @@ static char *get_filename_sz(ino_t inode, pid_t pid, size_t *size)
|
||||
continue;
|
||||
|
||||
if ((len = readlink_at(fd, path, dp->d_name,
|
||||
- sym, sizeof(path))) < 1)
|
||||
+ sym, sizeof(sym) - 1)) < 1)
|
||||
goto out;
|
||||
|
||||
*size = sb.st_size;
|
||||
diff --git a/sys-utils/eject.c b/sys-utils/eject.c
|
||||
index 1a5b834..6d0da18 100644
|
||||
--- a/sys-utils/eject.c
|
||||
+++ b/sys-utils/eject.c
|
||||
@@ -837,7 +837,7 @@ static char *get_subsystem(char *chain, char *buf, size_t bufsz)
|
||||
memcpy(chain + len, SUBSYSTEM_LINKNAME, sizeof(SUBSYSTEM_LINKNAME));
|
||||
|
||||
/* try if subsystem symlink exists */
|
||||
- sz = readlink(chain, buf, bufsz);
|
||||
+ sz = readlink(chain, buf, bufsz - 1);
|
||||
|
||||
/* remove last subsystem from chain */
|
||||
chain[len] = '\0';
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,203 +0,0 @@
|
||||
From 6273784aa4f40121b3963b41df0986044eeaced0 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Tue, 28 Aug 2012 16:32:28 +0200
|
||||
Subject: [PATCH 200/208] su: add --group and --supp-group options
|
||||
|
||||
These options allow to specify alternative groups. The command
|
||||
su(1) has to be executed by root. The implementation is based on
|
||||
Fedora runuser(1) command.
|
||||
|
||||
For example:
|
||||
|
||||
# su --group=kzak --supp-group=uuidd -
|
||||
# id
|
||||
uid=0(root) gid=1000(kzak) groups=0(root),985(uuidd),1000(kzak)
|
||||
|
||||
non-root user:
|
||||
|
||||
$ su --group=kzak -
|
||||
su: only root can specify alternative groups
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
login-utils/su.1 | 6 +++++
|
||||
login-utils/su.c | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++----
|
||||
2 files changed, 75 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/login-utils/su.1 b/login-utils/su.1
|
||||
index 598cebd..59e1731 100644
|
||||
--- a/login-utils/su.1
|
||||
+++ b/login-utils/su.1
|
||||
@@ -59,6 +59,12 @@ Pass
|
||||
to the shell which may or may not be useful depending on the
|
||||
shell.
|
||||
.TP
|
||||
+\fB\-g\fR, \fB\-\-group\fR=\fIgroup\fR\fR
|
||||
+specify the primary group, this option is allowed for root user only
|
||||
+.TP
|
||||
+\fB\-G\fR, \fB\-\-supp-group\fR=\fIgroup\fR\fR
|
||||
+specify a supplemental group, this option is allowed for root user only
|
||||
+.TP
|
||||
\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR
|
||||
Starts the shell as login shell with an environment similar to a real
|
||||
login:
|
||||
diff --git a/login-utils/su.c b/login-utils/su.c
|
||||
index c6b8bce..f11c757 100644
|
||||
--- a/login-utils/su.c
|
||||
+++ b/login-utils/su.c
|
||||
@@ -110,6 +110,8 @@ static struct option const longopts[] =
|
||||
{"login", no_argument, NULL, 'l'},
|
||||
{"preserve-environment", no_argument, NULL, 'p'},
|
||||
{"shell", required_argument, NULL, 's'},
|
||||
+ {"group", required_argument, NULL, 'g'},
|
||||
+ {"supp-group", required_argument, NULL, 'G'},
|
||||
{"help", no_argument, 0, 'h'},
|
||||
{"version", no_argument, 0, 'V'},
|
||||
{NULL, 0, NULL, 0}
|
||||
@@ -424,11 +426,18 @@ modify_environment (const struct passwd *pw, const char *shell)
|
||||
/* Become the user and group(s) specified by PW. */
|
||||
|
||||
static void
|
||||
-init_groups (const struct passwd *pw)
|
||||
+init_groups (const struct passwd *pw, gid_t *groups, int num_groups)
|
||||
{
|
||||
int retval;
|
||||
+
|
||||
errno = 0;
|
||||
- if (initgroups (pw->pw_name, pw->pw_gid) == -1)
|
||||
+
|
||||
+ if (num_groups)
|
||||
+ retval = setgroups (num_groups, groups);
|
||||
+ else
|
||||
+ retval = initgroups (pw->pw_name, pw->pw_gid);
|
||||
+
|
||||
+ if (retval == -1)
|
||||
{
|
||||
cleanup_pam (PAM_ABORT);
|
||||
err (EXIT_FAILURE, _("cannot set groups"));
|
||||
@@ -535,6 +544,8 @@ usage (int status)
|
||||
-c, --command <command> pass a single command to the shell with -c\n\
|
||||
--session-command <command> pass a single command to the shell with -c\n\
|
||||
and do not create a new session\n\
|
||||
+ -g --group=group specify the primary group\n\
|
||||
+ -G --supp-group=group specify a supplemental group\n\
|
||||
-f, --fast pass -f to the shell (for csh or tcsh)\n\
|
||||
-m, --preserve-environment do not reset environment variables\n\
|
||||
-p same as -m\n\
|
||||
@@ -556,6 +567,19 @@ void load_config(void)
|
||||
logindefs_load_file(_PATH_LOGINDEFS);
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * Returns 1 if the current user is not root
|
||||
+ */
|
||||
+static int
|
||||
+evaluate_uid(void)
|
||||
+{
|
||||
+ uid_t ruid = getuid();
|
||||
+ uid_t euid = geteuid();
|
||||
+
|
||||
+ /* if we're really root and aren't running setuid */
|
||||
+ return (uid_t) 0 == ruid && ruid == euid ? 0 : 1;
|
||||
+}
|
||||
+
|
||||
int
|
||||
main (int argc, char **argv)
|
||||
{
|
||||
@@ -566,6 +590,11 @@ main (int argc, char **argv)
|
||||
char *shell = NULL;
|
||||
struct passwd *pw;
|
||||
struct passwd pw_copy;
|
||||
+ struct group *gr;
|
||||
+ gid_t groups[NGROUPS_MAX];
|
||||
+ int num_supp_groups = 0;
|
||||
+ int use_gid = 0;
|
||||
+ int restricted;
|
||||
|
||||
setlocale (LC_ALL, "");
|
||||
bindtextdomain (PACKAGE, LOCALEDIR);
|
||||
@@ -575,7 +604,7 @@ main (int argc, char **argv)
|
||||
simulate_login = false;
|
||||
change_environment = true;
|
||||
|
||||
- while ((optc = getopt_long (argc, argv, "c:flmps:hV", longopts, NULL)) != -1)
|
||||
+ while ((optc = getopt_long (argc, argv, "c:fg:G:lmps:hV", longopts, NULL)) != -1)
|
||||
{
|
||||
switch (optc)
|
||||
{
|
||||
@@ -592,6 +621,26 @@ main (int argc, char **argv)
|
||||
fast_startup = true;
|
||||
break;
|
||||
|
||||
+ case 'g':
|
||||
+ gr = getgrnam(optarg);
|
||||
+ if (!gr)
|
||||
+ errx(EXIT_FAILURE, _("group %s does not exist"), optarg);
|
||||
+ use_gid = 1;
|
||||
+ groups[0] = gr->gr_gid;
|
||||
+ break;
|
||||
+
|
||||
+ case 'G':
|
||||
+ num_supp_groups++;
|
||||
+ if (num_supp_groups >= NGROUPS_MAX)
|
||||
+ errx(EXIT_FAILURE,
|
||||
+ _("can't specify more than %d supplemental groups"),
|
||||
+ NGROUPS_MAX - 1);
|
||||
+ gr = getgrnam(optarg);
|
||||
+ if (!gr)
|
||||
+ errx(EXIT_FAILURE, _("group %s does not exist"), optarg);
|
||||
+ groups[num_supp_groups] = gr->gr_gid;
|
||||
+ break;
|
||||
+
|
||||
case 'l':
|
||||
simulate_login = true;
|
||||
break;
|
||||
@@ -617,6 +666,8 @@ main (int argc, char **argv)
|
||||
}
|
||||
}
|
||||
|
||||
+ restricted = evaluate_uid ();
|
||||
+
|
||||
if (optind < argc && !strcmp (argv[optind], "-"))
|
||||
{
|
||||
simulate_login = true;
|
||||
@@ -625,6 +676,9 @@ main (int argc, char **argv)
|
||||
if (optind < argc)
|
||||
new_user = argv[optind++];
|
||||
|
||||
+ if ((num_supp_groups || use_gid) && restricted)
|
||||
+ errx(EXIT_FAILURE, _("only root can specify alternative groups"));
|
||||
+
|
||||
logindefs_load_defaults = load_config;
|
||||
|
||||
pw = getpwnam (new_user);
|
||||
@@ -648,6 +702,17 @@ main (int argc, char **argv)
|
||||
: DEFAULT_SHELL);
|
||||
endpwent ();
|
||||
|
||||
+ if (num_supp_groups && !use_gid)
|
||||
+ {
|
||||
+ pw->pw_gid = groups[1];
|
||||
+ memmove (groups, groups + 1, sizeof(gid_t) * num_supp_groups);
|
||||
+ }
|
||||
+ else if (use_gid)
|
||||
+ {
|
||||
+ pw->pw_gid = groups[0];
|
||||
+ num_supp_groups++;
|
||||
+ }
|
||||
+
|
||||
authenticate (pw);
|
||||
|
||||
if (request_same_session || !command || !pw->pw_uid)
|
||||
@@ -666,7 +731,7 @@ main (int argc, char **argv)
|
||||
}
|
||||
shell = xstrdup (shell ? shell : pw->pw_shell);
|
||||
|
||||
- init_groups (pw);
|
||||
+ init_groups (pw, groups, num_supp_groups);
|
||||
|
||||
create_watching_parent ();
|
||||
/* Now we're in the child. */
|
||||
--
|
||||
1.7.11.7
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,450 +0,0 @@
|
||||
From d8c2f623ab9d9e7da1490244cb8c77c3017545dc Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Wed, 29 Aug 2012 17:34:26 +0200
|
||||
Subject: [PATCH 202/208] runuser: new command (derived from su(1))
|
||||
|
||||
This command is based on su(1), the differences:
|
||||
|
||||
- based on Fedora runuser su(1) patch
|
||||
- not installed with suid rights
|
||||
- allowed for root users only
|
||||
- don't ask for password
|
||||
- uses PAM session, for example:
|
||||
|
||||
$ cat /etc/pam.d/runuser
|
||||
auth sufficient pam_rootok.so
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
session required pam_unix.so
|
||||
|
||||
$ cat /etc/pam.d/runuser-l
|
||||
auth include runuser
|
||||
session optional pam_keyinit.so force revoke
|
||||
session include runuser
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
.gitignore | 1 +
|
||||
configure.ac | 9 ++
|
||||
login-utils/Makemodule.am | 13 +++
|
||||
login-utils/runuser.1 | 230 ++++++++++++++++++++++++++++++++++++++++++++++
|
||||
login-utils/runuser.c | 7 ++
|
||||
login-utils/su-common.c | 51 ++++++++--
|
||||
6 files changed, 303 insertions(+), 8 deletions(-)
|
||||
create mode 100644 login-utils/runuser.1
|
||||
create mode 100644 login-utils/runuser.c
|
||||
|
||||
#diff --git a/.gitignore b/.gitignore
|
||||
#index fbc5636..5be008f 100644
|
||||
#--- a/.gitignore
|
||||
#+++ b/.gitignore
|
||||
#@@ -138,6 +138,7 @@ tests/run.sh.trs
|
||||
# /resizepart
|
||||
# /rev
|
||||
# /rtcwake
|
||||
#+/runuser
|
||||
# /sample-mkfs
|
||||
# /sample-partitions
|
||||
# /sample-superblocks
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 87e85fa..83ef6ce 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -1149,6 +1149,15 @@ UL_REQUIRES_HAVE([su], [security_pam_misc_h], [PAM header file])
|
||||
AM_CONDITIONAL(BUILD_SU, test "x$build_su" = xyes)
|
||||
|
||||
|
||||
+AC_ARG_ENABLE([runuser],
|
||||
+ AS_HELP_STRING([--disable-runuser], [do not build runuser]),
|
||||
+ [], enable_runuser=yes
|
||||
+)
|
||||
+UL_BUILD_INIT([runuser])
|
||||
+UL_REQUIRES_HAVE([runuser], [security_pam_misc_h], [PAM header file])
|
||||
+AM_CONDITIONAL(BUILD_RUNUSER, test "x$build_runuser" = xyes)
|
||||
+
|
||||
+
|
||||
AC_ARG_ENABLE([schedutils],
|
||||
AS_HELP_STRING([--disable-schedutils], [do not build chrt, ionice, teskset]),
|
||||
[], enable_schedutils=yes
|
||||
diff --git a/login-utils/Makemodule.am b/login-utils/Makemodule.am
|
||||
index b918f00..e26d9a7 100644
|
||||
--- a/login-utils/Makemodule.am
|
||||
+++ b/login-utils/Makemodule.am
|
||||
@@ -93,6 +93,19 @@ su_LDADD = $(LDADD) -lpam -lpam_misc
|
||||
endif
|
||||
|
||||
|
||||
+if BUILD_RUNUSER
|
||||
+bin_PROGRAMS += runuser
|
||||
+dist_man_MANS += login-utils/runuser.1
|
||||
+runuser_SOURCES = \
|
||||
+ login-utils/runuser.c \
|
||||
+ login-utils/su-common.c \
|
||||
+ login-utils/su-common.h \
|
||||
+ login-utils/logindefs.c \
|
||||
+ login-utils/logindefs.h
|
||||
+runuser_LDADD = $(LDADD) -lpam -lpam_misc
|
||||
+endif
|
||||
+
|
||||
+
|
||||
if BUILD_NEWGRP
|
||||
usrbin_exec_PROGRAMS += newgrp
|
||||
dist_man_MANS += login-utils/newgrp.1
|
||||
diff --git a/login-utils/runuser.1 b/login-utils/runuser.1
|
||||
new file mode 100644
|
||||
index 0000000..66ad1c4
|
||||
--- /dev/null
|
||||
+++ b/login-utils/runuser.1
|
||||
@@ -0,0 +1,230 @@
|
||||
+.TH RUNUSER "1" "August 2012" "util-linux" "User Commands"
|
||||
+.SH NAME
|
||||
+runuser \- run a command with substitute user and group ID
|
||||
+.SH SYNOPSIS
|
||||
+.B runuser
|
||||
+[options...] [\-] [user [args...]]
|
||||
+.SH DESCRIPTION
|
||||
+.B runuser
|
||||
+allows to run commands with substitute user and group ID.
|
||||
+The difference between the commands
|
||||
+.B runuser
|
||||
+and
|
||||
+.B su
|
||||
+is that
|
||||
+.B runuser
|
||||
+does not ask for password, because it may be executed by root user only.
|
||||
+The command
|
||||
+.B runuser
|
||||
+does not have to be installed with suid permissions.
|
||||
+.PP
|
||||
+When called without arguments
|
||||
+.B runuser
|
||||
+defaults to running an interactive shell as
|
||||
+.IR root .
|
||||
+.PP
|
||||
+For backward compatibility
|
||||
+.B runuser
|
||||
+defaults to not change the current directory and to only set the
|
||||
+environment variables
|
||||
+.B HOME
|
||||
+and
|
||||
+.B SHELL
|
||||
+(plus
|
||||
+.B USER
|
||||
+and
|
||||
+.B LOGNAME
|
||||
+if the target
|
||||
+.I user
|
||||
+is not root). It is recommended to always use the
|
||||
+.B \-\-login
|
||||
+option (instead it's shortcut
|
||||
+.BR \- )
|
||||
+to avoid side effects caused by mixing environments.
|
||||
+.PP
|
||||
+This version of
|
||||
+.B runuser
|
||||
+uses PAM for session management.
|
||||
+.SH OPTIONS
|
||||
+.TP
|
||||
+\fB\-c\fR \fIcommand\fR, \fB\-\-command\fR=\fIcommand\fR
|
||||
+Pass
|
||||
+.I command
|
||||
+to the shell with the
|
||||
+.B \-c
|
||||
+option.
|
||||
+.TP
|
||||
+\fB\-\-session\-command\fR=\fIcommand\fR
|
||||
+Same as
|
||||
+.B \-c
|
||||
+but do not create a new session (discouraged).
|
||||
+.TP
|
||||
+\fB\-f\fR, \fB\-\-fast\fR
|
||||
+Pass
|
||||
+.B \-f
|
||||
+to the shell which may or may not be useful depending on the
|
||||
+shell.
|
||||
+.TP
|
||||
+\fB\-g\fR, \fB\-\-group\fR=\fIgroup\fR\fR
|
||||
+specify the primary group, this option is allowed for root user only
|
||||
+.TP
|
||||
+\fB\-G\fR, \fB\-\-supp-group\fR=\fIgroup\fR\fR
|
||||
+specify a supplemental group, this option is allowed for root user only
|
||||
+.TP
|
||||
+\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR
|
||||
+Starts the shell as login shell with an environment similar to a real
|
||||
+login:
|
||||
+.RS 10
|
||||
+.TP
|
||||
+o
|
||||
+clears all environment variables except for
|
||||
+.B TERM
|
||||
+.TP
|
||||
+o
|
||||
+initializes the environment variables
|
||||
+.BR HOME ,
|
||||
+.BR SHELL ,
|
||||
+.BR USER ,
|
||||
+.BR LOGNAME ,
|
||||
+.B PATH
|
||||
+.TP
|
||||
+o
|
||||
+changes to the target user's home directory
|
||||
+.TP
|
||||
+o
|
||||
+sets argv[0] of the shell to
|
||||
+.RB ' \- '
|
||||
+in order to make the shell a login shell
|
||||
+.RE
|
||||
+.TP
|
||||
+\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve-environment\fR
|
||||
+Preserves the whole environment, ie does not set
|
||||
+.BR HOME ,
|
||||
+.BR SHELL ,
|
||||
+.B USER
|
||||
+nor
|
||||
+.BR LOGNAME .
|
||||
+.TP
|
||||
+\fB\-s\fR \fISHELL\fR, \fB\-\-shell\fR=\fISHELL\fR
|
||||
+Runs the specified shell instead of the default. The shell to run is
|
||||
+selected according to the following rules in order:
|
||||
+.RS 10
|
||||
+.TP
|
||||
+o
|
||||
+the shell specified with
|
||||
+.B \-\-shell
|
||||
+.TP
|
||||
+o
|
||||
+The shell specified in the environment variable
|
||||
+.B SHELL
|
||||
+if the
|
||||
+.B \-\-preserve-environment
|
||||
+option is used.
|
||||
+.TP
|
||||
+o
|
||||
+the shell listed in the passwd entry of the target user
|
||||
+.TP
|
||||
+o
|
||||
+/bin/sh
|
||||
+.RE
|
||||
+.IP
|
||||
+If the target user has a restricted shell (i.e. not listed in
|
||||
+/etc/shells) the
|
||||
+.B \-\-shell
|
||||
+option and the
|
||||
+.B SHELL
|
||||
+environment variables are ignored unless the calling user is root.
|
||||
+.TP
|
||||
+\fB\-\-help\fR
|
||||
+Display help text and exit.
|
||||
+.TP
|
||||
+\fB\-\-version\fR
|
||||
+Display version information and exit.
|
||||
+.SH CONFIG FILES
|
||||
+.B runuser
|
||||
+reads the
|
||||
+.I /etc/default/runuser
|
||||
+and
|
||||
+.I /etc/login.defs
|
||||
+configuration files. The following configuration items are relevant
|
||||
+for
|
||||
+.BR runuser :
|
||||
+.PP
|
||||
+.B ENV_PATH
|
||||
+(string)
|
||||
+.RS 4
|
||||
+Defines the PATH environment variable for a regular user. The
|
||||
+default value is
|
||||
+.IR /usr/local/bin:\:/bin:\:/usr/bin .
|
||||
+.RE
|
||||
+.PP
|
||||
+.B ENV_ROOTPATH
|
||||
+(string)
|
||||
+.br
|
||||
+.B ENV_SUPATH
|
||||
+(string)
|
||||
+.RS 4
|
||||
+Defines the PATH environment variable for root. The default value is
|
||||
+.IR /usr/local/sbin:\:/usr/local/bin:\:/sbin:\:/bin:\:/usr/sbin:\:/usr/bin .
|
||||
+.RE
|
||||
+.PP
|
||||
+.B ALWAYS_SET_PATH
|
||||
+(boolean)
|
||||
+.RS 4
|
||||
+If set to
|
||||
+.I yes
|
||||
+and \-\-login and \-\-preserve\-environment were not specified
|
||||
+.B runuser
|
||||
+initializes
|
||||
+.BR PATH .
|
||||
+.RE
|
||||
+.SH EXIT STATUS
|
||||
+.B runuser
|
||||
+normally returns the exit status of the command it executed. If the
|
||||
+command was killed by a signal,
|
||||
+.B runuser
|
||||
+returns the number of the signal plus 128.
|
||||
+.PP
|
||||
+Exit status generated by
|
||||
+.B runuser
|
||||
+itself:
|
||||
+.RS 10
|
||||
+.TP
|
||||
+1
|
||||
+Generic error before executing the requested command
|
||||
+.TP
|
||||
+126
|
||||
+The requested command could not be executed
|
||||
+.TP
|
||||
+127
|
||||
+The requested command could was not found
|
||||
+.RE
|
||||
+.SH FILES
|
||||
+.PD 0
|
||||
+.TP 17
|
||||
+/etc/pam.d/runuser
|
||||
+default PAM configuration file
|
||||
+.TP
|
||||
+/etc/pam.d/runuser-l
|
||||
+PAM configuration file if \-\-login is specified
|
||||
+.TP
|
||||
+/etc/default/runuser
|
||||
+runuser specific logindef config file
|
||||
+.TP
|
||||
+/etc/login.defs
|
||||
+global logindef config file
|
||||
+.PD 1
|
||||
+.SH "SEE ALSO"
|
||||
+.BR pam (8),
|
||||
+.BR shells (5),
|
||||
+.BR login.defs (5),
|
||||
+.BR su (1)
|
||||
+.SH AUTHOR
|
||||
+Derived from coreutils' su which was based on an implemenation from
|
||||
+David MacKenzie and Fedora runuser command from Dan Walsh.
|
||||
+.SH AVAILABILITY
|
||||
+The runuser command is part of the util-linux package and is
|
||||
+available from
|
||||
+.UR ftp://\:ftp.kernel.org\:/pub\:/linux\:/utils\:/util-linux/
|
||||
+Linux Kernel Archive
|
||||
+.UE .
|
||||
diff --git a/login-utils/runuser.c b/login-utils/runuser.c
|
||||
new file mode 100644
|
||||
index 0000000..d4f37f4
|
||||
--- /dev/null
|
||||
+++ b/login-utils/runuser.c
|
||||
@@ -0,0 +1,7 @@
|
||||
+
|
||||
+#include "su-common.h"
|
||||
+
|
||||
+int main(int argc, char **argv)
|
||||
+{
|
||||
+ return su_main(argc, argv, RUNUSER_MODE);
|
||||
+}
|
||||
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
|
||||
index f1f46aa..770f455 100644
|
||||
--- a/login-utils/su-common.c
|
||||
+++ b/login-utils/su-common.c
|
||||
@@ -65,8 +65,14 @@ enum
|
||||
#include "env.h"
|
||||
|
||||
/* name of the pam configuration files. separate configs for su and su - */
|
||||
-#define PAM_SERVICE_NAME "su"
|
||||
-#define PAM_SERVICE_NAME_L "su-l"
|
||||
+#define PAM_SRVNAME_SU "su"
|
||||
+#define PAM_SRVNAME_SU_L "su-l"
|
||||
+
|
||||
+#define PAM_SRVNAME_RUNUSER "runuser"
|
||||
+#define PAM_SRVNAME_RUNUSER_L "runuser-l"
|
||||
+
|
||||
+#define _PATH_LOGINDEFS_SU "/etc/defaults/su"
|
||||
+#define _PATH_LOGINDEFS_RUNUSER "/etc/defaults/runuser"
|
||||
|
||||
#define is_pam_failure(_rc) ((_rc) != PAM_SUCCESS)
|
||||
|
||||
@@ -106,6 +112,8 @@ static bool _pam_cred_established;
|
||||
static sig_atomic_t volatile caught_signal = false;
|
||||
static pam_handle_t *pamh = NULL;
|
||||
|
||||
+static int restricted = 1; /* zero for root user */
|
||||
+
|
||||
static struct option const longopts[] =
|
||||
{
|
||||
{"command", required_argument, NULL, 'c'},
|
||||
@@ -146,7 +154,8 @@ log_su (struct passwd const *pw, bool successful)
|
||||
|
||||
openlog (program_invocation_short_name, 0 , LOG_AUTH);
|
||||
syslog (LOG_NOTICE, "%s(to %s) %s on %s",
|
||||
- successful ? "" : "FAILED SU ",
|
||||
+ successful ? "" :
|
||||
+ su_mode == RUNUSER_MODE ? "FAILED RUNUSER " : "FAILED SU ",
|
||||
new_user, old_user, tty);
|
||||
closelog ();
|
||||
}
|
||||
@@ -315,11 +324,19 @@ static void
|
||||
authenticate (const struct passwd *pw)
|
||||
{
|
||||
const struct passwd *lpw;
|
||||
- const char *cp;
|
||||
+ const char *cp, *srvname = NULL;
|
||||
int retval;
|
||||
|
||||
- retval = pam_start (simulate_login ? PAM_SERVICE_NAME_L : PAM_SERVICE_NAME,
|
||||
- pw->pw_name, &conv, &pamh);
|
||||
+ switch (su_mode) {
|
||||
+ case SU_MODE:
|
||||
+ srvname = simulate_login ? PAM_SRVNAME_SU_L : PAM_SRVNAME_SU;
|
||||
+ break;
|
||||
+ case RUNUSER_MODE:
|
||||
+ srvname = simulate_login ? PAM_SRVNAME_RUNUSER_L : PAM_SRVNAME_RUNUSER;
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ retval = pam_start (srvname, pw->pw_name, &conv, &pamh);
|
||||
if (is_pam_failure(retval))
|
||||
goto done;
|
||||
|
||||
@@ -344,6 +361,17 @@ authenticate (const struct passwd *pw)
|
||||
goto done;
|
||||
}
|
||||
|
||||
+ if (su_mode == RUNUSER_MODE)
|
||||
+ {
|
||||
+ /*
|
||||
+ * This is the only difference between runuser(1) and su(1). The command
|
||||
+ * runuser(1) does not required authentication, because user is root.
|
||||
+ */
|
||||
+ if (restricted)
|
||||
+ errx(EXIT_FAILURE, _("may not be used by non-root users"));
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
retval = pam_authenticate (pamh, 0);
|
||||
if (is_pam_failure(retval))
|
||||
goto done;
|
||||
@@ -567,7 +595,15 @@ usage (int status)
|
||||
static
|
||||
void load_config(void)
|
||||
{
|
||||
- logindefs_load_file("/etc/default/su");
|
||||
+ switch (su_mode) {
|
||||
+ case SU_MODE:
|
||||
+ logindefs_load_file(_PATH_LOGINDEFS_SU);
|
||||
+ break;
|
||||
+ case RUNUSER_MODE:
|
||||
+ logindefs_load_file(_PATH_LOGINDEFS_RUNUSER);
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
logindefs_load_file(_PATH_LOGINDEFS);
|
||||
}
|
||||
|
||||
@@ -598,7 +634,6 @@ su_main (int argc, char **argv, int mode)
|
||||
gid_t groups[NGROUPS_MAX];
|
||||
int num_supp_groups = 0;
|
||||
int use_gid = 0;
|
||||
- int restricted;
|
||||
|
||||
setlocale (LC_ALL, "");
|
||||
bindtextdomain (PACKAGE, LOCALEDIR);
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,68 +0,0 @@
|
||||
From 8f33f59e72bef913068f9a80338f12d8d4434010 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Wed, 5 Sep 2012 11:13:34 +0200
|
||||
Subject: [PATCH 203/208] su: more robust getpwuid() for GNU Hurt [coreutils
|
||||
71b7ddc]
|
||||
|
||||
Let's support GNU Hurd over-engineering where a process can exist
|
||||
without UID and getuid() returns -1 and sets errno.
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
login-utils/su-common.c | 26 +++++++++++++++++++++++---
|
||||
1 file changed, 23 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
|
||||
index 770f455..a253dda 100644
|
||||
--- a/login-utils/su-common.c
|
||||
+++ b/login-utils/su-common.c
|
||||
@@ -129,6 +129,26 @@ static struct option const longopts[] =
|
||||
{NULL, 0, NULL, 0}
|
||||
};
|
||||
|
||||
+
|
||||
+static struct passwd *
|
||||
+current_getpwuid(void)
|
||||
+{
|
||||
+ uid_t ruid;
|
||||
+
|
||||
+ /* GNU Hurd implementation has an extension where a process can exist in a
|
||||
+ * non-conforming environment, and thus be outside the realms of POSIX
|
||||
+ * process identifiers; on this platform, getuid() fails with a status of
|
||||
+ * (uid_t)(-1) and sets errno if a program is run from a non-conforming
|
||||
+ * environment.
|
||||
+ *
|
||||
+ * http://austingroupbugs.net/view.php?id=511
|
||||
+ */
|
||||
+ errno = 0;
|
||||
+ ruid = getuid ();
|
||||
+
|
||||
+ return errno == 0 ? getpwuid (ruid) : NULL;
|
||||
+}
|
||||
+
|
||||
/* Log the fact that someone has run su to the user given by PW;
|
||||
if SUCCESSFUL is true, they gave the correct password, etc. */
|
||||
|
||||
@@ -145,8 +165,8 @@ log_su (struct passwd const *pw, bool successful)
|
||||
{
|
||||
/* getlogin can fail -- usually due to lack of utmp entry.
|
||||
Resort to getpwuid. */
|
||||
- struct passwd *pwd = getpwuid (getuid ());
|
||||
- old_user = (pwd ? pwd->pw_name : "");
|
||||
+ struct passwd *pwd = current_getpwuid();
|
||||
+ old_user = pwd ? pwd->pw_name : "";
|
||||
}
|
||||
tty = ttyname (STDERR_FILENO);
|
||||
if (!tty)
|
||||
@@ -353,7 +373,7 @@ authenticate (const struct passwd *pw)
|
||||
goto done;
|
||||
}
|
||||
|
||||
- lpw = getpwuid (getuid ());
|
||||
+ lpw = current_getpwuid ();
|
||||
if (lpw && lpw->pw_name)
|
||||
{
|
||||
retval = pam_set_item (pamh, PAM_RUSER, (const void *) lpw->pw_name);
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,33 +0,0 @@
|
||||
From 589e24a625c5e83805e95b917eaf3bf1be64369e Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Wed, 5 Sep 2012 11:21:07 +0200
|
||||
Subject: [PATCH 204/208] su: verify writing to streams was successful
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
login-utils/su-common.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
|
||||
index a253dda..1f97328 100644
|
||||
--- a/login-utils/su-common.c
|
||||
+++ b/login-utils/su-common.c
|
||||
@@ -63,6 +63,7 @@ enum
|
||||
#include "nls.h"
|
||||
#include "pathnames.h"
|
||||
#include "env.h"
|
||||
+#include "closestream.h"
|
||||
|
||||
/* name of the pam configuration files. separate configs for su and su - */
|
||||
#define PAM_SRVNAME_SU "su"
|
||||
@@ -658,6 +659,7 @@ su_main (int argc, char **argv, int mode)
|
||||
setlocale (LC_ALL, "");
|
||||
bindtextdomain (PACKAGE, LOCALEDIR);
|
||||
textdomain (PACKAGE);
|
||||
+ atexit(close_stdout);
|
||||
|
||||
su_mode = mode;
|
||||
fast_startup = false;
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,60 +0,0 @@
|
||||
From bea3752e9d048895b6750e2d0d8ce72fed20cef9 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Wed, 5 Sep 2012 11:26:20 +0200
|
||||
Subject: [PATCH 205/208] su: move long options to main()
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
login-utils/su-common.c | 29 ++++++++++++++---------------
|
||||
1 file changed, 14 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
|
||||
index 1f97328..778738f 100644
|
||||
--- a/login-utils/su-common.c
|
||||
+++ b/login-utils/su-common.c
|
||||
@@ -115,21 +115,6 @@ static pam_handle_t *pamh = NULL;
|
||||
|
||||
static int restricted = 1; /* zero for root user */
|
||||
|
||||
-static struct option const longopts[] =
|
||||
-{
|
||||
- {"command", required_argument, NULL, 'c'},
|
||||
- {"session-command", required_argument, NULL, 'C'},
|
||||
- {"fast", no_argument, NULL, 'f'},
|
||||
- {"login", no_argument, NULL, 'l'},
|
||||
- {"preserve-environment", no_argument, NULL, 'p'},
|
||||
- {"shell", required_argument, NULL, 's'},
|
||||
- {"group", required_argument, NULL, 'g'},
|
||||
- {"supp-group", required_argument, NULL, 'G'},
|
||||
- {"help", no_argument, 0, 'h'},
|
||||
- {"version", no_argument, 0, 'V'},
|
||||
- {NULL, 0, NULL, 0}
|
||||
-};
|
||||
-
|
||||
|
||||
static struct passwd *
|
||||
current_getpwuid(void)
|
||||
@@ -656,6 +641,20 @@ su_main (int argc, char **argv, int mode)
|
||||
int num_supp_groups = 0;
|
||||
int use_gid = 0;
|
||||
|
||||
+ static const struct option longopts[] = {
|
||||
+ {"command", required_argument, NULL, 'c'},
|
||||
+ {"session-command", required_argument, NULL, 'C'},
|
||||
+ {"fast", no_argument, NULL, 'f'},
|
||||
+ {"login", no_argument, NULL, 'l'},
|
||||
+ {"preserve-environment", no_argument, NULL, 'p'},
|
||||
+ {"shell", required_argument, NULL, 's'},
|
||||
+ {"group", required_argument, NULL, 'g'},
|
||||
+ {"supp-group", required_argument, NULL, 'G'},
|
||||
+ {"help", no_argument, 0, 'h'},
|
||||
+ {"version", no_argument, 0, 'V'},
|
||||
+ {NULL, 0, NULL, 0}
|
||||
+ };
|
||||
+
|
||||
setlocale (LC_ALL, "");
|
||||
bindtextdomain (PACKAGE, LOCALEDIR);
|
||||
textdomain (PACKAGE);
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,40 +0,0 @@
|
||||
From 1fe22a730b1a6595c6da9ea8cd58594337e66dc3 Mon Sep 17 00:00:00 2001
|
||||
From: Ondrej Oprala <ooprala@redhat.com>
|
||||
Date: Tue, 11 Sep 2012 16:39:17 +0200
|
||||
Subject: [PATCH 206/208] su: add segmentation fault reporting of the child
|
||||
process
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Child processes that ended with segmentation fault previously
|
||||
indicated this with return status only. The report is now more
|
||||
verbose if core dump is allowed.
|
||||
|
||||
Improved-by: Pádraig Brady <P@draigBrady.com>
|
||||
Signed-off-by: Ondrej Oprala <ooprala@redhat.com>
|
||||
---
|
||||
login-utils/su-common.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
|
||||
index 778738f..118e080 100644
|
||||
--- a/login-utils/su-common.c
|
||||
+++ b/login-utils/su-common.c
|
||||
@@ -300,7 +300,12 @@ create_watching_parent (void)
|
||||
}
|
||||
if (pid != (pid_t)-1)
|
||||
if (WIFSIGNALED (status))
|
||||
- status = WTERMSIG (status) + 128;
|
||||
+ {
|
||||
+ status = WTERMSIG (status) + 128;
|
||||
+ if (WCOREDUMP (status))
|
||||
+ fprintf (stderr, _("%s (core dumped)\n"),
|
||||
+ strsignal (WTERMSIG (status)));
|
||||
+ }
|
||||
else
|
||||
status = WEXITSTATUS (status);
|
||||
else
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,26 +0,0 @@
|
||||
From 2f3cb337e1cda9e897480f256453f369914380b3 Mon Sep 17 00:00:00 2001
|
||||
From: Vitezslav Cizek <vcizek@suse.cz>
|
||||
Date: Mon, 1 Oct 2012 14:48:16 +0200
|
||||
Subject: [PATCH 207/208] su: fixed a typo in pam error message
|
||||
|
||||
Signed-off-by: Vitezslav Cizek <vcizek@suse.cz>
|
||||
---
|
||||
login-utils/su-common.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
|
||||
index 118e080..ea6864e 100644
|
||||
--- a/login-utils/su-common.c
|
||||
+++ b/login-utils/su-common.c
|
||||
@@ -223,7 +223,7 @@ create_watching_parent (void)
|
||||
if (is_pam_failure(retval))
|
||||
{
|
||||
cleanup_pam (retval);
|
||||
- errx (EXIT_FAILURE, _("cannot not open session: %s"),
|
||||
+ errx (EXIT_FAILURE, _("cannot open session: %s"),
|
||||
pam_strerror (pamh, retval));
|
||||
}
|
||||
else
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,281 +0,0 @@
|
||||
From f0c57c2b1129b17e68e54d08421d1f209f1b6c57 Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Thu, 13 Sep 2012 11:58:00 +0200
|
||||
Subject: [PATCH 208/208] runuser: add -u to not execute shell
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
login-utils/runuser.1 | 20 ++++---
|
||||
login-utils/su-common.c | 138 +++++++++++++++++++++++++++++++-----------------
|
||||
login-utils/su.1 | 1 +
|
||||
3 files changed, 105 insertions(+), 54 deletions(-)
|
||||
|
||||
diff --git a/login-utils/runuser.1 b/login-utils/runuser.1
|
||||
index 66ad1c4..4620165 100644
|
||||
--- a/login-utils/runuser.1
|
||||
+++ b/login-utils/runuser.1
|
||||
@@ -3,10 +3,21 @@
|
||||
runuser \- run a command with substitute user and group ID
|
||||
.SH SYNOPSIS
|
||||
.B runuser
|
||||
-[options...] [\-] [user [args...]]
|
||||
+[options] -u
|
||||
+.IR user
|
||||
+.IR "command " [ argument ...]
|
||||
+.LP
|
||||
+.B runuser
|
||||
+[options] [-]
|
||||
+[
|
||||
+.IR "user " [ argument ...]
|
||||
+]
|
||||
.SH DESCRIPTION
|
||||
.B runuser
|
||||
allows to run commands with substitute user and group ID.
|
||||
+If the option \fB\-u\fR not given, fallback to
|
||||
+.B su
|
||||
+compatible semantic and shell is executed.
|
||||
The difference between the commands
|
||||
.B runuser
|
||||
and
|
||||
@@ -36,12 +47,7 @@ and
|
||||
.B LOGNAME
|
||||
if the target
|
||||
.I user
|
||||
-is not root). It is recommended to always use the
|
||||
-.B \-\-login
|
||||
-option (instead it's shortcut
|
||||
-.BR \- )
|
||||
-to avoid side effects caused by mixing environments.
|
||||
-.PP
|
||||
+is not root).
|
||||
This version of
|
||||
.B runuser
|
||||
uses PAM for session management.
|
||||
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
|
||||
index ea6864e..4e1f6b2 100644
|
||||
--- a/login-utils/su-common.c
|
||||
+++ b/login-utils/su-common.c
|
||||
@@ -439,7 +439,8 @@ modify_environment (const struct passwd *pw, const char *shell)
|
||||
if (term)
|
||||
xsetenv ("TERM", term, 1);
|
||||
xsetenv ("HOME", pw->pw_dir, 1);
|
||||
- xsetenv ("SHELL", shell, 1);
|
||||
+ if (shell)
|
||||
+ xsetenv ("SHELL", shell, 1);
|
||||
xsetenv ("USER", pw->pw_name, 1);
|
||||
xsetenv ("LOGNAME", pw->pw_name, 1);
|
||||
set_path(pw);
|
||||
@@ -451,7 +452,8 @@ modify_environment (const struct passwd *pw, const char *shell)
|
||||
if (change_environment)
|
||||
{
|
||||
xsetenv ("HOME", pw->pw_dir, 1);
|
||||
- xsetenv ("SHELL", shell, 1);
|
||||
+ if (shell)
|
||||
+ xsetenv ("SHELL", shell, 1);
|
||||
if (getlogindefs_bool ("ALWAYS_SET_PATH", 0))
|
||||
set_path(pw);
|
||||
|
||||
@@ -571,35 +573,47 @@ restricted_shell (const char *shell)
|
||||
static void __attribute__((__noreturn__))
|
||||
usage (int status)
|
||||
{
|
||||
- if (status != EXIT_SUCCESS)
|
||||
- fprintf (stderr, _("Try `%s --help' for more information.\n"),
|
||||
- program_invocation_short_name);
|
||||
- else
|
||||
- {
|
||||
- fputs(USAGE_HEADER, stdout);
|
||||
- printf (_(" %s [options] [-] [USER [arg]...]\n"), program_invocation_short_name);
|
||||
- fputs (_("\n\
|
||||
- Change the effective user id and group id to that of USER.\n\
|
||||
- A mere - implies -l. If USER not given, assume root.\n"), stdout);
|
||||
- fputs(USAGE_OPTIONS, stdout);
|
||||
- fputs (_("\
|
||||
- -, -l, --login make the shell a login shell\n\
|
||||
- -c, --command <command> pass a single command to the shell with -c\n\
|
||||
- --session-command <command> pass a single command to the shell with -c\n\
|
||||
- and do not create a new session\n\
|
||||
- -g --group=group specify the primary group\n\
|
||||
- -G --supp-group=group specify a supplemental group\n\
|
||||
- -f, --fast pass -f to the shell (for csh or tcsh)\n\
|
||||
- -m, --preserve-environment do not reset environment variables\n\
|
||||
- -p same as -m\n\
|
||||
- -s, --shell <shell> run shell if /etc/shells allows it\n\
|
||||
-"), stdout);
|
||||
-
|
||||
- fputs(USAGE_SEPARATOR, stdout);
|
||||
- fputs(USAGE_HELP, stdout);
|
||||
- fputs(USAGE_VERSION, stdout);
|
||||
- printf(USAGE_MAN_TAIL("su(1)"));
|
||||
- }
|
||||
+ if (su_mode == RUNUSER_MODE) {
|
||||
+ fputs(USAGE_HEADER, stdout);
|
||||
+ printf (_(" %s [options] -u <USER> COMMAND\n"), program_invocation_short_name);
|
||||
+ printf (_(" %s [options] [-] [USER [arg]...]\n"), program_invocation_short_name);
|
||||
+ fputs (_("\n"
|
||||
+ "Run COMMAND with the effective <user> id and group id. If -u not\n"
|
||||
+ "given, fallback to su(1) compatible semantic and shell is executed.\n"
|
||||
+ "The options -l, -c, -f, -s are mutually exclusive to -u.\n"), stdout);
|
||||
+
|
||||
+ fputs(USAGE_OPTIONS, stdout);
|
||||
+
|
||||
+ fputs (_(
|
||||
+ " -u, --user <user> username\n"), stdout);
|
||||
+
|
||||
+ } else {
|
||||
+ fputs(USAGE_HEADER, stdout);
|
||||
+ printf (_(" %s [options] [-] [USER [arg]...]\n"), program_invocation_short_name);
|
||||
+ fputs (_("\n"
|
||||
+ "Change the effective user id and group id to that of USER.\n"
|
||||
+ "A mere - implies -l. If USER not given, assume root.\n"), stdout);
|
||||
+
|
||||
+ fputs(USAGE_OPTIONS, stdout);
|
||||
+ }
|
||||
+
|
||||
+ fputs (_(
|
||||
+ " -m, -p, --preserve-environment do not reset environment variables\n"
|
||||
+ " -g, --group <group> specify the primary group\n"
|
||||
+ " -G, --supp-group <group> specify a supplemental group\n\n"), stdout);
|
||||
+
|
||||
+ fputs (_(
|
||||
+ " -, -l, --login make the shell a login shell\n"
|
||||
+ " -c, --command <command> pass a single command to the shell with -c\n"
|
||||
+ " --session-command <command> pass a single command to the shell with -c\n"
|
||||
+ " and do not create a new session\n"
|
||||
+ " -f, --fast pass -f to the shell (for csh or tcsh)\n"
|
||||
+ " -s, --shell <shell> run shell if /etc/shells allows it\n"), stdout);
|
||||
+
|
||||
+ fputs(USAGE_SEPARATOR, stdout);
|
||||
+ fputs(USAGE_HELP, stdout);
|
||||
+ fputs(USAGE_VERSION, stdout);
|
||||
+ printf(USAGE_MAN_TAIL(su_mode == SU_MODE ? "su(1)" : "runuser(1)"));
|
||||
exit (status);
|
||||
}
|
||||
|
||||
@@ -635,7 +649,7 @@ int
|
||||
su_main (int argc, char **argv, int mode)
|
||||
{
|
||||
int optc;
|
||||
- const char *new_user = DEFAULT_USER;
|
||||
+ const char *new_user = DEFAULT_USER, *runuser_user = NULL;
|
||||
char *command = NULL;
|
||||
int request_same_session = 0;
|
||||
char *shell = NULL;
|
||||
@@ -655,6 +669,7 @@ su_main (int argc, char **argv, int mode)
|
||||
{"shell", required_argument, NULL, 's'},
|
||||
{"group", required_argument, NULL, 'g'},
|
||||
{"supp-group", required_argument, NULL, 'G'},
|
||||
+ {"user", required_argument, NULL, 'u'}, /* runuser only */
|
||||
{"help", no_argument, 0, 'h'},
|
||||
{"version", no_argument, 0, 'V'},
|
||||
{NULL, 0, NULL, 0}
|
||||
@@ -670,7 +685,7 @@ su_main (int argc, char **argv, int mode)
|
||||
simulate_login = false;
|
||||
change_environment = true;
|
||||
|
||||
- while ((optc = getopt_long (argc, argv, "c:fg:G:lmps:hV", longopts, NULL)) != -1)
|
||||
+ while ((optc = getopt_long (argc, argv, "+c:fg:G:lmps:u:hV", longopts, NULL)) != -1)
|
||||
{
|
||||
switch (optc)
|
||||
{
|
||||
@@ -720,6 +735,12 @@ su_main (int argc, char **argv, int mode)
|
||||
shell = optarg;
|
||||
break;
|
||||
|
||||
+ case 'u':
|
||||
+ if (su_mode != RUNUSER_MODE)
|
||||
+ usage (EXIT_FAILURE);
|
||||
+ runuser_user = optarg;
|
||||
+ break;
|
||||
+
|
||||
case 'h':
|
||||
usage(0);
|
||||
|
||||
@@ -739,8 +760,21 @@ su_main (int argc, char **argv, int mode)
|
||||
simulate_login = true;
|
||||
++optind;
|
||||
}
|
||||
- if (optind < argc)
|
||||
+
|
||||
+ /* if not "-u <user>" specified then fallback to classic su(1) */
|
||||
+ if (!runuser_user && optind < argc)
|
||||
new_user = argv[optind++];
|
||||
+ else {
|
||||
+ /* runuser -u <command> */
|
||||
+ new_user = runuser_user;
|
||||
+ if (shell || fast_startup || command || simulate_login) {
|
||||
+ errx(EXIT_FAILURE,
|
||||
+ _("options --{shell,fast,command,session-command,login} and "
|
||||
+ "--user are mutually exclusive."));
|
||||
+ }
|
||||
+ if (optind == argc)
|
||||
+ errx(EXIT_FAILURE, _("COMMAND not specified."));
|
||||
+ }
|
||||
|
||||
if ((num_supp_groups || use_gid) && restricted)
|
||||
errx(EXIT_FAILURE, _("only root can specify alternative groups"));
|
||||
@@ -784,18 +818,23 @@ su_main (int argc, char **argv, int mode)
|
||||
if (request_same_session || !command || !pw->pw_uid)
|
||||
same_session = 1;
|
||||
|
||||
- if (!shell && !change_environment)
|
||||
- shell = getenv ("SHELL");
|
||||
- if (shell && getuid () != 0 && restricted_shell (pw->pw_shell))
|
||||
- {
|
||||
- /* The user being su'd to has a nonstandard shell, and so is
|
||||
- probably a uucp account or has restricted access. Don't
|
||||
- compromise the account by allowing access with a standard
|
||||
- shell. */
|
||||
- warnx (_("using restricted shell %s"), pw->pw_shell);
|
||||
- shell = NULL;
|
||||
- }
|
||||
- shell = xstrdup (shell ? shell : pw->pw_shell);
|
||||
+ /* initialize shell variable only if "-u <user>" not specified */
|
||||
+ if (runuser_user) {
|
||||
+ shell = NULL;
|
||||
+ } else {
|
||||
+ if (!shell && !change_environment)
|
||||
+ shell = getenv ("SHELL");
|
||||
+ if (shell && getuid () != 0 && restricted_shell (pw->pw_shell))
|
||||
+ {
|
||||
+ /* The user being su'd to has a nonstandard shell, and so is
|
||||
+ probably a uucp account or has restricted access. Don't
|
||||
+ compromise the account by allowing access with a standard
|
||||
+ shell. */
|
||||
+ warnx (_("using restricted shell %s"), pw->pw_shell);
|
||||
+ shell = NULL;
|
||||
+ }
|
||||
+ shell = xstrdup (shell ? shell : pw->pw_shell);
|
||||
+ }
|
||||
|
||||
init_groups (pw, groups, num_supp_groups);
|
||||
|
||||
@@ -814,7 +853,12 @@ su_main (int argc, char **argv, int mode)
|
||||
if (simulate_login && chdir (pw->pw_dir) != 0)
|
||||
warn (_("warning: cannot change directory to %s"), pw->pw_dir);
|
||||
|
||||
- run_shell (shell, command, argv + optind, max (0, argc - optind));
|
||||
+ if (shell)
|
||||
+ run_shell (shell, command, argv + optind, max (0, argc - optind));
|
||||
+ else {
|
||||
+ execvp(argv[optind], &argv[optind]);
|
||||
+ err(EXIT_FAILURE, _("executing %s failed"), argv[optind]);
|
||||
+ }
|
||||
}
|
||||
|
||||
// vim: sw=2 cinoptions=>4,n-2,{2,^-2,\:2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1
|
||||
diff --git a/login-utils/su.1 b/login-utils/su.1
|
||||
index 59e1731..c82b941 100644
|
||||
--- a/login-utils/su.1
|
||||
+++ b/login-utils/su.1
|
||||
@@ -216,6 +216,7 @@ command specific logindef config file
|
||||
global logindef config file
|
||||
.PD 1
|
||||
.SH "SEE ALSO"
|
||||
+.BR runuser (8),
|
||||
.BR pam (8),
|
||||
.BR shells (5),
|
||||
.BR login.defs (5)
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,26 +0,0 @@
|
||||
From 69658513d00635048f5de76ed73f4a43a61d374d Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Thu, 1 Nov 2012 13:12:02 +0100
|
||||
Subject: [PATCH] build-sys: move runuser to sbin dir
|
||||
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
login-utils/Makemodule.am | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/login-utils/Makemodule.am b/login-utils/Makemodule.am
|
||||
index e26d9a7..0d8e8b1 100644
|
||||
--- a/login-utils/Makemodule.am
|
||||
+++ b/login-utils/Makemodule.am
|
||||
@@ -94,7 +94,7 @@ endif
|
||||
|
||||
|
||||
if BUILD_RUNUSER
|
||||
-bin_PROGRAMS += runuser
|
||||
+sbin_PROGRAMS += runuser
|
||||
dist_man_MANS += login-utils/runuser.1
|
||||
runuser_SOURCES = \
|
||||
login-utils/runuser.c \
|
||||
--
|
||||
1.7.11.7
|
||||
|
@ -1,62 +0,0 @@
|
||||
From 360e088738aa792bf6c52e777d64b5163b45362a Mon Sep 17 00:00:00 2001
|
||||
From: Karel Zak <kzak@redhat.com>
|
||||
Date: Wed, 7 Nov 2012 15:20:39 +0100
|
||||
Subject: [PATCH] su: fix "COMMAND not specified" error
|
||||
|
||||
# su
|
||||
su: COMMAND not specified
|
||||
|
||||
This error message make sense for "runuser -u <user> <command>" only.
|
||||
|
||||
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=872787
|
||||
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||||
---
|
||||
login-utils/su-common.c | 29 +++++++++++++++++++----------
|
||||
1 file changed, 19 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
|
||||
index 1fa76c8..5abdc84 100644
|
||||
--- a/login-utils/su-common.c
|
||||
+++ b/login-utils/su-common.c
|
||||
@@ -761,19 +761,28 @@ su_main (int argc, char **argv, int mode)
|
||||
++optind;
|
||||
}
|
||||
|
||||
- /* if not "-u <user>" specified then fallback to classic su(1) */
|
||||
- if (!runuser_user && optind < argc)
|
||||
- new_user = argv[optind++];
|
||||
- else {
|
||||
- /* runuser -u <command> */
|
||||
- new_user = runuser_user;
|
||||
- if (shell || fast_startup || command || simulate_login) {
|
||||
- errx(EXIT_FAILURE,
|
||||
+ switch (su_mode) {
|
||||
+ case RUNUSER_MODE:
|
||||
+ if (runuser_user) {
|
||||
+ /* runuser -u <user> <command> */
|
||||
+ new_user = runuser_user;
|
||||
+ if (shell || fast_startup || command || simulate_login) {
|
||||
+ errx(EXIT_FAILURE,
|
||||
_("options --{shell,fast,command,session-command,login} and "
|
||||
"--user are mutually exclusive."));
|
||||
+ }
|
||||
+ if (optind == argc)
|
||||
+ errx(EXIT_FAILURE, _("COMMAND not specified."));
|
||||
+
|
||||
+ break;
|
||||
}
|
||||
- if (optind == argc)
|
||||
- errx(EXIT_FAILURE, _("COMMAND not specified."));
|
||||
+ /* fallthrough if -u <user> is not specified, then follow
|
||||
+ * traditional su(1) behavior
|
||||
+ */
|
||||
+ case SU_MODE:
|
||||
+ if (optind < argc)
|
||||
+ new_user = argv[optind++];
|
||||
+ break;
|
||||
}
|
||||
|
||||
if ((num_supp_groups || use_gid) && restricted)
|
||||
--
|
||||
1.7.11.7
|
||||
|
2
sources
2
sources
@ -1,2 +1,2 @@
|
||||
eeacbfdd2556acd899a2d0ffdb446185 util-linux-2.22.2.tar.xz
|
||||
a02aac97c74259ca1b24972c89147ca4 floppy-0.18.tar.bz2
|
||||
62a5e17c2710da8974e55c6fa5711122 util-linux-2.23-rc1.tar.xz
|
||||
|
@ -1,49 +0,0 @@
|
||||
diff -up util-linux-2.22.2/sys-utils/ipcs.c.kzak util-linux-2.22.2/sys-utils/ipcs.c
|
||||
--- util-linux-2.22.2/sys-utils/ipcs.c.kzak 2012-12-12 21:04:47.976355744 +0100
|
||||
+++ util-linux-2.22.2/sys-utils/ipcs.c 2013-02-19 16:12:54.712551108 +0100
|
||||
@@ -264,6 +264,27 @@ static void print_perms (int id, struct
|
||||
printf(" %-10u\n", ipcp->gid);
|
||||
}
|
||||
|
||||
+static unsigned long long
|
||||
+shminfo_from_proc(const char *name, unsigned long def)
|
||||
+{
|
||||
+ char path[256];
|
||||
+ char buf[64];
|
||||
+ FILE *f;
|
||||
+ unsigned long long res = def;
|
||||
+
|
||||
+ if (!name)
|
||||
+ return res;
|
||||
+
|
||||
+ snprintf(path, sizeof(path), "/proc/sys/kernel/%s", name);
|
||||
+
|
||||
+ if (!(f = fopen(path, "r")))
|
||||
+ return res;
|
||||
+ if (fgets(buf, sizeof(buf), f))
|
||||
+ res = atoll(buf);
|
||||
+ fclose(f);
|
||||
+ return res;
|
||||
+}
|
||||
+
|
||||
void do_shm (char format)
|
||||
{
|
||||
int maxid, shmid, id;
|
||||
@@ -288,12 +309,12 @@ void do_shm (char format)
|
||||
* glibc 2.1.3 and all earlier libc's have ints as fields of
|
||||
* struct shminfo; glibc 2.1.91 has unsigned long; ach
|
||||
*/
|
||||
- printf (_("max number of segments = %lu\n"),
|
||||
- (unsigned long) shminfo.shmmni);
|
||||
- printf (_("max seg size (kbytes) = %lu\n"),
|
||||
- (unsigned long) (shminfo.shmmax >> 10));
|
||||
+ printf (_("max number of segments = %llu\n"),
|
||||
+ shminfo_from_proc("shmmni", shminfo.shmmni));
|
||||
+ printf (_("max seg size (kbytes) = %llu\n"),
|
||||
+ (shminfo_from_proc("shmmax", shminfo.shmmax) >> 10));
|
||||
printf (_("max total shared memory (kbytes) = %llu\n"),
|
||||
- getpagesize() / 1024 * (unsigned long long) shminfo.shmall);
|
||||
+ getpagesize() / 1024 * shminfo_from_proc("shmall", shminfo.shmall));
|
||||
printf (_("min seg size (bytes) = %lu\n"),
|
||||
(unsigned long) shminfo.shmmin);
|
||||
return;
|
@ -1,13 +1,13 @@
|
||||
### Header
|
||||
Summary: A collection of basic system utilities
|
||||
Name: util-linux
|
||||
Version: 2.22.2
|
||||
Release: 6%{?dist}
|
||||
License: GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ and BSD with advertising and Public Domain
|
||||
Version: 2.23
|
||||
Release: 0.1%{?dist}
|
||||
License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
|
||||
Group: System Environment/Base
|
||||
URL: http://en.wikipedia.org/wiki/Util-linux
|
||||
|
||||
%define upstream_version %{version}
|
||||
%define upstream_version %{version}-rc1
|
||||
|
||||
### Macros
|
||||
%define floppyver 0.18
|
||||
@ -23,11 +23,8 @@ BuildRequires: zlib-devel
|
||||
BuildRequires: popt-devel
|
||||
BuildRequires: libutempter-devel
|
||||
Buildrequires: systemd-devel
|
||||
|
||||
# because backported su(1) and runuser(1) patches
|
||||
BuildRequires: automake
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: libtool
|
||||
Buildrequires: libuser-devel
|
||||
BuildRequires: libcap-ng-devel
|
||||
|
||||
### Sources
|
||||
Source0: ftp://ftp.kernel.org/pub/linux/utils/util-linux/v2.22/util-linux-%{upstream_version}.tar.xz
|
||||
@ -88,40 +85,6 @@ Patch2: util-linux-2.19-floppy-generic.patch
|
||||
###
|
||||
# 151635 - makeing /var/log/lastlog
|
||||
Patch3: util-linux-ng-2.22-login-lastlog.patch
|
||||
# 231192 - ipcs is not printing correct values on pLinux
|
||||
Patch4: util-linux-2.22-ipcs-32bit.patch
|
||||
|
||||
###
|
||||
### Upstream patches (2.23 or 2.22.x)
|
||||
# 889888 - wipefs does not completely wipe btrfs volume
|
||||
Patch100: libblkid-add-support-for-btrfs-backup-superblock.patch
|
||||
# 882305 - agetty: unstable /dev/tty* permissions
|
||||
Patch101: agetty-replace-perms-660-to-620.patch
|
||||
# 885314 - hexdump segfault
|
||||
Patch102: hexdump-do-not-segfault-when-iterating-over-an-empty.patch
|
||||
# 896447 - No newlines in piped "cal" command
|
||||
Patch103: cal-don-t-mix-ncurses-output-functions-and-printf.patch
|
||||
# upstream patch
|
||||
Patch104: libblkid-remove-optimization-from-verify-function.patch
|
||||
# 902512 - No boot : Dependency failed for /home (and blkid fails to tell UUID)
|
||||
Patch105: libblkid-make-backup-superblock-visible-for-wipefs-8.patch
|
||||
|
||||
### Upstream patches from master branch (will be v2.23) for su(1) and new
|
||||
### runuser(1) implementation. This is required for the recent coreutils where
|
||||
### is no more su(1).
|
||||
###
|
||||
Patch200: 0200-su-add-group-and-supp-group-options.patch
|
||||
Patch201: 0201-su-move-generic-su-code-to-su-common.c.patch
|
||||
Patch202: 0202-runuser-new-command-derived-from-su-1.patch
|
||||
Patch203: 0203-su-more-robust-getpwuid-for-GNU-Hurt-coreutils-71b7d.patch
|
||||
Patch204: 0204-su-verify-writing-to-streams-was-successful.patch
|
||||
Patch205: 0205-su-move-long-options-to-main.patch
|
||||
Patch206: 0206-su-add-segmentation-fault-reporting-of-the-child-pro.patch
|
||||
Patch207: 0207-su-fixed-a-typo-in-pam-error-message.patch
|
||||
Patch208: 0208-runuser-add-u-to-not-execute-shell.patch
|
||||
Patch209: 0209-build-sys-move-runuser-to-sbin-dir.patch
|
||||
Patch210: 0210-su-fix-COMMAND-not-specified-error.patch
|
||||
|
||||
|
||||
%description
|
||||
The util-linux package contains a large variety of low-level system
|
||||
@ -244,8 +207,6 @@ done
|
||||
%build
|
||||
unset LINGUAS || :
|
||||
|
||||
./autogen.sh
|
||||
|
||||
export CFLAGS="-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 $RPM_OPT_FLAGS"
|
||||
export SUID_CFLAGS="-fpie"
|
||||
export SUID_LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
|
||||
@ -358,8 +319,8 @@ rm -f $RPM_BUILD_ROOT%{_bindir}/cytune $RPM_BUILD_ROOT%{_mandir}/man8/cytune.8*
|
||||
|
||||
# unsupported on s390
|
||||
%ifarch s390 s390x
|
||||
for I in /usr/{bin,sbin}/{fdformat,tunelp,floppy} \
|
||||
%{_mandir}/man8/{fdformat,tunelp,floppy}.8* \
|
||||
for I in /usr/{bin,sbin}/{fdformat,floppy} \
|
||||
%{_mandir}/man8/{fdformat,floppy}.8* \
|
||||
/usr/sbin/{hwclock,clock} \
|
||||
%{_mandir}/man8/{hwclock,clock}.8*; do
|
||||
|
||||
@ -549,6 +510,7 @@ fi
|
||||
%{_bindir}/more
|
||||
%{_bindir}/mountpoint
|
||||
%{_bindir}/namei
|
||||
%{_bindir}/nsenter
|
||||
%{_bindir}/prlimit
|
||||
%{_bindir}/raw
|
||||
%{_bindir}/rename
|
||||
@ -557,6 +519,7 @@ fi
|
||||
%{_bindir}/script
|
||||
%{_bindir}/scriptreplay
|
||||
%{_bindir}/setarch
|
||||
%{_bindir}/setpriv
|
||||
%{_bindir}/setsid
|
||||
%{_bindir}/setterm
|
||||
%{_bindir}/tailf
|
||||
@ -594,6 +557,7 @@ fi
|
||||
%{_mandir}/man1/more.1*
|
||||
%{_mandir}/man1/mountpoint.1*
|
||||
%{_mandir}/man1/namei.1*
|
||||
%{_mandir}/man1/nsenter.1*
|
||||
%{_mandir}/man1/prlimit.1*
|
||||
%{_mandir}/man1/rename.1*
|
||||
%{_mandir}/man1/renice.1*
|
||||
@ -601,6 +565,7 @@ fi
|
||||
%{_mandir}/man1/runuser.1*
|
||||
%{_mandir}/man1/script.1*
|
||||
%{_mandir}/man1/scriptreplay.1*
|
||||
%{_mandir}/man1/setpriv.1*
|
||||
%{_mandir}/man1/setsid.1*
|
||||
%{_mandir}/man1/setterm.1*
|
||||
%{_mandir}/man1/su.1*
|
||||
@ -615,6 +580,7 @@ fi
|
||||
%{_mandir}/man5/fstab.5*
|
||||
%{_mandir}/man8/addpart.8*
|
||||
%{_mandir}/man8/agetty.8*
|
||||
%{_mandir}/man8/blkdiscard.8*
|
||||
%{_mandir}/man8/blkid.8*
|
||||
%{_mandir}/man8/blockdev.8*
|
||||
%{_mandir}/man8/chcpu.8*
|
||||
@ -655,6 +621,7 @@ fi
|
||||
%{_mandir}/man8/wipefs.8*
|
||||
%{_sbindir}/addpart
|
||||
%{_sbindir}/agetty
|
||||
%{_sbindir}/blkdiscard
|
||||
%{_sbindir}/blkid
|
||||
%{_sbindir}/blockdev
|
||||
%{_sbindir}/chcpu
|
||||
@ -692,12 +659,10 @@ fi
|
||||
%{_bindir}/floppy
|
||||
%{_sbindir}/fdformat
|
||||
%{_sbindir}/hwclock
|
||||
%{_sbindir}/tunelp
|
||||
%{_mandir}/man8/fdformat.8*
|
||||
%{_mandir}/man8/floppy.8*
|
||||
%{_mandir}/man8/hwclock.8*
|
||||
%{_mandir}/man8/clock.8*
|
||||
%{_mandir}/man8/tunelp.8*
|
||||
%endif
|
||||
|
||||
%ifnarch %{sparc}
|
||||
@ -780,6 +745,12 @@ fi
|
||||
%{_libdir}/pkgconfig/uuid.pc
|
||||
|
||||
%changelog
|
||||
* Fri Mar 22 2013 Karel Zak <kzak@redhat.com> 2.23-0.1
|
||||
- upgrade to the release 2.22-rc1
|
||||
ftp://ftp.kernel.org/pub/linux/utils/util-linux/v2.23/v2.23-ReleaseNotes
|
||||
- add nsenter and blkdiscard
|
||||
- remove tunelp
|
||||
|
||||
* Wed Feb 20 2013 Karel Zak <kzak@redhat.com> 2.22.2-6
|
||||
- fix #912778 - "runuser -l" doesn't register session to systemd
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user