From 58f2f4eb6e31e7368becb5ee7a3413a5ff25aa8f Mon Sep 17 00:00:00 2001 From: Silvan Calarco Date: Fri, 5 Jan 2024 17:54:48 +0100 Subject: [PATCH] fix error in permissions of suid binaries [release 5.1.2-2mamba;Sun Jul 24 2016] --- VirtualBox-5.0.24-build-gsoap.patch | 11 +++ VirtualBox-5.0.24-ogl-include-path.patch | 43 ++++++++++ VirtualBox.spec | 100 ++++++++++++++++++----- 3 files changed, 132 insertions(+), 22 deletions(-) create mode 100644 VirtualBox-5.0.24-build-gsoap.patch create mode 100644 VirtualBox-5.0.24-ogl-include-path.patch diff --git a/VirtualBox-5.0.24-build-gsoap.patch b/VirtualBox-5.0.24-build-gsoap.patch new file mode 100644 index 0000000..267be96 --- /dev/null +++ b/VirtualBox-5.0.24-build-gsoap.patch @@ -0,0 +1,11 @@ +--- a/src/VBox/Main/webservice/Makefile.kmk 2013-11-21 19:00:46.812761628 +0100 ++++ b/src/VBox/Main/webservice/Makefile.kmk 2014-01-04 04:37:05.803599026 +0100 +@@ -683,7 +683,7 @@ + : $(VBOXWEB_GSOAPH_FROM_GSOAP) $(VBOXWEB_GSOAPH_FROM_XSLT) $(VBOX_NSMAP) $(RECOMPILE_ON_MAKEFILE_CURRENT) | $$(dir $$@) + $(call MSG_GENERATE,,lots of files,$(GSOAPH_RELEVANT)) + $(RM) -f $@ +- $(REDIRECT) -C $(VBOXWEB_OUT_DIR) -- $(VBOX_SOAPCPP2) $(VBOXWEB_SOAPCPP2_SKIP_FILES) -L -2 -w -I$(VBOX_PATH_GSOAP_IMPORT) $(GSOAPH_RELEVANT) ++ $(REDIRECT) -C $(VBOXWEB_OUT_DIR) -- $(VBOX_SOAPCPP2) $(VBOXWEB_SOAPCPP2_SKIP_FILES) -z1 -L -2 -w -I$(VBOX_PATH_GSOAP_IMPORT) $(GSOAPH_RELEVANT) + $(APPEND) $@ done + + # copy the generated headers and stuff. This has to be a separate rule if we diff --git a/VirtualBox-5.0.24-ogl-include-path.patch b/VirtualBox-5.0.24-ogl-include-path.patch new file mode 100644 index 0000000..0d5cb6d --- /dev/null +++ b/VirtualBox-5.0.24-ogl-include-path.patch @@ -0,0 +1,43 @@ +Index: virtualbox/src/VBox/Additions/common/crOpenGL/Makefile.kmk +=================================================================== +--- virtualbox.orig/src/VBox/Additions/common/crOpenGL/Makefile.kmk 2015-04-02 15:44:24.955670965 +0200 ++++ virtualbox/src/VBox/Additions/common/crOpenGL/Makefile.kmk 2015-04-02 15:44:24.955670965 +0200 +@@ -67,18 +67,12 @@ + VBoxOGL_INCS = . + if1of ($(KBUILD_TARGET), linux solaris freebsd) + VBoxOGL_INCS += \ +- $(VBOX_PATH_X11_ROOT)/libXdamage-1.1 \ +- $(VBOX_PATH_X11_ROOT)/libXcomposite-0.4.0 \ +- $(VBOX_PATH_X11_ROOT)/libXext-1.3.1 \ +- $(VBOX_PATH_X11_ROOT)/libXfixes-4.0.3 \ +- $(VBOX_PATH_X11_ROOT)/damageproto-1.1.0 \ +- $(VBOX_PATH_X11_ROOT)/compositeproto-0.4 \ +- $(VBOX_PATH_X11_ROOT)/fixesproto-4.0 \ +- $(VBOX_PATH_X11_ROOT)/libx11-1.1.5-other \ +- $(VBOX_PATH_X11_ROOT)/xextproto-7.1.1 \ +- $(VBOX_PATH_X11_ROOT)/xproto-7.0.18 \ ++ /usr/include/x11 \ ++ /usr/include/xorg \ ++ /usr/include/pixman-1 \ + $(VBOX_MESA_INCS) \ +- $(PATH_ROOT)/src/VBox/Additions/x11/x11include/libdrm-2.4.13 ++ /usr/include/drm \ ++ /usr/include/libdrm + VBoxOGL_DEFS += VBOX_NO_NATIVEGL + endif + +@@ -213,10 +207,10 @@ + + if1of ($(KBUILD_TARGET), linux solaris freebsd) + VBoxOGL_LIBS += \ +- $(PATH_STAGE_LIB)/libXcomposite.so \ +- $(PATH_STAGE_LIB)/libXdamage.so \ +- $(PATH_STAGE_LIB)/libXfixes.so \ +- $(PATH_STAGE_LIB)/libXext.so ++ Xcomposite \ ++ Xdamage \ ++ Xfixes \ ++ Xext + ifdef VBoxOGL_FAKEDRI + ifeq ($(KBUILD_TARGET), freebsd) + VBoxOGL_LIBS += \ diff --git a/VirtualBox.spec b/VirtualBox.spec index 96196da..b7061b9 100644 --- a/VirtualBox.spec +++ b/VirtualBox.spec @@ -17,8 +17,8 @@ %endif Name: VirtualBox -Version: 5.0.16 -Release: 1mamba +Version: 5.1.2 +Release: 2mamba Summary: A general-purpose full virtualizer for x86 hardware Group: Graphical Desktop/Applications/Utilities Vendor: openmamba @@ -40,10 +40,12 @@ Patch3: VirtualBox-4.2.16-vboxusb-permissions.patch Patch4: VirtualBox-4.3.12-gcc-4.9.0.patch Patch5: VirtualBox-4.3.26-vdfuse.patch Patch6: VirtualBox-5.0.4-x86-upstream-buildfixes.patch +Patch7: VirtualBox-5.0.24-build-gsoap.patch +Patch8: VirtualBox-5.0.24-ogl-include-path.patch + License: GPL ## AUTOBUILDREQ-BEGIN BuildRequires: glibc-devel -BuildRequires: libGL-devel BuildRequires: libIDL-devel BuildRequires: libSDL-devel BuildRequires: libX11-devel @@ -64,6 +66,7 @@ BuildRequires: libglib-devel BuildRequires: libopenssl-devel BuildRequires: libpam-devel BuildRequires: libpng-devel +BuildRequires: libpython26-devel BuildRequires: libpython27-devel BuildRequires: libqt4-devel BuildRequires: libstdc++6-devel @@ -82,6 +85,7 @@ BuildRequires: latex-font-bera BuildRequires: gsoap-devel BuildRequires: jdk BuildRequires: libfuse-devel +BuildRequires: librtmp-devel Provides: kernelvboxdrv Obsoletes: kernelvboxdrv Requires(post):kernelheaders @@ -160,15 +164,42 @@ Kernel DRM driver for VirtualBox guest machines. #%patch3 -p1 %patch5 -p1 #%patch6 -p2 +%patch7 -p1 +%patch8 -p1 + +echo "\ +VBOX_WITH_ORIGIN := +VBOX_PATH_APP_PRIVATE_ARCH := %{_libdir}/VirtualBox +VBOX_PATH_SHARED_LIBS := \$(VBOX_PATH_APP_PRIVATE_ARCH) +VBOX_WITH_RUNPATH := \$(VBOX_PATH_APP_PRIVATE_ARCH) +VBOX_PATH_APP_PRIVATE := \$(VBOX_PATH_APP_PRIVATE_ARCH) +VBOX_PATH_APP_DOCS := %{_docdir}/VirtualBox +VBOX_PATH_PACKAGE_DOCS := \$(VBOX_PATH_APP_DOCS) +VBOX_GCC_WERR= +VBOX_GCC_WARN= +VBOX_WITH_TESTCASES= +VBOX_WITH_TESTSUITE= +VBOX_WITH_VALIDATIONKIT= +VBOX_VERSION_STRING=\$(VBOX_VERSION_MAJOR).\$(VBOX_VERSION_MINOR).\$(VBOX_VERSION_BUILD)_openmamba +VBOX_JAVA_HOME=%{_jvmdir}/jdk +# fix gsoap missing zlib include and produce errors with --as-needed +VBOX_GSOAP_CXX_LIBS := gsoapssl++ z +# use system xorg +VBOX_USE_SYSTEM_XORG_HEADERS = 1 +# no update request +VBOX_WITH_UPDATE_REQUEST := 0 +VBOX_GCC_OPT=%{optflags}" > LocalConfig.kmk %build -#:<< _EOF export CFLAGS="%optflags" export CXXFLAGS="%optflags" + +#:<< _EOF + ./configure \ + --enable-webservice \ + --enable-vde \ --disable-kmods \ - --disable-pulse \ - --disable-hardening \ --with-gcc=%{_host}-gcc \ --with-g++=%{_host}-g++ \ --enable-vnc \ @@ -176,20 +207,21 @@ export CXXFLAGS="%optflags" --disable-java %endif +#_EOF + +# --disable-hardening \ # --enable-webservice \ . ./env.sh -kmk %{?_smp_mflags} VBOX_GCC_WERR= \ - VBOX_VERSION_STRING='$(VBOX_VERSION_MAJOR).$(VBOX_VERSION_MINOR).$(VBOX_VERSION_BUILD)'_openmamba \ - VBOX_JAVA_HOME=%{_jvmdir}/jdk \ - EB_LD=ld.bfd || true +kmk %{?_smp_mflags} EB_LD=ld.bfd +# || true -# workaround -kmk VBOX_GCC_WERR= \ - VBOX_VERSION_STRING='$(VBOX_VERSION_MAJOR).$(VBOX_VERSION_MINOR).$(VBOX_VERSION_BUILD)'_openmamba \ - VBOX_JAVA_HOME=%{_jvmdir}/jdk \ - EB_LD=ld.bfd || true +## workaround +#kmk VBOX_GCC_WERR= \ +# VBOX_VERSION_STRING='$(VBOX_VERSION_MAJOR).$(VBOX_VERSION_MINOR).$(VBOX_VERSION_BUILD)'_openmamba \ +# VBOX_JAVA_HOME=%{_jvmdir}/jdk \ +# EB_LD=ld.bfd || true ## files that needs editing before they can be included in the generic installer. #sed "s|\%NOLSB\%|yes|g; \ @@ -208,10 +240,9 @@ kmk VBOX_GCC_WERR= \ install -d %{buildroot}%{_libdir}/%{name} cp -a out/*/release/bin/* %{buildroot}%{_libdir}/%{name}/ -cp -a out/*/release/obj/VirtualBox/VirtualBox %{buildroot}%{_libdir}/%{name}/ install -d %{buildroot}%{_libdir}/xorg/modules/drivers -mv %{buildroot}%{_libdir}/%{name}/additions/vboxvideo_drv_%{xorgdrvver}.so %{buildroot}%{_libdir}/xorg/modules/drivers/vboxvideo_drv.so +mv %{buildroot}%{_libdir}/%{name}/additions/vboxvideo_drv_system.so %{buildroot}%{_libdir}/xorg/modules/drivers/vboxvideo_drv.so rm -f %{buildroot}%{_libdir}/%{name}/additions/vboxvideo_drv* install -d %{buildroot}%{_libdir}/dri @@ -256,7 +287,9 @@ install -D -m0755 src/VBox/Installer/linux/vboxweb-service.sh %{buildroot}%{_ini # install udev rules install -d %{buildroot}/lib/udev/rules.d/ cat > %{buildroot}/lib/udev/rules.d/59-vboxdrv.rules << EOF -KERNEL=="vboxdrv", MODE="0666" +KERNEL=="vboxdrv", NAME="vboxdrv", OWNER="root", GROUP="root", MODE="0600" +KERNEL=="vboxdrvu", NAME="vboxdrvu", OWNER="root", GROUP="root", MODE="0666" +KERNEL=="vboxnetctl", NAME="vboxnetctl", OWNER="root", GROUP="root", MODE="0600" SUBSYSTEM=="usb_device", ACTION=="add", RUN="VBoxCreateUSBNode.sh \$major \$minor \$attr{bDeviceClass}" SUBSYSTEM=="usb", ACTION=="add", ENV{DEVTYPE}=="usb_device", RUN="VBoxCreateUSBNode.sh \$major \$minor \$attr{bDeviceClass}" SUBSYSTEM=="usb_device", ACTION=="remove", RUN="VBoxCreateUSBNode.sh --remove \$major \$minor" @@ -286,6 +319,7 @@ rm -f %{buildroot}%{_libdir}/%{name}/tst* #rm -f %{buildroot}%{_libdir}/%{name}/*.ko rm -rf %{buildroot}%{_libdir}/%{name}/VBoxPython2_4.so +rm -rf %{buildroot}%{_libdir}/%{name}/VBoxPython2_6.so # install additions mv %{buildroot}%{_libdir}/%{name}/additions/VBoxOGL*.so %{buildroot}%{_libdir}/ @@ -508,7 +542,14 @@ fi %{_libdir}/%{name}/vboxweb-service.sh %{_libdir}/%{name}/SUPInstall %{_libdir}/%{name}/SUPUninstall -%{_libdir}/%{name}/VirtualBox +%attr(4755,root,root) %{_libdir}/%{name}/VirtualBox +%attr(4755,root,root) %{_libdir}/%{name}/VBoxSDL +%attr(4755,root,root) %{_libdir}/%{name}/VBoxHeadless +%attr(4755,root,root) %{_libdir}/%{name}/VBoxNetDHCP +%attr(4755,root,root) %{_libdir}/%{name}/VBoxNetAdpCtl +%attr(4755,root,root) %{_libdir}/%{name}/VBoxNetNAT +%{_libdir}/%{name}/VirtualBox.so +%{_libdir}/%{name}/*.sh %{_libdir}/%{name}/VBox* %{_libdir}/%{name}/VMMRC.rc %{_libdir}/%{name}/VMMRC.debug @@ -531,8 +572,8 @@ fi %{_libdir}/VirtualBox/dtrace/lib/* %dir %{_libdir}/VirtualBox/dtrace/testcase %{_libdir}/VirtualBox/dtrace/testcase/* -%dir %{_libdir}/%{name}/helpers -%{_libdir}/%{name}/helpers/generate_service_file +#%dir %{_libdir}/%{name}/helpers +#%{_libdir}/%{name}/helpers/generate_service_file %dir %{_libdir}/%{name}/icons %{_libdir}/%{name}/icons/* %{_libdir}/VirtualBox/rdesktop-vrdp @@ -560,7 +601,7 @@ fi #%{_libdir}/%{name}/UserManual.pdf #%{_libdir}/%{name}/webtest #%lang(fr) %{_libdir}/%{name}/UserManual_fr_FR.pdf -%{_libdir}/%{name}/vbox-img +#%{_libdir}/%{name}/vbox-img %{_libdir}/%{name}/vbox-run.sh %{_libdir}/%{name}/vboxkeyboard.tar.bz2 %{_libdir}/%{name}/vboxshell.py @@ -580,6 +621,8 @@ fi %files web %defattr(-,root,root) %{_initrddir}/vboxweb-service +%{_libdir}/VirtualBox/vboxwebsrv +%{_libdir}/VirtualBox/webtest %{_bindir}/vboxwebsrv #%{_libdir}/%{name}/vboxwebsrv @@ -591,6 +634,7 @@ fi %files additions %defattr(-,root,root) %{_initrddir}/vboxadd +%{_libdir}/VirtualBox/additions/VBoxEGL.so %{_libdir}/VBoxOGL*.so %{_sbindir}/VBoxClient %{_sbindir}/VBoxControl @@ -613,6 +657,18 @@ fi %{_prefix}/src/vboxvideo-%{version}/* %changelog +* Sun Jul 24 2016 Silvan Calarco 5.1.2-2mamba +- fix error in permissions of suid binaries + +* Sat Jul 23 2016 Automatic Build System 5.1.2-1mamba +- automatic version update by autodist + +* Tue Jul 12 2016 Silvan Calarco 5.0.24-2mamba +- fixes to maker hardened version work + +* Mon Jul 11 2016 Automatic Build System 5.0.24-1mamba +- automatic version update by autodist + * Mon Mar 07 2016 Automatic Build System 5.0.16-1mamba - automatic version update by autodist