remove conflicting infodir dir file [release 9.5-2mamba;Sat Mar 30 2024]

This commit is contained in:
Silvan Calarco 2024-04-01 20:23:25 +02:00
parent 248e60b998
commit c26754df5e
12 changed files with 500 additions and 1909 deletions

View File

@ -1,18 +0,0 @@
--- coreutils-5.2.1/src/su.c.badpaths Tue Apr 05 14:26:55 2005
+++ coreutils-5.2.1/src/su.c Tue Apr 05 14:40:21 EDT 2005
@@ -147,6 +147,15 @@
#define DEFAULT_ROOT_LOGIN_PATH "/usr/ucb:/bin:/usr/bin:/etc"
#endif
+/* The default paths which get set are both bogus and oddly influenced
+ by <paths.h> and -D on the commands line. Just to be clear, we'll set
+ these explicitly. -ewt */
+#undef DEFAULT_LOGIN_PATH
+#undef DEFAULT_ROOT_LOGIN_PATH
+#define DEFAULT_LOGIN_PATH "/bin:/usr/bin:/usr/local/bin"
+#define DEFAULT_ROOT_LOGIN_PATH \
+ "/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin"
+
/* The shell to run if none is given in the user's passwd entry. */
#define DEFAULT_SHELL "/bin/sh"

View File

@ -1,60 +0,0 @@
diff -ru coreutils-6.9.orig/lib/utimens.c coreutils-6.9/lib/utimens.c
--- coreutils-6.9.orig/lib/utimens.c 2007-01-18 09:33:34.000000000 +0100
+++ coreutils-6.9/lib/utimens.c 2008-01-23 18:53:02.000000000 +0100
@@ -75,7 +75,7 @@
Return 0 on success, -1 (setting errno) on failure. */
int
-futimens (int fd ATTRIBUTE_UNUSED,
+cu_futimens (int fd ATTRIBUTE_UNUSED,
char const *file, struct timespec const timespec[2])
{
/* Some Linux-based NFS clients are buggy, and mishandle time stamps
@@ -185,5 +185,5 @@
int
utimens (char const *file, struct timespec const timespec[2])
{
- return futimens (-1, file, timespec);
+ return cu_futimens (-1, file, timespec);
}
diff -ru coreutils-6.9.orig/lib/utimens.h coreutils-6.9/lib/utimens.h
--- coreutils-6.9.orig/lib/utimens.h 2008-01-23 18:49:40.000000000 +0100
+++ coreutils-6.9/lib/utimens.h 2008-01-23 18:53:03.000000000 +0100
@@ -1,3 +1,3 @@
#include <time.h>
-int futimens (int, char const *, struct timespec const [2]);
+int cu_futimens (int, char const *, struct timespec const [2]);
int utimens (char const *, struct timespec const [2]);
diff -ru coreutils-6.9.orig/src/copy.c coreutils-6.9/src/copy.c
--- coreutils-6.9.orig/src/copy.c 2007-03-18 22:36:43.000000000 +0100
+++ coreutils-6.9/src/copy.c 2008-01-23 18:50:53.000000000 +0100
@@ -518,7 +518,7 @@
timespec[0] = get_stat_atime (src_sb);
timespec[1] = get_stat_mtime (src_sb);
- if (futimens (dest_desc, dst_name, timespec) != 0)
+ if (cu_futimens (dest_desc, dst_name, timespec) != 0)
{
error (0, errno, _("preserving times for %s"), quote (dst_name));
if (x->require_preserve)
diff -ru coreutils-6.9.orig/src/touch.c coreutils-6.9/src/touch.c
--- coreutils-6.9.orig/src/touch.c 2007-03-18 22:36:43.000000000 +0100
+++ coreutils-6.9/src/touch.c 2008-01-23 18:50:54.000000000 +0100
@@ -167,7 +167,7 @@
if (amtime_now)
{
- /* Pass NULL to futimens so it will not fail if we have
+ /* Pass NULL to cu_futimens so it will not fail if we have
write access to the file, but don't own it. */
t = NULL;
}
@@ -182,7 +182,7 @@
t = timespec;
}
- ok = (futimens (fd, (fd == STDOUT_FILENO ? NULL : file), t) == 0);
+ ok = (cu_futimens (fd, (fd == STDOUT_FILENO ? NULL : file), t) == 0);
if (fd == STDIN_FILENO)
{

View File

@ -1,13 +0,0 @@
diff -ru coreutils-6.9.orig/src/su.c coreutils-6.9/src/su.c
--- coreutils-6.9.orig/src/su.c 2007-04-19 12:05:12.000000000 +0200
+++ coreutils-6.9/src/su.c 2007-04-19 12:07:56.000000000 +0200
@@ -387,6 +387,9 @@
xsetenv ("USER", pw->pw_name);
xsetenv ("LOGNAME", pw->pw_name);
}
+ xsetenv ("PATH", (pw->pw_uid
+ ? DEFAULT_LOGIN_PATH
+ : DEFAULT_ROOT_LOGIN_PATH));
}
}
}

View File

@ -1,58 +0,0 @@
--- coreutils-6.9/src/uname.c.orig 2007-04-17 16:52:43.000000000 +0200
+++ coreutils-6.9/src/uname.c 2007-04-17 17:08:42.000000000 +0200
@@ -287,6 +287,36 @@
# endif
}
#endif
+ if (element == unknown)
+ {
+ struct utsname name;
+ static char processor[sizeof (name.machine)];
+ if (uname (&name) != 0)
+ error (EXIT_FAILURE, errno, _("cannot get system name"));
+ strcpy (processor, name.machine);
+ element = processor;
+#ifdef __linux__
+ if (!strcmp (element, "i686"))
+ {
+ /* Check for Athlon */
+ char line[1024];
+ FILE *f = fopen ("/proc/cpuinfo", "r");
+ if (f)
+ {
+ while (fgets (line, sizeof (line), f) > 0)
+ {
+ if (strncmp (line, "vendor_id", 9) == 0)
+ {
+ if (strstr (line, "AuthenticAMD"))
+ element = "athlon";
+ break;
+ }
+ }
+ fclose (f);
+ }
+ }
+#endif
+ }
if (! (toprint == UINT_MAX && element == unknown))
print_element (element);
}
@@ -312,6 +342,18 @@
element = hardware_platform;
}
#endif
+ if (element == unknown)
+ {
+ struct utsname name;
+ static char hardware_platform[sizeof (name.machine)];
+ if (uname (&name) != 0)
+ error (EXIT_FAILURE, errno, _("cannot get system name"));
+ strcpy (hardware_platform, name.machine);
+ if (hardware_platform[0] == 'i' && hardware_platform[2] == '8'
+ && hardware_platform[3] == '6' && hardware_platform[4] == 0)
+ hardware_platform[1] = '3';
+ element = hardware_platform;
+ }
if (! (toprint == UINT_MAX && element == unknown))
print_element (element);
}

View File

@ -1,12 +0,0 @@
diff -Nru coreutils-7.6.orig/src/date.c coreutils-7.6/src/date.c
--- coreutils-7.6.orig/src/date.c 2009-09-01 13:01:16.000000000 +0200
+++ coreutils-7.6/src/date.c 2009-10-11 13:18:29.000000000 +0200
@@ -456,7 +456,7 @@
written by date, which means "date" must generate output
using the POSIX locale; but adding _() would cause "date"
to use a Korean translation of the format. */
- format = "%a %b %e %H:%M:%S %Z %Y";
+ format = dcgettext(NULL, N_("%a %b %e %H:%M:%S %Z %Y"), LC_TIME);
}
}

View File

@ -1,55 +0,0 @@
Submitted by: William Immendorf <will.immendorf@gmail.com>
Date: 2010-05-08
Inital Package Version: 8.5
Origin: http://cvs.fedoraproject.org/viewvc/devel/coreutils/coreutils-8.2-uname-processortype.patch
Upstream Status: Rejected
Description: Fixes the output of uname's -i and -p parameters
diff -Naur coreutils-8.5.orig/src/uname.c coreutils-8.5/src/uname.c
--- coreutils-8.5.orig/src/uname.c 2010-05-08 11:50:59.153186845 -0500
+++ coreutils-8.5/src/uname.c 2010-05-08 11:51:14.254062912 -0500
@@ -301,13 +301,19 @@
if (toprint & PRINT_PROCESSOR)
{
- char const *element = unknown;
+ char *element = unknown;
#if HAVE_SYSINFO && defined SI_ARCHITECTURE
{
static char processor[257];
if (0 <= sysinfo (SI_ARCHITECTURE, processor, sizeof processor))
element = processor;
}
+#else
+ {
+ struct utsname u;
+ uname(&u);
+ element = u.machine;
+ }
#endif
#ifdef UNAME_PROCESSOR
if (element == unknown)
@@ -345,7 +351,7 @@
if (toprint & PRINT_HARDWARE_PLATFORM)
{
- char const *element = unknown;
+ char *element = unknown;
#if HAVE_SYSINFO && defined SI_PLATFORM
{
static char hardware_platform[257];
@@ -353,6 +359,14 @@
hardware_platform, sizeof hardware_platform))
element = hardware_platform;
}
+#else
+ {
+ struct utsname u;
+ uname(&u);
+ element = u.machine;
+ if(strlen(element)==4 && element[0]=='i' && element[2]=='8' && element[3]=='6')
+ element[1]='3';
+ }
#endif
#ifdef UNAME_HARDWARE_PLATFORM
if (element == unknown)

View File

@ -1,153 +0,0 @@
From 8c022656320592dbad146f5d3a3ae1875f419446 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu, 5 Mar 2020 17:25:29 -0800
Subject: [PATCH 1/2] ls: restore 8.31 behavior on removed directories
* NEWS: Mention this.
* src/ls.c: Do not include <sys/sycall.h>
(print_dir): Don't worry about whether the directory is removed.
* tests/ls/removed-directory.sh: Adjust to match new (i.e., old)
behavior.
Upstream-commit: 10fcb97bd728f09d4a027eddf8ad2900f0819b0a
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
src/ls.c | 22 ----------------------
tests/ls/removed-directory.sh | 10 ++--------
2 files changed, 2 insertions(+), 30 deletions(-)
diff --git a/src/ls.c b/src/ls.c
index 9d25f62..850ecc2 100644
--- a/src/ls.c
+++ b/src/ls.c
@@ -49,10 +49,6 @@
# include <sys/ptem.h>
#endif
-#ifdef __linux__
-# include <sys/syscall.h>
-#endif
-
#include <stdio.h>
#include <assert.h>
#include <setjmp.h>
@@ -2896,7 +2892,6 @@ print_dir (char const *name, char const *realname, bool command_line_arg)
struct dirent *next;
uintmax_t total_blocks = 0;
static bool first = true;
- bool found_any_entries = false;
errno = 0;
dirp = opendir (name);
@@ -2972,7 +2967,6 @@ print_dir (char const *name, char const *realname, bool command_line_arg)
next = readdir (dirp);
if (next)
{
- found_any_entries = true;
if (! file_ignored (next->d_name))
{
enum filetype type = unknown;
@@ -3018,22 +3012,6 @@ print_dir (char const *name, char const *realname, bool command_line_arg)
if (errno != EOVERFLOW)
break;
}
-#ifdef __linux__
- else if (! found_any_entries)
- {
- /* If readdir finds no directory entries at all, not even "." or
- "..", then double check that the directory exists. */
- if (syscall (SYS_getdents, dirfd (dirp), NULL, 0) == -1
- && errno != EINVAL)
- {
- /* We exclude EINVAL as that pertains to buffer handling,
- and we've passed NULL as the buffer for simplicity.
- ENOENT is returned if appropriate before buffer handling. */
- file_failure (command_line_arg, _("reading directory %s"), name);
- }
- break;
- }
-#endif
else
break;
diff --git a/tests/ls/removed-directory.sh b/tests/ls/removed-directory.sh
index e8c835d..fe8f929 100755
--- a/tests/ls/removed-directory.sh
+++ b/tests/ls/removed-directory.sh
@@ -26,20 +26,14 @@ case $host_triplet in
*) skip_ 'non linux kernel' ;;
esac
-LS_FAILURE=2
-
-cat <<\EOF >exp-err || framework_failure_
-ls: reading directory '.': No such file or directory
-EOF
-
cwd=$(pwd)
mkdir d || framework_failure_
cd d || framework_failure_
rmdir ../d || framework_failure_
-returns_ $LS_FAILURE ls >../out 2>../err || fail=1
+ls >../out 2>../err || fail=1
cd "$cwd" || framework_failure_
compare /dev/null out || fail=1
-compare exp-err err || fail=1
+compare /dev/null err || fail=1
Exit $fail
--
2.21.1
From 847324a0debd9d12062c79e7a7a9d3d8ce76390d Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Sat, 7 Mar 2020 10:29:51 -0800
Subject: [PATCH 2/2] ls: improve removed-directory test
* tests/ls/removed-directory.sh: Remove host_triplet test.
Skip this test if one cannot remove the working directory.
From a suggestion by Bernhard Voelker (Bug#39929).
Upstream-commit: 672819c73f2e94e61386dc0584bddf9da860cc26
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
tests/ls/removed-directory.sh | 13 ++++---------
1 file changed, 4 insertions(+), 9 deletions(-)
diff --git a/tests/ls/removed-directory.sh b/tests/ls/removed-directory.sh
index fe8f929..63b209d 100755
--- a/tests/ls/removed-directory.sh
+++ b/tests/ls/removed-directory.sh
@@ -1,7 +1,7 @@
#!/bin/sh
-# If ls is asked to list a removed directory (e.g. the parent process's
-# current working directory that has been removed by another process), it
-# emits an error message.
+# If ls is asked to list a removed directory (e.g., the parent process's
+# current working directory has been removed by another process), it
+# should not emit an error message merely because the directory is removed.
# Copyright (C) 2020 Free Software Foundation, Inc.
@@ -21,15 +21,10 @@
. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
print_ver_ ls
-case $host_triplet in
- *linux*) ;;
- *) skip_ 'non linux kernel' ;;
-esac
-
cwd=$(pwd)
mkdir d || framework_failure_
cd d || framework_failure_
-rmdir ../d || framework_failure_
+rmdir ../d || skip_ "can't remove working directory on this platform"
ls >../out 2>../err || fail=1
cd "$cwd" || framework_failure_
--
2.21.1

View File

@ -1,11 +0,0 @@
--- coreutils-8.4.orig/src/tail.c 2010-01-03 18:06:20.000000000 +0100
+++ coreutils-8.4/src/tail.c 2010-03-24 17:44:09.709925764 +0100
@@ -54,7 +54,7 @@
/* inotify needs to know if a file is local. */
# include "fs.h"
-# if HAVE_SYS_STATFS_H
+# if HAVE_SYS_STATVFS_H
# include <sys/statfs.h>
# endif
#endif

View File

@ -1,428 +0,0 @@
diff -urNp coreutils-8.4-orig/configure.ac coreutils-8.4/configure.ac
--- coreutils-8.4-orig/configure.ac 2010-01-11 18:20:42.000000000 +0100
+++ coreutils-8.4/configure.ac 2010-02-12 10:17:46.000000000 +0100
@@ -126,6 +126,13 @@ if test "$gl_gcc_warnings" = yes; then
AC_SUBST([GNULIB_WARN_CFLAGS])
fi
+dnl Give the chance to enable PAM
+AC_ARG_ENABLE(pam, dnl
+[ --enable-pam Enable use of the PAM libraries],
+[AC_DEFINE(USE_PAM, 1, [Define if you want to use PAM])
+LIB_PAM="-ldl -lpam -lpam_misc"
+AC_SUBST(LIB_PAM)])
+
AC_FUNC_FORK
optional_bin_progs=
diff -urNp coreutils-8.4-orig/doc/coreutils.texi coreutils-8.4/doc/coreutils.texi
--- coreutils-8.4-orig/doc/coreutils.texi 2010-01-03 18:06:20.000000000 +0100
+++ coreutils-8.4/doc/coreutils.texi 2010-02-12 10:17:46.000000000 +0100
@@ -15081,8 +15081,11 @@ to certain shells, etc.).
@findex syslog
@command{su} can optionally be compiled to use @code{syslog} to report
failed, and optionally successful, @command{su} attempts. (If the system
-supports @code{syslog}.) However, GNU @command{su} does not check if the
-user is a member of the @code{wheel} group; see below.
+supports @code{syslog}.)
+
+This version of @command{su} has support for using PAM for
+authentication. You can edit @file{/etc/pam.d/su} to customize its
+behaviour.
The program accepts the following options. Also see @ref{Common options}.
@@ -15124,6 +15127,8 @@ environment variables except @env{TERM},
@env{PATH} to a compiled-in default value. Change to @var{user}'s home
directory. Prepend @samp{-} to the shell's name, intended to make it
read its login startup file(s).
+Additionaly @env{DISPLAY} and @env{XAUTHORITY} environment variables
+are preserved as well for PAM functionality.
@item -m
@itemx -p
@@ -15163,33 +15168,6 @@ Exit status:
the exit status of the subshell otherwise
@end display
-@cindex wheel group, not supported
-@cindex group wheel, not supported
-@cindex fascism
-@subsection Why GNU @command{su} does not support the @samp{wheel} group
-
-(This section is by Richard Stallman.)
-
-@cindex Twenex
-@cindex MIT AI lab
-Sometimes a few of the users try to hold total power over all the
-rest. For example, in 1984, a few users at the MIT AI lab decided to
-seize power by changing the operator password on the Twenex system and
-keeping it secret from everyone else. (I was able to thwart this coup
-and give power back to the users by patching the kernel, but I
-wouldn't know how to do that in Unix.)
-
-However, occasionally the rulers do tell someone. Under the usual
-@command{su} mechanism, once someone learns the root password who
-sympathizes with the ordinary users, he or she can tell the rest. The
-``wheel group'' feature would make this impossible, and thus cement the
-power of the rulers.
-
-I'm on the side of the masses, not that of the rulers. If you are
-used to supporting the bosses and sysadmins in whatever they do, you
-might find this idea strange at first.
-
-
@node timeout invocation
@section @command{timeout}: Run a command with a time limit
diff -urNp coreutils-8.4-orig/src/Makefile.am coreutils-8.4/src/Makefile.am
--- coreutils-8.4-orig/src/Makefile.am 2010-01-03 18:06:20.000000000 +0100
+++ coreutils-8.4/src/Makefile.am 2010-02-12 10:17:46.000000000 +0100
@@ -361,7 +361,7 @@ factor_LDADD += $(LIB_GMP)
uptime_LDADD += $(GETLOADAVG_LIBS)
# for crypt
-su_LDADD += $(LIB_CRYPT)
+su_LDADD += $(LIB_CRYPT) @LIB_PAM@
# for various ACL functions
copy_LDADD += $(LIB_ACL)
diff -urNp coreutils-8.4-orig/src/su.c coreutils-8.4/src/su.c
--- coreutils-8.4-orig/src/su.c 2010-02-12 10:15:15.000000000 +0100
+++ coreutils-8.4/src/su.c 2010-02-12 10:24:29.000000000 +0100
@@ -37,6 +37,16 @@
restricts who can su to UID 0 accounts. RMS considers that to
be fascist.
+#ifdef USE_PAM
+
+ Actually, with PAM, su has nothing to do with whether or not a
+ wheel group is enforced by su. RMS tries to restrict your access
+ to a su which implements the wheel group, but PAM considers that
+ to be fascist, and gives the user/sysadmin the opportunity to
+ enforce a wheel group by proper editing of /etc/pam.conf
+
+#endif
+
Compile-time options:
-DSYSLOG_SUCCESS Log successful su's (by default, to root) with syslog.
-DSYSLOG_FAILURE Log failed su's (by default, to root) with syslog.
@@ -53,6 +63,15 @@
#include <pwd.h>
#include <grp.h>
+#ifdef USE_PAM
+# include <signal.h>
+# include <sys/wait.h>
+# include <sys/fsuid.h>
+# include <unistd.h>
+# include <security/pam_appl.h>
+# include <security/pam_misc.h>
+#endif /* USE_PAM */
+
#include "system.h"
#include "getpass.h"
@@ -120,10 +139,17 @@
/* The user to become if none is specified. */
#define DEFAULT_USER "root"
+#ifndef USE_PAM
char *crypt (char const *key, char const *salt);
+#endif
-static void run_shell (char const *, char const *, char **, size_t)
+static void run_shell (char const *, char const *, char **, size_t,
+ const struct passwd *)
+#ifdef USE_PAM
+ ;
+#else
ATTRIBUTE_NORETURN;
+#endif
/* If true, pass the `-f' option to the subshell. */
static bool fast_startup;
@@ -209,7 +235,26 @@ log_su (struct passwd const *pw, bool su
}
#endif
+#ifdef USE_PAM
+static pam_handle_t *pamh = NULL;
+static int retval;
+static struct pam_conv conv = {
+ misc_conv,
+ NULL
+};
+
+#define PAM_BAIL_P if (retval) { \
+ pam_end(pamh, PAM_SUCCESS); \
+ return 0; \
+}
+#define PAM_BAIL_P_VOID if (retval) { \
+ pam_end(pamh, PAM_SUCCESS); \
+return; \
+}
+#endif
+
/* Ask the user for a password.
+ If PAM is in use, let PAM ask for the password if necessary.
Return true if the user gives the correct password for entry PW,
false if not. Return true without asking for a password if run by UID 0
or if PW has an empty password. */
@@ -217,6 +262,44 @@ log_su (struct passwd const *pw, bool su
static bool
correct_password (const struct passwd *pw)
{
+#ifdef USE_PAM
+ struct passwd *caller;
+ char *tty_name, *ttyn;
+ retval = pam_start(PROGRAM_NAME, pw->pw_name, &conv, &pamh);
+ PAM_BAIL_P;
+
+ if (getuid() != 0 && !isatty(0)) {
+ fprintf(stderr, "standard in must be a tty\n");
+ exit(1);
+ }
+
+ caller = getpwuid(getuid());
+ if(caller != NULL && caller->pw_name != NULL) {
+ retval = pam_set_item(pamh, PAM_RUSER, caller->pw_name);
+ PAM_BAIL_P;
+ }
+
+ ttyn = ttyname(0);
+ if (ttyn) {
+ if (strncmp(ttyn, "/dev/", 5) == 0)
+ tty_name = ttyn+5;
+ else
+ tty_name = ttyn;
+ retval = pam_set_item(pamh, PAM_TTY, tty_name);
+ PAM_BAIL_P;
+ }
+ retval = pam_authenticate(pamh, 0);
+ PAM_BAIL_P;
+ retval = pam_acct_mgmt(pamh, 0);
+ if (retval == PAM_NEW_AUTHTOK_REQD) {
+ /* password has expired. Offer option to change it. */
+ retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+ PAM_BAIL_P;
+ }
+ PAM_BAIL_P;
+ /* must be authenticated if this point was reached */
+ return 1;
+#else /* !USE_PAM */
char *unencrypted, *encrypted, *correct;
#if HAVE_GETSPNAM && HAVE_STRUCT_SPWD_SP_PWDP
/* Shadow passwd stuff for SVR3 and maybe other systems. */
@@ -241,6 +324,7 @@ correct_password (const struct passwd *p
encrypted = crypt (unencrypted, correct);
memset (unencrypted, 0, strlen (unencrypted));
return STREQ (encrypted, correct);
+#endif /* !USE_PAM */
}
/* Update `environ' for the new shell based on PW, with SHELL being
@@ -254,12 +338,18 @@ modify_environment (const struct passwd
/* Leave TERM unchanged. Set HOME, SHELL, USER, LOGNAME, PATH.
Unset all other environment variables. */
char const *term = getenv ("TERM");
+ char const *display = getenv ("DISPLAY");
+ char const *xauthority = getenv ("XAUTHORITY");
if (term)
term = xstrdup (term);
environ = xmalloc ((6 + !!term) * sizeof (char *));
environ[0] = NULL;
if (term)
xsetenv ("TERM", term);
+ if (display)
+ xsetenv ("DISPLAY", display);
+ if (xauthority)
+ xsetenv ("XAUTHORITY", xauthority);
xsetenv ("HOME", pw->pw_dir);
xsetenv ("SHELL", shell);
xsetenv ("USER", pw->pw_name);
@@ -292,8 +382,13 @@ change_identity (const struct passwd *pw
{
#ifdef HAVE_INITGROUPS
errno = 0;
- if (initgroups (pw->pw_name, pw->pw_gid) == -1)
+ if (initgroups (pw->pw_name, pw->pw_gid) == -1) {
+#ifdef USE_PAM
+ pam_close_session(pamh, 0);
+ pam_end(pamh, PAM_ABORT);
+#endif
error (EXIT_CANCELED, errno, _("cannot set groups"));
+ }
endgrent ();
#endif
if (setgid (pw->pw_gid))
@@ -302,6 +397,31 @@ change_identity (const struct passwd *pw
error (EXIT_CANCELED, errno, _("cannot set user id"));
}
+#ifdef USE_PAM
+static int caught=0;
+/* Signal handler for parent process later */
+static void su_catch_sig(int sig)
+{
+ ++caught;
+}
+
+int
+pam_copyenv (pam_handle_t *pamh)
+{
+ char **env;
+
+ env = pam_getenvlist(pamh);
+ if(env) {
+ while(*env) {
+ if (putenv (*env))
+ xalloc_die ();
+ env++;
+ }
+ }
+ return(0);
+}
+#endif
+
/* Run SHELL, or DEFAULT_SHELL if SHELL is empty.
If COMMAND is nonzero, pass it to the shell with the -c option.
Pass ADDITIONAL_ARGS to the shell as more arguments; there
@@ -309,17 +429,49 @@ change_identity (const struct passwd *pw
static void
run_shell (char const *shell, char const *command, char **additional_args,
- size_t n_additional_args)
+ size_t n_additional_args, const struct passwd *pw)
{
size_t n_args = 1 + fast_startup + 2 * !!command + n_additional_args + 1;
char const **args = xnmalloc (n_args, sizeof *args);
size_t argno = 1;
+#ifdef USE_PAM
+ int child;
+ sigset_t ourset;
+ int status;
+
+ retval = pam_open_session(pamh,0);
+ if (retval != PAM_SUCCESS) {
+ fprintf (stderr, "could not open session\n");
+ exit (1);
+ }
+
+/* do this at the last possible moment, because environment variables may
+ be passed even in the session phase
+*/
+ if(pam_copyenv(pamh) != PAM_SUCCESS)
+ fprintf (stderr, "error copying PAM environment\n");
+
+ /* Credentials should be set in the parent */
+ if (pam_setcred(pamh, PAM_ESTABLISH_CRED) != PAM_SUCCESS) {
+ pam_close_session(pamh, 0);
+ fprintf(stderr, "could not set PAM credentials\n");
+ exit(1);
+ }
+
+ child = fork();
+ if (child == 0) { /* child shell */
+ change_identity (pw);
+ pam_end(pamh, 0);
+#endif
if (simulate_login)
{
char *arg0;
char *shell_basename;
+ if(chdir(pw->pw_dir))
+ error(0, errno, _("warning: cannot change directory to %s"), pw->pw_dir);
+
shell_basename = last_component (shell);
arg0 = xmalloc (strlen (shell_basename) + 2);
arg0[0] = '-';
@@ -344,6 +496,67 @@ run_shell (char const *shell, char const
error (0, errno, "%s", shell);
exit (exit_status);
}
+#ifdef USE_PAM
+ } else if (child == -1) {
+ fprintf(stderr, "can not fork user shell: %s", strerror(errno));
+ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
+ pam_close_session(pamh, 0);
+ pam_end(pamh, PAM_ABORT);
+ exit(1);
+ }
+ /* parent only */
+ sigfillset(&ourset);
+ if (sigprocmask(SIG_BLOCK, &ourset, NULL)) {
+ fprintf(stderr, "%s: signal malfunction\n", PROGRAM_NAME);
+ caught = 1;
+ }
+ if (!caught) {
+ struct sigaction action;
+ action.sa_handler = su_catch_sig;
+ sigemptyset(&action.sa_mask);
+ action.sa_flags = 0;
+ sigemptyset(&ourset);
+ if (sigaddset(&ourset, SIGTERM)
+ || sigaddset(&ourset, SIGALRM)
+ || sigaction(SIGTERM, &action, NULL)
+ || sigprocmask(SIG_UNBLOCK, &ourset, NULL)) {
+ fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME);
+ caught = 1;
+ }
+ }
+ if (!caught) {
+ do {
+ int pid;
+
+ pid = waitpid(-1, &status, WUNTRACED);
+
+ if (((pid_t)-1 != pid) && (0 != WIFSTOPPED (status))) {
+ kill(getpid(), WSTOPSIG(status));
+ /* once we get here, we must have resumed */
+ kill(pid, SIGCONT);
+ }
+ } while (0 != WIFSTOPPED(status));
+ }
+
+ if (caught) {
+ fprintf(stderr, "\nSession terminated, killing shell...");
+ kill (child, SIGTERM);
+ }
+ /* Not checking retval on this because we need to call close session */
+ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
+ retval = pam_close_session(pamh, 0);
+ PAM_BAIL_P_VOID;
+ retval = pam_end(pamh, PAM_SUCCESS);
+ PAM_BAIL_P_VOID;
+ if (caught) {
+ sleep(2);
+ kill(child, SIGKILL);
+ fprintf(stderr, " ...killed.\n");
+ exit(-1);
+ }
+ exit ((0 != WIFEXITED (status)) ? WEXITSTATUS (status)
+ : WTERMSIG (status) + 128);
+#endif /* USE_PAM */
}
/* Return true if SHELL is a restricted shell (one not returned by
@@ -511,9 +724,9 @@ main (int argc, char **argv)
shell = xstrdup (shell ? shell : pw->pw_shell);
modify_environment (pw, shell);
+#ifndef USE_PAM
change_identity (pw);
- if (simulate_login && chdir (pw->pw_dir) != 0)
- error (0, errno, _("warning: cannot change directory to %s"), pw->pw_dir);
+#endif
/* error() flushes stderr, but does not check for write failure.
Normally, we would catch this via our atexit() hook of
@@ -523,5 +736,5 @@ main (int argc, char **argv)
if (ferror (stderr))
exit (EXIT_CANCELED);
- run_shell (shell, command, argv + optind, MAX (0, argc - optind));
+ run_shell (shell, command, argv + optind, MAX (0, argc - optind), pw);
}

View File

@ -1,114 +0,0 @@
From c76e70637e529481478e26683ebd73c40621c382 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
Date: Fri, 24 Sep 2021 20:57:41 +0100
Subject: [PATCH] chmod: fix exit status when ignoring symlinks
* src/chmod.c: Reorder enum so CH_NOT_APPLIED
can be treated as a non error.
* tests/chmod/ignore-symlink.sh: A new test.
* tests/local.mk: Reference the new test.
* NEWS: Mention the bug fix.
Fixes https://bugs.gnu.org/50784
Upstream-commit: e8b56ebd536e82b15542a00c888109471936bfda
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
NEWS | 6 ++++++
src/chmod.c | 4 ++--
tests/chmod/ignore-symlink.sh | 31 +++++++++++++++++++++++++++++++
tests/local.mk | 1 +
4 files changed, 40 insertions(+), 2 deletions(-)
create mode 100755 tests/chmod/ignore-symlink.sh
diff --git a/NEWS b/NEWS
index f2fbcbb..5722a8b 100644
--- a/NEWS
+++ b/NEWS
@@ -143,6 +143,12 @@ GNU coreutils NEWS -*- outline -*-
where avx2 instructions are supported.
A new --debug option will indicate if avx2 is being used.
+** Bug fixes
+
+ chmod -R no longer exits with error status when encountering symlinks.
+ All files would be processed correctly, but the exit status was incorrect.
+ [bug introduced in coreutils-9.0]
+
* Noteworthy changes in release 8.32 (2020-03-05) [stable]
diff --git a/src/chmod.c b/src/chmod.c
index 37b04f5..57ac47f 100644
--- a/src/chmod.c
+++ b/src/chmod.c
@@ -44,8 +44,8 @@ struct change_status
enum
{
CH_NO_STAT,
- CH_NOT_APPLIED,
CH_FAILED,
+ CH_NOT_APPLIED,
CH_NO_CHANGE_REQUESTED,
CH_SUCCEEDED
}
@@ -322,7 +322,7 @@ process_file (FTS *fts, FTSENT *ent)
if ( ! recurse)
fts_set (fts, ent, FTS_SKIP);
- return CH_NO_CHANGE_REQUESTED <= ch.status;
+ return CH_NOT_APPLIED <= ch.status;
}
/* Recursively change the modes of the specified FILES (the last entry
diff --git a/tests/chmod/ignore-symlink.sh b/tests/chmod/ignore-symlink.sh
new file mode 100755
index 0000000..5ce3de8
--- /dev/null
+++ b/tests/chmod/ignore-symlink.sh
@@ -0,0 +1,31 @@
+#!/bin/sh
+# Test for proper exit code of chmod on a processed symlink.
+
+# Copyright (C) 2021 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
+print_ver_ chmod
+
+mkdir dir || framework_failure_
+touch dir/f || framework_failure_
+ln -s f dir/l || framework_failure_
+
+# This operation ignores symlinks but should succeed.
+chmod u+w -R dir 2> out || fail=1
+
+compare /dev/null out || fail=1
+
+Exit $fail
diff --git a/tests/local.mk b/tests/local.mk
index a76c808..a2164c9 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -458,6 +458,7 @@ all_tests = \
tests/chmod/c-option.sh \
tests/chmod/equal-x.sh \
tests/chmod/equals.sh \
+ tests/chmod/ignore-symlink.sh \
tests/chmod/inaccessible.sh \
tests/chmod/octal.sh \
tests/chmod/setgid.sh \
--
2.31.1

File diff suppressed because it is too large Load Diff

View File

@ -1,7 +1,7 @@
%define i18npatch_version %{version}
Name: coreutils
Version: 9.4
Release: 1mamba
Version: 9.5
Release: 2mamba
Summary: A GNU set of tools commonly used in shell scripts
Group: System/Tools
Vendor: openmamba
@ -10,20 +10,10 @@ Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
URL: https://www.gnu.org/software/coreutils/
Source0: https://ftp.gnu.org/gnu/coreutils/%{name}-%{version}.tar.xz
Source1: coreutils-pam-su
Patch0: %{name}-7.6-langinfo.patch
# http://www.linuxfromscratch.org/patches/downloads/coreutils
Patch2: http://www.linuxfromscratch.org/patches/downloads/coreutils/coreutils-%{i18npatch_version}-i18n-1.patch
Patch0: http://www.linuxfromscratch.org/patches/downloads/coreutils/coreutils-%{i18npatch_version}-i18n-1.patch
# or http://pkgs.fedoraproject.org/cgit/coreutils.git/plain/coreutils-i18n.patch
#Patch2: coreutils-8.22-i18n.patch
Patch3: %{name}-5.2.1-su_paths.patch
Patch5: %{name}-8.4-pam.patch
Patch6: %{name}-6.9-uname_element_unknown.patch
Patch7: %{name}-6.9-su_setrootpaths.patch
Patch8: %{name}-6.9-rename_futimens.patch
Patch9: %{name}-8.4-cross_compile.patch
Patch10: %{name}-8.14-uname-1.patch
Patch11: coreutils-8.32-ls-removed-dir.patch
Patch12: coreutils-9.0-chmod-symlink.patch
#Patch0: coreutils-8.22-i18n.patch
License: GPL
## AUTOBUILDREQ-BEGIN
BuildRequires: glibc-devel
@ -95,10 +85,8 @@ Most of these programs have significant advantages over their Unix counterparts,
%prep
%setup -q
#%patch0 -p1 -b .langinfo
# lin18nux/LSB compliance
%patch 2 -p1 -b .i18n
%patch 0 -p1 -b .i18n
autoreconf -fiv
@ -121,11 +109,8 @@ gl_cv_func_sleep_works=yes
_EOF
%endif
touch aclocal.m4 configure config.hin Makefile.in */Makefile.in
#aclocal -I m4 &&
#autoconf --force &&
#automake-1.10 --copy --add-missing &&
%configure ${CONFIG_OPTS} \
--sbindir=%{_bindir} \
--enable-install-program=arch \
%if "%{_host}" != "%{_build}"
--cache-file=config.cache
@ -140,50 +125,16 @@ touch aclocal.m4 configure config.hin Makefile.in */Makefile.in
[ -f ChangeLog -a ! -f ChangeLog.bz2 ] && bzip2 -9f ChangeLog
## don't run basic-1 test, since it breaks when run in the background
#sed -i '/basic-1/d' tests/Makefile*
#chmod a+x tests/misc/sort-mb-tests
## FIXME: cut test fails; disabling it
#sed -i '/misc\/cut/d' tests/Makefile*
## run the test suite
#%if "%{_host}" == "%{_build}"
#%ifnarch arm
##env RUN_EXPENSIVE_TESTS=yes make check
#make check || make check
#%endif
#%endif
%install
[ "%{buildroot}" != / ] && rm -rf %{buildroot}
%makeinstall
#install -d %{buildroot}{/bin,%_bindir,%_sbindir}
#for f in basename cat chgrp chmod chown cp cut date dd df echo env false \
# link ln ls mkdir mknod mktemp mv nice pwd rm rmdir sleep sort stty sync \
# touch true uname unlink; do
# [ -f %{buildroot}%{_bindir}/$f ] && mv %{buildroot}{%_bindir,/bin}/$f
#done
## mktemp,cat: create a link for backward compatibility
#ln -sf /bin/mktemp %{buildroot}%{_bindir}/mktemp
#ln -sf /bin/cut %{buildroot}%{_bindir}/cut
install -d %{buildroot}%{_sbindir}
mv %{buildroot}%{_bindir}/chroot %{buildroot}%{_sbindir}
# These tools come from other packages
for f in hostname groups kill uptime; do
rm -f %{buildroot}{%_bindir/$f,%_mandir/man1/${f}.1}
done
#install src/su %{buildroot}/bin/su
#install -D -m 0644 %{S:1} %{buildroot}%{_sysconfdir}/pam.d/su
#ln -sf ../../bin/env %{buildroot}%{_bindir}/env
#ln -sf ../usr/bin/install %{buildroot}/bin/install
rm -f %{buildroot}%{_infodir}/dir
%find_lang %{name}
@ -201,13 +152,18 @@ done
%files -f %{name}.lang
%defattr(-,root,root)
%{_bindir}/*
%{_sbindir}/*
%{_libexecdir}/coreutils/libstdbuf.so
%{_infodir}/*
%{_infodir}/coreutils.info*
%{_mandir}/man1/*
%doc AUTHORS THANKS
%changelog
* Sat Mar 30 2024 Silvan Calarco <silvan.calarco@mambasoft.it> 9.5-2mamba
- remove conflicting infodir dir file
* Sat Mar 30 2024 Automatic Build System <autodist@openmamba.org> 9.5-1mamba
- automatic version update by autodist
* Wed Aug 30 2023 Automatic Build System <autodist@mambasoft.it> 9.4-1mamba
- automatic version update by autodist