diff options
Diffstat (limited to 'security/chrootuid/files')
-rw-r--r-- | security/chrootuid/files/patch-aa | 4 | ||||
-rw-r--r-- | security/chrootuid/files/patch-ab | 4 | ||||
-rw-r--r-- | security/chrootuid/files/patch-ac | 130 | ||||
-rw-r--r-- | security/chrootuid/files/patch-ad | 11 |
4 files changed, 7 insertions, 142 deletions
diff --git a/security/chrootuid/files/patch-aa b/security/chrootuid/files/patch-aa index 98a883c863e2..d3a48f10cbf8 100644 --- a/security/chrootuid/files/patch-aa +++ b/security/chrootuid/files/patch-aa @@ -1,5 +1,5 @@ ---- chrootuid.1.orig Wed Dec 8 20:52:03 1999 -+++ chrootuid.1 Wed Dec 8 20:53:13 1999 +--- chrootuid.1.orig Wed Jul 25 09:46:59 2001 ++++ chrootuid.1 Sun Jun 23 15:01:19 2002 @@ -1,4 +1,4 @@ -.TH CHROOTUID 1 +.TH CHROOTUID 8 diff --git a/security/chrootuid/files/patch-ab b/security/chrootuid/files/patch-ab index e6bf1a79bf27..0c2d31bc12e2 100644 --- a/security/chrootuid/files/patch-ab +++ b/security/chrootuid/files/patch-ab @@ -1,5 +1,5 @@ ---- Makefile.orig Sat Jan 22 15:59:52 2000 -+++ Makefile Sat Jan 22 16:01:26 2000 +--- Makefile.orig Thu Aug 12 07:09:31 1993 ++++ Makefile Sun Jun 23 15:01:35 2002 @@ -1,7 +1,7 @@ # @(#) Makefile 1.2 93/08/12 16:09:29 diff --git a/security/chrootuid/files/patch-ac b/security/chrootuid/files/patch-ac index 46421c8f859a..cd8409e00a2a 100644 --- a/security/chrootuid/files/patch-ac +++ b/security/chrootuid/files/patch-ac @@ -1,86 +1,6 @@ -Message #30124 (162 lines) -From phil@globnix.org Fri Mar 31 01:56:37 2000 -Date: Fri, 31 Mar 2000 11:56:07 +0200 -From: Phil Pennock <phil@globnix.org> -To: truckman@FreeBSD.org, wietse@PORCUPINE.ORG -Subject: chrootuid patch for *BSD -Organisation: Organisation? Here? No, over there ----> -X-NIC-Handles: COCO-149560 (ignore PP8185) -X-Disclaimer: Any views expressed in this message, where not explicitly - attributed otherwise, are mine and mine alone. Such views - do not necessarily coincide with those of any organisation - or company with which I am or have been affiliated. -X-Phase-of-Moon: The Moon is Waning Crescent (20% of Full) -X-No-HTML: <!-- TINC - - ---ikeVEW9yuYc//A+q -Content-Type: text/plain; charset=us-ascii - -This has been tested on FreeBSD, and tries to make things simple. The -'problem' with chrootuid as stands (version 1.2) is that it does not -initialise supplementary groups. - -The attached patch adds this functionality. To use properly under BSD, -add -DUSE_SYSCTL to the cc command-line - I've tested with and without -that option. Wietse, sorry for changing the declaration of main() - I'm -an ANSI-C type person and since I was making the other changes anyway I -decided that I might as well. - -Oh, and the patch also ensures that a LOG_NOTICE syslog is always -generated when the program is invoked with enough parameters to not be -an obvious error. - -HTH --- -HTML email - just say no --> Phil Pennock -"We've got a patent on the conquering of a country through the use of force. - We believe in world peace through extortionate license fees." -Bluemeat - ---ikeVEW9yuYc//A+q -Content-Type: text/plain; charset=us-ascii -Content-Disposition: attachment; filename="chrootuid.patch" - ---- chrootuid.c.orig Fri Mar 31 10:56:38 2000 -+++ chrootuid.c Fri Mar 31 11:47:31 2000 -@@ -34,6 +34,7 @@ - /* VERSION/RELEASE - /* 1.2 - /*--*/ -+/* MODIFIED FROM ORIGINAL SOURCE! <phil@globnix.org> */ - - #ifndef lint - static char sccsid[] = "@(#) chrootuid.c 1.2 93/08/15 22:19:27"; -@@ -41,14 +42,25 @@ - - /* System libraries. */ - -+#include <stdlib.h> - #include <pwd.h> - #include <syslog.h> -+#include <sys/param.h> -+#ifdef USE_SYSCTL -+# include <sys/types.h> -+# include <sys/sysctl.h> -+#else -+# ifndef NGROUPS -+# define NGROUPS 16 -+# endif -+#endif - --main(argc, argv) --int argc; --char **argv; -+int -+main(int argc, char *argv[]) - { - struct passwd *pwd; -+ int *groups; -+ int ngroups; - - /* - * Open a channel to the syslog daemon. Older versions of openlog() -@@ -71,6 +83,10 @@ +--- chrootuid.c.orig Wed Jul 25 09:47:44 2001 ++++ chrootuid.c Sun Jun 23 15:06:10 2002 +@@ -81,6 +81,10 @@ syslog(LOG_ERR, "usage: %s path user command", argv[0]); return (0); } @@ -91,47 +11,3 @@ Content-Disposition: attachment; filename="chrootuid.patch" /* Must step into the new subtree. */ if (chdir(argv[1])) { -@@ -83,6 +99,30 @@ - syslog(LOG_ERR, "%s: user unknown", argv[2]); - return (0); - } -+#ifdef USE_SYSCTL -+ { -+ int mib[2]; -+ size_t len; -+ -+ mib[0] = CTL_KERN; -+ mib[1] = KERN_NGROUPS; -+ len = sizeof(ngroups); -+ if (sysctl(mib, 2, &ngroups, &len, NULL, 0)) { -+ syslog(LOG_ERR, "failed to get kern.ngroups: %m"); -+ return (0); -+ } -+ } -+#else -+ ngroups = NGROUPS; -+#endif -+ if (!(groups = calloc(ngroups, sizeof(int)))) { -+ syslog(LOG_ERR, "failed to allocate memory: %m"); -+ return (0); -+ } -+ if (getgrouplist(argv[2], pwd->pw_gid, groups, &ngroups) == -1) { -+ syslog(LOG_WARNING, "failed to get all groups for user '%s': %m", -+ argv[2]); -+ } - /* Do the chroot() before giving away root privileges. */ - - if (chroot(argv[1])) { -@@ -94,6 +134,9 @@ - if (setgid(pwd->pw_gid)) { - syslog(LOG_ERR, "setgid(%d): %m", pwd->pw_gid); - return (0); -+ } -+ if (setgroups(ngroups, (const gid_t *)groups)) { -+ syslog(LOG_WARNING, "setgroups failed: %m"); - } - if (setuid(pwd->pw_uid)) { - syslog(LOG_ERR, "setuid(%d): %m", pwd->pw_uid); - ---ikeVEW9yuYc//A+q-- - diff --git a/security/chrootuid/files/patch-ad b/security/chrootuid/files/patch-ad deleted file mode 100644 index f1e08ba02f6e..000000000000 --- a/security/chrootuid/files/patch-ad +++ /dev/null @@ -1,11 +0,0 @@ ---- Makefile.orig Wed Jun 21 03:47:29 2000 -+++ Makefile Wed Jun 21 03:48:17 2000 -@@ -6,7 +6,7 @@ - all: chrootuid chrootuid.1 - - chrootuid: chrootuid.c -- $(CC) $(CFLAGS) -o $@ $? -+ $(CC) $(CFLAGS) -DUSE_SYSCTL -o $@ $? - - #chrootuid.1: chrootuid.c - # srctoman $? >$@ |