diff options
Diffstat (limited to 'app-admin/augeas/files/cve-bunch-of-them-symlink.patch')
-rw-r--r-- | app-admin/augeas/files/cve-bunch-of-them-symlink.patch | 76 |
1 files changed, 0 insertions, 76 deletions
diff --git a/app-admin/augeas/files/cve-bunch-of-them-symlink.patch b/app-admin/augeas/files/cve-bunch-of-them-symlink.patch deleted file mode 100644 index 3bd1d95ae42d..000000000000 --- a/app-admin/augeas/files/cve-bunch-of-them-symlink.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 051c73a9a7ffe9e525f6f0a1b8f5198ff8cc6752 Mon Sep 17 00:00:00 2001 -From: Dominic Cleal <dcleal@redhat.com> -Date: Sat, 11 Aug 2012 20:39:14 +0100 -Subject: [PATCH] Fix regression in permissions of created files - -Commit 16387744 changed temporary file creation to use mkstemp, resulting in -new files being created with 0600 permissions. For brand new files created -through Augeas, their permissions stayed at 0600 rather than being set by the -umask as before. - - * src/transform.c (transform_save): chmod after creating new files to - permissions implied by the umask ---- - src/transform.c | 10 ++++++++++ - tests/test-preserve.sh | 15 ++++++++++++++- - 2 files changed, 24 insertions(+), 1 deletion(-) - -diff --git a/src/transform.c b/src/transform.c -index a3acd10..1ca3d5f 100644 ---- a/src/transform.c -+++ b/src/transform.c -@@ -1096,6 +1096,16 @@ int transform_save(struct augeas *aug, struct tree *xfm, - err_status = "xfer_attrs"; - goto done; - } -+ } else { -+ /* Since mkstemp is used, the temp file will have secure permissions -+ * instead of those implied by umask, so change them for new files */ -+ mode_t curumsk = umask(022); -+ umask(curumsk); -+ -+ if (fchmod(fileno(fp), 0666 - curumsk) < 0) { -+ err_status = "create_chmod"; -+ return -1; -+ } - } - - if (tree != NULL) -diff --git a/tests/test-preserve.sh b/tests/test-preserve.sh -index 042dab9..9719ac6 100755 ---- a/tests/test-preserve.sh -+++ b/tests/test-preserve.sh -@@ -59,9 +59,12 @@ if [ $selinux = yes -a xetc_t != "x$act_con" ] ; then - exit 1 - fi - --# Check that we create new files without error -+# Check that we create new files without error and with permissions implied -+# from the umask - init_dirs - -+oldumask=$(umask) -+umask 0002 - $AUGTOOL > /dev/null <<EOF - set /files/etc/hosts/1/ipaddr 127.0.0.1 - set /files/etc/hosts/1/canonical host.example.com -@@ -71,6 +74,16 @@ if [ $? != 0 ] ; then - echo "augtool failed on new file" - exit 1 - fi -+if [ ! -e $hosts ]; then -+ echo "augtool didn't create new /etc/hosts file" -+ exit 1 -+fi -+act_mode=$(ls -l $hosts | cut -b 1-10) -+if [ x-rw-rw-r-- != "x$act_mode" ] ; then -+ echo "Expected mode 0664 due to $(umask) umask but got $act_mode" -+ exit 1 -+fi -+umask $oldumask - - # Check that we create new files without error when backups are requested - init_dirs --- -1.8.5.1 - |