From bcbcca789de35cdad07d1315bd38dea25c388b08 Mon Sep 17 00:00:00 2001 From: Michal Hlavinka Date: Aug 20 2012 13:56:01 +0000 Subject: fix Werror messages in new build environment --- diff --git a/ecryptfs-utils-75-werror.patch b/ecryptfs-utils-75-werror.patch index e60f5b4..63a4f0f 100644 --- a/ecryptfs-utils-75-werror.patch +++ b/ecryptfs-utils-75-werror.patch @@ -1,6 +1,6 @@ -diff -up ecryptfs-utils-99/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-99/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c ---- ecryptfs-utils-99/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2012-07-23 18:59:05.223406369 +0200 -+++ ecryptfs-utils-99/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2012-07-23 18:59:05.237406445 +0200 +diff -up ecryptfs-utils-100/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-100/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c +--- ecryptfs-utils-100/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2012-08-20 15:46:19.795460481 +0200 ++++ ecryptfs-utils-100/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2012-08-20 15:46:19.844460878 +0200 @@ -99,7 +99,7 @@ static int ecryptfs_pkcs11h_deserialize( pkcs11h_data->serialized_id = NULL; } @@ -150,9 +150,9 @@ diff -up ecryptfs-utils-99/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e subgraph_key_ctx = (struct pkcs11h_subgraph_key_ctx *)(*foo); -diff -up ecryptfs-utils-99/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-99/src/libecryptfs/ecryptfs-stat.c ---- ecryptfs-utils-99/src/libecryptfs/ecryptfs-stat.c.werror 2012-05-18 21:06:17.000000000 +0200 -+++ ecryptfs-utils-99/src/libecryptfs/ecryptfs-stat.c 2012-07-23 18:59:05.238406451 +0200 +diff -up ecryptfs-utils-100/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-100/src/libecryptfs/ecryptfs-stat.c +--- ecryptfs-utils-100/src/libecryptfs/ecryptfs-stat.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-100/src/libecryptfs/ecryptfs-stat.c 2012-08-20 15:46:19.845460886 +0200 @@ -146,7 +146,7 @@ int ecryptfs_parse_stat(struct ecryptfs_ if (buf_size < (ECRYPTFS_FILE_SIZE_BYTES + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES @@ -162,9 +162,9 @@ diff -up ecryptfs-utils-99/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils "bytes; there are only [%zu] bytes\n", __FUNCTION__, (ECRYPTFS_FILE_SIZE_BYTES + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES -diff -up ecryptfs-utils-99/src/libecryptfs/key_management.c.werror ecryptfs-utils-99/src/libecryptfs/key_management.c ---- ecryptfs-utils-99/src/libecryptfs/key_management.c.werror 2012-07-23 18:59:05.219406346 +0200 -+++ ecryptfs-utils-99/src/libecryptfs/key_management.c 2012-07-23 18:59:05.238406451 +0200 +diff -up ecryptfs-utils-100/src/libecryptfs/key_management.c.werror ecryptfs-utils-100/src/libecryptfs/key_management.c +--- ecryptfs-utils-100/src/libecryptfs/key_management.c.werror 2012-08-20 15:46:19.791460449 +0200 ++++ ecryptfs-utils-100/src/libecryptfs/key_management.c 2012-08-20 15:46:19.845460886 +0200 @@ -228,7 +228,6 @@ int ecryptfs_wrap_passphrase_file(char * int rc = 0; ssize_t size; @@ -173,9 +173,9 @@ diff -up ecryptfs-utils-99/src/libecryptfs/key_management.c.werror ecryptfs-util char *p = NULL; char decrypted_passphrase[ECRYPTFS_MAX_PASSPHRASE_BYTES + 1]; -diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c ---- ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.werror 2012-07-11 16:03:17.000000000 +0200 -+++ ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c 2012-07-23 18:59:38.714596789 +0200 +diff -up ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c +--- ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c.werror 2012-08-02 15:20:17.000000000 +0200 ++++ ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c 2012-08-20 15:48:15.233393985 +0200 @@ -47,31 +47,6 @@ #define PRIVATE_DIR "Private" @@ -208,7 +208,20 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils /* returns: 0 if file does not exist, 1 if it exists, <0 for error */ static int file_exists_dotecryptfs(const char *homedir, char *filename) { -@@ -216,8 +191,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -110,10 +85,8 @@ static int wrap_passphrase_if_necessary( + stat(wrapped_pw_filename, &s) != 0 && + passphrase != NULL && *passphrase != '\0' && + username != NULL && *username != '\0') { +- setuid(uid); +- rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename); +- if (rc != 0) { +- syslog(LOG_ERR, "pam_ecryptfs: Error wrapping cleartext password; " "rc = [%d]\n", rc); ++ if ((rc = setuid(uid))<0 || ((rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename)) != 0)) { ++ syslog(LOG_ERR, "pam_ecryptfs: Error wrapping cleartext password; " "rc = [%d]\n", rc); + } + return rc; + } +@@ -211,8 +184,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_h if ((argc == 1) && (memcmp(argv[0], "unwrap\0", 7) == 0)) { char *wrapped_pw_filename; @@ -217,7 +230,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils rc = asprintf( &wrapped_pw_filename, "%s/.ecryptfs/%s", -@@ -309,8 +282,6 @@ static int private_dir(pam_handle_t *pam +@@ -304,8 +275,6 @@ static int private_dir(pam_handle_t *pam char *autoumount = "auto-umount"; struct stat s; pid_t pid; @@ -226,7 +239,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils if ((pwd = fetch_pwd(pamh)) == NULL) { /* fetch_pwd() logged a message */ -@@ -356,7 +327,7 @@ static int private_dir(pam_handle_t *pam +@@ -351,7 +320,7 @@ static int private_dir(pam_handle_t *pam if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) { /* User has not recorded their passphrase */ unlink("/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); @@ -235,7 +248,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils fd = open("/var/lib/update-notifier/dpkg-run-stamp", O_WRONLY|O_CREAT|O_NONBLOCK, 0666); close(fd); } -@@ -435,7 +406,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -430,7 +399,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand char *old_passphrase = NULL; char *new_passphrase = NULL; char *wrapped_pw_filename; @@ -243,7 +256,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils char salt[ECRYPTFS_SALT_SIZE]; char salt_hex[ECRYPTFS_SALT_SIZE_HEX]; pid_t child_pid, tmp_pid; -@@ -450,15 +420,15 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -445,15 +413,15 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand uid = pwd->pw_uid; gid = pwd->pw_gid; homedir = pwd->pw_dir; @@ -262,9 +275,34 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils syslog(LOG_ERR, "pam_ecryptfs: geteuid error"); goto outnouid; } -diff -up ecryptfs-utils-99/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-99/src/utils/mount.ecryptfs.c ---- ecryptfs-utils-99/src/utils/mount.ecryptfs.c.werror 2012-07-23 18:59:05.234406430 +0200 -+++ ecryptfs-utils-99/src/utils/mount.ecryptfs.c 2012-07-23 18:59:05.239406457 +0200 +@@ -512,7 +480,10 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand + char passphrase[ECRYPTFS_MAX_PASSWORD_LENGTH + 1]; + + /* temp regain uid 0 to drop privs */ +- seteuid(oeuid); ++ if (seteuid(oeuid) < 0) { ++ syslog(LOG_ERR, "pam_ecryptfs: seteuid error"); ++ goto out_child; ++ } + /* setgroups() already called */ + if (setgid(gid) < 0 || setuid(uid) < 0) + goto out_child; +@@ -537,9 +508,9 @@ out_child: + free(wrapped_pw_filename); + out: + +- seteuid(oeuid); +- setegid(oegid); +- setgroups(ngids, groups); ++ rc = seteuid(oeuid); ++ rc = setegid(oegid); ++ rc = setgroups(ngids, groups); + + outnouid: + return rc; +diff -up ecryptfs-utils-100/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-100/src/utils/mount.ecryptfs.c +--- ecryptfs-utils-100/src/utils/mount.ecryptfs.c.werror 2012-08-20 15:46:19.805460562 +0200 ++++ ecryptfs-utils-100/src/utils/mount.ecryptfs.c 2012-08-20 15:46:19.847460902 +0200 @@ -34,6 +34,7 @@ #include #include @@ -273,9 +311,9 @@ diff -up ecryptfs-utils-99/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-99/s #include "config.h" #include "ecryptfs.h" #include "decision_graph.h" -diff -up ecryptfs-utils-99/src/utils/mount.ecryptfs_private.c.werror ecryptfs-utils-99/src/utils/mount.ecryptfs_private.c ---- ecryptfs-utils-99/src/utils/mount.ecryptfs_private.c.werror 2012-07-23 18:59:05.229406400 +0200 -+++ ecryptfs-utils-99/src/utils/mount.ecryptfs_private.c 2012-07-23 18:59:05.240406463 +0200 +diff -up ecryptfs-utils-100/src/utils/mount.ecryptfs_private.c.werror ecryptfs-utils-100/src/utils/mount.ecryptfs_private.c +--- ecryptfs-utils-100/src/utils/mount.ecryptfs_private.c.werror 2012-08-20 15:46:19.801460530 +0200 ++++ ecryptfs-utils-100/src/utils/mount.ecryptfs_private.c 2012-08-20 15:46:19.847460902 +0200 @@ -95,7 +95,7 @@ int read_config(char *pw_dir, int uid, c *s = strdup(e->mnt_fsname); if (!*s) @@ -285,9 +323,20 @@ diff -up ecryptfs-utils-99/src/utils/mount.ecryptfs_private.c.werror ecryptfs-ut return 0; } -diff -up ecryptfs-utils-99/src/utils/test.c.werror ecryptfs-utils-99/src/utils/test.c ---- ecryptfs-utils-99/src/utils/test.c.werror 2012-05-18 21:06:17.000000000 +0200 -+++ ecryptfs-utils-99/src/utils/test.c 2012-07-23 18:59:05.240406463 +0200 +@@ -686,8 +686,8 @@ int main(int argc, char *argv[]) { + * update mtab for us, and replace the current process. + * Do not use the umount.ecryptfs helper (-i). + */ +- setresuid(0,0,0); +- setresgid(0,0,0); ++ rc=setresuid(0,0,0); ++ rc=setresgid(0,0,0); + clearenv(); + + /* Since we're doing a lazy unmount anyway, just unmount the current +diff -up ecryptfs-utils-100/src/utils/test.c.werror ecryptfs-utils-100/src/utils/test.c +--- ecryptfs-utils-100/src/utils/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-100/src/utils/test.c 2012-08-20 15:46:19.847460902 +0200 @@ -281,7 +281,7 @@ int ecryptfs_encrypt_page(int page_cache struct inode *lower_inode; struct ecryptfs_crypt_stat *crypt_stat; @@ -297,9 +346,9 @@ diff -up ecryptfs-utils-99/src/utils/test.c.werror ecryptfs-utils-99/src/utils/t int orig_byte_offset = 0; int num_extents_per_page; #define ECRYPTFS_PAGE_STATE_UNREAD 0 -diff -up ecryptfs-utils-99/tests/kernel/directory-concurrent/test.c.werror ecryptfs-utils-99/tests/kernel/directory-concurrent/test.c ---- ecryptfs-utils-99/tests/kernel/directory-concurrent/test.c.werror 2012-05-18 21:06:17.000000000 +0200 -+++ ecryptfs-utils-99/tests/kernel/directory-concurrent/test.c 2012-07-23 18:59:05.240406463 +0200 +diff -up ecryptfs-utils-100/tests/kernel/directory-concurrent/test.c.werror ecryptfs-utils-100/tests/kernel/directory-concurrent/test.c +--- ecryptfs-utils-100/tests/kernel/directory-concurrent/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-100/tests/kernel/directory-concurrent/test.c 2012-08-20 15:46:19.848460910 +0200 @@ -149,7 +149,7 @@ int hang_check(int option, const char *f int test_dirs(const char *path, const int max_dirs) @@ -309,9 +358,22 @@ diff -up ecryptfs-utils-99/tests/kernel/directory-concurrent/test.c.werror ecryp char *filename; size_t len = strlen(path) + 32; int ret = TEST_PASSED; -diff -up ecryptfs-utils-99/tests/kernel/extend-file-random/test.c.werror ecryptfs-utils-99/tests/kernel/extend-file-random/test.c ---- ecryptfs-utils-99/tests/kernel/extend-file-random/test.c.werror 2012-05-18 21:06:17.000000000 +0200 -+++ ecryptfs-utils-99/tests/kernel/extend-file-random/test.c 2012-07-23 18:59:05.241406469 +0200 +diff -up ecryptfs-utils-100/tests/kernel/enospc/test.c.werror ecryptfs-utils-100/tests/kernel/enospc/test.c +--- ecryptfs-utils-100/tests/kernel/enospc/test.c.werror 2012-08-02 15:20:17.000000000 +0200 ++++ ecryptfs-utils-100/tests/kernel/enospc/test.c 2012-08-20 15:46:19.848460910 +0200 +@@ -37,9 +37,6 @@ + int test_exercise(char *filename, ssize_t size) + { + int fd; +- ssize_t i; +- ssize_t n; +- struct stat statbuf; + ssize_t nbytes = size; + int ret = TEST_FAILED; + +diff -up ecryptfs-utils-100/tests/kernel/extend-file-random/test.c.werror ecryptfs-utils-100/tests/kernel/extend-file-random/test.c +--- ecryptfs-utils-100/tests/kernel/extend-file-random/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-100/tests/kernel/extend-file-random/test.c 2012-08-20 15:46:19.848460910 +0200 @@ -48,7 +48,7 @@ int test_write(int fd, char *buffer, siz } @@ -337,9 +399,9 @@ diff -up ecryptfs-utils-99/tests/kernel/extend-file-random/test.c.werror ecryptf len, offset, strerror(errno)); return TEST_FAILED; } -diff -up ecryptfs-utils-99/tests/kernel/file-concurrent/test.c.werror ecryptfs-utils-99/tests/kernel/file-concurrent/test.c ---- ecryptfs-utils-99/tests/kernel/file-concurrent/test.c.werror 2012-05-18 21:06:17.000000000 +0200 -+++ ecryptfs-utils-99/tests/kernel/file-concurrent/test.c 2012-07-23 18:59:05.241406469 +0200 +diff -up ecryptfs-utils-100/tests/kernel/file-concurrent/test.c.werror ecryptfs-utils-100/tests/kernel/file-concurrent/test.c +--- ecryptfs-utils-100/tests/kernel/file-concurrent/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-100/tests/kernel/file-concurrent/test.c 2012-08-20 15:46:19.849460918 +0200 @@ -177,7 +177,7 @@ int hang_check(int option, const char *f int test_files(const char *path, const int max_files) @@ -349,9 +411,9 @@ diff -up ecryptfs-utils-99/tests/kernel/file-concurrent/test.c.werror ecryptfs-u char *filename; size_t len = strlen(path) + 32; int ret = TEST_PASSED; -diff -up ecryptfs-utils-99/tests/kernel/inode-race-stat/test.c.werror ecryptfs-utils-99/tests/kernel/inode-race-stat/test.c ---- ecryptfs-utils-99/tests/kernel/inode-race-stat/test.c.werror 2012-05-18 21:06:17.000000000 +0200 -+++ ecryptfs-utils-99/tests/kernel/inode-race-stat/test.c 2012-07-23 18:59:05.241406469 +0200 +diff -up ecryptfs-utils-100/tests/kernel/inode-race-stat/test.c.werror ecryptfs-utils-100/tests/kernel/inode-race-stat/test.c +--- ecryptfs-utils-100/tests/kernel/inode-race-stat/test.c.werror 2012-08-02 15:20:17.000000000 +0200 ++++ ecryptfs-utils-100/tests/kernel/inode-race-stat/test.c 2012-08-20 15:46:19.849460918 +0200 @@ -106,7 +106,6 @@ static void do_test(const int fdin, cons { for (;;) { @@ -369,7 +431,7 @@ diff -up ecryptfs-utils-99/tests/kernel/inode-race-stat/test.c.werror ecryptfs-u ret = check_size(filename, sz); switch (ret) { -@@ -290,7 +289,7 @@ int main(int argc, char **argv) +@@ -307,7 +306,7 @@ int main(int argc, char **argv) } /* Now tell children to stat the file */ @@ -378,7 +440,7 @@ diff -up ecryptfs-utils-99/tests/kernel/inode-race-stat/test.c.werror ecryptfs-u for (i = 0; i < threads; i++) { if (write(pipe_to[i][1], cmd, strlen(cmd)+1) < 0) { fprintf(stderr, "write to pipe failed: %s\n", -@@ -347,6 +346,7 @@ abort: +@@ -364,6 +363,7 @@ abort: int ret; ret = write(pipe_to[i][1], cmd, 1); @@ -386,9 +448,9 @@ diff -up ecryptfs-utils-99/tests/kernel/inode-race-stat/test.c.werror ecryptfs-u (void)waitpid(pids[i], &status, 0); (void)close(pipe_to[i][1]); -diff -up ecryptfs-utils-99/tests/kernel/lp-509180/test.c.werror ecryptfs-utils-99/tests/kernel/lp-509180/test.c ---- ecryptfs-utils-99/tests/kernel/lp-509180/test.c.werror 2012-05-18 21:06:17.000000000 +0200 -+++ ecryptfs-utils-99/tests/kernel/lp-509180/test.c 2012-07-23 18:59:05.242406474 +0200 +diff -up ecryptfs-utils-100/tests/kernel/lp-509180/test.c.werror ecryptfs-utils-100/tests/kernel/lp-509180/test.c +--- ecryptfs-utils-100/tests/kernel/lp-509180/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-100/tests/kernel/lp-509180/test.c 2012-08-20 15:46:19.850460926 +0200 @@ -48,7 +48,6 @@ int main(int argc, char **argv) int fd; int opt, flags = 0; @@ -397,9 +459,9 @@ diff -up ecryptfs-utils-99/tests/kernel/lp-509180/test.c.werror ecryptfs-utils-9 char *file; unsigned char buffer[1]; -diff -up ecryptfs-utils-99/tests/kernel/trunc-file/test.c.werror ecryptfs-utils-99/tests/kernel/trunc-file/test.c ---- ecryptfs-utils-99/tests/kernel/trunc-file/test.c.werror 2012-05-18 21:06:17.000000000 +0200 -+++ ecryptfs-utils-99/tests/kernel/trunc-file/test.c 2012-07-23 18:59:05.242406474 +0200 +diff -up ecryptfs-utils-100/tests/kernel/trunc-file/test.c.werror ecryptfs-utils-100/tests/kernel/trunc-file/test.c +--- ecryptfs-utils-100/tests/kernel/trunc-file/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-100/tests/kernel/trunc-file/test.c 2012-08-20 15:46:19.850460926 +0200 @@ -39,7 +39,7 @@ int write_buff(int fd, unsigned char *data, ssize_t size) @@ -454,16 +516,3 @@ diff -up ecryptfs-utils-99/tests/kernel/trunc-file/test.c.werror ecryptfs-utils- exit(TEST_ERROR); } -diff -up ecryptfs-utils-100/tests/kernel/enospc/test.c.newfix ecryptfs-utils-100/tests/kernel/enospc/test.c ---- ecryptfs-utils-100/tests/kernel/enospc/test.c.newfix 2012-08-03 11:08:28.121411674 +0200 -+++ ecryptfs-utils-100/tests/kernel/enospc/test.c 2012-08-03 11:08:28.139411811 +0200 -@@ -37,9 +37,6 @@ - int test_exercise(char *filename, ssize_t size) - { - int fd; -- ssize_t i; -- ssize_t n; -- struct stat statbuf; - ssize_t nbytes = size; - int ret = TEST_FAILED; - diff --git a/ecryptfs-utils-87-pamdata.patch b/ecryptfs-utils-87-pamdata.patch index 8a46a85..01fe08e 100644 --- a/ecryptfs-utils-87-pamdata.patch +++ b/ecryptfs-utils-87-pamdata.patch @@ -1,6 +1,6 @@ -diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c ---- ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata 2012-07-23 20:16:39.161357208 +0200 -+++ ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c 2012-07-23 20:16:49.952442084 +0200 +diff -up ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c +--- ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c.pamdata 2012-08-20 14:39:10.895860230 +0200 ++++ ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c 2012-08-20 14:39:52.177176922 +0200 @@ -47,6 +47,26 @@ #define PRIVATE_DIR "Private" @@ -37,7 +37,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-util { char *unwrapped_pw_filename = NULL; struct stat s; -@@ -98,51 +118,37 @@ static int wrap_passphrase_if_necessary( +@@ -98,138 +118,63 @@ static int wrap_passphrase_if_necessary( PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { @@ -79,9 +79,10 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-util } } else { - syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%ld]\n", username, rc); -- goto out; -- } -- ++ syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user; rc = [%ld]\n", rc); + goto out; + } + - if ((oeuid = geteuid()) < 0 || (oegid = getegid()) < 0 || - (ngids = getgroups(sizeof(groups)/sizeof(gid_t), groups)) < 0) { - syslog(LOG_ERR, "pam_ecryptfs: geteuid error"); @@ -90,13 +91,12 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-util - - if (setegid(gid) < 0 || setgroups(1, &gid) < 0 || seteuid(uid) < 0) { - syslog(LOG_ERR, "pam_ecryptfs: seteuid error"); -+ syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user; rc = [%ld]\n", rc); - goto out; - } - -- if (!file_exists_dotecryptfs(homedir, "auto-mount")) + if (!file_exists_dotecryptfs(epd->homedir, "auto-mount")) goto out; +- } +- +- if (!file_exists_dotecryptfs(homedir, "auto-mount")) +- goto out; - private_mnt = ecryptfs_fetch_private_mnt(homedir); + private_mnt = ecryptfs_fetch_private_mnt(epd->homedir); if (ecryptfs_private_is_mounted(NULL, private_mnt, NULL, 1)) { @@ -105,9 +105,6 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-util /* If private/home is already mounted, then we can skip costly loading of keys */ goto out; -@@ -152,89 +158,28 @@ PAM_EXTERN int pam_sm_authenticate(pam_h - costly loading of keys */ - goto out; } - if(file_exists_dotecryptfs(homedir, "wrapping-independent") == 1) - rc = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF, &passphrase, "Encryption passphrase: "); @@ -196,17 +193,17 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-util - if (tmp_pid == -1) - syslog(LOG_WARNING, "pam_ecryptfs: waitpid() returned with error condition\n"); -out: - +- - seteuid(oeuid); - setegid(oegid); - setgroups(ngids, groups); -- + -outnouid: +out: if (private_mnt != NULL) free(private_mnt); return PAM_SUCCESS; -@@ -381,10 +326,115 @@ static int umount_private_dir(pam_handle +@@ -374,10 +319,119 @@ static int umount_private_dir(pam_handle return private_dir(pamh, 0); } @@ -247,7 +244,11 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-util + + if ((child_pid = fork()) == 0) { + /* temp regain uid 0 to drop privs */ -+ seteuid(oeuid); ++ if (seteuid(oeuid) < 0) ++ { ++ syslog(LOG_ERR, "pam_ecryptfs: seteuid error"); ++ goto out_child; ++ } + /* setgroups() already called */ + if (setgid(epd->gid) < 0 || setuid(epd->uid) < 0) + goto out_child; @@ -304,9 +305,9 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.pamdata ecryptfs-util + syslog(LOG_WARNING, + "waitpid() returned with error condition\n"); +out: -+ seteuid(oeuid); -+ setegid(oegid); -+ setgroups(ngids, groups); ++ rc = seteuid(oeuid); ++ rc = setegid(oegid); ++ rc = setgroups(ngids, groups); + +outnouid: + diff --git a/ecryptfs-utils-87-syslog.patch b/ecryptfs-utils-87-syslog.patch index 91438c6..24166f6 100644 --- a/ecryptfs-utils-87-syslog.patch +++ b/ecryptfs-utils-87-syslog.patch @@ -1,6 +1,6 @@ -diff -up ecryptfs-utils-99/src/include/ecryptfs.h.syslog ecryptfs-utils-99/src/include/ecryptfs.h ---- ecryptfs-utils-99/src/include/ecryptfs.h.syslog 2012-07-24 13:22:22.225044430 +0200 -+++ ecryptfs-utils-99/src/include/ecryptfs.h 2012-07-24 13:22:22.228044457 +0200 +diff -up ecryptfs-utils-100/src/include/ecryptfs.h.syslog ecryptfs-utils-100/src/include/ecryptfs.h +--- ecryptfs-utils-100/src/include/ecryptfs.h.syslog 2012-08-20 15:49:24.351952427 +0200 ++++ ecryptfs-utils-100/src/include/ecryptfs.h 2012-08-20 15:49:24.355952459 +0200 @@ -143,7 +143,7 @@ #define ECRYPTFS_TAG_67_PACKET 0x43 @@ -10,9 +10,9 @@ diff -up ecryptfs-utils-99/src/include/ecryptfs.h.syslog ecryptfs-utils-99/src/i #define ECRYPTFS_MAX_NUM_CIPHERS 64 #define ECRYPTFS_ECHO_ON 1 -diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c ---- ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog 2012-07-24 13:22:22.222044403 +0200 -+++ ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c 2012-07-24 13:23:02.726405147 +0200 +diff -up ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c +--- ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c.syslog 2012-08-20 15:49:24.348952403 +0200 ++++ ecryptfs-utils-100/src/pam_ecryptfs/pam_ecryptfs.c 2012-08-20 15:49:34.357033235 +0200 @@ -94,7 +94,7 @@ static int wrap_passphrase_if_necessary( rc = asprintf(&unwrapped_pw_filename, "/dev/shm/.ecryptfs-%s", username); @@ -22,16 +22,16 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils return -ENOMEM; } /* If /dev/shm/.ecryptfs-$USER exists and owned by the user -@@ -108,7 +108,7 @@ static int wrap_passphrase_if_necessary( - setuid(uid); - rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename); - if (rc != 0) { +@@ -106,7 +106,7 @@ static int wrap_passphrase_if_necessary( + passphrase != NULL && *passphrase != '\0' && + username != NULL && *username != '\0') { + if ((rc = setuid(uid))<0 || ((rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename)) != 0)) { - syslog(LOG_ERR, "pam_ecryptfs: Error wrapping cleartext password; " "rc = [%d]\n", rc); + ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error wrapping cleartext password; " "rc = [%d]\n", rc); } return rc; } -@@ -125,7 +125,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -122,7 +122,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h struct ecryptfs_pam_data *epd = {0,}; if ((epd = malloc(sizeof(struct ecryptfs_pam_data))) == NULL) { @@ -40,7 +40,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc = -ENOMEM; goto out; } -@@ -141,7 +141,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -138,7 +138,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h epd->homedir = pwd->pw_dir; } } else { @@ -49,7 +49,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils goto out; } -@@ -149,7 +149,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -146,7 +146,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h goto out; private_mnt = ecryptfs_fetch_private_mnt(epd->homedir); if (ecryptfs_private_is_mounted(NULL, private_mnt, NULL, 1)) { @@ -58,7 +58,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils /* If private/home is already mounted, then we can skip costly loading of keys */ goto out; -@@ -164,7 +164,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -157,7 +157,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h rc = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&epd->passphrase); epd->passphrase = strdup(epd->passphrase); if (rc != PAM_SUCCESS) { @@ -67,7 +67,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc); goto out; } -@@ -175,7 +175,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -168,7 +168,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h from_hex(epd->salt, salt_hex, ECRYPTFS_SALT_SIZE); epd->unwrap = ((argc == 1) && (memcmp(argv[0], "unwrap\0", 7) == 0)); if ((rc=pam_set_data(pamh, ECRYPTFS_PAM_DATA, epd, pam_free_ecryptfsdata)) != PAM_SUCCESS) { @@ -76,7 +76,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils goto out; } -@@ -199,12 +199,12 @@ static struct passwd *fetch_pwd(pam_hand +@@ -192,12 +192,12 @@ static struct passwd *fetch_pwd(pam_hand rc = pam_get_user(pamh, &username, NULL); if (rc != PAM_SUCCESS || username == NULL) { @@ -91,7 +91,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils return NULL; } return pwd; -@@ -235,13 +235,13 @@ static int private_dir(pam_handle_t *pam +@@ -228,13 +228,13 @@ static int private_dir(pam_handle_t *pam if ( (asprintf(&autofile, "%s/.ecryptfs/%s", pwd->pw_dir, a) < 0) || autofile == NULL) { @@ -107,7 +107,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils return 1; } if (stat(sigfile, &s) != 0) { -@@ -253,7 +253,7 @@ static int private_dir(pam_handle_t *pam +@@ -246,7 +246,7 @@ static int private_dir(pam_handle_t *pam goto out; } if ((pid = fork()) < 0) { @@ -116,7 +116,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils return 1; } if (pid == 0) { -@@ -261,7 +261,7 @@ static int private_dir(pam_handle_t *pam +@@ -254,7 +254,7 @@ static int private_dir(pam_handle_t *pam if ((asprintf(&recorded, "%s/.ecryptfs/.wrapped-passphrase.recorded", pwd->pw_dir) < 0) || recorded == NULL) { @@ -125,7 +125,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils _exit(255); } if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) { -@@ -273,12 +273,12 @@ static int private_dir(pam_handle_t *pam +@@ -266,12 +266,12 @@ static int private_dir(pam_handle_t *pam } if (stat(autofile, &s) != 0) { /* User does not want to auto-mount */ @@ -140,7 +140,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils _exit(255); } /* run mount.ecryptfs_private as the user */ -@@ -286,16 +286,16 @@ static int private_dir(pam_handle_t *pam +@@ -279,16 +279,16 @@ static int private_dir(pam_handle_t *pam _exit(255); execl("/sbin/mount.ecryptfs_private", "mount.ecryptfs_private", NULL); @@ -160,7 +160,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils _exit(255); } /* run umount.ecryptfs_private as the user */ -@@ -303,7 +303,7 @@ static int private_dir(pam_handle_t *pam +@@ -296,7 +296,7 @@ static int private_dir(pam_handle_t *pam _exit(255); execl("/sbin/umount.ecryptfs_private", "umount.ecryptfs_private", NULL); @@ -169,7 +169,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils _exit(255); } _exit(255); -@@ -338,24 +338,24 @@ static int fill_keyring(pam_handle_t *pa +@@ -331,24 +331,24 @@ static int fill_keyring(pam_handle_t *pa if ((rc=pam_get_data(pamh, ECRYPTFS_PAM_DATA, (const void **)&epd)) != PAM_SUCCESS) { @@ -198,7 +198,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils return -ENOMEM; } -@@ -367,12 +367,12 @@ static int fill_keyring(pam_handle_t *pa +@@ -364,12 +364,12 @@ static int fill_keyring(pam_handle_t *pa goto out_child; if (epd->passphrase == NULL) { @@ -213,7 +213,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils "Cannot validate keyring integrity\n"); } rc = 0; -@@ -384,12 +384,12 @@ static int fill_keyring(pam_handle_t *pa +@@ -381,12 +381,12 @@ static int fill_keyring(pam_handle_t *pa epd->homedir, ECRYPTFS_DEFAULT_WRAPPED_PASSPHRASE_FILENAME); if (rc == -1) { @@ -228,7 +228,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils } else { goto out_child; } -@@ -405,7 +405,7 @@ static int fill_keyring(pam_handle_t *pa +@@ -402,7 +402,7 @@ static int fill_keyring(pam_handle_t *pa goto out_child; } if (rc) { @@ -237,7 +237,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils "user session keyring; rc = [%d]\n", rc); goto out_child; } -@@ -415,7 +415,7 @@ out_child: +@@ -412,7 +412,7 @@ out_child: } tmp_pid = waitpid(child_pid, NULL, 0); if (tmp_pid == -1) @@ -245,8 +245,8 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils + ecryptfs_syslog(LOG_WARNING, "waitpid() returned with error condition\n"); out: - seteuid(oeuid); -@@ -473,33 +473,33 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand + rc = seteuid(oeuid); +@@ -470,33 +470,33 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand homedir = pwd->pw_dir; } } else { @@ -285,7 +285,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc = PAM_AUTHTOK_RECOVER_ERR; } goto out; -@@ -507,13 +507,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -504,13 +504,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand if ((rc = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&new_passphrase)) != PAM_SUCCESS) { @@ -301,7 +301,7 @@ diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc = -ENOMEM; goto out; } -@@ -523,13 +523,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -520,13 +520,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand from_hex(salt, salt_hex, ECRYPTFS_SALT_SIZE); } if (wrap_passphrase_if_necessary(username, uid, wrapped_pw_filename, new_passphrase, salt) == 0) { diff --git a/ecryptfs-utils.spec b/ecryptfs-utils.spec index 90fba2c..83c6a24 100644 --- a/ecryptfs-utils.spec +++ b/ecryptfs-utils.spec @@ -5,7 +5,7 @@ Name: ecryptfs-utils Version: 100 -Release: 1%{?dist} +Release: 2%{?dist} Summary: The eCryptfs mount helper and support libraries Group: System Environment/Base License: GPLv2+ @@ -262,6 +262,9 @@ rm -rf $RPM_BUILD_ROOT %{python_sitearch}/ecryptfs-utils/_libecryptfs.so %changelog +* Mon Aug 20 2012 Michal Hlavinka - 100-2 +- fix Werror messages in new build environment + * Fri Aug 03 2012 Michal Hlavinka - 100-1 - ecryptfs-utils updated to 100