diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ab663e7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/lockdev-1.0.4.20111007git.tar.gz diff --git a/.lockdev.metadata b/.lockdev.metadata new file mode 100644 index 0000000..3d21bf2 --- /dev/null +++ b/.lockdev.metadata @@ -0,0 +1 @@ +799423f74018a0fc9742b2d915d8a226b377fff4 SOURCES/lockdev-1.0.4.20111007git.tar.gz diff --git a/SOURCES/0001-Fix-manpages-NAME-section.patch b/SOURCES/0001-Fix-manpages-NAME-section.patch new file mode 100644 index 0000000..496dcb4 --- /dev/null +++ b/SOURCES/0001-Fix-manpages-NAME-section.patch @@ -0,0 +1,36 @@ +From 1cc25ae8129e399ed76f1ef85be1b7f53f61bc51 Mon Sep 17 00:00:00 2001 +From: Sebastian Kisela +Date: Mon, 6 Aug 2018 17:06:35 +0200 +Subject: [PATCH] Fix manpages NAME section +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +According to lexgrog manpage: +"Some manual pagers require the ‘\-’ to be exactly as shown; +mandb is more tolerant, but for compatibility with other systems +it is nevertheless a good idea to retain the backslash." + +Fix the wording to make the man page check pass. + +Fixes: #1612764 +--- + docs/lockdev.8 | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/docs/lockdev.8 b/docs/lockdev.8 +index a7c117f..8739211 100644 +--- a/docs/lockdev.8 ++++ b/docs/lockdev.8 +@@ -4,7 +4,7 @@ + .\" Man page written by Jiri Popelka + .\" + .SH NAME +-\fBLockdev\fR is a setgid binary, ++\fBLockdev\fR \- a setgid binary, + which provides a reliable way to put an exclusive lock + in /var/lock to devices (e.g. ttyS0) using both FSSTND and SVr4 methods, + so regular users don't need write access there. +-- +2.14.4 + diff --git a/SOURCES/0001-major-and-minor-functions-moved-to-sysmacros.h.patch b/SOURCES/0001-major-and-minor-functions-moved-to-sysmacros.h.patch new file mode 100644 index 0000000..64b007c --- /dev/null +++ b/SOURCES/0001-major-and-minor-functions-moved-to-sysmacros.h.patch @@ -0,0 +1,57 @@ +From fb98a845d155fdfbd45c22a6b062c3cfbe692a0a Mon Sep 17 00:00:00 2001 +From: Sebastian Kisela +Date: Wed, 25 Jul 2018 09:18:33 +0200 +Subject: [PATCH] major and minor functions moved to sysmacros.h + +According to https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=NEWS;hb=HEAD +(glibc changelog) the below happened, therefore explicitly include + + +" +... +The macros 'major', 'minor', and 'makedev' are now only available from +the header ; not from or various other +headers that happen to include . These macros are rarely +used, not part of POSIX nor XSI, and their names frequently collide with +user code; see https://sourceware.org/bugzilla/show_bug.cgi?id=19239 for +further explanation. + + is a GNU extension. Portable programs that require +these macros should first include , and then include + if __GNU_LIBRARY__ is defined. +... +" + +Signed-off-by: Sebastian Kisela +--- + src/lockdev.c | 1 + + src/lockdev.c.access | 1 + + 2 files changed, 2 insertions(+) + +diff --git a/src/lockdev.c b/src/lockdev.c +index 6e69894..ec86f65 100644 +--- a/src/lockdev.c ++++ b/src/lockdev.c +@@ -121,6 +121,7 @@ + #include + #include + #include ++#include + #include + #include "lockdev.h" + #include "ttylock.h" +diff --git a/src/lockdev.c.access b/src/lockdev.c.access +index 9a0fca5..3581938 100644 +--- a/src/lockdev.c.access ++++ b/src/lockdev.c.access +@@ -117,6 +117,7 @@ + #include + #include + #include ++#include + #include + #include "lockdev.h" + #include "ttylock.h" +-- +2.14.4 + diff --git a/SOURCES/lockdev-euidaccess.patch b/SOURCES/lockdev-euidaccess.patch new file mode 100644 index 0000000..2ed5cee --- /dev/null +++ b/SOURCES/lockdev-euidaccess.patch @@ -0,0 +1,91 @@ +diff -up lockdev-scm-2011-10-07/src/lockdev.c.access lockdev-scm-2011-10-07/src/lockdev.c +--- lockdev-scm-2011-10-07/src/lockdev.c.access 2011-07-22 09:37:10.000000000 +0200 ++++ lockdev-scm-2011-10-07/src/lockdev.c 2013-12-05 11:56:57.836961642 +0100 +@@ -95,6 +95,10 @@ + * + */ + ++#ifndef _GNU_SOURCE ++ #define _GNU_SOURCE ++#endif ++ + #include + #include + #include +@@ -125,6 +125,10 @@ + #include "lockdev.h" + #include "ttylock.h" + ++#ifndef LOCKDEV_ACCESS ++#define LOCKDEV_ACCESS euidaccess ++#endif ++ + #define LOCKDEV_PATH SBINDIR "/lockdev" + + /* +@@ -616,7 +620,10 @@ dev_lock (const char *devname) + if ( stat( device, &statbuf) == -1 ) { + close_n_return(-errno); + } +- if ( access( device, W_OK ) == -1 ) { ++ /* check that the caller has write permission to the device ++ * to prevent denial-of-service attack by unauthorized users ++ */ ++ if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) { + close_n_return(-errno); + } + +@@ -780,7 +787,10 @@ dev_relock (const char *devname, + if ( stat( device, &statbuf) == -1 ) { + close_n_return(-errno); + } +- if ( access( device, W_OK ) == -1 ) { ++ /* check that the caller has write permission to the device ++ * to prevent denial-of-service attack by unauthorized users ++ */ ++ if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) { + close_n_return(-errno); + } + +@@ -870,7 +880,10 @@ dev_unlock (const char *devname, + if ( stat( device, &statbuf) == -1 ) { + close_n_return(-errno); + } +- if ( access( device, W_OK ) == -1 ) { ++ /* check that the caller has write permission to the device ++ * to prevent denial-of-service attack by unauthorized users ++ */ ++ if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) { + close_n_return(-errno); + } + +diff -ru lockdev-save/src/Makefile.am lockdev-scm-2011-10-07/src/Makefile.am +--- lockdev-save/src/Makefile.am 2014-09-18 13:42:00.363741658 +0200 ++++ lockdev-scm-2011-10-07/src/Makefile.am 2014-09-18 13:52:10.307868154 +0200 +@@ -6,7 +6,6 @@ + AM_CPPFLAGS = -include $(top_builddir)/config.h -DSBINDIR=\"$(sbindir)\" + + lockdev_SOURCES = sample.c +-lockdev_LDADD = liblockdev.la + + baudboy_SOURCES = baudboy_test.c + baudboy_LDADD = liblockdev.la +Solo in lockdev-scm-2011-10-07/src: Makefile.in +diff -ru lockdev-save/src/sample.c lockdev-scm-2011-10-07/src/sample.c +--- lockdev-save/src/sample.c 2014-09-18 13:42:00.363741658 +0200 ++++ lockdev-scm-2011-10-07/src/sample.c 2014-09-18 14:06:03.769023380 +0200 +@@ -6,6 +6,13 @@ + #include + #include "lockdev.h" + ++/* ttylock functions swap the real/effective uid/gid for us, so ++ * use access instead of euidaccess. ++ */ ++#define LOCKDEV_ACCESS access ++#undef TTYLOCK_USE_HELPER ++#include "lockdev.c" ++ + void + usage (void) + { +Solo in lockdev-scm-2011-10-07: VERSION diff --git a/SPECS/lockdev.spec b/SPECS/lockdev.spec new file mode 100644 index 0000000..047e987 --- /dev/null +++ b/SPECS/lockdev.spec @@ -0,0 +1,409 @@ +# Where lock files are stored +%global _lockdir /run/lock/lockdev + +%global checkout 20111007git +%global co_date 2011-10-07 + +#http://lists.fedoraproject.org/pipermail/devel/2011-August/155358.html +%global _hardened_build 1 + +Summary: A library for locking devices +Name: lockdev +Version: 1.0.4 +Release: 0.28.%{checkout}%{?dist} +License: LGPLv2 +Group: System Environment/Libraries +URL: https://alioth.debian.org/projects/lockdev/ + +# This is a nightly snapshot downloaded via +# https://alioth.debian.org/snapshots.php?group_id=100443 +Source0: lockdev-%{version}.%{checkout}.tar.gz + +Patch1: lockdev-euidaccess.patch +Patch2: 0001-major-and-minor-functions-moved-to-sysmacros.h.patch +Patch3: 0001-Fix-manpages-NAME-section.patch + +Requires(pre): shadow-utils +Requires(post): glibc +Requires(postun): glibc +Requires: systemd + +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libtool +BuildRequires: perl-interpreter +BuildRequires: perl(ExtUtils::MakeMaker) +BuildRequires: systemd + +%description +Lockdev provides a reliable way to put an exclusive lock to devices +using both FSSTND and SVr4 methods. + +%package devel +Summary: The header files for the lockdev library +Group: System Environment/Libraries +Requires: lockdev = %{version}-%{release} + +%description devel +The lockdev library provides a reliable way to put an exclusive lock +on devices using both FSSTND and SVr4 methods. The lockdev-devel +package contains the development headers. + + +%prep +%setup -q -n lockdev-scm-%{co_date} + +# Replace access() calls with euidaccess() (600636#c33) +%patch1 -p1 -b .access +%patch2 -p1 +%patch3 -p1 + +%build +# Generate version information from git release tag +./scripts/git-version > VERSION + +# To satisfy automake +touch ChangeLog + +# Bootstrap autotools +autoreconf --verbose --force --install + +CFLAGS="%{optflags} -D_PATH_LOCK=\\\"%{_lockdir}\\\"" \ +%configure --disable-static --enable-helper --disable-silent-rules + +make %{?_smp_mflags} + +%install +make install DESTDIR=%{buildroot} + +rm -f %{buildroot}%{_libdir}/*.la + +# %%ghosted, but needs to be in buildroot +# on reboot re-created by %%{_prefix}/lib/tmpfiles.d/legacy.conf +mkdir -p %{buildroot}%{_lockdir} + +# install /usr/lib/tmpfiles.d/lockdev.conf (#1324184) +mkdir -p ${RPM_BUILD_ROOT}%{_tmpfilesdir} +cat > ${RPM_BUILD_ROOT}%{_tmpfilesdir}/lockdev.conf </dev/null 2>&1 || groupadd -g 54 -r -f lock >/dev/null 2>&1 || : + +%post +/sbin/ldconfig +if [ $1 -eq 1 ] ; then +# for the time until first reboot +%tmpfiles_create +fi + +%postun -p /sbin/ldconfig + + +%files +%{license} COPYING +%doc AUTHORS +%ghost %dir %attr(0775,root,lock) %{_lockdir} +%attr(2711,root,lock) %{_sbindir}/lockdev +%{_tmpfilesdir}/lockdev.conf +%{_libdir}/*.so.* +%{_mandir}/man8/* + +%files devel +%{_libdir}/*.so +%{_libdir}/pkgconfig/lockdev.pc +%{_mandir}/man3/* +%{_includedir}/* + +%changelog +* Mon Aug 06 2018 Sebastian Kisela - 1.0.4-0.28. +- Fix man page wording to pass errors detected by lexgrog. +Fixes: 1612764 + +* Fri Jul 13 2018 Fedora Release Engineering - 1.0.4-0.27.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild +- Explicitly include due to glibc-headers changes. +Definition of major and minor macros is no longer transitively included +through , hence make it explicit. +Ref: +https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=NEWS;hb=HEAD + +* Thu Feb 08 2018 Fedora Release Engineering - 1.0.4-0.26.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Aug 03 2017 Fedora Release Engineering - 1.0.4-0.25.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 1.0.4-0.24.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 1.0.4-0.23.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Apr 06 2016 Jiri Popelka - 1.0.4-0.22.20111007git +- /run/lock/lockdev no longer created by systemd (#1324184) + +* Thu Feb 04 2016 Fedora Release Engineering - 1.0.4-0.21.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jun 17 2015 Fedora Release Engineering - 1.0.4-0.20.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Nov 03 2014 Jiri Popelka - 1.0.4-0.19.20111007git +- change _lockdir from /var/lock/lockdev to /run/lock/lockdev + +* Thu Sep 18 2014 Jiri Popelka - 1.0.4-0.18.20111007git +- better euidaccess.patch from Paolo Bonzini (#600636#c33) + +* Sun Aug 17 2014 Fedora Release Engineering - 1.0.4-0.17.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 1.0.4-0.16.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sat Dec 21 2013 Ville Skyttä - 1.0.4-0.15.20111007git +- BuildRequire systemd for %%tmpfiles_create. + +* Thu Dec 05 2013 Jiri Popelka - 1.0.4-0.14.20111007git +- Define _GNU_SOURCE in lockdev.c + +* Thu Nov 28 2013 Jiri Popelka - 1.0.4-0.13.20111007git +- revert previous change and use %%tmpfiles_create in %%post + +* Wed Nov 27 2013 Jiri Popelka - 1.0.4-0.12.20111007git +- do not %%ghost /var/lock/lockdev (https://fedorahosted.org/fesco/ticket/525) + +* Mon Aug 26 2013 Jiri Popelka - 1.0.4-0.11.20111007git +- Remove the %%post scriptlet completely (#983772) + +* Mon Aug 26 2013 Jiri Popelka - 1.0.4-0.10.20111007git +- Silence possible %%post scriptlet errors (#983772) + +* Sat Aug 03 2013 Fedora Release Engineering - 1.0.4-0.9.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Fri Jul 12 2013 Jiri Popelka - 1.0.4-0.8.20111007git +- %%{_lockdir} is %%ghost-ed (#983772) + +* Mon Jun 03 2013 Jiri Popelka - 1.0.4-0.7.20111007git +- Replace access() calls with euidaccess(), build with -D_GNU_SOURCE (600636#c9) + +* Thu Feb 14 2013 Fedora Release Engineering - 1.0.4-0.6.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Jul 19 2012 Fedora Release Engineering - 1.0.4-0.5.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jan 13 2012 Fedora Release Engineering - 1.0.4-0.4.20111007git +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Thu Oct 20 2011 Jiri Popelka - 1.0.4-0.3.20111007git +- Define _hardened_build + +* Wed Oct 19 2011 Jiri Popelka - 1.0.4-0.2.20111007git +- Fixed URL +- Removed unused patches + +* Fri Oct 07 2011 Jiri Popelka - 1.0.4-0.1.20111007git +- pre 1.0.4 nightly snapshot + +* Mon Apr 04 2011 Jiri Popelka - 1.0.3-10 +- Revert previous change (#681898) +- /etc/tmpfiles.d/lockdev.conf moved into systemd upstream (#692714) + +* Thu Mar 03 2011 Jan Görig - 1.0.3-9 +- Change /var/lock/lockdev permissions to 1777 (#681898) + +* Tue Feb 08 2011 Fedora Release Engineering - 1.0.3-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Thu Nov 25 2010 Jiri Popelka - 1.0.3-7 +- Fixed some rpmlint warnings + +* Thu Nov 25 2010 Jiri Popelka - 1.0.3-6 +- Added /etc/tmpfiles.d/lockdev.conf to enable lock directory on tmpfs (#656614) +- Don't ship static library at all + +* Mon Apr 19 2010 Jiri Popelka - 1.0.3-5 +- Changed directory for lock files from /var/lock to /var/lock/lockdev (#581884) + +* Thu Jan 21 2010 Jiri Popelka - 1.0.3-4 +- Created -static subpackage to ship static library separately +- Updated lockdev.8 manpage + +* Thu Dec 10 2009 Jiri Popelka - 1.0.3-3 +- Correct rh.patch + +* Thu Dec 10 2009 Jiri Popelka - 1.0.3-2 +- Correct rh.patch + +* Mon Dec 07 2009 Jiri Popelka - 1.0.3-1 +- 1.0.3. No longer need 1.0.0-signal, 1.0.1-subdir, 1.0.1-fcntl, 1.0.1-32bit patches. +- Renumbered patches and sources. + +* Thu Dec 03 2009 Jiri Popelka - 1.0.1-20 +- Fixed pre section (http://fedoraproject.org/wiki/Packaging/UsersAndGroups) +- Added back Buildroot to silence rpmlint's false positive + +* Tue Dec 01 2009 Jiri Popelka - 1.0.1-19 +- Added license text to package + +* Fri Oct 02 2009 Jiri Popelka - 1.0.1-18 +- Fixed mixed-use-of-spaces-and-tabs + +* Fri Oct 02 2009 Jiri Popelka - 1.0.1-17 +- Removed PreReq tag + +* Fri Sep 25 2009 Jiri Popelka - 1.0.1-16 +- Manual page for /usr/sbin/lockdev + +* Sat Jul 25 2009 Fedora Release Engineering - 1.0.1-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed Feb 25 2009 Fedora Release Engineering - 1.0.1-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Mon Oct 6 2008 Karel Zak - 1.0.1-13 +- refresh patches (due --fuzz=0) +- fix compiler warnings + +* Tue Feb 19 2008 Fedora Release Engineering - 1.0.1-12.1 +- Autorebuild for GCC 4.3 + +* Mon Oct 15 2007 Tom "spot" Callaway - 1.0.1-11.1 +- correct license tag +- add BR: perl(ExtUtils::MakeMaker) + +* Thu Apr 12 2007 Karel Zak - 1.0.1-11 +- fix rpmlint issues +- change lockdev permissions from 2755 to 2711 + +* Wed Jul 19 2006 Karel Zak - 1.0.1-10 +- rebuild + +* Wed Jul 12 2006 Jesse Keating - 1.0.1-9.2.2 +- rebuild + +* Fri Feb 10 2006 Jesse Keating - 1.0.1-9.2.1 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 1.0.1-9.2 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Wed Sep 21 2005 Karel Zak 1.0.1-9 +- fix #165189 - The naming of the lock file by the lockdev command is abnormal. + +* Thu Sep 1 2005 Karel Zak 1.0.1-8 +- fix #163276 - baudboy.h should include fcntl.h + +* Sat Mar 5 2005 Karel Zak 1.0.1-6 +- rebuilt + +* Wed Feb 23 2005 Karel Zak 1.0.1-5 +- lockdev errs on /dev/input/ttyACM0 (3-component pathname) (#126082, #98160, #74454) + +* Fri Oct 22 2004 Adrian Havill 1.0.1-4 +- don't unlock files if pid still exists (#128104) + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Tue Mar 02 2004 Elliot Lee +- rebuilt + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Tue Sep 9 2003 Nalin Dahyabhai 1.0.1-1.3 +- rebuild + +* Mon Sep 8 2003 Nalin Dahyabhai 1.0.1-1.2 +- rebuild + +* Wed Aug 20 2003 Adrian Havill 1.0.1-1.1 +- bump n-v-r for 3.0E + +* Fri Aug 15 2003 Adrian Havill 1.0.1-1 +- bumped version +- make the dev rewrite work with ttys in the /dev/input subdir, not just + the base level dir (#98160) + +* Wed Jun 04 2003 Elliot Lee +- rebuilt + +* Tue Feb 04 2003 Florian La Roche +- add symlink to shared lib + +* Wed Jan 22 2003 Tim Powers +- rebuilt + +* Fri Nov 29 2002 Jeff Johnson +- don't segfault if device arg is missing. + +* Fri Jun 21 2002 Tim Powers +- automated rebuild + +* Wed Jun 5 2002 Jeff Johnson 1.0.0-19 +- fix: don't ignore signals, use default behavior instead (#63468). + +* Thu May 23 2002 Tim Powers +- automated rebuild + +* Mon Feb 25 2002 Nalin Dahyabhai 1.0.0-16 +- include liblockdev.so so that programs can link to a shared liblockdev +- fix shared library version numbers + +* Wed Jan 09 2002 Tim Powers +- automated rebuild + +* Thu Nov 29 2001 Trond Eivind Glomsrod 1.0.0-16 +- Rebuilt + +* Fri Oct 26 2001 Trond Eivind Glomsrod 1.0.0-15 +- Add copyright/license info to baudboy.h (#54321) + +* Tue Sep 4 2001 Jeff Johnson +- swap egid and gid for lockdev's access(2) device check (#52029). + +* Tue Aug 28 2001 Jeff Johnson +- typo in include file (#52704). +- map specific errno's into status for return from helper. + +* Tue Aug 14 2001 Jeff Johnson +- set exit status correctly. + +* Thu Aug 9 2001 Bill Nottingham +- check that we can open the device r/w before locking +- fix calling lockdev without any arguments +- fix waitpid() call in baudboy.h +- use umask(002), not umask(0) + +* Wed Aug 8 2001 Bill Nottingham +- add lock group here, own /var/lock as well + +* Sun Aug 5 2001 Jeff Johnson +- include setgid helper binary and baudboy.h. + +* Mon Jun 18 2001 Trond Eivind Glomsrod +- Make the -devel depend on the main package + +* Sun Aug 06 2000 Trond Eivind Glomsrod +- rebuild + +* Wed Jul 12 2000 Prospector +- automatic rebuild + +* Sat Jun 17 2000 Bill Nottingham +- add %%defattr for -devel + +* Sat Jun 10 2000 Trond Eivind Glomsrod +- use %%{_mandir} + +* Thu May 04 2000 Trond Eivind Glomsrod +- first build