rpms / rpcbind

Clone
Source Code
GIT

Files

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c8s
  2.   SOURCES
  3.   rpcbind-1.2.5-dowgrade-priority-callit.patch
Blob Blame History Raw 
From 7be92b30e47801c651e5316217d1651454653f68 Mon Sep 17 00:00:00 2001
From: Roberto Bergantinos Corpas <rbergant@redhat.com>
Date: Mon, 16 Nov 2020 08:39:36 -0500
Subject: [PATCH] security: dowgrade priority for non-libwrap CALLIT logging

Use aswell auth.warning for non-libwrap CALLIT logging, otherwise
we'll broadcast everywhere for a call that is not allowed anyway

Signed-off-by: Roberto Bergantinos Corpas <rbergant@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
---
 src/security.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/security.c b/src/security.c
index 329c53d..38967dd 100644
--- a/src/security.c
+++ b/src/security.c
@@ -346,7 +346,7 @@ deny:
 	logit(deny_severity, sa, args->rmt_proc, args->rmt_prog,
 	    ": indirect call not allowed");
 #else
-	logit(0, sa, args->rmt_proc, args->rmt_prog,
+	logit(LOG_AUTH|LOG_WARNING, sa, args->rmt_proc, args->rmt_prog,
 	    ": indirect call not allowed");
 #endif
 	return 0;
-- 
2.26.2

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation