rpms/util-linux/F-7 util-linux-2.12a-mount-lockperm.patch, NONE, 1.1 util-linux.spec, 1.154, 1.155

Karel Zak (kzak) fedora-extras-commits at redhat.com
Thu Aug 2 09:22:52 UTC 2007


Author: kzak

Update of /cvs/pkgs/rpms/util-linux/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8236

Modified Files:
	util-linux.spec 
Added Files:
	util-linux-2.12a-mount-lockperm.patch 
Log Message:
* Thu Aug  2  2007 Karel Zak <kzak at redhat.com> 2.13-0.53
- fix #236848 - mount/fstab.c:lock_mtab() should open with proper permissions


util-linux-2.12a-mount-lockperm.patch:

--- NEW FILE util-linux-2.12a-mount-lockperm.patch ---

From: Flávio Leitner <fleitner at redhat.com>
Subject: mount should set proper permissions on locktime

When creating the "/etc/mtab~" lockfile (specifically 'linktargetfile'  in the
lock_mtab function), the file is created with incorrect permissions ('000')
which necessitates root to leverage CAP_DAC_OVERRIDE. If proper file modes (it
would appear 0600 would be sufficient) were used in the open this would
function properly with CAP_DAC_OVERRIDE revoked.

--- util-linux-2.12a/mount/fstab.c.kzak	2007-07-31 12:13:26.000000000 +0200
+++ util-linux-2.12a/mount/fstab.c	2007-07-31 12:13:11.000000000 +0200
@@ -433,7 +433,7 @@
 	linktargetfile = xmalloc(strlen(MOUNTLOCK_LINKTARGET) + 20);
 	sprintf(linktargetfile, MOUNTLOCK_LINKTARGET, getpid ());
 
-	i = open (linktargetfile, O_WRONLY|O_CREAT, 0);
+	i = open (linktargetfile, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR);
 	if (i < 0) {
 		int errsv = errno;
 		/* linktargetfile does not exist (as a file)


Index: util-linux.spec
===================================================================
RCS file: /cvs/pkgs/rpms/util-linux/F-7/util-linux.spec,v
retrieving revision 1.154
retrieving revision 1.155
diff -u -r1.154 -r1.155
--- util-linux.spec	10 Jul 2007 09:55:56 -0000	1.154
+++ util-linux.spec	2 Aug 2007 09:22:19 -0000	1.155
@@ -9,7 +9,7 @@
 Summary: A collection of basic system utilities.
 Name: util-linux
 Version: 2.13
-Release: 0.52%{?dist}
+Release: 0.53%{?dist}
 License: distributable
 Group: System Environment/Base
 
@@ -257,10 +257,9 @@
 Patch268: util-linux-2.13-mount-loop.patch
 # 213253: "cal -3" generates improperly formatted output
 Patch269: util-linux-2.13-cal-3.patch
+# 236848 - mount/fstab.c:lock_mtab() should open with proper permissions
+Patch270: util-linux-2.12a-mount-lockperm.patch
 
-# When adding patches, please make sure that it is easy to find out what bug # the 
-# patch fixes.
-########### END upstreamable
 
 %description
 The util-linux package contains a large variety of low-level system
@@ -365,6 +364,7 @@
 %patch267 -p1
 %patch268 -p1
 %patch269 -p1
+%patch270 -p1
 
 %build
 unset LINGUAS || :
@@ -778,6 +778,9 @@
 /sbin/losetup
 
 %changelog
+* Thu Aug  2  2007 Karel Zak <kzak at redhat.com> 2.13-0.53
+- fix #236848 - mount/fstab.c:lock_mtab() should open with proper permissions
+
 * Mon Jul  9  2007 Karel Zak <kzak at redhat.com> 2.13-0.52
 - fix #245578 - login's PAM configuration inits the keyring at an inconvenient time
 - fix #231532 - "pamconsole" not documented in mount(8)




More information about the fedora-extras-commits mailing list