From 45199fc963fa12992873be348825cdc0425b5c354d47c41797fbd1e15c9dfa6e Mon Sep 17 00:00:00 2001 From: Aurelien Aptel Date: Tue, 2 Mar 2021 16:10:18 +0000 Subject: [PATCH 1/3] Accepting request 876250 from home:lnussel:usrmove - use new %_pamdir macro to avoid hardcoding pam module path OBS-URL: https://build.opensuse.org/request/show/876250 OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/cifs-utils?expand=0&rev=186 --- cifs-utils.changes | 5 +++++ cifs-utils.spec | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/cifs-utils.changes b/cifs-utils.changes index 8fd829b..9d11569 100644 --- a/cifs-utils.changes +++ b/cifs-utils.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Jan 14 15:34:45 UTC 2021 - Ludwig Nussel + +- use new %_pamdir macro to avoid hardcoding pam module path + ------------------------------------------------------------------- Tue Nov 17 13:42:23 UTC 2020 - Ludwig Nussel diff --git a/cifs-utils.spec b/cifs-utils.spec index a4400d3..c9d05b0 100644 --- a/cifs-utils.spec +++ b/cifs-utils.spec @@ -1,7 +1,7 @@ # # spec file for package cifs-utils # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -143,7 +143,7 @@ autoreconf -i export ROOTSBINDIR="%{_sbindir}" %endif %configure \ - --with-pamdir=/%{_lib}/security + --with-pamdir=%{_pamdir} make %{?_smp_mflags} %install @@ -218,7 +218,7 @@ touch %{buildroot}/%{_sysconfdir}/sysconfig/network/if-{down,up}.d/${script} \ %{_includedir}/cifsidmap.h %files -n pam_cifscreds -/%{_lib}/security/pam_cifscreds.so +/%{_pamdir}/pam_cifscreds.so %{_mandir}/man8/pam_cifscreds.8%{ext_man} %changelog From 6d55323258bf5627783081f4c2a8dc6d3d431e588e30d7ee16c9fa2a66bc1ca0 Mon Sep 17 00:00:00 2001 From: Paulo Alcantara Date: Fri, 5 Mar 2021 14:21:03 +0000 Subject: [PATCH 2/3] Accepting request 877034 from home:lnussel:usrmove add _pamdir compat define OBS-URL: https://build.opensuse.org/request/show/877034 OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/cifs-utils?expand=0&rev=187 --- cifs-utils.spec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cifs-utils.spec b/cifs-utils.spec index c9d05b0..3c3224d 100644 --- a/cifs-utils.spec +++ b/cifs-utils.spec @@ -16,6 +16,10 @@ # +%if %{undefined _pamdir} + %define _pamdir /%{_lib}/security +%endif + Name: cifs-utils Version: 6.9 Release: 0 From 3d7048d5da8012835de7714a50d5f126f071eed54156d0e3ac3765546e5c5d11 Mon Sep 17 00:00:00 2001 From: Paulo Alcantara Date: Fri, 5 Mar 2021 15:46:11 +0000 Subject: [PATCH 3/3] Accepting request 877262 from home:aaptel:cifs-utils-next - Update to cifs-utils 6.12 * remove cifs-utils-6.11.tar.bz2 * remove cifs-utils-6.11.tar.bz2.asc * add cifs-utils-6.12.tar.bz2 * add cifs-utils-6.12.tar.bz2.asc - Remove backports already in 6.12 * remove 0001-cifs-utils-Respect-DESTDIR-when-installing-smb3-stuf.patch * remove 0002-cifs-utils-fix-probabilistic-compiling-error.patch - Refresh Makefile.am install fix * modify fix-sbin-install-error.patch - Hardcode python3 interpreter in shebang of smbinfo instead of /usr/bin/env to let rpm runtime dependency detect it. - Update to cifs-utils 6.11 * remove cifs-utils-6.9.tar.bz2 * remove cifs-utils-6.9.tar.bz2.asc * add cifs-utils-6.11.tar.bz2 * add cifs-utils-6.11.tar.bz2.asc - Remove backports already in 6.11 * remove 0001-smbinfo-Improve-help-usage-and-add-h-option.patch * remove 0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch * remove 0003-getcifsacl-Add-support-to-accept-more-paths.patch * remove 0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch * remove 0005-smbinfo-add-GETCOMPRESSION-support.patch * remove 0006-getcifsacl-Add-support-for-R-recursive-option.patch * remove 0007-smbinfo-add-bash-completion-support-for-getcompressi.patch * remove 0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch * remove 0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch * remove 0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch * remove 0011-fix-doublefree.patch * remove 0012-mount.cifs-Fix-invalid-free.patch * remove 0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch - Add fixes for autoconf and make install issues * add fix-sbin-install-error.patch * add 0001-cifs-utils-Respect-DESTDIR-when-installing-smb3-stuf.patch * add 0002-cifs-utils-fix-probabilistic-compiling-error.patch - Hardcode python3 interpreter in shebang of smb2-quota instead of /usr/bin/env to let rpm runtime dependency detect it. OBS-URL: https://build.opensuse.org/request/show/877262 OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/cifs-utils?expand=0&rev=188 --- ...-Improve-help-usage-and-add-h-option.patch | 106 ---------- ...-bash-completion-support-for-smbinfo.patch | 65 ------- ...acl-Add-support-to-accept-more-paths.patch | 126 ------------ ...sage-message-to-include-multiple-fil.patch | 35 ---- 0005-smbinfo-add-GETCOMPRESSION-support.patch | 100 ---------- ...l-Add-support-for-R-recursive-option.patch | 123 ------------ ...-completion-support-for-getcompressi.patch | 34 ---- ...cifs.c-fix-memory-leaks-in-main-func.patch | 73 ------- ...located-memory-for-new-struct-cifs_n.patch | 27 --- ...l-the-allocated-memory-for-a-new-ACE.patch | 29 --- 0011-fix-doublefree.patch | 78 -------- 0012-mount.cifs-Fix-invalid-free.patch | 77 -------- ...ount.cifs-fix-shell-command-injectio.patch | 183 ------------------ cifs-utils-6.12.tar.bz2 | 3 + cifs-utils-6.12.tar.bz2.asc | 17 ++ cifs-utils-6.9.tar.bz2 | 3 - cifs-utils-6.9.tar.bz2.asc | 17 -- cifs-utils.changes | 45 +++++ cifs-utils.spec | 40 ++-- fix-sbin-install-error.patch | 13 ++ 20 files changed, 92 insertions(+), 1102 deletions(-) delete mode 100644 0001-smbinfo-Improve-help-usage-and-add-h-option.patch delete mode 100644 0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch delete mode 100644 0003-getcifsacl-Add-support-to-accept-more-paths.patch delete mode 100644 0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch delete mode 100644 0005-smbinfo-add-GETCOMPRESSION-support.patch delete mode 100644 0006-getcifsacl-Add-support-for-R-recursive-option.patch delete mode 100644 0007-smbinfo-add-bash-completion-support-for-getcompressi.patch delete mode 100644 0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch delete mode 100644 0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch delete mode 100644 0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch delete mode 100644 0011-fix-doublefree.patch delete mode 100644 0012-mount.cifs-Fix-invalid-free.patch delete mode 100644 0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch create mode 100644 cifs-utils-6.12.tar.bz2 create mode 100644 cifs-utils-6.12.tar.bz2.asc delete mode 100644 cifs-utils-6.9.tar.bz2 delete mode 100644 cifs-utils-6.9.tar.bz2.asc create mode 100644 fix-sbin-install-error.patch diff --git a/0001-smbinfo-Improve-help-usage-and-add-h-option.patch b/0001-smbinfo-Improve-help-usage-and-add-h-option.patch deleted file mode 100644 index 23a657f..0000000 --- a/0001-smbinfo-Improve-help-usage-and-add-h-option.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 12c2f088fa3d666fc5aa48a700e740523d8d2023 Mon Sep 17 00:00:00 2001 -From: Kenneth D'souza -Date: Wed, 17 Apr 2019 15:36:46 +0530 -Subject: [PATCH] smbinfo: Improve help usage and add -h option. - -Call usage only for -h case. This avoids cluttering the screen with long -help output. -As we are adding more options to the utility, the end error is just hidden. -Call short_usage wherever necessary. - -Signed-off-by: Kenneth D'souza ---- - smbinfo.c | 27 ++++++++++++++++++++++----- - smbinfo.rst | 5 ++++- - 2 files changed, 26 insertions(+), 6 deletions(-) - -diff --git a/smbinfo.c b/smbinfo.c -index 4bc503a..6e258c2 100644 ---- a/smbinfo.c -+++ b/smbinfo.c -@@ -64,6 +64,8 @@ usage(char *name) - { - fprintf(stderr, "Usage: %s [-V] \n" - "-V for verbose output\n" -+ "-h display this help text\n" -+ "-v print smbinfo version\n" - "Commands are\n" - " fileaccessinfo:\n" - " Prints FileAccessInfo for a cifs file.\n" -@@ -97,6 +99,14 @@ usage(char *name) - exit(1); - } - -+static void -+short_usage(char *name) -+{ -+ fprintf(stderr, "Usage: %s [-v] [-V] \n" -+ "Try 'smbinfo -h' for more information.\n", name); -+ exit(1); -+} -+ - static void - win_to_timeval(uint64_t smb2_time, struct timeval *tv) - { -@@ -1075,7 +1085,11 @@ int main(int argc, char *argv[]) - int c; - int f; - -- while ((c = getopt_long(argc, argv, "vV", NULL, NULL)) != -1) { -+ if (argc < 2) { -+ short_usage(argv[0]); -+ } -+ -+ while ((c = getopt_long(argc, argv, "vVh", NULL, NULL)) != -1) { - switch (c) { - case 'v': - printf("smbinfo version %s\n", VERSION); -@@ -1083,15 +1097,18 @@ int main(int argc, char *argv[]) - case 'V': - verbose = 1; - break; -- default: -+ case 'h': - usage(argv[0]); -+ break; -+ default: -+ short_usage(argv[0]); - } - } - -- if (optind >= argc - 1) -- usage(argv[0]); -+ if (optind >= argc -1) -+ short_usage(argv[0]); - -- if ((f = open(argv[optind + 1], O_RDONLY)) < 0) { -+ if ((f = open(argv[optind + 1 ], O_RDONLY)) < 0) { - fprintf(stderr, "Failed to open %s\n", argv[optind + 1]); - exit(1); - } -diff --git a/smbinfo.rst b/smbinfo.rst -index 0c96050..be4c829 100644 ---- a/smbinfo.rst -+++ b/smbinfo.rst -@@ -11,7 +11,7 @@ Userspace helper to display SMB-specific file information for the Linux SMB clie - SYNOPSIS - ******** - -- smbinfo [-v] [-V] {command} {file system object} -+ smbinfo [-v] [-h] [-V] {command} {file system object} - - *********** - DESCRIPTION -@@ -38,6 +38,9 @@ OPTIONS - -V - Verbose output. - -+-h -+ Print help explaining the command line options. -+ - ******* - COMMAND - ******* --- -2.16.4 - diff --git a/0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch b/0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch deleted file mode 100644 index b639f87..0000000 --- a/0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch +++ /dev/null @@ -1,65 +0,0 @@ -From dfe497f9f51983147a7caa69f62bb6648ea507ec Mon Sep 17 00:00:00 2001 -From: Kenneth D'souza -Date: Wed, 17 Apr 2019 16:57:05 +0530 -Subject: [PATCH] smbinfo: Add bash completion support for smbinfo. - -This help us better populate options using . - -Signed-off-by: Kenneth D'souza -Signed-off-by: Pavel Shilovsky ---- - bash-completion/smbinfo | 42 ++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 42 insertions(+) - create mode 100644 bash-completion/smbinfo - -diff --git a/bash-completion/smbinfo b/bash-completion/smbinfo -new file mode 100644 -index 0000000..ad5d34d ---- /dev/null -+++ b/bash-completion/smbinfo -@@ -0,0 +1,42 @@ -+# bash completion for smbinfo -*- shell-script -*- -+smb_info() -+{ -+ local cur prev OPTS -+ COMPREPLY=() -+ cur="${COMP_WORDS[COMP_CWORD]}" -+ prev="${COMP_WORDS[COMP_CWORD-1]}" -+ OPTS="fileaccessinfo -+ filealigninfo -+ fileallinfo -+ filebasicinfo -+ fileeainfo -+ filefsfullsizeinfo -+ fileinternalinfo -+ filemodeinfo -+ filepositioninfo -+ filestandardinfo -+ fsctl-getobjid -+ list-snapshots -+ quota -+ secdesc" -+ case $prev in -+ '-v'|'-h') -+ return 0 -+ ;; -+ 'fileaccessinfo'|'filealigninfo'|'fileallinfo'|'filebasicinfo'|'fileeainfo'|'filefsfullsizeinfo'|\ -+ 'fileinternalinfo'|'filemodeinfo'|'filepositioninfo'|'filestandardinfo'|'fsctl-getobjid'|\ -+ 'list-snapshots'|'quota'|'secdesc') -+ local IFS=$'\n' -+ compopt -o filenames -+ COMPREPLY=( $(compgen -f -o dirnames -- ${cur:-""}) ) -+ return 0 -+ ;; -+ '-V'|*'smbinfo') -+ COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) ) -+ return 0 -+ ;; -+ esac -+ -+ return 0 -+} -+complete -F smb_info smbinfo --- -2.16.4 - diff --git a/0003-getcifsacl-Add-support-to-accept-more-paths.patch b/0003-getcifsacl-Add-support-to-accept-more-paths.patch deleted file mode 100644 index 976dcbd..0000000 --- a/0003-getcifsacl-Add-support-to-accept-more-paths.patch +++ /dev/null @@ -1,126 +0,0 @@ -From 9beaa8c3c895ca8460d81fb54a6a0de2bb21a277 Mon Sep 17 00:00:00 2001 -From: Kenneth D'souza -Date: Wed, 17 Apr 2019 22:49:09 +0530 -Subject: [PATCH] getcifsacl: Add support to accept more paths - -Accept more than one path on the getcifsacl command line. - -Signed-off-by: Kenneth D'souza ---- - getcifsacl.c | 80 +++++++++++++++++++++++++++++++++--------------------------- - 1 file changed, 44 insertions(+), 36 deletions(-) - -diff --git a/getcifsacl.c b/getcifsacl.c -index fc78881..556178a 100644 ---- a/getcifsacl.c -+++ b/getcifsacl.c -@@ -340,14 +340,52 @@ getcifsacl_usage(const char *prog) - fprintf(stderr, "\nRefer to getcifsacl(1) manpage for details\n"); - } - -+static void -+getcifsacl(const char *filename, bool raw) -+{ -+ ssize_t attrlen; -+ size_t bufsize = BUFSIZE; -+ char *attrval; -+ int failed = 0; -+cifsacl: -+ if (bufsize >= XATTR_SIZE_MAX) { -+ fprintf(stderr, "buffer to allocate exceeds max size of %d\n", -+ XATTR_SIZE_MAX); -+ exit(1); -+ } -+ -+ attrval = malloc(bufsize * sizeof(char)); -+ if (!attrval) { -+ fprintf(stderr, "error allocating memory for attribute value buffer\n"); -+ exit(1); -+ } -+ -+ attrlen = getxattr(filename, ATTRNAME, attrval, bufsize); -+ if (attrlen == -1) { -+ if (errno == ERANGE) { -+ free(attrval); -+ bufsize += BUFSIZE; -+ goto cifsacl; -+ } else { -+ fprintf(stderr, "Failed to getxattr %s: %s\n", filename, -+ strerror(errno)); -+ failed = -1; -+ } -+ } -+ -+ if (failed == 0) { -+ printf("# filename: %s\n", filename); -+ parse_sec_desc((struct cifs_ntsd *)attrval, attrlen, raw); -+ printf("\n"); -+ } -+ free(attrval); -+} -+ - int - main(const int argc, char *const argv[]) - { - int c, ret = 0; - bool raw = false; -- ssize_t attrlen; -- size_t bufsize = BUFSIZE; -- char *filename, *attrval; - execname = basename(argv[0]); - - if (argc < 2) { -@@ -374,8 +412,7 @@ main(const int argc, char *const argv[]) - printf("you must specify a filename after options.\n"); - printf("Usage: getcifsacl [option] \n"); - goto out; -- } else -- filename = argv[optind]; -+ } - - if (!raw && !plugin_loaded) { - ret = init_plugin(&plugin_handle); -@@ -386,38 +423,9 @@ main(const int argc, char *const argv[]) - plugin_loaded = true; - } - --cifsacl: -- if (bufsize >= XATTR_SIZE_MAX) { -- printf("buffer to allocate exceeds max size of %d\n", -- XATTR_SIZE_MAX); -- ret = -1; -- goto out; -- } -- -- attrval = malloc(bufsize * sizeof(char)); -- if (!attrval) { -- printf("error allocating memory for attribute value buffer\n"); -- ret = -1; -- goto out; -- } -- -- attrlen = getxattr(filename, ATTRNAME, attrval, bufsize); -- if (attrlen == -1) { -- if (errno == ERANGE) { -- free(attrval); -- bufsize += BUFSIZE; -- goto cifsacl; -- } else { -- fprintf(stderr, "getxattr failed on %s: %s\n", filename, strerror(errno) ); -- free(attrval); -- ret = -1; -- goto out; -- } -- } -- -- parse_sec_desc((struct cifs_ntsd *)attrval, attrlen, raw); -+ for(; optind < argc; optind++) -+ getcifsacl(argv[optind], raw); - -- free(attrval); - out: - if (plugin_loaded) - exit_plugin(plugin_handle); --- -2.16.4 - diff --git a/0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch b/0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch deleted file mode 100644 index 6106739..0000000 --- a/0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch +++ /dev/null @@ -1,35 +0,0 @@ -From f2955af017f604003e3c8c3efe0fb0fb85584cea Mon Sep 17 00:00:00 2001 -From: Pavel Shilovsky -Date: Thu, 18 Apr 2019 12:32:02 -0700 -Subject: [PATCH] getcifsacl: Fix usage message to include multiple files - -Signed-off-by: Pavel Shilovsky ---- - getcifsacl.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/getcifsacl.c b/getcifsacl.c -index 556178a..bea81ee 100644 ---- a/getcifsacl.c -+++ b/getcifsacl.c -@@ -330,7 +330,7 @@ getcifsacl_usage(const char *prog) - fprintf(stderr, - "%s: Display CIFS/NTFS ACL in a security descriptor of a file object\n", - prog); -- fprintf(stderr, "Usage: %s [option] \n", prog); -+ fprintf(stderr, "Usage: %s [option] [,,...]\n", prog); - fprintf(stderr, "Valid options:\n"); - fprintf(stderr, "\t-h Display this help text\n"); - fprintf(stderr, "\n"); -@@ -410,7 +410,7 @@ main(const int argc, char *const argv[]) - - if (optind >= argc) { - printf("you must specify a filename after options.\n"); -- printf("Usage: getcifsacl [option] \n"); -+ printf("Usage: getcifsacl [option] [,,...]\n"); - goto out; - } - --- -2.16.4 - diff --git a/0005-smbinfo-add-GETCOMPRESSION-support.patch b/0005-smbinfo-add-GETCOMPRESSION-support.patch deleted file mode 100644 index ab214b9..0000000 --- a/0005-smbinfo-add-GETCOMPRESSION-support.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 1e4fca25948d52fc29410963663f3af72275bcb6 Mon Sep 17 00:00:00 2001 -From: Ronnie Sahlberg -Date: Thu, 11 Apr 2019 12:23:06 +1000 -Subject: [PATCH] smbinfo: add GETCOMPRESSION support - -Signed-off-by: Ronnie Sahlberg ---- - smbinfo.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ - smbinfo.rst | 2 ++ - 2 files changed, 50 insertions(+) - -diff --git a/smbinfo.c b/smbinfo.c -index 6e258c2..b4d497b 100644 ---- a/smbinfo.c -+++ b/smbinfo.c -@@ -89,6 +89,8 @@ usage(char *name) - " Prints FileStandardInfo for a cifs file.\n" - " fsctl-getobjid:\n" - " Prints the objectid of the file and GUID of the underlying volume.\n" -+ " getcompression:\n" -+ " Prints the compression setting for the file.\n" - " list-snapshots:\n" - " List the previous versions of the volume that backs this file.\n" - " quota:\n" -@@ -252,6 +254,50 @@ fsctlgetobjid(int f) - free(qi); - } - -+static void -+print_getcompression(uint8_t *sd) -+{ -+ uint16_t u16; -+ -+ memcpy(&u16, &sd[0], 2); -+ u16 = le16toh(u16); -+ -+ printf("Compression: "); -+ switch (u16) { -+ case 0: -+ printf("(0) NONE\n"); -+ break; -+ case 2: -+ printf("(2) LZNT1\n"); -+ break; -+ default: -+ printf("(%d) UNKNOWN\n", u16); -+ break; -+ } -+} -+ -+static void -+getcompression(int f) -+{ -+ struct smb_query_info *qi; -+ -+ qi = malloc(sizeof(struct smb_query_info) + 2); -+ memset(qi, 0, sizeof(qi) + 2); -+ qi->info_type = 0x9003c; -+ qi->file_info_class = 0; -+ qi->additional_information = 0; -+ qi->input_buffer_length = 2; -+ qi->flags = PASSTHRU_FSCTL; -+ -+ if (ioctl(f, CIFS_QUERY_INFO, qi) < 0) { -+ fprintf(stderr, "ioctl failed with %s\n", strerror(errno)); -+ exit(1); -+ } -+ print_getcompression((uint8_t *)(&qi[1])); -+ -+ free(qi); -+} -+ - static void - print_fileaccessinfo(uint8_t *sd, int type) - { -@@ -1135,6 +1181,8 @@ int main(int argc, char *argv[]) - filestandardinfo(f); - else if (!strcmp(argv[optind], "fsctl-getobjid")) - fsctlgetobjid(f); -+ else if (!strcmp(argv[optind], "getcompression")) -+ getcompression(f); - else if (!strcmp(argv[optind], "list-snapshots")) - list_snapshots(f); - else if (!strcmp(argv[optind], "quota")) -diff --git a/smbinfo.rst b/smbinfo.rst -index be4c829..500ce0e 100644 ---- a/smbinfo.rst -+++ b/smbinfo.rst -@@ -67,6 +67,8 @@ COMMAND - - `fsctl-getobjid`: Prints the ObjectID - -+`getcompression`: Prints the compression setting for the file. -+ - `list-snapshots`: Lists the previous versions of the volume that backs this file - - `quota`: Print the quota for the volume in the form --- -2.16.4 - diff --git a/0006-getcifsacl-Add-support-for-R-recursive-option.patch b/0006-getcifsacl-Add-support-for-R-recursive-option.patch deleted file mode 100644 index 8038679..0000000 --- a/0006-getcifsacl-Add-support-for-R-recursive-option.patch +++ /dev/null @@ -1,123 +0,0 @@ -From 43f389bb3759ea49efb705acd2d314fd91a7bc57 Mon Sep 17 00:00:00 2001 -From: Kenneth D'souza -Date: Mon, 22 Apr 2019 11:23:41 +0530 -Subject: [PATCH] getcifsacl: Add support for -R(recursive) option. - -Add support for -R option so we can list the ACLs of all files and -directories recursively. - -Signed-off-by: Kenneth D'souza ---- - getcifsacl.c | 32 +++++++++++++++++++++++++++----- - getcifsacl.rst.in | 3 +++ - 2 files changed, 30 insertions(+), 5 deletions(-) - -diff --git a/getcifsacl.c b/getcifsacl.c -index bea81ee..d58b769 100644 ---- a/getcifsacl.c -+++ b/getcifsacl.c -@@ -37,10 +37,12 @@ - #include - #include "cifsacl.h" - #include "idmap_plugin.h" -+#include - - static void *plugin_handle; - static bool plugin_loaded; - static char *execname; -+static bool raw = false; - - static void - print_each_ace_mask(uint32_t mask) -@@ -336,12 +338,14 @@ getcifsacl_usage(const char *prog) - fprintf(stderr, "\n"); - fprintf(stderr, "\t-v Version of the program\n"); - fprintf(stderr, "\n"); -+ fprintf(stderr, "\t-R recurse into subdirectories\n"); -+ fprintf(stderr, "\n"); - fprintf(stderr, "\t-r Display raw values of the ACE fields\n"); - fprintf(stderr, "\nRefer to getcifsacl(1) manpage for details\n"); - } - - static void --getcifsacl(const char *filename, bool raw) -+getcifsacl(const char *filename) - { - ssize_t attrlen; - size_t bufsize = BUFSIZE; -@@ -381,12 +385,21 @@ cifsacl: - free(attrval); - } - -+static int recursive(const char *filename, const struct stat *sb, int tflag, struct FTW *ftwbuf) -+{ -+ (void)sb; -+ (void)tflag; -+ (void)ftwbuf; -+ getcifsacl(filename); -+ return 0; -+} -+ - int - main(const int argc, char *const argv[]) - { - int c, ret = 0; -- bool raw = false; - execname = basename(argv[0]); -+ int do_recursive = 0; - - if (argc < 2) { - fprintf(stderr, "%s: you must specify a filename.\n", execname); -@@ -394,7 +407,7 @@ main(const int argc, char *const argv[]) - goto out; - } - -- while ((c = getopt_long(argc, argv, "rhv", NULL, NULL)) != -1) { -+ while ((c = getopt_long(argc, argv, "Rrhv", NULL, NULL)) != -1) { - switch (c) { - case 'v': - printf("Version: %s\n", VERSION); -@@ -402,6 +415,9 @@ main(const int argc, char *const argv[]) - case 'r': - raw = true; - break; -+ case 'R': -+ do_recursive = 1; -+ break; - default: - getcifsacl_usage(execname); - goto out; -@@ -423,8 +439,14 @@ main(const int argc, char *const argv[]) - plugin_loaded = true; - } - -- for(; optind < argc; optind++) -- getcifsacl(argv[optind], raw); -+ for(; optind < argc; optind++) { -+ if(do_recursive) { -+ if (nftw(argv[optind], recursive, 20, 0) == -1) -+ fprintf(stderr, "Invalid filename %s: %s\n", argv[optind], strerror(errno)); -+ } -+ else -+ getcifsacl(argv[optind]); -+ } - - out: - if (plugin_loaded) -diff --git a/getcifsacl.rst.in b/getcifsacl.rst.in -index 21a10cd..ffde968 100644 ---- a/getcifsacl.rst.in -+++ b/getcifsacl.rst.in -@@ -43,6 +43,9 @@ OPTIONS - flags are displayed in hexadecimal format, a SID is not mapped to a - name. - -+-R -+ List the ACLs of all files and directories recursively. -+ - ***** - NOTES - ***** --- -2.16.4 - diff --git a/0007-smbinfo-add-bash-completion-support-for-getcompressi.patch b/0007-smbinfo-add-bash-completion-support-for-getcompressi.patch deleted file mode 100644 index 28bd999..0000000 --- a/0007-smbinfo-add-bash-completion-support-for-getcompressi.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 13c370424575d864544bfb4535832dfcffa91e82 Mon Sep 17 00:00:00 2001 -From: Pavel Shilovsky -Date: Tue, 7 May 2019 15:52:30 -0700 -Subject: [PATCH] smbinfo: add bash completion support for getcompression - -Signed-off-by: Pavel Shilovsky ---- - bash-completion/smbinfo | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/bash-completion/smbinfo b/bash-completion/smbinfo -index ad5d34d..282db55 100644 ---- a/bash-completion/smbinfo -+++ b/bash-completion/smbinfo -@@ -16,6 +16,7 @@ smb_info() - filepositioninfo - filestandardinfo - fsctl-getobjid -+ getcompression - list-snapshots - quota - secdesc" -@@ -25,7 +26,7 @@ smb_info() - ;; - 'fileaccessinfo'|'filealigninfo'|'fileallinfo'|'filebasicinfo'|'fileeainfo'|'filefsfullsizeinfo'|\ - 'fileinternalinfo'|'filemodeinfo'|'filepositioninfo'|'filestandardinfo'|'fsctl-getobjid'|\ -- 'list-snapshots'|'quota'|'secdesc') -+ 'getcompression'|'list-snapshots'|'quota'|'secdesc') - local IFS=$'\n' - compopt -o filenames - COMPREPLY=( $(compgen -f -o dirnames -- ${cur:-""}) ) --- -2.16.4 - diff --git a/0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch b/0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch deleted file mode 100644 index 35e753f..0000000 --- a/0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch +++ /dev/null @@ -1,73 +0,0 @@ -From bf7f48f4c7dcee623bd92b2e7a6ffd97a64a1138 Mon Sep 17 00:00:00 2001 -From: Jiawen Liu -Date: Tue, 6 Aug 2019 10:35:29 +0800 -Subject: [PATCH] mount.cifs.c: fix memory leaks in main func -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -In mount.cifs module, orgoptions and mountpoint in the main func -point to the memory allocated by func realpath and strndup respectively. -However, they are not freed before the main func returns so that the -memory leaks occurred. - -The memory leak problem is reported by LeakSanitizer tool. -LeakSanitizer url: "https://github.com/google/sanitizers" - -Here I free the pointers orgoptions and mountpoint before main -func returns. - -Fixes:7549ad5e7126 ("memory leaks: caused by func realpath and strndup") -Signed-off-by: Jiawen Liu -Reported-by: Jin Du -Reviewed-by: Saisai Zhang -Reviewed-by: Aurélien Aptel ---- - mount.cifs.c | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index b3235e4..7748d54 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -1942,6 +1942,9 @@ restore_privs: - gid_t __attribute__((unused)) gignore = setfsgid(oldfsgid); - } - -+ if (rc) { -+ free(*mountpointp); -+ } - return rc; - } - -@@ -2044,8 +2047,10 @@ int main(int argc, char **argv) - - /* chdir into mountpoint as soon as possible */ - rc = acquire_mountpoint(&mountpoint); -- if (rc) -+ if (rc) { -+ free(orgoptions); - return rc; -+ } - - /* - * mount.cifs does privilege separation. Most of the code to handle -@@ -2064,6 +2069,8 @@ int main(int argc, char **argv) - /* child */ - rc = assemble_mountinfo(parsed_info, thisprogram, mountpoint, - orig_dev, orgoptions); -+ free(orgoptions); -+ free(mountpoint); - return rc; - } else { - /* parent */ -@@ -2209,5 +2216,6 @@ mount_exit: - } - free(options); - free(orgoptions); -+ free(mountpoint); - return rc; - } --- -2.16.4 - diff --git a/0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch b/0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch deleted file mode 100644 index 25b22ad..0000000 --- a/0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 5a468f3dcbea4bfbc380a3f86466b8e33bc40570 Mon Sep 17 00:00:00 2001 -From: misku -Date: Wed, 31 Jul 2019 13:12:24 +0200 -Subject: [PATCH] Zero fill the allocated memory for new `struct cifs_ntsd` - -Fixes a bug where `sacloffset` may not be set at all later on and therefore it -can contain the original memory contents == trash. ---- - setcifsacl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/setcifsacl.c b/setcifsacl.c -index da1d742..f3d0189 100644 ---- a/setcifsacl.c -+++ b/setcifsacl.c -@@ -206,7 +206,7 @@ alloc_sec_desc(struct cifs_ntsd *pntsd, struct cifs_ntsd **npntsd, - acessize = aces * sizeof(struct cifs_ace); - bufsize = size + acessize; - -- *npntsd = malloc(bufsize); -+ *npntsd = calloc(1, bufsize); - if (!*npntsd) { - printf("%s: Memory allocation failure", __func__); - return errno; --- -2.16.4 - diff --git a/0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch b/0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch deleted file mode 100644 index d41bced..0000000 --- a/0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch +++ /dev/null @@ -1,29 +0,0 @@ -From cb3dc2fe88f6179011acbafaaed025c5bdc96131 Mon Sep 17 00:00:00 2001 -From: misku -Date: Wed, 31 Jul 2019 13:11:18 +0200 -Subject: [PATCH] Zero fill the allocated memory for a new ACE - -Fixes a bug inside a call to `verify_ace_flag`. When a flag string (char*) -passed as a first parameter is "0x0", the final flag value (the second -parameter - the value of a pointer to uint8_t) is not modified at all -and contains the original memory contents == trash. ---- - setcifsacl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/setcifsacl.c b/setcifsacl.c -index 1b98c37..da1d742 100644 ---- a/setcifsacl.c -+++ b/setcifsacl.c -@@ -672,7 +672,7 @@ build_cmdline_aces(char **arrptr, int numcaces) - goto build_cmdline_aces_ret; - } - -- cacesptr[i] = malloc(sizeof(struct cifs_ace)); -+ cacesptr[i] = calloc(1, sizeof(struct cifs_ace)); - if (!cacesptr[i]) { - printf("%s: ACE alloc error %d\n", __func__, errno); - goto build_cmdline_aces_ret; --- -2.16.4 - diff --git a/0011-fix-doublefree.patch b/0011-fix-doublefree.patch deleted file mode 100644 index 72379a8..0000000 --- a/0011-fix-doublefree.patch +++ /dev/null @@ -1,78 +0,0 @@ -From paulo@paulo.ac Thu Sep 5 18:49:35 2019 -From: " Paulo Alcantara (SUSE) " -To: ,, - -Cc: "Aurelien Aptel" -Subject: [PATCH] mount.cifs: Fix double-free issue when mounting with setuid root -Date: Thu, 5 Sep 2019 15:49:35 -0300 -Message-Id: <20190905184935.30694-1-paulo@paulo.ac> -Content-Transfer-Encoding: 8bit -Content-Type: text/plain -MIME-Version: 1.0 - -It can be easily reproduced with the following: - - # chmod +s `which mount.cifs` - # echo "//localhost/share /mnt cifs \ - users,username=foo,password=XXXX" >> /etc/fstab - # su - foo - $ mount /mnt - free(): double free detected in tcache 2 - Child process terminated abnormally. - -The problem was that check_fstab() already freed orgoptions pointer -and then we freed it again in main() function. - -Fixes: bf7f48f4c7dc ("mount.cifs.c: fix memory leaks in main func") -Signed-off-by: Paulo Alcantara (SUSE) ---- - mount.cifs.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index 7748d54aa814..2116fc803311 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -247,7 +247,6 @@ check_fstab(const char *progname, const char *mountpoint, const char *devname, - * set of options. We don't want to trust what the user - * gave us, so just take whatever is in /etc/fstab. - */ -- free(*options); - *options = strdup(mnt->mnt_opts); - return 0; - } -@@ -1762,6 +1761,7 @@ assemble_mountinfo(struct parsed_mount_info *parsed_info, - const char *orig_dev, char *orgoptions) - { - int rc; -+ char *newopts = NULL; - - rc = drop_capabilities(0); - if (rc) -@@ -1773,10 +1773,11 @@ assemble_mountinfo(struct parsed_mount_info *parsed_info, - - if (getuid()) { - rc = check_fstab(thisprogram, mountpoint, orig_dev, -- &orgoptions); -+ &newopts); - if (rc) - goto assemble_exit; - -+ orgoptions = newopts; - /* enable any default user mount flags */ - parsed_info->flags |= CIFS_SETUID_FLAGS; - } -@@ -1880,6 +1881,7 @@ assemble_mountinfo(struct parsed_mount_info *parsed_info, - } - - assemble_exit: -+ free(newopts); - return rc; - } - --- -2.23.0 - - - - diff --git a/0012-mount.cifs-Fix-invalid-free.patch b/0012-mount.cifs-Fix-invalid-free.patch deleted file mode 100644 index f40990e..0000000 --- a/0012-mount.cifs-Fix-invalid-free.patch +++ /dev/null @@ -1,77 +0,0 @@ -From d48a8d61c07e3841ffd71f3aafa5db28dd35b6a7 Mon Sep 17 00:00:00 2001 -From: "Paulo Alcantara (SUSE)" -Date: Thu, 19 Sep 2019 08:35:47 -0300 -Subject: [PATCH] mount.cifs: Fix invalid free - -When attemping to chdir into non-existing directories, mount.cifs -crashes. - -This patch fixes the following ASAN report: - -$ ./mount.cifs //localhost/foo /mnt/invalid-dir -o ... -/mnt/bar -o username=foo,password=foo,vers=1.0 -Couldn't chdir to /mnt/bar: No such file or directory -================================================================= -==11846==ERROR: AddressSanitizer: attempting free on address which was -not malloc()-ed: 0x7ffd86332e97 in thread T0 - #0 0x7f0860ca01e7 in - __interceptor_free (/usr/lib64/libasan.so.5+0x10a1e7) - #1 0x557edece9ccb in - acquire_mountpoint (/home/paulo/src/cifs-utils/mount.cifs+0xeccb) - #2 0x557edecea63d in - main (/home/paulo/src/cifs-utils/mount.cifs+0xf63d) - #3 0x7f08609f0bca in __libc_start_main (/lib64/libc.so.6+0x26bca) - #4 0x557edece27d9 in - _start (/home/paulo/src/cifs-utils/mount.cifs+0x77d9) - -Address 0x7ffd86332e97 is located in stack of thread T0 at offset 8951 -in frame - #0 0x557edece9ce0 in - main (/home/paulo/src/cifs-utils/mount.cifs+0xece0) - - This frame has 2 object(s): - [48, 52) 'rc' (line 1959) - [64, 72) 'mountpoint' (line 1955) <== Memory access at offset 8951 - overflows this variable -HINT: this may be a false positive if your program uses some custom -stack unwind mechanism, swapcontext or vfork - (longjmp and C++ exceptions *are* supported) -SUMMARY: AddressSanitizer: bad-free (/usr/lib64/libasan.so.5+0x10a1e7) -in __interceptor_free -==11846==ABORTING - -Fixes: bf7f48f4c7dc ("mount.cifs.c: fix memory leaks in main func") -Signed-off-by: Paulo Alcantara (SUSE) ---- - mount.cifs.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index 7748d54aa814..0c38adcd99b1 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -1893,7 +1893,7 @@ acquire_mountpoint(char **mountpointp) - int rc, dacrc; - uid_t realuid, oldfsuid; - gid_t oldfsgid; -- char *mountpoint; -+ char *mountpoint = NULL; - - /* - * Acquire the necessary privileges to chdir to the mountpoint. If -@@ -1942,9 +1942,9 @@ restore_privs: - gid_t __attribute__((unused)) gignore = setfsgid(oldfsgid); - } - -- if (rc) { -- free(*mountpointp); -- } -+ if (rc) -+ free(mountpoint); -+ - return rc; - } - --- -2.23.0 - diff --git a/0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch b/0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch deleted file mode 100644 index 2d6100a..0000000 --- a/0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch +++ /dev/null @@ -1,183 +0,0 @@ -From 610ea2412e2f31fbf3e662bf7dfadf7d73ce2934 Mon Sep 17 00:00:00 2001 -From: Aurelien Aptel -Date: Mon, 27 Jul 2020 10:34:44 +0200 -Subject: [PATCH] CVE-2020-14342: mount.cifs: fix shell command injection - -A bug has been reported recently for the mount.cifs utility which is -part of the cifs-utils package. The tool has a shell injection issue -where one can embed shell commands via the username mount option. Those -commands will be run via popen() in the context of the user calling -mount. - -The bug requires cifs-utils to be built with --with-systemd (enabled -by default if supported). - -A quick test to check if the mount.cifs binary is vulnerable is to look -for popen() calls like so: - - $ nm mount.cifs | grep popen - U popen@@GLIBC_2.2.5 - -If the user is allowed to run mount.cifs via sudo, he can obtain a root -shell. - - sudo mount.cifs -o username='`sh`' //1 /mnt - -If mount.cifs has the setuid bit, the command will still be run as the -calling user (no privilege escalation). - -The bug was introduced in June 2012 with commit 4e264031d0da7d3f2 -("mount.cifs: Use systemd's mechanism for getting password, if -present."). - -Affected versions: - cifs-utils-5.6 - cifs-utils-5.7 - cifs-utils-5.8 - cifs-utils-5.9 - cifs-utils-6.0 - cifs-utils-6.1 - cifs-utils-6.2 - cifs-utils-6.3 - cifs-utils-6.4 - cifs-utils-6.5 - cifs-utils-6.6 - cifs-utils-6.7 - cifs-utils-6.8 - cifs-utils-6.9 - cifs-utils-6.10 - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=14442 -Reported-by: Vadim Lebedev - -Signed-off-by: Paulo Alcantara (SUSE) -Signed-off-by: Aurelien Aptel ---- - mount.cifs.c | 96 ++++++++++++++++++++++++++++++++++++++++------------ - 1 file changed, 75 insertions(+), 21 deletions(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index 40918c1..4feb397 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -1695,6 +1695,73 @@ drop_child_privs(void) - return 0; - } - -+#ifdef ENABLE_SYSTEMD -+static int get_passwd_by_systemd(const char *prompt, char *input, int capacity) -+{ -+ int fd[2]; -+ pid_t pid; -+ int offs = 0; -+ int rc = 1; -+ -+ if (pipe(fd) == -1) { -+ fprintf(stderr, "Failed to create pipe: %s\n", strerror(errno)); -+ return 1; -+ } -+ -+ pid = fork(); -+ if (pid == -1) { -+ fprintf(stderr, "Unable to fork: %s\n", strerror(errno)); -+ close(fd[0]); -+ close(fd[1]); -+ return 1; -+ } -+ if (pid == 0) { -+ close(fd[0]); -+ dup2(fd[1], STDOUT_FILENO); -+ if (execlp("systemd-ask-password", "systemd-ask-password", prompt, NULL) == -1) { -+ fprintf(stderr, "Failed to execute systemd-ask-password: %s\n", -+ strerror(errno)); -+ } -+ exit(1); -+ } -+ -+ close(fd[1]); -+ for (;;) { -+ if (offs+1 >= capacity) { -+ fprintf(stderr, "Password too long.\n"); -+ kill(pid, SIGTERM); -+ rc = 1; -+ break; -+ } -+ rc = read(fd[0], input + offs, capacity - offs); -+ if (rc == -1) { -+ fprintf(stderr, "Failed to read from pipe: %s\n", strerror(errno)); -+ rc = 1; -+ break; -+ } -+ if (!rc) -+ break; -+ offs += rc; -+ input[offs] = '\0'; -+ } -+ if (wait(&rc) == -1) { -+ fprintf(stderr, "Failed to wait child: %s\n", strerror(errno)); -+ rc = 1; -+ goto out; -+ } -+ if (!WIFEXITED(rc) || WEXITSTATUS(rc)) { -+ rc = 1; -+ goto out; -+ } -+ -+ rc = 0; -+ -+out: -+ close(fd[0]); -+ return rc; -+} -+#endif -+ - /* - * If systemd is running and systemd-ask-password -- - * is available, then use that else fallback on getpass(..) -@@ -1708,35 +1775,22 @@ get_password(const char *prompt, char *input, int capacity) - int is_systemd_running; - struct stat a, b; - -+ memset(input, 0, capacity); -+ - /* We simply test whether the systemd cgroup hierarchy is - * mounted */ - is_systemd_running = (lstat("/sys/fs/cgroup", &a) == 0) - && (lstat("/sys/fs/cgroup/systemd", &b) == 0) - && (a.st_dev != b.st_dev); - -- if (is_systemd_running) { -- char *cmd, *ret; -- FILE *ask_pass_fp = NULL; -- -- cmd = ret = NULL; -- if (asprintf(&cmd, "systemd-ask-password \"%s\"", prompt) >= 0) { -- ask_pass_fp = popen (cmd, "re"); -- free (cmd); -- } -- -- if (ask_pass_fp) { -- ret = fgets(input, capacity, ask_pass_fp); -- pclose(ask_pass_fp); -- } -- -- if (ret) { -- int len = strlen(input); -- if (input[len - 1] == '\n') -- input[len - 1] = '\0'; -- return input; -- } -+ if (is_systemd_running && !get_passwd_by_systemd(prompt, input, capacity)) { -+ int len = strlen(input); -+ if (input[len - 1] == '\n') -+ input[len - 1] = '\0'; -+ return input; - } - #endif -+ memset(input, 0, capacity); - - /* - * Falling back to getpass(..) --- -2.27.0 - diff --git a/cifs-utils-6.12.tar.bz2 b/cifs-utils-6.12.tar.bz2 new file mode 100644 index 0000000..446187a --- /dev/null +++ b/cifs-utils-6.12.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:922ddcc3059922e80789312c386b9c569991b4350d3ae3099de3e4b82f3885ef +size 413393 diff --git a/cifs-utils-6.12.tar.bz2.asc b/cifs-utils-6.12.tar.bz2.asc new file mode 100644 index 0000000..ce15133 --- /dev/null +++ b/cifs-utils-6.12.tar.bz2.asc @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAABCAAGBQJf7h0CAAoJEN9bqdMGQtWg7GUP/j0ls0bLmbu8vLkUIzMNkCF3 +VpR8E90uH6oVaqgzmCN4sQOUjR6mr6OClugfp198sfuEQOSF+7Al88Yn/wlVwSPM +a//lqbfqt0oQW9YbdaxTHsLXAh7D/0WZQaN7fTgVMiqivy5i/ePykpBpq7druVgB +iI71383V4GBgOGlyTmmZKwLgXzg2EF5OV8S10PO8cOmoKzQNkIllGM0wdOfO06zq +Y6kRjU/JEip8aV4Wiv9Y37TfByQJVNBEAscOX6XODTaIGOjbl+INcnfzDyvQS28a +0p8QHQk02lNhOiuWIppbW1lIHAvkEWTrrguULj7ZbBfYNkmPwdzUHmLipYUaPzh+ +VPqRRz83DA4ydGNYQHNbGmZN5mml7+/d673Jj3YzbHFuyHBktgSJznBPhiSJfIC0 +2oPiKy5NbIi7iAWHx6A/tXYYZ6Zq6F3cig+aAt+HK4BkYQZhFqKuT1Yi74W0wXYu +97euqf2OV/ephMMdj5Cuy6CgSSvWW+p8Ysz6UqeF3sE5M4VyfQeXLbJz3p7MCF2+ +PxiqUhS97HR/P3Wuo4I+W09mUE+vom8dEOGUKRDqqro9qhdhwfKUMFMoKHPL22sG +MnrMHYl5e5E+/8OIexRe79TT2R3sWGwCfaN+BZ1CZwkPftl8OBS1yf1jn6RZNdCT +R0qOv4DIo0BD62jpjZWq +=AHIm +-----END PGP SIGNATURE----- diff --git a/cifs-utils-6.9.tar.bz2 b/cifs-utils-6.9.tar.bz2 deleted file mode 100644 index 2837b18..0000000 --- a/cifs-utils-6.9.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:18d8f1bf92c13c4d611502dbd6759e3a766ddc8467ec8a2eda3f589e40b9ac9c -size 400430 diff --git a/cifs-utils-6.9.tar.bz2.asc b/cifs-utils-6.9.tar.bz2.asc deleted file mode 100644 index 44b2d92..0000000 --- a/cifs-utils-6.9.tar.bz2.asc +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2 - -iQIcBAABCAAGBQJcp5M4AAoJEN9bqdMGQtWgCs8P/i5KHJSpV07TCiBXIq6mdQL5 -WiUVGMuYrRpyRxg9+HbM+3I6G9OZX9OJvn9/+0Ph30fWgbspa2M+4P2K1DDS+vAF -fOkdKMHKm+/gosCI5Ys45bgtKfjmlXoT0FPHQaIZv9MrX8dJwKoVxcGpb85J1H/H -rnxFPJ+Pm6UEXnJH+ejCdACTPSFtiE4UJ/vZhlIXX1BY5qKZJes3TEjeEJxKIIWi -hRgO1yDyHRt5wDmvG0gQZAazM5pgCXKro1osYmCY545TYGOWirlciRCdxZtwlvhR -6f92XuLhEMrcIIHXLVD/F3hffHaoXtggzOWkekh6yHT6zA0CNn8x+mqn8dVimE1H -YWbKX2b3ezJqcXAL4eY1r4jlAPoinNpOaJ7NIza2ZTAhH8mf5WITA9vnwB4VAp0A -vfAVliN0TgzRk7lDuP/pe41jrTEgQ6QqgyEq5g6WdEMyoIAu3AhBGTUXxlTI4qrq -wWeRf7tdntEdMcbQlV7oLsB7yK3A7t1UwG9uacG7l6EUpezT0ljN9po8Sydnvv7Q -OXhIUJgXHWlKdDavHAurnCAVD2fw3t++J0lzYXjdQV0D3xs743Y0cO1hDRkTZ+7i -gyg9/xkC7yHILSQKDfICJClrQ1Kot34FXnwnrRbneKnvlrzQz38h2jeTTlha1jsL -xGzoIqfXZnPcwgTCAL3M -=1TCn ------END PGP SIGNATURE----- diff --git a/cifs-utils.changes b/cifs-utils.changes index 9d11569..a112c90 100644 --- a/cifs-utils.changes +++ b/cifs-utils.changes @@ -1,8 +1,53 @@ +------------------------------------------------------------------- +Tue Feb 23 12:15:39 UTC 2021 - Aurelien Aptel + +- Update to cifs-utils 6.12 + * remove cifs-utils-6.11.tar.bz2 + * remove cifs-utils-6.11.tar.bz2.asc + * add cifs-utils-6.12.tar.bz2 + * add cifs-utils-6.12.tar.bz2.asc +- Remove backports already in 6.12 + * remove 0001-cifs-utils-Respect-DESTDIR-when-installing-smb3-stuf.patch + * remove 0002-cifs-utils-fix-probabilistic-compiling-error.patch +- Refresh Makefile.am install fix + * modify fix-sbin-install-error.patch +- Hardcode python3 interpreter in shebang of smbinfo instead of + /usr/bin/env to let rpm runtime dependency detect it. + ------------------------------------------------------------------- Thu Jan 14 15:34:45 UTC 2021 - Ludwig Nussel - use new %_pamdir macro to avoid hardcoding pam module path +------------------------------------------------------------------- +Fri Dec 11 18:00:50 UTC 2020 - Aurelien Aptel + +- Update to cifs-utils 6.11 + * remove cifs-utils-6.9.tar.bz2 + * remove cifs-utils-6.9.tar.bz2.asc + * add cifs-utils-6.11.tar.bz2 + * add cifs-utils-6.11.tar.bz2.asc +- Remove backports already in 6.11 + * remove 0001-smbinfo-Improve-help-usage-and-add-h-option.patch + * remove 0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch + * remove 0003-getcifsacl-Add-support-to-accept-more-paths.patch + * remove 0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch + * remove 0005-smbinfo-add-GETCOMPRESSION-support.patch + * remove 0006-getcifsacl-Add-support-for-R-recursive-option.patch + * remove 0007-smbinfo-add-bash-completion-support-for-getcompressi.patch + * remove 0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch + * remove 0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch + * remove 0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch + * remove 0011-fix-doublefree.patch + * remove 0012-mount.cifs-Fix-invalid-free.patch + * remove 0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch +- Add fixes for autoconf and make install issues + * add fix-sbin-install-error.patch + * add 0001-cifs-utils-Respect-DESTDIR-when-installing-smb3-stuf.patch + * add 0002-cifs-utils-fix-probabilistic-compiling-error.patch +- Hardcode python3 interpreter in shebang of smb2-quota instead of + /usr/bin/env to let rpm runtime dependency detect it. + ------------------------------------------------------------------- Tue Nov 17 13:42:23 UTC 2020 - Ludwig Nussel diff --git a/cifs-utils.spec b/cifs-utils.spec index 3c3224d..2c8199d 100644 --- a/cifs-utils.spec +++ b/cifs-utils.spec @@ -21,7 +21,7 @@ %endif Name: cifs-utils -Version: 6.9 +Version: 6.12 Release: 0 Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem License: GPL-3.0-or-later @@ -36,19 +36,7 @@ Source6: cifs-utils.keyring Source100: README.cifstab.migration Source1: cifs.init -Patch0: 0001-smbinfo-Improve-help-usage-and-add-h-option.patch -Patch1: 0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch -Patch2: 0003-getcifsacl-Add-support-to-accept-more-paths.patch -Patch3: 0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch -Patch4: 0005-smbinfo-add-GETCOMPRESSION-support.patch -Patch5: 0006-getcifsacl-Add-support-for-R-recursive-option.patch -Patch6: 0007-smbinfo-add-bash-completion-support-for-getcompressi.patch -Patch7: 0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch -Patch8: 0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch -Patch9: 0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch -Patch10: 0011-fix-doublefree.patch -Patch11: 0012-mount.cifs-Fix-invalid-free.patch -Patch12: 0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch +Patch1: fix-sbin-install-error.patch # cifs-utils 6.8 switched to python for man page generation # we need to require either py2 or py3 package @@ -125,19 +113,14 @@ provide these credentials to the kernel automatically at login. %prep %setup -q cp -a ${RPM_SOURCE_DIR}/README.cifstab.migration . -%patch0 -p1 +pyscripts="smb2-quota smbinfo" +for i in $pyscripts; do + if [ -e $i ]; then + sed -i 's,^#!/usr/bin/env python.*$,#!/usr/bin/python3,' $i + fi +done + %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 %build export CFLAGS="%{optflags} -D_GNU_SOURCE -fpie" @@ -184,8 +167,10 @@ touch %{buildroot}/%{_sysconfdir}/sysconfig/network/if-{down,up}.d/${script} \ %files %if 0%{?usrmerged} %{_sbindir}/mount.cifs +%{_sbindir}/mount.smb3 %else /sbin/mount.cifs +/sbin/mount.smb3 %endif %{_bindir}/getcifsacl %{_bindir}/setcifsacl @@ -196,10 +181,13 @@ touch %{buildroot}/%{_sysconfdir}/sysconfig/network/if-{down,up}.d/${script} \ %{_bindir}/cifscreds %{_sbindir}/cifs.upcall %{_bindir}/smbinfo +%{_bindir}/smb2-quota %{_mandir}/man1/cifscreds.1%{ext_man} %{_mandir}/man1/smbinfo.1%{ext_man} +%{_mandir}/man1/smb2-quota.1%{ext_man} %{_mandir}/man8/cifs.upcall.8%{ext_man} %{_mandir}/man8/mount.cifs.8%{ext_man} +%{_mandir}/man8/mount.smb3.8%{ext_man} %dir %{_sysconfdir}/request-key.d %config(noreplace) %{_sysconfdir}/request-key.d/cifs.idmap.conf %config(noreplace) %{_sysconfdir}/request-key.d/cifs.spnego.conf diff --git a/fix-sbin-install-error.patch b/fix-sbin-install-error.patch new file mode 100644 index 0000000..9cdf414 --- /dev/null +++ b/fix-sbin-install-error.patch @@ -0,0 +1,13 @@ +Index: cifs-utils-6.12/Makefile.am +=================================================================== +--- cifs-utils-6.12.orig/Makefile.am ++++ cifs-utils-6.12/Makefile.am +@@ -118,7 +118,7 @@ endif + SUBDIRS = contrib + + install-exec-hook: install-sbinPROGRAMS +- (cd $(DESTDIR)$(ROOTSBINDIR) && ln -sf mount.cifs mount.smb3) ++ (mkdir -p $(DESTDIR)$(ROOTSBINDIR) && cd $(DESTDIR)$(ROOTSBINDIR) && ln -sf mount.cifs mount.smb3) + + install-data-hook: + if CONFIG_MAN