Accepting request 311116 from Base:System

- Allow root to use man command within its home OBS-URL: https://build.opensuse.org/request/show/311116 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/man?expand=0&rev=62
2015-06-09 06:48:17 +00:00 · 2015-06-09 06:48:17 +00:00 · f1a53fb2a2
commit f1a53fb2a2
parent 6b9b806bdd 5d69425291
3 changed files with 18 additions and 2 deletions
--- a/man.changes
+++ b/man.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Jun  8 08:31:52 UTC 2015 - werner@suse.de
+
+- Allow root to use man command within its home 
+
 -------------------------------------------------------------------
 Fri May 29 10:34:37 UTC 2015 - werner@suse.de

--- a/man.spec
+++ b/man.spec
@ -1,7 +1,7 @@
 #
 # spec file for package man
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
--- a/wrapper.c
+++ b/wrapper.c
@ -69,7 +69,6 @@ int main (int argc, char **argv, char *envp[])
 {
 	uid_t ruid, euid;
 	gid_t rgid;
-	struct passwd *pwd;

 	argc = argc; /* not used */

@ -103,6 +102,9 @@ int main (int argc, char **argv, char *envp[])
 	printf ("%s\n", wlp->run);
 #endif
 	if (ruid == 0 || euid == 0) {
+		struct passwd *pwd;
+		char *cwd;
+
 		pwd = getpwnam (wlp->user);
 		if (!pwd) {
 			fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
@ -119,6 +121,10 @@ int main (int argc, char **argv, char *envp[])
 			pwd->pw_gid = rgid;
 #endif
 		}
+		if ((cwd = get_current_dir_name()) == NULL) {
+			fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
+			return -EACCES;
+		}
 		if (setregid (rgid, pwd->pw_gid)) {
 			fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
 			return -EACCES;
@ -131,6 +137,11 @@ int main (int argc, char **argv, char *envp[])
 			fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
 			return -EACCES;
 		}
+		if (access(cwd, X_OK) < 0 && chdir(pwd->pw_dir)) {
+			fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
+			return -EACCES;
+		}
+		free(cwd);
 	}
 	execve (wlp->run, argv, envp);
 	perror ("execve");