Accepting request 311116 from Base:System
- Allow root to use man command within its home OBS-URL: https://build.opensuse.org/request/show/311116 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/man?expand=0&rev=62
This commit is contained in:
commit
f1a53fb2a2
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jun 8 08:31:52 UTC 2015 - werner@suse.de
|
||||||
|
|
||||||
|
- Allow root to use man command within its home
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri May 29 10:34:37 UTC 2015 - werner@suse.de
|
Fri May 29 10:34:37 UTC 2015 - werner@suse.de
|
||||||
|
|
||||||
|
2
man.spec
2
man.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package man
|
# spec file for package man
|
||||||
#
|
#
|
||||||
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
|
13
wrapper.c
13
wrapper.c
@ -69,7 +69,6 @@ int main (int argc, char **argv, char *envp[])
|
|||||||
{
|
{
|
||||||
uid_t ruid, euid;
|
uid_t ruid, euid;
|
||||||
gid_t rgid;
|
gid_t rgid;
|
||||||
struct passwd *pwd;
|
|
||||||
|
|
||||||
argc = argc; /* not used */
|
argc = argc; /* not used */
|
||||||
|
|
||||||
@ -103,6 +102,9 @@ int main (int argc, char **argv, char *envp[])
|
|||||||
printf ("%s\n", wlp->run);
|
printf ("%s\n", wlp->run);
|
||||||
#endif
|
#endif
|
||||||
if (ruid == 0 || euid == 0) {
|
if (ruid == 0 || euid == 0) {
|
||||||
|
struct passwd *pwd;
|
||||||
|
char *cwd;
|
||||||
|
|
||||||
pwd = getpwnam (wlp->user);
|
pwd = getpwnam (wlp->user);
|
||||||
if (!pwd) {
|
if (!pwd) {
|
||||||
fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
|
fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
|
||||||
@ -119,6 +121,10 @@ int main (int argc, char **argv, char *envp[])
|
|||||||
pwd->pw_gid = rgid;
|
pwd->pw_gid = rgid;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
if ((cwd = get_current_dir_name()) == NULL) {
|
||||||
|
fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
|
||||||
|
return -EACCES;
|
||||||
|
}
|
||||||
if (setregid (rgid, pwd->pw_gid)) {
|
if (setregid (rgid, pwd->pw_gid)) {
|
||||||
fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
|
fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
|
||||||
return -EACCES;
|
return -EACCES;
|
||||||
@ -131,6 +137,11 @@ int main (int argc, char **argv, char *envp[])
|
|||||||
fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
|
fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
|
||||||
return -EACCES;
|
return -EACCES;
|
||||||
}
|
}
|
||||||
|
if (access(cwd, X_OK) < 0 && chdir(pwd->pw_dir)) {
|
||||||
|
fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user);
|
||||||
|
return -EACCES;
|
||||||
|
}
|
||||||
|
free(cwd);
|
||||||
}
|
}
|
||||||
execve (wlp->run, argv, envp);
|
execve (wlp->run, argv, envp);
|
||||||
perror ("execve");
|
perror ("execve");
|
||||||
|
Loading…
Reference in New Issue
Block a user