Compare commits
4 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| d2b441cb4a | |||
| 4c001e0643 | |||
| debb55d311 | |||
| 65f72ee650 |
@@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 29 15:27:03 UTC 2025 - Egbert Eich <eich@suse.com>
|
||||
|
||||
- Make logrotate work on munge log as user munge. This prevents
|
||||
a local privilege escalation (bsc#1246088).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun May 26 11:03:40 UTC 2024 - jun wang <jgwang@suse.com>
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package munge
|
||||
#
|
||||
# Copyright (c) 2025 SUSE LLC
|
||||
# Copyright (c) 2025 SUSE LLC and contributors
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -134,6 +134,7 @@ rm -f %{buildroot}%{_libdir}/*.a
|
||||
mkdir -p %{buildroot}%{_datarootdir}/licenses
|
||||
|
||||
install -m 0755 -d %{buildroot}%{_fillupdir}
|
||||
sed -i -e "/missingok/a\ \ \ \ su munge munge" %{buildroot}/%{_sysconfdir}/logrotate.d/munge
|
||||
# We don't want systemd file on SLE 11
|
||||
%if 0%{!?have_systemd:1}
|
||||
test -d %{buildroot}%{_prefix}/lib/systemd && \
|
||||
@@ -215,6 +216,9 @@ then
|
||||
%{fixperm %{_localstatedir}/log/munge/munged.log}
|
||||
%{fixperm %munge_run}
|
||||
fi
|
||||
# This matches ' su foo bar' as well as ' su=foo bar
|
||||
grep -qE "^ *su" %{_sysconfdir}/logrotate.d/munge || \
|
||||
sed -i -e "/missingok/a\ \ \ \ su munge munge" %{_sysconfdir}/logrotate.d/munge
|
||||
unset tmpfile
|
||||
tmpdir=$(mktemp -d /tmp/tmpdir-XXXXXXXXX)
|
||||
if [ -e %{_sysconfdir}/munge/munge.key ]; then
|
||||
|
||||
Reference in New Issue
Block a user