pool/texlive-filesystem
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

.

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/Publishing:TeXLive/texlive-filesystem?expand=0&rev=132
This commit is contained in:
Dr. Werner Fink 2020-03-11 16:11:02 +00:00 committed by Git OBS Bridge
parent dd93975e88
commit 7a807c8ea1
4 changed files with 21 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
texlive-filesystem.changes
View File

@ -1,8 +1,13 @@
-------------------------------------------------------------------
Wed Mar 11 16:03:20 UTC 2020 - Dr. Werner Fink <werner@suse.de>
- Use CVE numbers
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Feb 20 11:01:15 UTC 2020 - Dr. Werner Fink <werner@suse.de> Thu Feb 20 11:01:15 UTC 2020 - Dr. Werner Fink <werner@suse.de>
- Use setpriv to create ls-R files, below /var/cache/texmf/fonts - Use setpriv to create ls-R files, below /var/cache/texmf/fonts
use uid mktex for this (boo#1159740) use uid mktex for this (boo#1159740, CVE-2020-8016)
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Feb 5 06:56:24 UTC 2020 - Dr. Werner Fink <werner@suse.de> Wed Feb 5 06:56:24 UTC 2020 - Dr. Werner Fink <werner@suse.de>
@ -13,7 +18,7 @@ Wed Feb 5 06:56:24 UTC 2020 - Dr. Werner Fink <werner@suse.de>
Tue Feb 4 12:20:03 UTC 2020 - Dr. Werner Fink <werner@suse.de> Tue Feb 4 12:20:03 UTC 2020 - Dr. Werner Fink <werner@suse.de>
- Again use setpriv but now switch to every single owner for clearing - Again use setpriv but now switch to every single owner for clearing
the files of this owner (boo#1159740) the files of this owner (boo#1159740, CVE-2020-8016)
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jan 31 12:32:25 UTC 2020 - Dr. Werner Fink <werner@suse.de> Fri Jan 31 12:32:25 UTC 2020 - Dr. Werner Fink <werner@suse.de>
@ -35,9 +40,9 @@ Thu Jan 16 12:02:43 UTC 2020 - Dr. Werner Fink <werner@suse.de>
Fri Jan 10 12:35:50 UTC 2020 - Dr. Werner Fink <werner@suse.de> Fri Jan 10 12:35:50 UTC 2020 - Dr. Werner Fink <werner@suse.de>
- Set default user for ls-R files and font cache directories - Set default user for ls-R files and font cache directories
to user nobody (bsc#1159740) to user nobody (bsc#1159740, CVE-2020-8016)
- Use setpriv to switch to nobody:mktex before clearing - Use setpriv to switch to nobody:mktex before clearing
font cache directories (bsc#1158910) font cache directories (bsc#1158910, CVE-2020-8017)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Dec 19 08:04:39 UTC 2019 - Dr. Werner Fink <werner@suse.de> Thu Dec 19 08:04:39 UTC 2019 - Dr. Werner Fink <werner@suse.de>

43
texlive-filesystem.spec
View File

@ -15388,55 +15388,32 @@ popd
%{_bindir}/getent group %{texgrp} > /dev/null 2>&1 || %{_sbindir}/groupadd -r %{?texgid:-g %texgid} %{texgrp} %{_bindir}/getent group %{texgrp} > /dev/null 2>&1 || %{_sbindir}/groupadd -r %{?texgid:-g %texgid} %{texgrp}
%{_bindir}/getent passwd %{texusr} > /dev/null 2>&1 || %{_sbindir}/useradd -r %{?texuid:-u %texuid} -g %{texgrp} -d %{_fontcache} -s /bin/false %{texusr} %{_bindir}/getent passwd %{texusr} > /dev/null 2>&1 || %{_sbindir}/useradd -r %{?texuid:-u %texuid} -g %{texgrp} -d %{_fontcache} -s /bin/false %{texusr}
# the ls-R file on update # the ls-R file on update
error=0
for dir in %{_texmfconfdir} \ for dir in %{_texmfconfdir} \
%{_fontcache} \
%{_texmfvardir} \ %{_texmfvardir} \
%{_texmfvardir}/dist \ %{_texmfvardir}/dist \
%{_texmfvardir}/main %{_texmfvardir}/main
do do
test ! -h ${dir}/ls-R || rm -vf ${dir}/ls-R rm -f ${dir}/ls-R
test -e ${dir}/ls-R || continue
test "$(stat --format '%U:%G' ${dir}/ls-R)" != root:%{texgrp} || continue
chown root:%{texgrp} ${dir}/ls-R || error=1
done done
for dir in %{_fontcache}
do
test ! -h ${dir}/ls-R || rm -vf ${dir}/ls-R
test -e ${dir}/ls-R || continue
test "$(stat --format '%U:%G' ${dir}/ls-R)" != %{texusr}:%{texgrp} || continue
chown %{texusr}:%{texgrp} ${dir}/ls-R || error=1
done
test $error = 0 || exit 1
%post %post
%fillup_only -n texlive %fillup_only -n texlive
# the ls-R file (empty at package time) # the ls-R file (empty at package time)
error=0 error=0
user=
for dir in %{_texmfconfdir} \ for dir in %{_texmfconfdir} \
%{_fontcache} \
%{_texmfvardir} \ %{_texmfvardir} \
%{_texmfvardir}/dist \ %{_texmfvardir}/dist \
%{_texmfvardir}/main %{_texmfvardir}/main
do do
test ! -e ${dir}/ls-R -o -h ${dir}/ls-R || continue test "$dir" = %{_fontcache} && user=%{texusr} || user=root
tmp=$(setpriv --reuid root --regid mktex --init-groups mktemp ${dir}/ls-R.XXXXXX) || error=1 setpriv --reuid $user --regid mktex --init-groups /bin/sh -ec "
test $error = 0 || continue tmp=\$(mktemp ${dir}/ls-R.XXXXXX)
setpriv --reuid root --regid mktex --init-groups mv ${tmp} ${dir}/ls-R || error=1 chmod 0664 \${tmp}
test $error = 0 || continue echo '%% ls-R -- filename database for kpathsea; do not change this line.' > \${tmp}
chmod 0664 ${dir}/ls-R || error=1 mv \${tmp} ${dir}/ls-R" || error=1
test $error = 0 || continue
echo '%% ls-R -- filename database for kpathsea; do not change this line.' > \
${dir}/ls-R
done
for dir in %{_fontcache}
do
test ! -e ${dir}/ls-R -o -h ${dir}/ls-R || continue
tmp=$(setpriv --reuid mktex --regid mktex --init-groups mktemp ${dir}/ls-R.XXXXXX) || error=1
test $error = 0 || continue
setpriv --reuid mktex --regid mktex --init-groups mv ${tmp} ${dir}/ls-R || error=1
test $error = 0 || continue
chmod 0664 ${dir}/ls-R || error=1
echo '%% ls-R -- filename database for kpathsea; do not change this line.' > \
${dir}/ls-R
done done
%if %{defined set_permissions} %if %{defined set_permissions}
%set_permissions %{_texmfconfdir}/ls-R %set_permissions %{_texmfconfdir}/ls-R

1
texlive.cron
View File

@ -54,6 +54,7 @@ fi
# #
# Update the ls-R's # Update the ls-R's
# Note that this is done as user mktex
# #
mktexlsr > /dev/null mktexlsr > /dev/null

2
update.texlive
View File

@ -56,7 +56,7 @@ export LANG MKTEXLSR UPDMAPSYNC
# #
# Sanity check # Sanity check
# #
size=$(find /etc/texmf/ls-R -follow -printf '%s') size=$(find /etc/texmf/ls-R -follow -printf '%s' || echo 0)
test $size -lt 80 && > /var/run/texlive/run-mktexlsr test $size -lt 80 && > /var/run/texlive/run-mktexlsr
rotator () rotator ()