SHA256
1
0
forked from pool/man

Accepting request 652353 from Base:System

- Update to man-db 2.8.4
  * Major changes since man-db 2.8.3:
   + Rely on decompressors reading from their standard input rather
     than redundantly passing them the input file on their command
     line.  This works better with downstream AppArmor confinement of
     decompressors.
   + Fix invalid syntax in tmpfiles.d/man-db.conf when configured with
     --disable-cache-owner.
   + Make seccomp sandbox allow sched_getaffinity, sometimes used by
     xz.
   + Check for mandb_nfmt and mandb_tfmt in the manual page hierarchy
     as documented, not in the current directory.  This was broken by
     the working-directory-handling changes in 2.8.3.  Note that this
     change means that "man -l" will never use an external formatter
     (which was never documented behaviour and was surely a bad idea).
   + Make seccomp sandbox allow some shared memory operations across
     the board rather than just when ESET File Security is in use; the
     Astrill VPN seems to require something similar, and there are
     doubtless other such preload hacks.
   + Some versions of ESET File Security call msgget and msgsnd; if
     this program is in use, then allow those.
  * Major changes since man-db 2.8.2:
   + Make seccomp sandbox allow madvise, since that's used by lbzip2.
   + Make seccomp sandbox allow kill and tgkill outright, since groff
     uses kill to pass on signals to its child processes.
   + Make seccomp sandbox allow sibling architectures on
     x86/x86_64/x32, since people sometimes mix and match architectures
     there for performance reasons.
   + Fix version check in locale macro loading to tolerate groff
     release candidates.

OBS-URL: https://build.opensuse.org/request/show/652353
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/man?expand=0&rev=72
This commit is contained in:
Dominique Leuenberger 2018-12-03 09:08:53 +00:00 committed by Git OBS Bridge
commit e9fedeb6bd
15 changed files with 369 additions and 258 deletions

View File

@ -3,8 +3,8 @@
1 file changed, 178 insertions(+), 2 deletions(-)
--- src/man.c
+++ src/man.c 2016-12-15 14:08:57.993676527 +0000
@@ -3514,12 +3514,141 @@ static int locate_page (const char *manp
+++ src/man.c 2018-11-23 13:56:09.131098574 +0000
@@ -3573,12 +3573,141 @@ static int locate_page (const char *manp
return found;
}
@ -146,7 +146,7 @@
global_manpath = is_global_mandir (candp->path);
if (!global_manpath)
drop_effective_privs ();
@@ -3541,9 +3670,56 @@ static int display_pages (struct candida
@@ -3600,9 +3729,56 @@ static int display_pages (struct candida
regain_effective_privs ();
if (found && !findall)

View File

@ -1,6 +1,14 @@
---
man/de/man1/man.1 | 3 +++
man/es/man1/man.1 | 3 +++
man/it/man1/man.1 | 3 +++
man/ja/man1/man.1 | 3 +++
man/man1/man.1 | 3 +++
5 files changed, 15 insertions(+)
--- man/de/man1/man.1
+++ man/de/man1/man.1
@@ -79,6 +79,9 @@ und den Typ der dort zu findenden Seiten
+++ man/de/man1/man.1 2018-11-23 14:23:22.531297359 +0000
@@ -83,6 +83,9 @@ und den Typ der dort zu findenden Seiten
.TS
tab (@);
l lx.
@ -11,8 +19,8 @@
Ausführbare Programme oder Shell\-Befehle
T}
--- man/es/man1/man.1
+++ man/es/man1/man.1
@@ -101,6 +101,9 @@ del manual y los tipos de páginas que c
+++ man/es/man1/man.1 2018-11-23 14:23:22.531297359 +0000
@@ -80,6 +80,9 @@ seguidos por el tipo de página que cont
.TS
tab (@);
l lx.
@ -20,10 +28,10 @@
+Ficheros (se encuentran generalmente en \fI/usr/include\fR)
+T}
1@T{
Programas ejecutables y guiones del intérprete de órdenes
Programa ejecutable o mandatos del shell
T}
--- man/it/man1/man.1
+++ man/it/man1/man.1
+++ man/it/man1/man.1 2018-11-23 14:23:22.531297359 +0000
@@ -124,6 +124,9 @@ del manuale seguiti dai tipi di pagine c
.TS
tab (@);
@ -35,8 +43,8 @@
Programmi eseguibili e comandi della shell
T}
--- man/ja/man1/man.1
+++ man/ja/man1/man.1
@@ -73,6 +73,9 @@ man \- オンラインマニュアルの
+++ man/ja/man1/man.1 2018-11-23 14:23:22.531297359 +0000
@@ -78,6 +78,9 @@ default, unless overridden by the \fBSEC
.TS
tab (@);
l lx.
@ -47,8 +55,8 @@
実行プログラムまたはシェルコマンド
T}
--- man/man1/man.1
+++ man/man1/man.1
@@ -179,6 +179,9 @@ numbers of the manual followed by the ty
+++ man/man1/man.1 2018-11-23 14:23:22.531297359 +0000
@@ -186,6 +186,9 @@ numbers of the manual followed by the ty
.TS
tab (@);
l lx.

View File

@ -3,8 +3,8 @@
1 file changed, 4 insertions(+), 4 deletions(-)
--- src/man.c
+++ src/man.c 2016-12-15 13:49:52.184819971 +0000
@@ -961,7 +961,7 @@ static const char *is_section (const cha
+++ src/man.c 2018-11-23 12:42:32.280720195 +0000
@@ -978,7 +978,7 @@ static const char *is_section (const cha
{
const char **vs;
@ -13,7 +13,7 @@
if (STREQ (*vs, name))
return name;
/* allow e.g. 3perl but disallow 8139too and libfoo */
@@ -2714,7 +2714,7 @@ static int compare_candidates (const str
@@ -2776,7 +2776,7 @@ static int compare_candidates (const str
/* Find out whether lsource->ext is ahead of rsource->ext in
* section_list.
*/
@ -22,7 +22,7 @@
if (!*(*sp + 1)) {
/* No extension */
if (!sec_left && **sp == *(lsource->ext))
@@ -3679,7 +3679,7 @@ static int do_global_apropos (const char
@@ -3738,7 +3738,7 @@ static int do_global_apropos (const char
} else
my_section_list = section_list;
@ -31,7 +31,7 @@
for (mp = manpathlist; *mp; mp++)
*found += do_global_apropos_section (*mp, *sp, name);
@@ -3879,7 +3879,7 @@ static int man (const char *name, int *f
@@ -3927,7 +3927,7 @@ static int man (const char *name, int *f
else {
const char **sp;

View File

@ -1,47 +1,17 @@
---
src/man.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
src/man.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- src/man.c
+++ src/man.c 2016-12-15 14:02:44.261219082 +0000
@@ -1949,16 +1949,6 @@ static void format_display (pipeline *de
if (!disp_status)
break;
}
- if (!candidate) {
- if (html_pager && *html_pager)
- error (CHILD_FAIL, 0,
- "couldn't execute any browser from %s",
- html_pager);
- else
- error (CHILD_FAIL, 0,
- "no browser configured, so cannot show "
- "HTML output");
+++ src/man.c 2018-11-23 13:08:52.119497206 +0000
@@ -2020,7 +2020,9 @@ static void format_display (pipeline *de
error (CHILD_FAIL, 0,
"no browser configured, so cannot show "
"HTML output");
- }
+ } else if (!disp_status)
+ sleep (5); /* firefox runs into background to fast */
+
free (browser_list);
if (have_old_cwd && restore_cwd (&old_cwd) < 0) {
error (0, errno,
@@ -1967,11 +1957,23 @@ static void format_display (pipeline *de
if (chdir ("/")) { /* ignore errors */ }
}
free_cwd (&old_cwd);
+ if (!disp_status)
+ sleep (5); /* firefox runs into background to fast */
if (remove_directory (htmldir, 0) == -1)
error (0, errno, _("can't remove directory %s"),
htmldir);
free (htmlfile);
free (htmldir);
+ if (!candidate) {
+ if (html_pager && *html_pager)
+ error (CHILD_FAIL, 0,
+ "couldn't execute any browser from %s",
+ html_pager);
+ else
+ error (CHILD_FAIL, 0,
+ "no browser configured, so cannot show "
+ "HTML output");
+ }
} else
#endif /* TROFF_IS_GROFF */
{

View File

@ -3,8 +3,8 @@
1 file changed, 11 insertions(+), 1 deletion(-)
--- src/mandb.c
+++ src/mandb.c 2016-12-16 07:14:50.995017235 +0000
@@ -439,17 +439,26 @@ static int mandb (struct dbpaths *dbpath
+++ src/mandb.c 2018-11-23 12:50:40.139688661 +0000
@@ -442,18 +442,27 @@ static int mandb (struct dbpaths *dbpath
int ret, amount;
char *dbname;
int should_create;
@ -27,15 +27,16 @@
if (!STREQ (catpath, manpath)) {
char *cachedir_tag;
- int fd;
int cachedir_tag_exists = 0;
+ drop_effective_privs ();
cachedir_tag = xasprintf ("%s/CACHEDIR.TAG", catpath);
fd = open (cachedir_tag, O_RDONLY);
if (fd < 0) {
@@ -467,6 +476,7 @@ static int mandb (struct dbpaths *dbpath
if (global_manpath)
chown_if_possible (cachedir_tag);
check_chmod (cachedir_tag, DBMODE);
@@ -476,6 +485,7 @@ static int mandb (struct dbpaths *dbpath
chown_if_possible (cachedir_tag);
check_chmod (cachedir_tag, DBMODE);
}
+ regain_effective_privs ();
free (cachedir_tag);
}

View File

@ -5,20 +5,20 @@
3 files changed, 120 insertions(+)
--- config.h.in
+++ config.h.in 2016-12-15 14:07:41.579217715 +0000
@@ -740,6 +740,9 @@
+++ config.h.in 2018-11-23 13:11:12.684900437 +0000
@@ -896,6 +896,9 @@
/* Define to 1 if you have the `z' library (-lz). */
#undef HAVE_LIBZ
+/* Define to 1 if you have libzio for opening compressed manuals */
+#undef HAVE_ZIO
+
/* Define to 1 if you have the <linewrap.h> header file. */
#undef HAVE_LINEWRAP_H
/* Define to 1 if you have the <limits.h> header file. */
#undef HAVE_LIMITS_H
--- configure.ac
+++ configure.ac 2016-12-15 14:07:41.579217715 +0000
@@ -32,6 +32,18 @@ MAN_ARG_DEVICE
+++ configure.ac 2018-11-23 13:09:58.982262008 +0000
@@ -34,6 +34,18 @@ MAN_ARG_DEVICE
MAN_ARG_DB
MAN_ARG_CONFIG_FILE
MAN_ARG_SECTIONS
@ -37,7 +37,7 @@
MAN_ARG_AUTOMATIC_CREATE
MAN_ARG_AUTOMATIC_UPDATE
MAN_ARG_CATS
@@ -321,6 +333,46 @@ AC_SUBST([unlzma])
@@ -325,6 +337,46 @@ AC_SUBST([unlzma])
AC_SUBST([unxz])
AC_SUBST([unlzip])
MAN_COMPRESS_LIB([z], [gzopen])
@ -85,7 +85,7 @@
# Check for various header files and associated libraries.
--- lib/decompress.c
+++ lib/decompress.c 2016-12-15 14:07:41.579217715 +0000
+++ lib/decompress.c 2018-11-23 13:12:59.714923151 +0000
@@ -38,6 +38,10 @@
#include "xvasprintf.h"
@ -97,7 +97,7 @@
#include "manconfig.h"
#include "comp_src.h"
#include "pipeline.h"
@@ -68,6 +72,32 @@ static void decompress_zlib (void *data
@@ -69,6 +73,32 @@ static void decompress_zlib (void *data
#endif /* HAVE_LIBZ */
@ -107,11 +107,11 @@
+{
+ const char *what = (const char*)data;
+ FILE *file;
+
+
+ file = fdzopen(dup (fileno (stdin)), "r", what);
+ if (!file)
+ return;
+
+
+ for (;;) {
+ char buffer[4096];
+ int r = fread(buffer, sizeof(char), sizeof(buffer), file);
@ -120,17 +120,17 @@
+ if (fwrite (buffer, 1, (size_t) r, stdout) < (size_t) r)
+ break;
+ }
+
+ fclose(file);
+
+ fclose(file);
+ return;
+}
+
+#endif /* HAVE_ZIO */
+
extern man_sandbox *sandbox;
pipeline *decompress_open (const char *filename)
{
pipecmd *cmd;
@@ -82,6 +112,37 @@ pipeline *decompress_open (const char *f
@@ -85,6 +115,37 @@ pipeline *decompress_open (const char *f
if (stat (filename, &st) < 0 || S_ISDIR (st.st_mode))
return NULL;
@ -168,7 +168,7 @@
#ifdef HAVE_LIBZ
filename_len = strlen (filename);
if (filename_len > 3 && STREQ (filename + filename_len - 3, ".gz")) {
@@ -95,7 +156,11 @@ pipeline *decompress_open (const char *f
@@ -96,7 +157,11 @@ pipeline *decompress_open (const char *f
}
#endif /* HAVE_LIBZ */

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c68cffa6b93f6362beb1d1259f9ad5b65af2aee9a7d9910086082ea4b75f5da2
size 1541288

View File

@ -9,18 +9,18 @@
src/Makefile.am | 11 ---
src/check_mandirs.c | 33 +++++++----
src/lexgrog.l | 121 ++++++++++++++++++++++++++++-------------
src/man.c | 109 ++++++++++++++++++++++++++-----------
src/man.c | 101 ++++++++++++++++++++--------------
src/man_db.conf.in | 145 +++++++++++++++++++++++++++++++++++++++++++++++---
src/mandb.c | 18 +++++-
src/manp.c | 2
src/straycats.c | 19 ++++--
src/straycats.c | 22 +++++--
src/ult_src.c | 9 ++-
src/ult_src.h | 7 +-
17 files changed, 443 insertions(+), 118 deletions(-)
17 files changed, 428 insertions(+), 128 deletions(-)
--- configure.ac
+++ configure.ac 2016-12-16 08:41:31.950958393 +0000
@@ -244,6 +244,14 @@ then
+++ configure.ac 2018-11-23 13:56:33.730644942 +0000
@@ -248,6 +248,14 @@ then
fi
MAN_CHECK_PROGS([eqn], [EQN], [use EQN to preprocess equations], [eqn geqn])
@ -35,7 +35,7 @@
MAN_CHECK_PROGS([neqn], [NEQN], [use NEQN to preprocess equations for character devices], [neqn gneqn])
# If we fail to find an neqn, use eqn and try to force it to output for an
# ascii device. As this is only relevant for equations (?), not using latin1
@@ -287,9 +295,15 @@ then
@@ -291,9 +299,15 @@ then
compress_ext="gz"
fi
MAN_CHECK_PROGS([compress], [COMPRESS], [use COMPRESS as UNIX compression utility], [compress])
@ -54,7 +54,7 @@
then
compressor="$compress -c"
--- include/comp_src.h.in
+++ include/comp_src.h.in 2016-12-16 08:41:31.950958393 +0000
+++ include/comp_src.h.in 2018-11-23 13:56:33.730644942 +0000
@@ -53,7 +53,7 @@ struct compression comp_list[] = {
#endif /* HAVE_GZIP */
@ -65,8 +65,8 @@
/* Else if we have gzip, incorporate the following */
#elif defined (HAVE_GZIP)
--- lib/security.c
+++ lib/security.c 2016-12-16 08:41:31.950958393 +0000
@@ -77,6 +77,11 @@ static void gripe_set_euid (void)
+++ lib/security.c 2018-11-23 13:56:33.730644942 +0000
@@ -78,6 +78,11 @@ static void gripe_set_euid (void)
error (FATAL, errno, _("can't set effective uid"));
}
@ -75,10 +75,10 @@
+ error (FATAL, errno, _("can't set effective gid"));
+}
+
#endif /* MAN_OWNER */
void init_security (void)
{
ruid = getuid ();
@@ -155,6 +160,31 @@ void regain_effective_privs (void)
@@ -164,6 +169,31 @@ void regain_effective_privs (void)
uid = euid;
gid = egid;
}
@ -107,11 +107,11 @@
+
+ gid = egid;
+ }
#endif /* SECURE_MAN_UID */
#endif /* MAN_OWNER */
}
--- lib/util.c
+++ lib/util.c 2016-12-16 08:41:31.950958393 +0000
+++ lib/util.c 2018-11-23 13:56:33.730644942 +0000
@@ -50,6 +50,9 @@
#include "gettext.h"
@ -123,7 +123,7 @@
#include "error.h"
--- libdb/mydbm.h
+++ libdb/mydbm.h 2016-12-16 08:41:31.950958393 +0000
+++ libdb/mydbm.h 2018-11-23 13:56:33.730644942 +0000
@@ -154,7 +154,7 @@ extern void btree_set_time(DB *db, const
# define MYDBM_SET_DPTR(d, value) ((d).data = (char *) (value))
# define MYDBM_DSIZE(d) ((d).size)
@ -134,8 +134,8 @@
# define MYDBM_RDOPEN(file) btree_flopen(file, O_RDONLY, DBMODE)
# define MYDBM_INSERT(db, key, cont) btree_insert(db, key, cont)
--- man/po4a/po/ru.po
+++ man/po4a/po/ru.po 2016-12-16 08:41:31.950958393 +0000
@@ -3942,7 +3942,7 @@ msgstr ""
+++ man/po4a/po/ru.po 2018-11-23 13:56:33.730644942 +0000
@@ -3890,7 +3890,7 @@ msgstr ""
#~ msgstr "255"
#~ msgid "\\*[softhyphen]"
@ -145,7 +145,7 @@
#~ msgid "-\n"
#~ msgstr "-\n"
--- mk_catdirs
+++ mk_catdirs 2016-12-16 08:41:31.950958393 +0000
+++ mk_catdirs 2018-11-23 13:56:33.730644942 +0000
@@ -0,0 +1,30 @@
+#!/bin/sh
+
@ -178,7 +178,7 @@
+
+test "$(id -u)" -ne 0 || chown man:man -R ${CACHE}
--- src/Makefile.am
+++ src/Makefile.am 2016-12-16 09:15:35.265937979 +0000
+++ src/Makefile.am 2018-11-23 13:56:33.730644942 +0000
@@ -173,16 +173,7 @@ apropos$(EXEEXT): whatis$(EXEEXT)
all-am: apropos$(EXEEXT)
@ -198,9 +198,9 @@
install-data-hook:
@if test -f $(DESTDIR)$(config_file); then \
--- src/check_mandirs.c
+++ src/check_mandirs.c 2016-12-16 08:41:31.950958393 +0000
@@ -394,7 +394,7 @@ void chown_if_possible (const char *path
#endif /* SECURE_MAN_UID */
+++ src/check_mandirs.c 2018-11-23 13:56:33.730644942 +0000
@@ -393,7 +393,7 @@ void chown_if_possible (const char *path
#endif /* MAN_OWNER */
/* create the catman hierarchy if it doesn't exist */
-static void mkcatdirs (const char *mandir, const char *catdir)
@ -208,7 +208,7 @@
{
char *manname, *catname;
@@ -422,9 +422,14 @@ static void mkcatdirs (const char *mandi
@@ -421,9 +421,14 @@ static void mkcatdirs (const char *mandi
int j;
regain_effective_privs ();
debug ("creating catdir hierarchy %s ", catdir);
@ -226,7 +226,7 @@
if ((is_directory (manname) == 1)
&& (is_directory (catname) != 1)) {
if (mkdir (catname, 0755) < 0) {
@@ -432,7 +437,7 @@ static void mkcatdirs (const char *mandi
@@ -431,7 +436,7 @@ static void mkcatdirs (const char *mandi
error (0, 0, _("warning: cannot create catdir %s"), catname);
debug ("warning: cannot create catdir %s\n", catname);
} else
@ -235,7 +235,7 @@
chown_if_possible (catname);
}
}
@@ -579,15 +584,10 @@ static int testmandirs (const char *path
@@ -578,15 +583,10 @@ static int testmandirs (const char *path
}
if (!quiet) {
@ -252,7 +252,7 @@
}
add_dir_entries (dbf, path, mandir->d_name);
MYDBM_CLOSE (dbf);
@@ -694,7 +694,7 @@ int update_db (const char *manpath, cons
@@ -693,7 +693,7 @@ int update_db (const char *manpath, cons
dbf = NULL;
}
if (!dbf) {
@ -261,7 +261,7 @@
return EOF;
}
mtime = MYDBM_GET_TIME (dbf);
@@ -897,6 +897,7 @@ static int purge_whatis (MYDBM_FILE dbf,
@@ -896,6 +896,7 @@ static int purge_whatis (MYDBM_FILE dbf,
"would delete\n", name, info->ext);
return 1;
}
@ -269,7 +269,7 @@
}
/* Check that multi keys are correctly constructed. */
@@ -994,6 +995,14 @@ int purge_missing (const char *manpath,
@@ -993,6 +994,14 @@ int purge_missing (const char *manpath,
nextkey = MYDBM_NEXTKEY (dbf, key);
MYDBM_FREE_DPTR (key);
key = nextkey;
@ -285,8 +285,8 @@
}
--- src/lexgrog.l
+++ src/lexgrog.l 2016-12-16 08:41:31.954958312 +0000
@@ -54,7 +54,7 @@
+++ src/lexgrog.l 2018-11-23 13:56:33.734644867 +0000
@@ -55,7 +55,7 @@
#include "manconv_client.h"
@ -295,7 +295,7 @@
#define MAX_NAME 8192
#define ARRAY_SIZE(array) (sizeof (array) / sizeof ((array)[0]))
@@ -200,15 +200,15 @@ static const struct macro perldocs[] = {
@@ -203,15 +203,15 @@ static const struct macro perldocs[] = {
{ "R\"", "\"" }
};
@ -320,7 +320,7 @@
static char newname[MAX_NAME];
static char *p_name;
@@ -217,6 +217,7 @@ static char filters[MAX_FILTERS];
@@ -220,6 +220,7 @@ static char filters[MAX_FILTERS];
static int fill_mode;
static int waiting_for_quote;
@ -328,7 +328,7 @@
static pipeline *decomp;
@@ -234,7 +235,7 @@ static pipeline *decomp;
@@ -237,7 +238,7 @@ static pipeline *decomp;
%}
%option ecs meta-ecs
@ -337,7 +337,7 @@
%option nostdinit
%option warn
%option noyywrap nounput
@@ -272,8 +273,9 @@ font_change \\f([[:upper:]1-4]|\({upper}
@@ -275,8 +276,9 @@ font_change \\f([[:upper:]1-4]|\({upper}
size_change \\s[+-]?{digit}
style_change ({font_change}{size_change}?|{size_change}{font_change}?)
typeface \.(B[IR]?|I[BR]?|R[BI]|S[BM])
@ -348,7 +348,7 @@
/* Please add to this list if you know how. */
/* Note that, since flex only supports UTF-8 by accident, character classes
@@ -308,7 +310,26 @@ vi_name TÊN
@@ -311,7 +313,26 @@ vi_name TÊN
zh_CN_name 名{blank}?(称|字){blank}?.*
zh_TW_name (名{blank}?(稱|字)|命令名){blank}?.*
name ({bg_name}|{cs_name}|{da_name}|{de_name}|{en_name}|{es_name}|{fi_name}|{fr_name}|{hu_name}|{id_name}|{it_name}|{ja_name}|{ko_name}|{latin_name}|{lt_name}|{nl_name}|{pl_name}|{ru_name}|{sk_name}|{sr_name}|{srlatin_name}|{sv_name}|{tr_name}|{vi_name}|{zh_CN_name}|{zh_TW_name})
@ -376,7 +376,7 @@
/* eptgrv : eqn, pic, tbl, grap, refer, vgrind */
tbl_request \.TS
@@ -322,8 +343,13 @@ vgrind_request \.vS
@@ -325,8 +346,13 @@ vgrind_request \.vS
%%
/* begin NAME section processing */
@ -392,7 +392,7 @@
/* general text matching */
<MAN_FILE>\.[^Ss\r\n].* |
@@ -391,6 +417,7 @@ vgrind_request \.vS
@@ -394,6 +420,7 @@ vgrind_request \.vS
<MAN_NAME>{bol}\.sp{blank}* | /* vertical spacing */
<MAN_NAME>{bol}\.ig{blank}* | /* block comment */
<MAN_NAME>{bol}\.de[1i]?{blank}* | /* macro definition */
@ -400,14 +400,14 @@
<MAN_NAME>{bol}\.i[ef]{blank}* | /* conditional */
<MAN_NAME>{empty}{bol}.+ |
<MAN_NAME><<EOF>> { /* terminate the string */
@@ -428,21 +455,24 @@ vgrind_request \.vS
@@ -431,21 +458,24 @@ vgrind_request \.vS
}
/* No-op requests */
-<MAN_NAME>{bol}\.{blank}*$ newline_found ();
-<MAN_NAME>{bol}\.\.$ newline_found ();
+<MAN_NAME>{bol}\.{blank}*/{eol} newline_found ();
+<MAN_NAME>{bol}\.\./{eol} newline_found ();
+<MAN_NAME>{bol}\.\./{eol} newline_found ();
/* Toggle fill mode */
-<MAN_NAME>{bol}\.nf.* fill_mode = 0;
@ -418,7 +418,7 @@
<CAT_NAME>-{eol}{blank_eol}* /* strip continuations */
/* convert to DASH */
<MAN_NAME>{next}{blank}*\\\((mi|hy|em){blank}* |
<MAN_NAME>{next}{blank}*\\\((mi|hy|em|en){blank}* |
+<MAN_NAME>{bol}\.sp{bol}{blank}+\\-{blank}* | /* strange spacing in NAME section *
+<MAN_NAME>{blank}+[-\\]?-{bol} | /* dash at end of line */
+<MAN_NAME>{next}{blank_eol}+(\\?-){2}{blank}+ | /* some man pages use -- as dash */
@ -430,7 +430,7 @@
/* escape sequences and special characters */
<MAN_NAME>{
@@ -458,6 +488,7 @@ vgrind_request \.vS
@@ -461,6 +491,7 @@ vgrind_request \.vS
{next}\\[|^&!%acdpruz{}\r\n] /* various useless control chars */
{next}\\[bhlLvx]{blank}*'[^']+' /* various inline functions */
@ -438,7 +438,7 @@
{next}\\\$[1-9] /* interpolate arg */
/* roff named glyphs */
@@ -620,11 +651,8 @@ vgrind_request \.vS
@@ -623,11 +654,8 @@ vgrind_request \.vS
for later processing */
<MAN_NAME>{
{bol}\.br{blank}* |
@ -451,7 +451,7 @@
{bol}\.RS{blank}.* |
{bol}\.RE{blank}.* add_char_to_whatis ((char) 0x11);
}
@@ -639,7 +667,7 @@ vgrind_request \.vS
@@ -642,7 +670,7 @@ vgrind_request \.vS
<MAN_NAME>[[:alnum:]]* add_str_to_whatis (yytext, yyleng);
/* normalise the period (,) separators */
@ -460,7 +460,7 @@
<MAN_NAME>{blank}*,{blank}* add_str_to_whatis (", ", 2);
<CAT_NAME,MAN_NAME>{bol}. {
@@ -655,7 +683,7 @@ vgrind_request \.vS
@@ -658,7 +686,7 @@ vgrind_request \.vS
%%
/* print warning and force scanner to terminate */
@ -469,7 +469,7 @@
{
/* Even though MAX_NAME is a macro expanding to a constant, we
* translate it using ngettext anyway because that will make it
@@ -672,7 +700,7 @@ static void too_big (void)
@@ -675,7 +703,7 @@ static void too_big (void)
}
/* append a string to newname if enough room */
@ -478,7 +478,7 @@
{
if (p_name - newname + length >= MAX_NAME)
too_big ();
@@ -683,8 +711,10 @@ static void add_str_to_whatis (const cha
@@ -686,8 +714,10 @@ static void add_str_to_whatis (const cha
}
/* append a char to newname if enough room */
@ -490,7 +490,7 @@
if (p_name - newname + 1 >= MAX_NAME)
too_big ();
else if (waiting_for_quote && c == '"')
@@ -696,8 +726,24 @@ static void add_char_to_whatis (unsigned
@@ -699,8 +729,24 @@ static void add_char_to_whatis (unsigned
/* append the " - " separator to newname, trimming the first space if one's
* already there
*/
@ -516,7 +516,7 @@
if (p_name != newname && *(p_name - 1) != ' ')
add_char_to_whatis (' ');
add_str_to_whatis ("- ", 2);
@@ -705,7 +751,7 @@ static void add_separator_to_whatis (voi
@@ -708,7 +754,7 @@ static void add_separator_to_whatis (voi
/* append a word to newname if enough room, ensuring only necessary
surrounding space */
@ -525,7 +525,7 @@
{
if (p_name != newname && *(p_name - 1) != ' ')
add_char_to_whatis (' ');
@@ -715,7 +761,7 @@ static void add_wordn_to_whatis (const c
@@ -718,7 +764,7 @@ static void add_wordn_to_whatis (const c
add_str_to_whatis (string, length);
}
@ -534,7 +534,7 @@
{
add_wordn_to_whatis (string, strlen (string));
}
@@ -725,7 +771,7 @@ struct compare_macro_key {
@@ -728,7 +774,7 @@ struct compare_macro_key {
size_t length;
};
@ -543,7 +543,7 @@
{
const struct compare_macro_key *key = left;
const struct macro *value = right;
@@ -743,7 +789,7 @@ static int compare_macro (const void *le
@@ -746,7 +792,7 @@ static int compare_macro (const void *le
return 0;
}
@ -552,7 +552,7 @@
const char *string, size_t length)
{
struct compare_macro_key key;
@@ -757,23 +803,23 @@ static void add_macro_to_whatis (const s
@@ -760,23 +806,23 @@ static void add_macro_to_whatis (const s
add_str_to_whatis (macro->value, strlen (macro->value));
}
@ -580,7 +580,7 @@
{
/* If we are mid p_name and the last added char was not a space,
* best add one.
@@ -851,6 +897,7 @@ int find_name_decompressed (pipeline *p,
@@ -859,6 +905,7 @@ int find_name_decompressed (pipeline *p,
fill_mode = 1;
waiting_for_quote = 0;
@ -589,8 +589,8 @@
if (p_lg->type)
BEGIN (CAT_FILE);
--- src/man.c
+++ src/man.c 2016-12-16 08:41:31.954958312 +0000
@@ -68,6 +68,7 @@ int have_cwd;
+++ src/man.c 2018-11-26 10:36:45.654147759 +0000
@@ -65,6 +65,7 @@
#include <time.h>
#include <sys/types.h>
#include <sys/stat.h>
@ -598,27 +598,28 @@
#include "argp.h"
#include "dirname.h"
@@ -111,6 +112,8 @@ int have_cwd;
#ifdef SECURE_MAN_UID
@@ -109,6 +110,8 @@
#ifdef MAN_OWNER
extern uid_t ruid;
extern uid_t euid;
+extern gid_t rgid;
+extern gid_t egid;
#endif /* SECURE_MAN_UID */
#endif /* MAN_OWNER */
/* the default preprocessor sequence */
@@ -141,6 +144,10 @@ char *lang;
@@ -139,6 +142,11 @@ char *lang;
static int global_manpath = -1; /* global or user manual page hierarchy? */
static int skip; /* page exists but has been skipped */
+static struct termios tms; /* To save terminal settings in */
+static int tms_set = 0; /* Do we have saved terminal settings? */
+static pid_t tms_pid = 0;
+
+static void set_term(void) { if (tms_set) tcsetattr(fileno(stdin), TCSANOW, &tms); }
+static void set_term(void) { if (tms_set && getpid () == tms_pid) tcsetattr(fileno(stdin), TCSANOW, &tms); }
#if defined _AIX || defined __sgi
char **global_argv;
@@ -244,10 +251,10 @@ static int found_a_stray; /* found a st
@@ -242,10 +250,10 @@ static int found_a_stray; /* found a st
#ifdef MAN_CATS
static char *tmp_cat_file; /* for open_cat_stream(), close_cat_stream() */
static int created_tmp_cat; /* dto. */
@ -630,16 +631,17 @@
# ifdef TROFF_IS_GROFF
static int ditroff;
@@ -654,25 +661,6 @@ static void check_standard_fds (void)
@@ -660,36 +668,6 @@ static void check_standard_fds (void)
}
}
-static struct termios tms;
-static int tms_set = 0;
-static pid_t tms_pid = 0;
-
-static void set_term (void)
-{
- if (tms_set)
- if (tms_set && getpid () == tms_pid)
- tcsetattr (STDIN_FILENO, TCSANOW, &tms);
-}
-
@ -648,15 +650,25 @@
- if (isatty (STDOUT_FILENO)) {
- debug ("is a tty\n");
- tcgetattr (STDIN_FILENO, &tms);
- if (!tms_set++)
- if (!tms_set++) {
- /* Work around pipecmd_exec calling exit(3) rather
- * than _exit(2), which means our atexit-registered
- * functions are called at the end of each child
- * process created using pipecmd_new_function and
- * friends. It would probably be good to fix this
- * in libpipeline at some point, but it would
- * require care to avoid breaking compatibility.
- */
- tms_pid = getpid ();
- atexit (set_term);
- }
- }
-}
-
#if defined(TROFF_IS_GROFF) || defined(HEIRLOOM_NROFF)
static int get_roff_line_length (void)
{
@@ -1498,6 +1486,18 @@ static void setenv_less (pipecmd *cmd, c
@@ -1562,6 +1540,18 @@ static void setenv_less (pipecmd *cmd, c
free (less_opts);
}
@ -675,16 +687,16 @@
static void add_output_iconv (pipeline *p,
const char *source, const char *target)
{
@@ -1613,6 +1613,8 @@ static pipeline *make_display_command (c
pipecmd_chdir (pager_cmd, cwd.name);
}
@@ -1679,6 +1669,8 @@ static pipeline *make_display_command (c
if (pager_cmd) {
setenv_less (pager_cmd, title);
+ if (!htmlout)
+ disable_x();
pipeline_command (p, pager_cmd);
}
pipeline_ignore_signals (p, 1);
@@ -1623,7 +1625,7 @@ static pipeline *make_display_command (c
@@ -1689,7 +1681,7 @@ static pipeline *make_display_command (c
return p;
}
@ -693,7 +705,7 @@
/* return a (malloced) temporary name in cat_file's directory */
static char *tmp_cat_filename (const char *cat_file)
{
@@ -1651,7 +1653,6 @@ static char *tmp_cat_filename (const cha
@@ -1717,7 +1709,6 @@ static char *tmp_cat_filename (const cha
return name;
}
@ -701,7 +713,7 @@
/* If delete unlink tmp_cat, else commit tmp_cat to cat_file.
Return non-zero on error.
*/
@@ -1724,6 +1725,7 @@ static int commit_tmp_cat (const char *c
@@ -1790,6 +1781,7 @@ static int commit_tmp_cat (const char *c
return status;
}
@ -709,7 +721,7 @@
/* TODO: This should all be refactored after work on the decompression
* library is complete.
@@ -1744,7 +1746,6 @@ static void maybe_discard_stderr (pipeli
@@ -1818,7 +1810,6 @@ static void chdir_commands (pipeline *p,
}
#ifdef MAN_CATS
@ -717,7 +729,7 @@
/* Return pipeline to write formatted manual page to for saving as cat file. */
static pipeline *open_cat_stream (const char *cat_file, const char *encoding)
{
@@ -1986,6 +1987,7 @@ static void format_display (pipeline *de
@@ -2041,6 +2032,7 @@ static void format_display (pipeline *de
regain_effective_privs ();
}
@ -725,7 +737,7 @@
/* "Display" a page in catman mode, which amounts to saving it. */
/* TODO: merge with format_display_and_save? */
static void display_catman (const char *cat_file, pipeline *decomp,
@@ -2025,6 +2027,7 @@ static void display_catman (const char *
@@ -2084,6 +2076,7 @@ static void display_catman (const char *
pop_cleanup ((cleanup_fun) unlink, tmpcat);
free (tmpcat);
}
@ -733,7 +745,7 @@
static void disable_hyphenation (void *data ATTRIBUTE_UNUSED)
{
@@ -2222,7 +2225,7 @@ static int display (const char *dir, con
@@ -2283,7 +2276,7 @@ static int display (const char *dir, con
format_cmd = NULL;
decomp_errno = errno;
}
@ -742,7 +754,7 @@
/* Get modification time, for commit_tmp_cat(). */
if (man_file && *man_file) {
struct stat stb;
@@ -2232,7 +2235,7 @@ static int display (const char *dir, con
@@ -2293,7 +2286,7 @@ static int display (const char *dir, con
} else
man_modtime = get_stat_mtime (&stb);
}
@ -751,7 +763,7 @@
display_to_stdout = troff;
#ifdef TROFF_IS_GROFF
if (htmlout)
@@ -2368,6 +2371,7 @@ static int display (const char *dir, con
@@ -2430,6 +2423,7 @@ static int display (const char *dir, con
}
if (printed)
putchar ('\n');
@ -759,7 +771,7 @@
} else if (catman) {
if (format) {
if (!save_cat)
@@ -2380,6 +2384,7 @@ static int display (const char *dir, con
@@ -2442,6 +2436,7 @@ static int display (const char *dir, con
format_cmd,
formatted_encoding);
}
@ -767,7 +779,7 @@
} else if (format) {
/* no cat or out of date */
pipeline *disp_cmd;
@@ -2441,8 +2446,10 @@ static int display (const char *dir, con
@@ -2503,8 +2498,10 @@ static int display (const char *dir, con
free (formatted_encoding);
@ -780,7 +792,7 @@
if (!prompt)
prompt = found;
@@ -3277,7 +3284,7 @@ static int display_database_check (struc
@@ -3336,7 +3333,7 @@ static int display_database_check (struc
#ifdef MAN_DB_UPDATES
if (!exists && !skip) {
debug ("dbdelete_wrapper (%s, %p)\n",
@ -789,38 +801,9 @@
dbdelete_wrapper (candp->req_name, candp->source);
}
#endif /* MAN_DB_UPDATES */
@@ -3882,6 +3889,8 @@ static int local_man_loop (const char *a
display (NULL, "", NULL, "(stdin)", NULL);
else {
struct stat st;
+ char *file = base_name((char*)argv);
+ char *pwd = NULL;
if (have_cwd) {
debug ("restore_cwd: %d %s\n", cwd.desc, cwd.name);
@@ -3893,21 +3902,39 @@ static int local_man_loop (const char *a
return 0;
}
}
+ if (strcmp(argv, file)) {
+ char *dlm;
+ pwd = strdupa(argv);
+
+ if ((dlm = strrchr(pwd, '/')))
+ *dlm = '\0';
+ }
+ if (pwd && pwd[0]) {
+ debug ("chdir %s\n", pwd);
+ if (chdir (pwd)) {
+ error (0, errno, _("can't chdir to %s"), pwd);
+ regain_effective_privs ();
+ return 0;
+ }
+ }
@@ -3945,17 +3942,20 @@ static int local_man_loop (const char *a
/* Check that the file exists and isn't e.g. a directory */
- if (stat (argv, &st)) {
+ if (stat (file, &st)) {
if (stat (argv, &st)) {
error (0, errno, "%s", argv);
+ regain_effective_privs ();
return NOT_FOUND;
@ -839,7 +822,7 @@
return NOT_FOUND;
}
@@ -3974,8 +4001,13 @@ executable_out:
@@ -4022,6 +4022,11 @@ executable_out:
argv_abs = xstrdup (argv);
}
lang = lang_dir (argv_abs);
@ -849,12 +832,9 @@
+ lang = xstrdup(internal_locale);
+ }
free (argv_abs);
- if (!display (NULL, argv, NULL, argv_base, NULL)) {
+ if (!display (NULL, file, NULL, argv_base, NULL)) {
if (!display (NULL, argv, NULL, argv_base, NULL)) {
if (local_mf)
error (0, errno, "%s", argv);
exit_status = NOT_FOUND;
@@ -4142,7 +4174,16 @@ int main (int argc, char *argv[])
@@ -4259,7 +4264,16 @@ int main (int argc, char *argv[])
umask (022);
init_locale ();
@ -872,23 +852,24 @@
/* Use LANGUAGE only when LC_MESSAGES locale category is
* neither "C" nor "POSIX". */
if (internal_locale && strcmp (internal_locale, "C") &&
@@ -4192,9 +4233,13 @@ int main (int argc, char *argv[])
@@ -4298,9 +4312,14 @@ int main (int argc, char *argv[])
if (external)
do_extern (argc, argv);
- get_term (); /* stores terminal settings */
#ifdef SECURE_MAN_UID
#ifdef MAN_OWNER
debug ("real user = %d; effective user = %d\n", ruid, euid);
+ if (isatty(fileno(stdin)) && isatty(fileno(stdout))) {
+ tcgetattr(fileno(stdin), &tms);
+ tms_pid = getpid ();
+ if (!tms_set++)
+ atexit(set_term);
+ }
#endif /* SECURE_MAN_UID */
#endif /* MAN_OWNER */
/* close this locale and reinitialise if a new locale was
--- src/man_db.conf.in
+++ src/man_db.conf.in 2016-12-16 08:41:31.954958312 +0000
+++ src/man_db.conf.in 2018-11-23 13:56:33.734644867 +0000
@@ -20,6 +20,14 @@
MANDATORY_MANPATH /usr/man
MANDATORY_MANPATH /usr/share/man
@ -1057,17 +1038,17 @@
#---------------------------------------------------------
# Program definitions. These are commented out by default as the value
--- src/mandb.c
+++ src/mandb.c 2016-12-16 08:41:31.954958312 +0000
@@ -197,6 +197,8 @@ struct dbpaths {
#ifdef SECURE_MAN_UID
+++ src/mandb.c 2018-11-23 13:56:33.734644867 +0000
@@ -200,6 +200,8 @@ struct dbpaths {
#ifdef MAN_OWNER
extern uid_t ruid;
extern uid_t euid;
+extern gid_t rgid;
+extern gid_t egid;
#endif /* SECURE_MAN_UID */
#endif /* MAN_OWNER */
static char *manpathlist[MAXDIRS];
@@ -552,6 +554,8 @@ static int mandb (struct dbpaths *dbpath
@@ -561,6 +563,8 @@ static int mandb (struct dbpaths *dbpath
return amount;
}
@ -1076,7 +1057,7 @@
static int process_manpath (const char *manpath, int global_manpath,
struct hashtable *tried_catdirs)
{
@@ -599,6 +603,8 @@ static int process_manpath (const char *
@@ -608,6 +612,8 @@ static int process_manpath (const char *
database = NULL;
}
@ -1085,19 +1066,19 @@
dbpaths = XZALLOC (struct dbpaths);
push_cleanup (cleanup, dbpaths, 0);
push_cleanup (cleanup_sigsafe, dbpaths, 1);
@@ -614,7 +620,7 @@ static int process_manpath (const char *
@@ -623,7 +629,7 @@ static int process_manpath (const char *
if (!opt_test && amount)
finish_up (dbpaths);
#ifdef SECURE_MAN_UID
#ifdef MAN_OWNER
- if (global_manpath)
+ if (global_manpath && (euid == 0 || ruid == 0))
+ if (global_manpath && (euid == 0 || ruid == 0))
do_chown (dbpaths);
#endif /* SECURE_MAN_UID */
#endif /* MAN_OWNER */
@@ -824,8 +830,14 @@ int main (int argc, char *argv[])
error (FAIL, 0,
_("the setuid man user \"%s\" does not exist"),
MAN_OWNER);
@@ -828,8 +834,14 @@ int main (int argc, char *argv[])
#ifdef MAN_OWNER
man_owner = get_man_owner ();
- if (!user && euid != 0 && euid != man_owner->pw_uid)
- user = 1;
+ if (!user) {
@ -1108,12 +1089,12 @@
+ if (euid != man_owner->pw_uid)
+ user = 1;
+ }
#endif /* SECURE_MAN_UID */
#endif /* MAN_OWNER */
read_config_file (user);
--- src/manp.c
+++ src/manp.c 2016-12-16 08:41:31.954958312 +0000
@@ -925,7 +925,7 @@ static char *def_path (int flag)
+++ src/manp.c 2018-11-23 13:56:33.734644867 +0000
@@ -919,7 +919,7 @@ static char *def_path (int flag)
/* If we have complete config file failure... */
if (!manpath)
@ -1123,7 +1104,7 @@
return manpath;
}
--- src/straycats.c
+++ src/straycats.c 2016-12-16 08:41:31.954958312 +0000
+++ src/straycats.c 2018-11-23 13:56:33.734644867 +0000
@@ -36,6 +36,7 @@
#include <sys/types.h>
#include <sys/stat.h>
@ -1132,11 +1113,14 @@
#include <dirent.h>
#include "canonicalize.h"
@@ -284,17 +285,23 @@ static int check_for_stray (MYDBM_FILE d
@@ -287,18 +288,25 @@ static int check_for_stray (MYDBM_FILE d
free (catdir_base);
}
if (lg.whatis)
free (lg.whatis);
- free (lg.whatis);
- pipeline_free (decomp);
+ if (lg.whatis)
+ free (lg.whatis);
+ if (decomp)
+ pipeline_free (decomp);
next_exists:
@ -1163,8 +1147,8 @@
}
--- src/ult_src.c
+++ src/ult_src.c 2016-12-16 08:41:31.954958312 +0000
@@ -363,10 +363,15 @@ const char *ult_src (const char *name, c
+++ src/ult_src.c 2018-11-23 13:56:33.734644867 +0000
@@ -362,10 +362,15 @@ const char *ult_src (const char *name, c
}
pipeline_start (decomp);
@ -1183,7 +1167,7 @@
include = test_for_include (buffer);
if (include) {
--- src/ult_src.h
+++ src/ult_src.h 2016-12-16 08:41:31.954958312 +0000
+++ src/ult_src.h 2018-11-23 13:56:33.734644867 +0000
@@ -22,9 +22,10 @@
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/

3
man-db-2.8.4.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:103c185f9d8269b9ee3b8a4cb27912b3aa393e952731ef96fedc880723472bc3
size 1779488

View File

@ -1,2 +1,7 @@
addFilter(".*W:.*patch-not-applied.*Patch1:.*man-db-2.6.3-man0.dif.*")
addFilter(".*W:.*tmpfile-not-in-filelist.*/var/cache/man.*")
addFilter(".*W:.*name-repeated-in-summary.*C.*man.*")
addFilter(".*W:.*no-version-in-last-changelog.*")
addFilter(".*W:.*permissions-incorrect-owner.*/var/cache/man/.*")
addFilter(".*W:.*shared-lib-calls-exit.*/usr/lib.*/libman-2\.8\.4\.so.*")
addFilter(".*W:.*suse-missing-rclink.*")

View File

@ -1,3 +1,102 @@
-------------------------------------------------------------------
Mon Nov 26 11:37:32 UTC 2018 - Dr. Werner Fink <werner@suse.de>
- Update to man-db 2.8.4
* Major changes since man-db 2.8.3:
+ Rely on decompressors reading from their standard input rather
than redundantly passing them the input file on their command
line. This works better with downstream AppArmor confinement of
decompressors.
+ Fix invalid syntax in tmpfiles.d/man-db.conf when configured with
--disable-cache-owner.
+ Make seccomp sandbox allow sched_getaffinity, sometimes used by
xz.
+ Check for mandb_nfmt and mandb_tfmt in the manual page hierarchy
as documented, not in the current directory. This was broken by
the working-directory-handling changes in 2.8.3. Note that this
change means that "man -l" will never use an external formatter
(which was never documented behaviour and was surely a bad idea).
+ Make seccomp sandbox allow some shared memory operations across
the board rather than just when ESET File Security is in use; the
Astrill VPN seems to require something similar, and there are
doubtless other such preload hacks.
+ Some versions of ESET File Security call msgget and msgsnd; if
this program is in use, then allow those.
* Major changes since man-db 2.8.2:
+ Make seccomp sandbox allow madvise, since that's used by lbzip2.
+ Make seccomp sandbox allow kill and tgkill outright, since groff
uses kill to pass on signals to its child processes.
+ Make seccomp sandbox allow sibling architectures on
x86/x86_64/x32, since people sometimes mix and match architectures
there for performance reasons.
+ Fix version check in locale macro loading to tolerate groff
release candidates.
+ man now only changes working directory in child processes, so
never fails due to being unable to change back to its original
working directory.
+ accessdb, apropos, and lexgrog no longer emit spurious gettext
headers in their --help output when localised.
* Major changes since man-db 2.8.1:
+ Make seccomp sandbox allow kill and tgkill when the signal is
directed at the current process or one of its threads; this is
needed by xz.
+ Make seccomp sandbox allow ioctl(fd, TIOCGWINSZ), since that's used
by musl.
+ Work around the proprietary "ESET File Security" antivirus program in
seccomp sandbox: if this is in use then we need to allow some
socket-related system calls.
+ Work around the "snoopy" execve() wrapper and logger in seccomp
sandbox: if this is in use then we need to allow some
socket-related system calls.
+ Interpret EFAULT from seccomp_load as meaning that seccomp is
unavailable, since this can be returned by some versions of
qemu-user.
* Major changes since man-db 2.8.0:
+ Fix seccomp sandbox build on Linux/POWER.
+ Fix manconv execution under seccomp when man is installed setuid.
+ Make seccomp sandbox allow mremap (used by iconv, for example).
+ configure now has a --without-libseccomp option to disable the use
of seccomp even if the library is available.
* Major changes since man-db 2.7.6.1:
+ Fix locale macro loading for Chinese to load the macro file
corresponding to just the language part of the user's locale.
+ Honour --enable-cache-owner in generated systemd tmpfiles snippet
rather than hardcoding "man".
+ If man adds prefixes to a page to handle such things as disabling
hyphenation, then take account of those when looking for a
preprocessor line at the start of the page.
+ Fix a segfault in 'man -D --help'.
+ Treat "\(en" as another synonym for "\-" in NAME sections.
+ Confine most subprocesses that handle untrusted data using
seccomp. This mainly deals with subprocesses that perform
encoding conversions, (de)compressors, groff programs, and a few
other odds and ends. groff programs use a slightly more
permissive filter since they need to create temporary files, so
additional path-based confinement (e.g. using AppArmor) is still
useful.
If this goes wrong, then MAN_DISABLE_SECCOMP=1 can be set in the
environment to disable it, but please report any such problem as a
bug.
+ man now falls back to cat if the compile-time default pager is not
executable.
* Major changes since man-db 2.7.6:
+ Don't chmod CACHEDIR.TAG if it doesn't exist.
+ Correct installation of Swedish manual pages.
- Modify the patches
*man-db-2.6.3-listall.dif
* man-db-2.6.3-man0.dif
* man-db-2.6.3-section.dif
* man-db-2.7.1-firefox.dif
* man-db-2.7.1-security4.dif
* man-db-2.7.1-zio.dif
- Rename patch man-db-2.7.6.dif which is now man-db-2.8.4.dif
-------------------------------------------------------------------
Fri Nov 9 13:37:43 UTC 2018 - Dr. Werner Fink <werner@suse.de>
- Add systemd timer service and its timer unit to refresh man
data base daily without using cron (bsc#1115406)
-------------------------------------------------------------------
Mon Apr 16 14:25:43 UTC 2018 - werner@suse.de

View File

@ -32,22 +32,24 @@ BuildRequires: gettext-tools
BuildRequires: groff
BuildRequires: less
BuildRequires: libbz2-devel
BuildRequires: libpipeline-devel
BuildRequires: libpipeline-devel >= 1.5.0
BuildRequires: libzio-devel
BuildRequires: man-pages
BuildRequires: pkg-config
BuildRequires: po4a
BuildRequires: xz-devel
BuildRequires: zlib-devel
Version: 2.7.6
Version: 2.8.4
Release: 0
Summary: A Program for Displaying man Pages
License: GPL-2.0+
License: GPL-2.0-or-later
Group: System/Base
Url: https://savannah.nongnu.org/projects/man-db
PreReq: coreutils fillup
Provides: man_db
%if 0%{suse_version} < 1500
Requires: cron
%endif
Requires: glibc-locale
%if 0%{suse_version} > 1300
Recommends: groff-full
@ -63,8 +65,10 @@ Source4: mancoding
Source5: wrapper.c
Source6: man-rpmlintrc
Source7: man-db-create.service
Patch0: man-db-2.7.6.dif
Patch1: man-db-2.6.3-man0.dif
Source8: mandb.timer
Source9: mandb.service
Source10: man-db-2.6.3-man0.dif
Patch0: man-db-2.8.4.dif
Patch2: man-db-2.3.19deb4.0-groff.dif
Patch4: man-db-2.6.3-section.dif
Patch5: man-db-2.7.1-security4.dif
@ -93,7 +97,7 @@ Authors:
Colin Watson <cjwatson@debian.org>
%prep
%setup -n man-db-%{version}
%setup -q -n man-db-%{version}
%patch2 -p0 -b .groff
%patch4 -p0 -b .sect
%patch5 -p0 -b .secu4
@ -143,8 +147,8 @@ Authors:
LINGUAS="${LINGUAS:+$LINGUAS }$d"
done
export CFLAGS LDFLAGS LIBS LINGUAS
aclocal -I ${PWD} -I ${PWD}/m4 -I ${PWD}/gnulib/m4
autoconf -B ${PWD} -B ${PWD}/m4 -B ${PWD}/gnulib/m4
aclocal -I ${PWD} -I ${PWD}/m4 -I ${PWD}/gl/m4
autoconf -B ${PWD} -B ${PWD}/m4 -B ${PWD}/gl/m4
automake --add-missing
find -name 'Makefile.*' | xargs \
sed -ri -e '/^pkglibdir/{ s@^(pkglibdir[[:blank:]]+=[[:blank:]]+\$\(libdir\)).*@\1@p }'
@ -181,9 +185,9 @@ Authors:
" $man
esac
done
patch -p0 < %{P:1}
gcc $CFLAGS -I gnulib/lib/ -I include/ --include config.h --include configmake.h \
-o wrapper %{S:5} -L gnulib/lib/.libs/ -lgnu
patch --backup --suffix=.s10 ${FUZZ+"--fuzz=$FUZZ"} -p0 < %{S:10}
gcc $CFLAGS -I gl/lib/ -I include/ --include config.h -D LOCALEDIR="\"%{_datarootdir}/locale\"" \
-o wrapper %{S:5} -L gl/lib/.libs/ -lgnu
%check
if ! make check; then
@ -236,30 +240,53 @@ fi
install -m 0644 groff/tmac.andb %{buildroot}%{_datadir}/groff/site-tmac/
install -m 0644 groff/tmac.andocdb %{buildroot}%{_datadir}/groff/site-tmac/
mkdir -p %{buildroot}%{_fillupdir}
mkdir -p %{buildroot}/etc/cron.daily
install -m 0644 %{SOURCE1} %{buildroot}%{_fillupdir}
install -m 0744 %{SOURCE2} %{buildroot}/etc/cron.daily/suse-do_mandb
mkdir -p %{buildroot}%{_unitdir}/
%if 0%{suse_version} < 1500
mkdir -p %{buildroot}/etc/cron.daily
%endif
install -m 0644 %{SOURCE1} %{buildroot}%{_fillupdir}
%if 0%{suse_version} < 1500
install -m 0744 %{SOURCE2} %{buildroot}/etc/cron.daily/suse-do_mandb
%else
install -m 0744 %{SOURCE2} %{buildroot}/%{_libexecdir}/man-db/do_mandb
%endif
install -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/
%if 0%{suse_version} >= 1500
install -m 0644 %{SOURCE8} %{buildroot}%{_unitdir}/
install -m 0644 %{SOURCE9} %{buildroot}%{_unitdir}/
%endif
%find_lang man-db --all-name --with-man
%pre
test -d var/catman/ && rm -rf var/catman/ || true
%if 0%{suse_version} >= 1500
%service_add_pre man-db-create.service mandb.service mandb.timer
%else
%service_add_pre man-db-create.service
%endif
%post
%{?tmpfiles_create:%tmpfiles_create %{_libexecdir}/tmpfiles.d/man-db.conf}
%{fillup_only -an cron}
/sbin/ldconfig
%service_add_post man-db-create.service
%if 0%{suse_version} >= 1500
%service_add_post mandb.service mandb.timer
%endif
%preun
%service_del_preun man-db-create.service
%if 0%{suse_version} >= 1500
%service_del_preun mandb.service mandb.timer
%endif
%postun
/sbin/ldconfig
%service_del_postun man-db-create.service
%if 0%{suse_version} >= 1500
%service_del_postun mandb.service mandb.timer
%endif
%posttrans
test -d /var/cache/man && mandb --quiet --create ||:
@ -270,7 +297,9 @@ test -d /var/cache/man && mandb --quiet --create ||:
%doc ChangeLog
%doc %{_datadir}/doc/packages/man/man-db-manual.*
%config /etc/manpath.config
%if 0%{suse_version} < 1500
%attr(0744,root,root) /etc/cron.daily/suse-do_mandb
%endif
%{_bindir}/apropos
%{_bindir}/catman
%{_bindir}/lexgrog
@ -285,6 +314,9 @@ test -d /var/cache/man && mandb --quiet --create ||:
%attr(0755,root,root) %{_libexecdir}/man-db/mandb
%attr(0755,man,man) %{_libexecdir}/man-db/manconv
%attr(0755,man,man) %{_libexecdir}/man-db/globbing
%if 0%{suse_version} >= 1500
%attr(0744,man,man) %{_libexecdir}/man-db/do_mandb
%endif
%{_sbindir}/accessdb
%{_libdir}/libman*.so
%{_libexecdir}/man-db/zsoelim
@ -293,6 +325,10 @@ test -d /var/cache/man && mandb --quiet --create ||:
%endif
%{_libexecdir}/tmpfiles.d/man-db.conf
%{_unitdir}/man-db-create.service
%if 0%{suse_version} >= 1500
%{_unitdir}/mandb.service
%{_unitdir}/mandb.timer
%endif
%dir %{_datadir}/groff/site-tmac
%{_datadir}/groff/site-tmac/tmac.andb
%{_datadir}/groff/site-tmac/tmac.andocdb
@ -300,6 +336,8 @@ test -d /var/cache/man && mandb --quiet --create ||:
%doc %{_mandir}/man5/*.5.gz
%doc %{_mandir}/man8/*.8.gz
%dir %{_mandir}/id
%dir %{_mandir}/sr
%dir %{_mandir}/tr
%{_fillupdir}/sysconfig.cron-man
%defattr(-,man,man)
%ghost %{_localstatedir}/cache/man

10
mandb.service Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Do daily mandb update
Documentation=man:mandb(8) man:catman(8)
ConditionACPower=true
[Service]
Type=oneshot
Nice=5
IOSchedulingClass=idle
ExecStart=/usr/lib/man-db/do_mandb

11
mandb.timer Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=Do daily mandb update
Documentation=man:mandb(8) man:catman(8)
[Timer]
OnCalendar=daily
AccuracySec=12h
Persistent=true
[Install]
WantedBy=timers.target

View File

@ -6,18 +6,3 @@
# Should mandb and whatis be recreated by cron.daily ("yes" or "no")
#
REINIT_MANDB=yes
## Type: yesno
## Default: yes
#
# Should old preformatted man pages (in /var/cache/man) be deleted? (yes/no)
#
DELETE_OLD_CATMAN=yes
## Type: integer
## Default: 7
#
# How long should old preformatted man pages be kept before deletion? (days)
#
CATMAN_ATIME=7