diff --git a/CheckSUIDPermissions.py b/CheckSUIDPermissions.py index 7c1b2aa..16ea8d4 100644 --- a/CheckSUIDPermissions.py +++ b/CheckSUIDPermissions.py @@ -135,8 +135,9 @@ class SUIDCheck(AbstractCheck.AbstractCheck): else: f += '/' - if type == 010: - if not 'shared object' in pkgfile.magic: + if type == 010 and mode&0111: + # pie binaries have 'shared object' here + if 'ELF' in pkgfile.magic and not 'shared object' in pkgfile.magic: printError(pkg, 'non-position-independent-executable', f) m = self.perms[f]['mode'] diff --git a/config b/config index fe3fbdd..dd7ec74 100644 --- a/config +++ b/config @@ -88,16 +88,20 @@ setOption('StandardGroups', ( 'dovecot', 'festival', 'ffums', + 'firebird', 'floppy', 'ftp', 'games', 'geronimo', 'haclient', 'haldaemon', + 'hsqldb', + 'icecast', 'icecream', 'ifdrwww', 'intermezzo', 'jboss', + 'jetty5', 'jonas', 'kmem', 'kvm', @@ -115,15 +119,18 @@ setOption('StandardGroups', ( 'memcached', 'messagebus', 'modem', + 'mumble-server', 'nagcmd', 'nagios', 'named', 'news', + 'nginx', 'nobody', 'nogroup', 'novell_nogroup', 'novlxtier', 'ntadmin', + 'ntop', 'ntp', 'oinstall', 'otrs', @@ -140,7 +147,9 @@ setOption('StandardGroups', ( 'pulse', 'pulse-access', 'pulse-rt', + 'qemu', 'quagga', + 'quasselcore', 'radiusd', 'root', 'sabayon-admin', @@ -150,6 +159,7 @@ setOption('StandardGroups', ( 'sshd', 'suse-ncc', 'sys', + 'tftp', 'tomcat', 'tomcat4', 'trusted', @@ -159,11 +169,13 @@ setOption('StandardGroups', ( 'utmp', 'uucp', 'uuidd', + 'varnish', 'video', 'vscan', 'wheel', 'www', 'xok', + 'zeroinst', 'zope', )) @@ -180,6 +192,7 @@ setOption('StandardUsers', ( 'casaatsd', 'casaatvd', 'casaauth', + 'cntlm', 'cop', 'cyrus', 'daemon', @@ -192,6 +205,7 @@ setOption('StandardUsers', ( 'festival', 'fetchmail', 'ffums', + 'firebird', 'ftp', 'games', 'gdm', @@ -200,11 +214,14 @@ setOption('StandardUsers', ( 'gnump3d', 'hacluster', 'haldaemon', + 'hsqldb', + 'icecast', 'icecream', 'intermezzo', 'irc', 'jabber', 'jboss', + 'jetty5', 'jonas', 'ldap', 'lightdm', @@ -218,14 +235,17 @@ setOption('StandardUsers', ( 'mdom', 'memcached', 'messagebus', + 'mumble-server', 'mysql', 'nagios', 'named', 'news', + 'nginx', 'novell_nobody', 'novlifdr', 'novlxregd', 'novlxsrvd', + 'ntop', 'ntp', 'oracle', 'otrs', @@ -236,10 +256,13 @@ setOption('StandardUsers', ( 'pop', 'postfix', 'postgres', + 'postgrey', 'pound', 'privoxy', 'pulse', + 'qemu', 'quagga', + 'quasselcore', 'radiusd', 'radvd', 'root', @@ -248,18 +271,23 @@ setOption('StandardUsers', ( 'snort', 'squid', 'sshd', + 'statd', 'suse-ncc', + 'tftp', 'tomcat', 'tomcat4', 'tss', + 'ulogd', 'upsd', 'uucp', 'uuidd', + 'varnish', 'vdr', 'vscan', 'wnn', 'wwwrun', 'yastws', + 'zeroinst', 'zope', )) @@ -437,6 +465,9 @@ setOption("DBUSServices.WhiteList", ( "org.freedesktop.ColorManager.conf", # lightdm (bnc#708205) "org.freedesktop.DisplayManager.conf", + # kdepim4/kalarm (bnc#707723) + "org.kde.kalarmrtcwake.conf", + "org.kde.kalarmrtcwake.service", )) # Output filters diff --git a/rpmlint.changes b/rpmlint.changes index 6dd74aa..7f5f6dc 100644 --- a/rpmlint.changes +++ b/rpmlint.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Fri Aug 5 12:16:36 UTC 2011 - lnussel@suse.de + +- add org.kde.kalarmrtcwake to dbus whitelist (bnc#707723) + +------------------------------------------------------------------- +Fri Aug 5 08:46:50 UTC 2011 - lnussel@suse.de + +- only consider executable ELF files for + non-position-independent-executable check +- add more users and groups from Factory + ------------------------------------------------------------------- Mon Aug 1 07:22:41 UTC 2011 - lnussel@suse.de