Accepting request 787537 from Publishing:TeXLive

- Add new configuration variable HAVE_MKTEX_MEMBERS to texlive
  sysconfig file to control the behaviour of the cron job.
- Change the cron job to clear data of other users which are
  member of the group mktex

- Use CVE numbers 

  use uid mktex for this (boo#1159740, CVE-2020-8016)
  the files of this owner (boo#1159740, CVE-2020-8016)
  to user nobody (bsc#1159740, CVE-2020-8016)
  font cache directories (bsc#1158910, CVE-2020-8017)

OBS-URL: https://build.opensuse.org/request/show/787537
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/texlive-filesystem?expand=0&rev=44

rc.config.texlive

@@ -10,3 +10,16 @@
 # will be cleared from fonts not used in the last 20 days.
 #
 CLEAR_TEXMF_FONTS="no"
+
+## Type:        yesno
+## Default:     no
+## Command:
+#
+# If above is set to yes and there are users which are member
+# of the group mktex then it might be that users have set an
+# umask which does not allow the user mktex to clear the cache
+# below /var/cache/fonts/.  Setting HAVE_MKTEX_MEMBERS to "yes"
+# will allow the cron job to change the group mask hence allow
+# to clear older data.
+#
+HAVE_MKTEX_MEMBERS="no"

texlive-filesystem.changes

@@ -1,8 +1,21 @@
+-------------------------------------------------------------------
+Mon Mar 23 16:18:13 UTC 2020 - Dr. Werner Fink <werner@suse.de>
+
+- Add new configuration variable HAVE_MKTEX_MEMBERS to texlive
+  sysconfig file to control the behaviour of the cron job.
+- Change the cron job to clear data of other users which are
+  member of the group mktex
+
+-------------------------------------------------------------------
+Wed Mar 11 16:03:20 UTC 2020 - Dr. Werner Fink <werner@suse.de>
+
+- Use CVE numbers 
+
 -------------------------------------------------------------------
 Thu Feb 20 11:01:15 UTC 2020 - Dr. Werner Fink <werner@suse.de>
 
 - Use setpriv to create ls-R files, below /var/cache/texmf/fonts
-  use uid mktex for this (boo#1159740) 
+  use uid mktex for this (boo#1159740, CVE-2020-8016)
 
 -------------------------------------------------------------------
 Wed Feb  5 06:56:24 UTC 2020 - Dr. Werner Fink <werner@suse.de>
@@ -13,7 +26,7 @@ Wed Feb  5 06:56:24 UTC 2020 - Dr. Werner Fink <werner@suse.de>
 Tue Feb  4 12:20:03 UTC 2020 - Dr. Werner Fink <werner@suse.de>
 
 - Again use setpriv but now switch to every single owner for clearing
-  the files of this owner (boo#1159740) 
+  the files of this owner (boo#1159740, CVE-2020-8016)
 
 -------------------------------------------------------------------
 Fri Jan 31 12:32:25 UTC 2020 - Dr. Werner Fink <werner@suse.de>
@@ -35,9 +48,9 @@ Thu Jan 16 12:02:43 UTC 2020 - Dr. Werner Fink <werner@suse.de>
 Fri Jan 10 12:35:50 UTC 2020 - Dr. Werner Fink <werner@suse.de>
 
 - Set default user for ls-R files and font cache directories
-  to user nobody (bsc#1159740) 
+  to user nobody (bsc#1159740, CVE-2020-8016)
 - Use setpriv to switch to nobody:mktex before clearing
-  font cache directories (bsc#1158910)
+  font cache directories (bsc#1158910, CVE-2020-8017)
 
 -------------------------------------------------------------------
 Thu Dec 19 08:04:39 UTC 2019 - Dr. Werner Fink <werner@suse.de>

texlive-filesystem.spec

@@ -15305,13 +15305,13 @@ popd
 	%{_texmfvardir}/fonts/dvips/	root:root	1755
 	%{_texmfvardir}/fonts/pdftex/	root:root	1755
 	%{_texmfcache}/			root:root	1755
-	%{_fontcache}/		   %{texusr}:%{texgrp}	1775
+	%{_fontcache}/		   %{texusr}:%{texgrp}	3775
-	%{_fontcache}/pk/	   %{texusr}:%{texgrp}	1775
+	%{_fontcache}/pk/	   %{texusr}:%{texgrp}	3775
-	%{_fontcache}/source/	   %{texusr}:%{texgrp}	1775
+	%{_fontcache}/source/	   %{texusr}:%{texgrp}	3775
-	%{_fontcache}/tfm/	   %{texusr}:%{texgrp}	1775
+	%{_fontcache}/tfm/	   %{texusr}:%{texgrp}	3775
 	EOF
     (cat > %{buildroot}%{_sysconfdir}/permissions.d/texlive) <<-EOF
-	%{_libexecdir}/mktex/public	root:%{texgrp}	0755
+	%{_libexecdir}/mktex/public	root:%{texgrp}	2755
 	%{_texmfconfdir}/ls-R		root:%{texgrp}	0664
 	%{_fontcache}/ls-R	   %{texusr}:%{texgrp}	0664
 	%{_texmfvardir}/ls-R		root:%{texgrp}	0664
@@ -15325,10 +15325,10 @@ popd
 	%{_texmfvardir}/fonts/dvips/	root:root	1755
 	%{_texmfvardir}/fonts/pdftex/	root:root	1755
 	%{_texmfcache}/			root:root	1755
-	%{_fontcache}/		   %{texusr}:%{texgrp}	1775
+	%{_fontcache}/		   %{texusr}:%{texgrp}	3775
-	%{_fontcache}/pk/	   %{texusr}:%{texgrp}	1775
+	%{_fontcache}/pk/	   %{texusr}:%{texgrp}	3775
-	%{_fontcache}/source/	   %{texusr}:%{texgrp}	1775
+	%{_fontcache}/source/	   %{texusr}:%{texgrp}	3775
-	%{_fontcache}/tfm/	   %{texusr}:%{texgrp}	1775
+	%{_fontcache}/tfm/	   %{texusr}:%{texgrp}	3775
 	EOF
 
 %if %{with zypper_posttrans}
@@ -15388,55 +15388,32 @@ popd
 %{_bindir}/getent group  %{texgrp} > /dev/null 2>&1 || %{_sbindir}/groupadd -r %{?texgid:-g %texgid} %{texgrp}
 %{_bindir}/getent passwd %{texusr} > /dev/null 2>&1 || %{_sbindir}/useradd  -r %{?texuid:-u %texuid} -g %{texgrp} -d %{_fontcache} -s /bin/false %{texusr}
 # the ls-R file on update
-error=0
 for dir in	%{_texmfconfdir}	\
+		%{_fontcache}		\
 		%{_texmfvardir}		\
 		%{_texmfvardir}/dist	\
 		%{_texmfvardir}/main
 do
-    test ! -h ${dir}/ls-R || rm -vf ${dir}/ls-R
+    rm -f ${dir}/ls-R
-    test -e ${dir}/ls-R || continue
-    test "$(stat --format '%U:%G' ${dir}/ls-R)" != root:%{texgrp}  || continue
-    chown root:%{texgrp} ${dir}/ls-R || error=1
 done
-for dir in	%{_fontcache}
-do
-    test ! -h ${dir}/ls-R || rm -vf ${dir}/ls-R
-    test -e ${dir}/ls-R || continue
-    test "$(stat --format '%U:%G' ${dir}/ls-R)" != %{texusr}:%{texgrp}  || continue
-    chown %{texusr}:%{texgrp} ${dir}/ls-R || error=1
-done
-test $error = 0 || exit 1
 
 %post
 %fillup_only -n texlive
 # the ls-R file (empty at package time)
 error=0
+user=
 for dir in	%{_texmfconfdir}	\
+		%{_fontcache}		\
 		%{_texmfvardir}		\
 		%{_texmfvardir}/dist	\
 		%{_texmfvardir}/main
 do
-    test ! -e ${dir}/ls-R -o -h ${dir}/ls-R || continue
+    test "$dir" = %{_fontcache} && user=%{texusr} || user=root
-    tmp=$(setpriv --reuid root --regid mktex --init-groups mktemp ${dir}/ls-R.XXXXXX) || error=1
+    setpriv --reuid $user --regid mktex --init-groups /bin/sh -ec "
-    test $error = 0 || continue
+	tmp=\$(mktemp ${dir}/ls-R.XXXXXX)
-    setpriv --reuid root --regid mktex --init-groups mv ${tmp} ${dir}/ls-R || error=1
+	chmod 0664 \${tmp}
-    test $error = 0 || continue
+	echo '%% ls-R -- filename database for kpathsea; do not change this line.' > \${tmp}
-    chmod 0664 ${dir}/ls-R || error=1
+	mv \${tmp} ${dir}/ls-R" || error=1
-    test $error = 0 || continue
-    echo '%% ls-R -- filename database for kpathsea; do not change this line.' > \
-    ${dir}/ls-R
-done
-for dir in	%{_fontcache}
-do
-    test ! -e ${dir}/ls-R -o -h ${dir}/ls-R || continue
-    tmp=$(setpriv --reuid mktex --regid mktex --init-groups mktemp ${dir}/ls-R.XXXXXX) || error=1
-    test $error = 0 || continue
-    setpriv --reuid mktex --regid mktex --init-groups mv ${tmp} ${dir}/ls-R || error=1
-    test $error = 0 || continue
-    chmod 0664 ${dir}/ls-R || error=1
-    echo '%% ls-R -- filename database for kpathsea; do not change this line.' > \
-    ${dir}/ls-R
 done
 %if %{defined set_permissions}
 %set_permissions %{_texmfconfdir}/ls-R
@@ -26892,10 +26869,10 @@ rm -f /var/run/texlive/run-update
 %dir %attr(1755,root,root) %{_texmfvardir}/web2c/tex
 %dir %attr(1755,root,root) %{_texmfvardir}/web2c/xetex
 %dir %attr(1755,root,root) %{_texmfcache}
-%dir %attr(1775,%{texusr},%{texgrp}) %verify(not mode) %{_fontcache}
+%dir %attr(3775,%{texusr},%{texgrp}) %verify(not mode) %{_fontcache}
-%dir %attr(1775,%{texusr},%{texgrp}) %verify(not mode) %{_fontcache}/pk
+%dir %attr(3775,%{texusr},%{texgrp}) %verify(not mode) %{_fontcache}/pk
-%dir %attr(1775,%{texusr},%{texgrp}) %verify(not mode) %{_fontcache}/source
+%dir %attr(3775,%{texusr},%{texgrp}) %verify(not mode) %{_fontcache}/source
-%dir %attr(1775,%{texusr},%{texgrp}) %verify(not mode) %{_fontcache}/tfm
+%dir %attr(3775,%{texusr},%{texgrp}) %verify(not mode) %{_fontcache}/tfm
 %dir %{_texmfvardir}/md5
 %verify(link) %{_texmfmaindir}/ls-R
 %verify(link) %{_texmfdistdir}/ls-R

texlive.cron

@@ -14,46 +14,63 @@ type -f -p xargs     >& /dev/null || exit 0
 type -f -p setpriv   >& /dev/null || exit 0
 type -f -p sort      >& /dev/null || exit 0
 type -f -p rm        >& /dev/null || exit 0
+type -f -p seq       >& /dev/null || exit 0
+type -f -p getent    >& /dev/null || exit 0
 test -r /etc/sysconfig/texlive && . /etc/sysconfig/texlive
 
 OLDIFS=$IFS; IFS=':;'
 VARTEXFONTS="$(kpsewhich --expand-var '$VARTEXFONTS' 2> /dev/null)"
 IFS=$OLDIFS
 
-uids=$(find $VARTEXFONTS/ \( -not -type d \) -printf '%U\n' | sort -u)
+if test -n "$VARTEXFONTS" -a "$HAVE_MKTEX_MEMBERS" = yes
+then
+    IFS=:
+    users=($(getent group mktex))
+    IFS=$OLDIFS
+    typeset -i i
+    typeset -i u=${#users[*]}
+    let u--
+    for p in $VARTEXFONTS
+    do
+	test -d $p || continue
+	for i in $(seq 3 $u)
+	do
+	    find -P $p \( \( -type f -and -not -type l \) -and -user ${users[$i]} \) -print0 | \
+	    xargs -r -L100 -0 -- setpriv --reuid ${users[$i]} --regid mktex --init-groups chmod g+rw
+	    find -P $p \( \( -type d -and -not -type l \) -and -user ${users[$i]} \) -print0 | \
+	    xargs -r -L100 -0 -- setpriv --reuid ${users[$i]} --regid mktex --init-groups chmod g+rwsx
+	done
+    done
+    unset i u
+fi
 
 if test "$CLEAR_TEXMF_FONTS" = "yes" -a -n "$VARTEXFONTS"
 then
-    for uid in ${uids[@]}
+    for p in $VARTEXFONTS
     do
-	for p in $VARTEXFONTS
+	test -d $p/pk		&& find -P $p/pk	\( -not -type d -and -atime +20 \) -print0
-	do
+	test -d $p/tfm		&& find -P $p/tfm	\( -not -type d -and -atime +60 \) -print0
-	    test -d $p/pk/	&& find $p/pk/	   \( -not -type d -and -atime +20 -and -uid $uid \) -print0
+	test -d $p/source	&& find -P $p/source	\( -not -type d -and -atime +60 \) -print0
-	    test -d $p/tfm/	&& find $p/tfm/	   \( -not -type d -and -atime +60 -and -uid $uid \) -print0
+    done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid mktex --regid mktex --init-groups rm -f)
-	    test -d $p/source/  && find $p/source/ \( -not -type d -and -atime +60 -and -uid $uid \) -print0
-    	done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid $uid --regid mktex --init-groups rm -f)
-    done
 fi
 if test -n "$VARTEXFONTS"
 then
-    for uid in ${uids[@]}
+    for p in $VARTEXFONTS
     do
-	for p in $VARTEXFONTS
+	test -d $p/pk		&& find -P $p/pk	\( -not -type d -and -not -name '*.*pk' \) -print0
-	do
+	test -d $p/tfm		&& find -P $p/tfm	\( -not -type d -and -not -name '*.tfm' \) -print0
-	    test -d $p/pk/	&& find $p/pk/	   \( -not -type d -and -not -name '*.*pk' -uid $uid \) -print0
+	test -d $p/source	&& find -P $p/source	\( -not -type d -and -not -name '*.mf'  \) -print0
-	    test -d $p/tfm/	&& find $p/tfm/	   \( -not -type d -and -not -name '*.tfm' -uid $uid \) -print0
+	test -d $p		&& find -P $p		\( -not -type d -and -path '*/[^[:alnum:]]*' \) -print0
-	    test -d $p/source/  && find $p/source/ \( -not -type d -and -not -name '*.mf'  -uid $uid \) -print0
+    done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid mktex --regid mktex --init-groups rm -vf)
-	    test -d $p/	        && find $p/	   \( -not -type d -and -path '*/[^[:alnum:]]*' -uid $uid \) -print0
+    for p in $VARTEXFONTS
-	done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid $uid --regid mktex --init-groups rm -vf)
+    do
-	for p in $VARTEXFONTS
+	test -d $p && find -P $p -depth \( -type d -and -path '*/[^[:alnum:]]*' \) -print0
-	do
+    done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid mktex --regid mktex --init-groups rm -vfr)
-	    test -d $p/ && find $p/ -depth \( -type d -and -path '*/[^[:alnum:]]*' -and -uid $uid \) -print0
-	done > >(exec -a xargs xargs -r -L100 -0 -- setpriv --reuid $uid --regid mktex --init-groups rm -vfr)
-    done
 fi
 
 #
 # Update the ls-R's
+# Note that this is done as user mktex
 #
 mktexlsr > /dev/null
 

update.texlive

@@ -56,7 +56,7 @@ export LANG MKTEXLSR UPDMAPSYNC
 #
 # Sanity check
 #
-size=$(find /etc/texmf/ls-R  -follow -printf '%s')
+size=$(find /etc/texmf/ls-R  -follow -printf '%s' || echo 0)
 test $size -lt 80 && > /var/run/texlive/run-mktexlsr
 
 rotator ()