util-linux/util-linux-uuidd-prevent-root-owning.patch

Prevent root owning of /var/lib/libuuid/clock.txt

Just after the installation, calling uuid_generate_time() or
uuid_generate_time_safe() as root may create root owned
/var/lib/libuuid/clock.txt, which makes it unusable for uuidd.

To reproduce:
zypper rm uuidd
zypper in uuidd
uuidgen --time
ls -l /var/lib/libuuid/clock.txt
rcuuidd start
ls -l /var/lib/libuuid/clock.txt

Before:
-rw-rw---- 1 root root 56 Mar  4 17:24 /var/lib/libuuid/clock.txt

After (with the patch):
-rw-rw---- 1 uuidd uuidd 56 Mar  4 17:30 /var/lib/libuuid/clock.txt

Index: util-linux-2.37.2/misc-utils/uuidd.service.in
===================================================================
--- util-linux-2.37.2.orig/misc-utils/uuidd.service.in
+++ util-linux-2.37.2/misc-utils/uuidd.service.in
@@ -4,6 +4,7 @@ Documentation=man:uuidd(8)
 Requires=uuidd.socket
 
 [Service]
+ExecStartPre=+-@CHOWN@ uuidd:uuidd /var/lib/libuuid/clock.txt
 ExecStart=@usrsbin_execdir@/uuidd --socket-activation
 Restart=no
 User=uuidd
Index: util-linux-2.37.2/configure.ac
===================================================================
--- util-linux-2.37.2.orig/configure.ac
+++ util-linux-2.37.2/configure.ac
@@ -233,6 +233,8 @@ PKG_INSTALLDIR(['${usrlib_execdir}/pkgco
 GTK_DOC_CHECK([1.10])
 AC_PATH_PROG([XSLTPROC], [xsltproc])
 
+AC_PATH_PROG([CHOWN], [chown])
+
 
 linux_os=no
 bsd_os=no
Index: util-linux-2.37.2/Makefile.am
===================================================================
--- util-linux-2.37.2.orig/Makefile.am
+++ util-linux-2.37.2/Makefile.am
@@ -145,6 +145,7 @@ edit_cmd = sed \
 	 -e 's|@usrsbin_execdir[@]|$(usrsbin_execdir)|g' \
 	 -e 's|@VERSION[@]|$(VERSION)|g' \
 	 -e 's|@ADJTIME_PATH[@]|$(ADJTIME_PATH)|g' \
+	 -e 's|@CHOWN[@]|$(CHOWN)|g' \
 	 -e 's|@LIBUUID_VERSION[@]|$(LIBUUID_VERSION)|g' \
 	 -e 's|@LIBMOUNT_VERSION[@]|$(LIBMOUNT_VERSION)|g' \
 	 -e 's|@LIBMOUNT_MAJOR_VERSION[@]|$(LIBMOUNT_MAJOR_VERSION)|g' \
Accepting request 960118 from home:sbrabec:branches:util-linux-round14 - Update to version 2.37.4... - Fix "su -s" bash completion. OBS-URL: https://build.opensuse.org/request/show/960118 OBS-URL: https://build.opensuse.org/package/show/Base:System/util-linux?expand=0&rev=461 2022-03-08 10:54:48 +01:00			`Prevent root owning of /var/lib/libuuid/clock.txt`

			`Just after the installation, calling uuid_generate_time() or`
			`uuid_generate_time_safe() as root may create root owned`
			`/var/lib/libuuid/clock.txt, which makes it unusable for uuidd.`

			`To reproduce:`
			`zypper rm uuidd`
			`zypper in uuidd`
			`uuidgen --time`
			`ls -l /var/lib/libuuid/clock.txt`
			`rcuuidd start`
			`ls -l /var/lib/libuuid/clock.txt`

			`Before:`
			`-rw-rw---- 1 root root 56 Mar 4 17:24 /var/lib/libuuid/clock.txt`

			`After (with the patch):`
			`-rw-rw---- 1 uuidd uuidd 56 Mar 4 17:30 /var/lib/libuuid/clock.txt`

			`Index: util-linux-2.37.2/misc-utils/uuidd.service.in`
			`===================================================================`
			`--- util-linux-2.37.2.orig/misc-utils/uuidd.service.in`
			`+++ util-linux-2.37.2/misc-utils/uuidd.service.in`
			`@@ -4,6 +4,7 @@ Documentation=man:uuidd(8)`
			`Requires=uuidd.socket`

			`[Service]`
			`+ExecStartPre=+-@CHOWN@ uuidd:uuidd /var/lib/libuuid/clock.txt`
			`ExecStart=@usrsbin_execdir@/uuidd --socket-activation`
			`Restart=no`
			`User=uuidd`
			`Index: util-linux-2.37.2/configure.ac`
			`===================================================================`
			`--- util-linux-2.37.2.orig/configure.ac`
			`+++ util-linux-2.37.2/configure.ac`
			`@@ -233,6 +233,8 @@ PKG_INSTALLDIR(['${usrlib_execdir}/pkgco`
			`GTK_DOC_CHECK([1.10])`
			`AC_PATH_PROG([XSLTPROC], [xsltproc])`

			`+AC_PATH_PROG([CHOWN], [chown])`
			`+`

			`linux_os=no`
			`bsd_os=no`
			`Index: util-linux-2.37.2/Makefile.am`
			`===================================================================`
			`--- util-linux-2.37.2.orig/Makefile.am`
			`+++ util-linux-2.37.2/Makefile.am`
			`@@ -145,6 +145,7 @@ edit_cmd = sed \`
			`-e 's\|@usrsbin_execdir[@]\|$(usrsbin_execdir)\|g' \`
			`-e 's\|@VERSION[@]\|$(VERSION)\|g' \`
			`-e 's\|@ADJTIME_PATH[@]\|$(ADJTIME_PATH)\|g' \`
			`+ -e 's\|@CHOWN[@]\|$(CHOWN)\|g' \`
			`-e 's\|@LIBUUID_VERSION[@]\|$(LIBUUID_VERSION)\|g' \`
			`-e 's\|@LIBMOUNT_VERSION[@]\|$(LIBMOUNT_VERSION)\|g' \`
			`-e 's\|@LIBMOUNT_MAJOR_VERSION[@]\|$(LIBMOUNT_MAJOR_VERSION)\|g' \`