SOURCES: sysvinit-selinux.patch, sysvinit-chroot.patch (NEW), sysvinit-cons...
arekm
arekm at pld-linux.org
Thu Jun 26 16:55:18 CEST 2008
Author: arekm Date: Thu Jun 26 14:55:18 2008 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- new from fc
---- Files affected:
SOURCES:
sysvinit-selinux.patch (1.10 -> 1.11) , sysvinit-chroot.patch (NONE -> 1.1) (NEW), sysvinit-console-open.patch (NONE -> 1.1) (NEW), sysvinit-godot.patch (NONE -> 1.1) (NEW), sysvinit-haltname.patch (NONE -> 1.1) (NEW), sysvinit-ipv6.patch (NONE -> 1.1) (NEW), sysvinit-maxproclen.patch (NONE -> 1.1) (NEW), sysvinit-no-abort.patch (NONE -> 1.1) (NEW), sysvinit-quiet.patch (NONE -> 1.1) (NEW), sysvinit-timeval.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/sysvinit-selinux.patch
diff -u SOURCES/sysvinit-selinux.patch:1.10 SOURCES/sysvinit-selinux.patch:1.11
--- SOURCES/sysvinit-selinux.patch:1.10 Sat Dec 24 23:27:52 2005
+++ SOURCES/sysvinit-selinux.patch Thu Jun 26 16:55:12 2008
@@ -1,7 +1,6 @@
-diff -ur sysvinit-2.86.org/src/init.c sysvinit-2.86/src/init.c
---- sysvinit-2.86.org/src/init.c 2004-07-30 14:16:20.000000000 +0200
-+++ sysvinit-2.86/src/init.c 2005-12-24 23:22:51.000000000 +0100
-@@ -42,6 +42,8 @@
+--- sysvinit-2.85/src/init.c.selinux 2005-10-14 14:16:24.000000000 -0400
++++ sysvinit-2.85/src/init.c 2005-10-14 14:16:24.000000000 -0400
+@@ -48,6 +48,8 @@
#include <stdarg.h>
#include <sys/syslog.h>
#include <sys/time.h>
@@ -10,7 +9,7 @@
#ifdef __i386__
# if (__GLIBC__ >= 2)
-@@ -2599,6 +2601,7 @@
+@@ -2513,6 +2515,7 @@
char *p;
int f;
int isinit;
@@ -18,7 +17,7 @@
/* Get my own name */
if ((p = strrchr(argv[0], '/')) != NULL)
-@@ -2662,6 +2665,20 @@
+@@ -2576,6 +2579,20 @@
maxproclen += strlen(argv[f]) + 1;
}
@@ -30,7 +29,7 @@
+ if (enforce > 0) {
+ /* SELinux in enforcing mode but load_policy failed */
+ /* At this point, we probably can't open /dev/console, so log() won't work */
-+ initlog(L_VB,"Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.");
++ printf("Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.\n");
+ exit(1);
+ }
+ }
@@ -39,11 +38,10 @@
/* Start booting. */
argv0 = argv[0];
argv[1] = NULL;
-diff -ur sysvinit-2.86.org/src/Makefile sysvinit-2.86/src/Makefile
---- sysvinit-2.86.org/src/Makefile 2005-12-24 23:21:59.000000000 +0100
-+++ sysvinit-2.86/src/Makefile 2005-12-24 23:23:14.000000000 +0100
-@@ -58,7 +58,7 @@
- all: $(BIN) $(SBIN) $(USRBIN)
+--- sysvinit-2.85/src/Makefile.selinux 2005-10-14 14:16:24.000000000 -0400
++++ sysvinit-2.85/src/Makefile 2005-10-14 14:16:24.000000000 -0400
+@@ -32,7 +32,7 @@
+ all: $(PROGS)
init: init.o init_utmp.o
- $(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o
@@ -51,7 +49,7 @@
halt: halt.o ifdown.o hddown.o utmp.o reboot.h
$(CC) $(LDFLAGS) -o $@ halt.o ifdown.o hddown.o utmp.o
-@@ -79,7 +79,7 @@
+@@ -50,7 +50,7 @@
$(CC) $(LDFLAGS) -o $@ runlevel.o
sulogin: sulogin.o md5_broken.o md5_crypt_broken.o arc4random.o bcrypt.o blowfish.o
@@ -60,20 +58,19 @@
wall: dowall.o wall.o
$(CC) $(LDFLAGS) -o $@ dowall.o wall.o
-diff -ur sysvinit-2.86.org/src/sulogin.c sysvinit-2.86/src/sulogin.c
---- sysvinit-2.86.org/src/sulogin.c 2005-12-24 23:21:59.000000000 +0100
-+++ sysvinit-2.86/src/sulogin.c 2005-12-24 23:23:33.000000000 +0100
-@@ -30,6 +30,9 @@
+--- sysvinit-2.85/src/sulogin.c.selinux 2005-10-14 14:16:24.000000000 -0400
++++ sysvinit-2.85/src/sulogin.c 2005-10-14 14:18:42.000000000 -0400
+@@ -28,7 +28,9 @@
+ #endif
#include "md5.h"
#include "blowfish.h"
-
+#include <selinux/selinux.h>
+#include <selinux/get_context_list.h>
-+
+
#define CHECK_DES 1
#define CHECK_MD5 1
- #define CHECK_BLOWFISH 1
-@@ -362,6 +365,19 @@
+
+@@ -332,6 +335,19 @@
signal(SIGINT, SIG_DFL);
signal(SIGTSTP, SIG_DFL);
signal(SIGQUIT, SIG_DFL);
================================================================
Index: SOURCES/sysvinit-chroot.patch
diff -u /dev/null SOURCES/sysvinit-chroot.patch:1.1
--- /dev/null Thu Jun 26 16:55:19 2008
+++ SOURCES/sysvinit-chroot.patch Thu Jun 26 16:55:09 2008
@@ -0,0 +1,81 @@
+--- sysvinit-2.86/man/pidof.8.chroot 1998-09-02 08:49:33.000000000 -0400
++++ sysvinit-2.86/man/pidof.8 2005-12-19 15:37:40.000000000 -0500
+@@ -4,6 +4,7 @@
+ .SH SYNOPSIS
+ .B pidof
+ .RB [ \-s ]
++.RB [ \-c ]
+ .RB [ \-x ]
+ .RB [ \-o
+ .IR omitpid ]
+@@ -24,6 +25,10 @@
+ .SH OPTIONS
+ .IP -s
+ Single shot - this instructs the program to only return one \fIpid\fP.
++.IP -c
++Only return process ids that are running with the same root directory.
++This option is ignored for non-root users, as they will be unable to check
++the current root directory of processes they do not own.
+ .IP -x
+ Scripts too - this causes the program to also return process id's of
+ shells running the named scripts.
+--- sysvinit-2.86/src/killall5.c.chroot 2004-07-30 08:16:23.000000000 -0400
++++ sysvinit-2.86/src/killall5.c 2005-12-19 15:38:47.000000000 -0500
+@@ -476,16 +476,22 @@
+ int f;
+ int first = 1;
+ int i, oind, opt, flags = 0;
++ int chroot_check = 0;
++ struct stat st;
++ char tmp[512];
+
+ for (oind = PIDOF_OMITSZ-1; oind > 0; oind--)
+ opid[oind] = 0;
+ opterr = 0;
+
+- while ((opt = getopt(argc,argv,"ho:sx")) != EOF) switch (opt) {
++ while ((opt = getopt(argc,argv,"hco:sx")) != EOF) switch (opt) {
+ case '?':
+ nsyslog(LOG_ERR,"invalid options on command line!\n");
+ closelog();
+ exit(1);
++ case 'c':
++ if (geteuid() == 0) chroot_check = 1;
++ break;
+ case 'o':
+ if (oind >= PIDOF_OMITSZ -1) {
+ nsyslog(LOG_ERR,"omit pid buffer size %d "
+@@ -518,6 +524,16 @@
+ argc -= optind;
+ argv += optind;
+
++ /* Check if we are in a chroot */
++ if (chroot_check) {
++ snprintf(tmp, 512, "/proc/%d/root", getpid());
++ if (stat(tmp, &st) < 0) {
++ nsyslog(LOG_ERR, "stat failed for %s!\n", tmp);
++ closelog();
++ exit(1);
++ }
++ }
++
+ /* Print out process-ID's one by one. */
+ readproc();
+ for(f = 0; f < argc; f++) {
+@@ -541,6 +557,16 @@
+ else
+ spid = 1;
+ }
++ if (chroot_check) {
++ struct stat st2;
++ snprintf(tmp, 512, "/proc/%d/root",
++ p->pid);
++ if (stat(tmp, &st2) < 0 ||
++ st.st_dev != st2.st_dev ||
++ st.st_ino != st2.st_ino) {
++ continue;
++ }
++ }
+ if (!first)
+ printf(" ");
+ printf("%d", p->pid);
================================================================
Index: SOURCES/sysvinit-console-open.patch
diff -u /dev/null SOURCES/sysvinit-console-open.patch:1.1
--- /dev/null Thu Jun 26 16:55:20 2008
+++ SOURCES/sysvinit-console-open.patch Thu Jun 26 16:55:10 2008
@@ -0,0 +1,14 @@
+--- sysvinit-2.86/src/init.c.eieio 2006-08-10 15:34:23.000000000 -0400
++++ sysvinit-2.86/src/init.c 2006-08-10 15:34:50.000000000 -0400
+@@ -531,8 +531,10 @@
+ /*
+ * Retry the open five times.
+ */
+- for(f = 0; f < 5; f++)
++ for(f = 0; f < 5; f++) {
+ if ((fd = open(console_dev, m)) >= 0) break;
++ usleep(100);
++ }
+
+ if (fd < 0) return fd;
+
================================================================
Index: SOURCES/sysvinit-godot.patch
diff -u /dev/null SOURCES/sysvinit-godot.patch:1.1
--- /dev/null Thu Jun 26 16:55:21 2008
+++ SOURCES/sysvinit-godot.patch Thu Jun 26 16:55:10 2008
@@ -0,0 +1,10 @@
+--- sysvinit-2.86/src/init.c.wait 2006-08-09 15:05:01.000000000 -0400
++++ sysvinit-2.86/src/init.c 2006-08-09 15:05:59.000000000 -0400
+@@ -187,6 +187,7 @@
+ {"RU",RUNNING},
+ {"DE",DEMAND},
+ {"XD",XECUTED},
++ {"WT",WAITING},
+ {NULL,0}
+ };
+
================================================================
Index: SOURCES/sysvinit-haltname.patch
diff -u /dev/null SOURCES/sysvinit-haltname.patch:1.1
--- /dev/null Thu Jun 26 16:55:21 2008
+++ SOURCES/sysvinit-haltname.patch Thu Jun 26 16:55:10 2008
@@ -0,0 +1,10 @@
+--- sysvinit-2.86/src/halt.c.foo 2005-12-20 15:09:35.000000000 -0500
++++ sysvinit-2.86/src/halt.c 2005-12-20 15:09:25.000000000 -0500
+@@ -178,6 +178,7 @@
+ /*
+ * Find out who we are
+ */
++ if (argv[0][0] == '-') argv[0]++;
+ if ((progname = strrchr(argv[0], '/')) != NULL)
+ progname++;
+ else
================================================================
Index: SOURCES/sysvinit-ipv6.patch
diff -u /dev/null SOURCES/sysvinit-ipv6.patch:1.1
--- /dev/null Thu Jun 26 16:55:22 2008
+++ SOURCES/sysvinit-ipv6.patch Thu Jun 26 16:55:11 2008
@@ -0,0 +1,34 @@
+diff -Naur sysvinit-2.86/src/last.c sysvinit-2.86-ipv6/src/last.c
+--- sysvinit-2.86/src/last.c 2004-07-30 14:16:26.000000000 +0200
++++ sysvinit-2.86-ipv6/src/last.c 2006-07-19 16:14:24.000000000 +0200
+@@ -307,14 +307,15 @@
+ struct sockaddr *sa;
+ int salen, flags;
+ unsigned int topnibble;
++ unsigned int azero = 0, sitelocal = 0;
+ int mapped = 0;
+
+ flags = useip ? NI_NUMERICHOST : 0;
+
+ /*
+ * IPv4 or IPv6 ? We use 2 heuristics:
+- * 1. Current IPv6 range uses 2000-3fff. Outside of
+- * that is illegal and must be IPv4.
++ * 1. Current IPv6 range uses 2000-3fff or fec0-feff.
++ * Outside of that is illegal and must be IPv4.
+ * 2. If last 3 bytes are 0, must be IPv4
+ * 3. If IPv6 in IPv4, handle as IPv4
+ *
+@@ -323,7 +324,11 @@
+ if (a[0] == 0 && a[1] == 0 && a[2] == htonl (0xffff))
+ mapped = 1;
+ topnibble = ntohl((unsigned int)a[0]) >> 28;
+- if (topnibble < 2 || topnibble > 3 || mapped ||
++
++ azero = ntohl((unsigned int)a[0]) >> 16;
++ sitelocal = (azero >= 0xfec0 && azero <= 0xfeff) ? 1 : 0;
++
++ if (((topnibble < 2 || topnibble > 3) && (!sitelocal)) || mapped ||
+ (a[1] == 0 && a[2] == 0 && a[3] == 0)) {
+ /* IPv4 */
+ sin.sin_family = AF_INET;
================================================================
Index: SOURCES/sysvinit-maxproclen.patch
diff -u /dev/null SOURCES/sysvinit-maxproclen.patch:1.1
--- /dev/null Thu Jun 26 16:55:22 2008
+++ SOURCES/sysvinit-maxproclen.patch Thu Jun 26 16:55:11 2008
@@ -0,0 +1,11 @@
+--- sysvinit-2.86/src/init.c.cmdline 2005-10-26 12:56:47.328580896 +0400
++++ sysvinit-2.86/src/init.c 2005-10-26 12:48:43.823084904 +0400
+@@ -466,7 +466,7 @@
+
+ if (maxproclen > 2) {
+ memset(argv0, 0, maxproclen);
+- strncpy(argv0, buf, maxproclen - 2);
++ strncpy(argv0, buf, maxproclen - 1);
+ }
+
+ return len;
================================================================
Index: SOURCES/sysvinit-no-abort.patch
diff -u /dev/null SOURCES/sysvinit-no-abort.patch:1.1
--- /dev/null Thu Jun 26 16:55:23 2008
+++ SOURCES/sysvinit-no-abort.patch Thu Jun 26 16:55:12 2008
@@ -0,0 +1,12 @@
+diff -ru sysvinit-2.86/src/init.c sysvinit-2.86/src/init.c
+--- sysvinit-2.86/src/init.c 2008-01-23 17:10:45.000000000 -0500
++++ sysvinit-2.86/src/init.c 2008-01-23 16:26:07.000000000 -0500
+@@ -2671,7 +2671,7 @@
+ maxproclen += strlen(argv[f]) + 1;
+ }
+
+- if (getenv("SELINUX_INIT") == NULL) {
++ if (getenv("SELINUX_INIT") == NULL && !is_selinux_enabled()) {
+ putenv("SELINUX_INIT=YES");
+ if (selinux_init_load_policy(&enforce) == 0 ) {
+ execv(myname, argv);
================================================================
Index: SOURCES/sysvinit-quiet.patch
diff -u /dev/null SOURCES/sysvinit-quiet.patch:1.1
--- /dev/null Thu Jun 26 16:55:24 2008
+++ SOURCES/sysvinit-quiet.patch Thu Jun 26 16:55:12 2008
@@ -0,0 +1,37 @@
+--- sysvinit-2.86/src/init.c.silence 2006-08-08 20:50:37.000000000 -0400
++++ sysvinit-2.86/src/init.c 2006-08-08 20:54:24.000000000 -0400
+@@ -117,6 +117,7 @@
+ char *console_dev; /* Console device. */
+ int pipe_fd = -1; /* /dev/initctl */
+ int did_boot = 0; /* Did we already do BOOT* stuff? */
++int quiet = 0; /* Should we be relatively silent? */
+ int main(int, char **);
+
+ /* Used by re-exec part */
+@@ -1673,7 +1674,7 @@
+ initlog(L_SY, "Trying to re-exec init");
+ return 'U';
+ default:
+- initlog(L_VB, "Switching to runlevel: %c", foo);
++ if (!quiet) initlog(L_VB, "Switching to runlevel: %c", foo);
+ }
+
+ if (foo == 'Q') return runlevel;
+@@ -2425,7 +2426,7 @@
+ /*
+ * Say hello to the world
+ */
+- initlog(L_CO, bootmsg, "booting");
++ if (!quiet) initlog(L_CO, bootmsg, "booting");
+
+ /*
+ * See if we have to start an emergency shell.
+@@ -2657,6 +2658,8 @@
+ else if (!strcmp(argv[f], "-z")) {
+ /* Ignore -z xxx */
+ if (argv[f + 1]) f++;
++ } else if (!strcmp(argv[f], "quiet")) {
++ quiet = 1;
+ } else if (strchr("0123456789sS", argv[f][0])
+ && strlen(argv[f]) == 1)
+ dfl_level = argv[f][0];
================================================================
Index: SOURCES/sysvinit-timeval.patch
diff -u /dev/null SOURCES/sysvinit-timeval.patch:1.1
--- /dev/null Thu Jun 26 16:55:24 2008
+++ SOURCES/sysvinit-timeval.patch Thu Jun 26 16:55:13 2008
@@ -0,0 +1,42 @@
+--- sysvinit-2.86/src/utmp.c.timeval 1999-06-09 07:11:33.000000000 -0400
++++ sysvinit-2.86/src/utmp.c 2006-08-09 19:46:26.000000000 -0400
+@@ -47,7 +47,8 @@
+ int fd;
+ struct utmp utmp;
+ struct utsname uname_buf;
+-
++ struct timeval tv;
++
+ /*
+ * Try to open the wtmp file. Note that we even try
+ * this if we have updwtmp() so we can see if the
+@@ -76,7 +77,9 @@
+ */
+ memset(&utmp, 0, sizeof(utmp));
+ #if defined(__GLIBC__)
+- gettimeofday(&utmp.ut_tv, NULL);
++ gettimeofday(&tv, NULL);
++ utmp.ut_tv.tv_sec = tv.tv_sec;
++ utmp.ut_tv.tv_usec = tv.tv_usec;
+ #else
+ time(&utmp.ut_time);
+ #endif
+@@ -113,6 +116,7 @@
+ struct utmp utmp;
+ struct utmp tmp;
+ struct utmp *utmptr;
++ struct timeval tv;
+
+ /*
+ * Can't do much if UTMP_FILE is not present.
+@@ -144,7 +148,9 @@
+ utmp.ut_pid = pid;
+ strncpy(utmp.ut_id, id, sizeof(utmp.ut_id));
+ #if defined(__GLIBC__)
+- gettimeofday(&utmp.ut_tv, NULL);
++ gettimeofday(&tv, NULL);
++ utmp.ut_tv.tv_sec = tv.tv_sec;
++ utmp.ut_tv.tv_usec = tv.tv_usec;
+ #else
+ time(&utmp.ut_time);
+ #endif
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/sysvinit-selinux.patch?r1=1.10&r2=1.11&f=u
More information about the pld-cvs-commit
mailing list