packages: amanda/amanda-krb5-auth.patch (NEW) - seteuid(0) before checking ...
baggins
baggins at pld-linux.org
Tue Nov 30 14:25:51 CET 2010
Author: baggins Date: Tue Nov 30 13:25:51 2010 GMT
Module: packages Tag: HEAD
---- Log message:
- seteuid(0) before checking for euid == 0 for krb5
- the comment about broken MEMORY caches dates back to 1999 and is outdated
- fix constant string usage
---- Files affected:
packages/amanda:
amanda-krb5-auth.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: packages/amanda/amanda-krb5-auth.patch
diff -u /dev/null packages/amanda/amanda-krb5-auth.patch:1.1
--- /dev/null Tue Nov 30 14:25:51 2010
+++ packages/amanda/amanda-krb5-auth.patch Tue Nov 30 14:25:46 2010
@@ -0,0 +1,55 @@
+--- amanda-3.2.0/amandad-src/amandad.c~ 2010-10-06 18:36:28.000000000 +0200
++++ amanda-3.2.0/amandad-src/amandad.c 2010-11-29 14:23:20.580165324 +0100
+@@ -440,6 +440,11 @@
+ exit_on_qlength = 1;
+ }
+
++ /* krb5 require the euid to be 0 */
++ if (strcasecmp(auth, "krb5") == 0) {
++ seteuid((uid_t)0);
++ }
++
+ #ifndef SINGLE_USERID
+ if (geteuid() == 0) {
+ if (strcasecmp(auth, "krb5") != 0) {
+@@ -474,11 +479,6 @@
+ dbprintf(_("WARNING: argv[0] not defined: check inetd.conf\n"));
+ }
+
+- /* krb5 require the euid to be 0 */
+- if (strcasecmp(auth, "krb5") == 0) {
+- seteuid((uid_t)0);
+- }
+-
+ /*
+ * Schedule to call protocol_accept() when new security handles
+ * are created on stdin.
+--- amanda-3.2.0/common-src/krb5-security.c~ 2010-11-29 14:24:29.826165323 +0100
++++ amanda-3.2.0/common-src/krb5-security.c 2010-11-29 14:45:41.683165324 +0100
+@@ -46,7 +46,7 @@
+ #include "et/com_err.h"
+ #endif
+
+-#define BROKEN_MEMORY_CCACHE
++#undef BROKEN_MEMORY_CCACHE
+
+ #ifdef BROKEN_MEMORY_CCACHE
+ /*
+@@ -712,7 +712,7 @@
+ beenhere = 1;
+
+ #ifndef BROKEN_MEMORY_CCACHE
+- putenv(stralloc("KRB5_ENV_CCNAME=MEMORY:amanda_ccache"));
++ putenv(stralloc(KRB5_ENV_CCNAME"=MEMORY:amanda_ccache"));
+ #else
+ /*
+ * MEMORY ccaches seem buggy and cause a lot of internal heap
+@@ -727,7 +727,7 @@
+ char *ccache;
+ ccache = malloc(128);
+ g_snprintf(ccache, SIZEOF(ccache),
+- "KRB5_ENV_CCNAME=FILE:/tmp/amanda_ccache.%ld.%ld",
++ KRB5_ENV_CCNAME"=FILE:/tmp/amanda_ccache.%ld.%ld",
+ (long)geteuid(), (long)getpid());
+ putenv(ccache);
+ }
================================================================
More information about the pld-cvs-commit
mailing list