[packages/tcpdump] create and provide tcpdump user only when build with drop_priv such lame priviledge disposal only po
gotar
gotar at pld-linux.org
Sat Aug 9 09:25:01 CEST 2014
commit d4dd68448113cb8f5851b16fd3c45f5a4e55b0d5
Author: Tomasz Pala <gotar at pld-linux.org>
Date: Sat Aug 9 09:17:40 2014 +0200
create and provide tcpdump user only when build with drop_priv
such lame priviledge disposal only pollutes one's user database, while
it's all up to cap_net_raw,cap_net_admin=ep
tcpdump.spec | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
---
diff --git a/tcpdump.spec b/tcpdump.spec
index a2c9e64..c1b4f4e 100644
--- a/tcpdump.spec
+++ b/tcpdump.spec
@@ -29,10 +29,12 @@ BuildRequires: libpcap-devel >= 2:1.6.1
BuildRequires: openssl-devel >= 0.9.7d
BuildRequires: rpmbuild(macros) >= 1.202
Requires: libpcap >= 2:1.6.1
+%if %{with drop_priv}
Provides: user(tcpdump)
-Requires(postun): /usr/sbin/userdel
Requires(pre): /bin/id
Requires(pre): /usr/sbin/useradd
+%endif
+Requires(postun): /usr/sbin/userdel
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%description
@@ -100,12 +102,14 @@ rm -rf $RPM_BUILD_ROOT
%{__rm} $RPM_BUILD_ROOT%{_sbindir}/tcpdump.%{version}
+%if %{with drop_priv}
%pre
%useradd -u 273 -r -d /usr/share/empty -s /bin/false -c "tcpdump User" -g nobody tcpdump
+%endif
%postun
if [ "$1" = "0" ]; then
- %userremove tcpdump
+ %userremove tcpdump || :
fi
%clean
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/tcpdump.git/commitdiff/d4dd68448113cb8f5851b16fd3c45f5a4e55b0d5
More information about the pld-cvs-commit
mailing list