[packages/rabbitmq-server] Make sure server is not started with uid=0

Tue Apr 21 16:18:08 CEST 2015

commit 2c6de34a3cc910271c52d63b963a2d5e2b9e5c8e
Author: Jacek Konieczny <j.konieczny at eggsoft.pl>
Date:   Tue Apr 21 16:17:33 2015 +0200

    Make sure server is not started with uid=0

 rabbitmq-server.spec      |  3 +++
 rabbitmqctl-no_root.patch | 17 +++++++++++++++++
 2 files changed, 20 insertions(+)
---

diff --git a/rabbitmq-server.spec b/rabbitmq-server.spec
index ae8fba2..1adeb79 100644
--- a/rabbitmq-server.spec
+++ b/rabbitmq-server.spec
@@ -12,6 +12,7 @@ Source1:	rabbitmq.conf
 Source2:	%{name}.init
 Source3:	%{name}.sysconfig
 Source4:	%{name}.service
+Patch0:		rabbitmqctl-no_root.patch
 URL:		http://www.rabbitmq.com/
 BuildRequires:	docbook-dtd45-xml
 BuildRequires:	erlang
@@ -35,6 +36,8 @@ operating systems and developer platforms.
 %prep
 %setup -q
 
+%patch0 -p1
+
 %build
 %{__make}
 
diff --git a/rabbitmqctl-no_root.patch b/rabbitmqctl-no_root.patch
new file mode 100644
index 0000000..bfd6812
--- /dev/null
+++ b/rabbitmqctl-no_root.patch
@@ -0,0 +1,17 @@
+diff -dur -x '*~' rabbitmq-server-3.5.0.orig/scripts/rabbitmqctl rabbitmq-server-3.5.0/scripts/rabbitmqctl
+--- rabbitmq-server-3.5.0.orig/scripts/rabbitmqctl	2015-03-11 15:04:09.000000000 +0100
++++ rabbitmq-server-3.5.0/scripts/rabbitmqctl	2015-03-26 09:39:32.000000000 +0100
+@@ -15,6 +15,13 @@
+ ##  Copyright (c) 2007-2014 GoPivotal, Inc.  All rights reserved.
+ ##
+ 
++# make sure we won't run as root
++# otherwise /var/lib/rabbitmq/.erlang.cookie with wrong permissions might
++# get created.
++if [ $(id -u) -eq 0 ] ; then
++	exec /sbin/setuidgid -s rabbitmq $0 "$@"
++fi
++
+ # Get default settings with user overrides for (RABBITMQ_)<var_name>
+ # Non-empty defaults should be set in rabbitmq-env
+ . `dirname $0`/rabbitmq-env
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/rabbitmq-server.git/commitdiff/de0b3de87834eac855dbb5e31d3cfaefbb9fd148

