Re: [ABRT PATCH] - analyze-ccpp don't suid to abrt when run as root, related rhbz#759443
On 03/04/2013 12:54 PM, Jakub Filak wrote: I thought you are the one who is against commits which modify the spec file and sources :) On Monday, March 04, 2013 10:55:52 AM Jiri Moskovcak wrote: Signed-off-by: Jiri Moskovcak jmosk...@redhat.com --- abrt.spec.in | 1 + src/plugins/Makefile.am| 6 -- src/plugins/abrt-action-analyze-ccpp-local | 17 + src/plugins/ccpp_event.conf| 10 +- 4 files changed, 23 insertions(+), 11 deletions(-) create mode 100755 src/plugins/abrt-action-analyze-ccpp-local diff --git a/abrt.spec.in b/abrt.spec.in index 49b2196..180abce 100644 --- a/abrt.spec.in +++ b/abrt.spec.in @@ -575,6 +575,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor /dev/null || : %{_bindir}/abrt-action-list-dsos %{_bindir}/abrt-action-perform-ccpp-analysis %{_bindir}/abrt-dedup-client +%{_bindir}/abrt-action-analyze-ccpp-local Why not to install it to /usr/libexec ? - it can change, we shouldn't have it hardwired in conf files - the proper solution would be to have the conf files generated by AT during build, so we could use $(libexecdir)/abrt-action-analyze-ccpp-local, but it's work for another patch %{_sbindir}/abrt-install-ccpp-hook %{_sysconfdir}/libreport/events.d/ccpp_event.conf %{_sysconfdir}/libreport/events.d/gconf_event.conf diff --git a/src/plugins/Makefile.am b/src/plugins/Makefile.am index 6f809b6..33f201d 100644 --- a/src/plugins/Makefile.am +++ b/src/plugins/Makefile.am @@ -6,7 +6,8 @@ bin_SCRIPTS = \ abrt-action-analyze-vmcore \ abrt-action-list-dsos \ abrt-action-perform-ccpp-analysis \ -abrt-action-save-kernel-data +abrt-action-save-kernel-data \ +abrt-action-analyze-ccpp-local bin_PROGRAMS = \ abrt-watch-log \ @@ -83,7 +84,8 @@ EXTRA_DIST = \ abrt-action-save-kernel-data \ abrt-action-ureport \ https-utils.h \ -post_report.xml.in +post_report.xml.in \ +abrt-action-analyze-ccpp-local confdir = $(CONF_DIR) dist_conf_DATA = \ diff --git a/src/plugins/abrt-action-analyze-ccpp-local b/src/plugins/abrt-action-analyze-ccpp-local new file mode 100755 index 000..0c5ab34 --- /dev/null +++ b/src/plugins/abrt-action-analyze-ccpp-local @@ -0,0 +1,17 @@ +#! /bin/sh +if [ `id -u`x == 0x ]; then +abrt-action-analyze-core --core=coredump | abrt-action-install-debuginfo --ids=- --size_mb=4096 +else +abrt-action-analyze-core --core=coredump | /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache --ids=- --size_mb=4096 +fi; + +if [ $?x == 0x ]; then +abrt-action-generate-backtrace +abrt-action-analyze-backtrace +( +bug_id=$(reporter-bugzilla -h `cat duphash`) +if test -n $bug_id; then +abrt-bodhi -r -b $bug_id +fi +) +fi \ No newline at end of file diff --git a/src/plugins/ccpp_event.conf b/src/plugins/ccpp_event.conf index 612ab1c..b608c2d 100644 --- a/src/plugins/ccpp_event.conf +++ b/src/plugins/ccpp_event.conf @@ -53,15 +53,7 @@ EVENT=collect_xsession_errors analyzer=CCpp dso_list~=.*/libX11.* # TODO: can we still specify additional directories to search for debuginfos, # or was this ability lost with move to python installer? EVENT=analyze_LocalGDB analyzer=CCpp -abrt-action-analyze-core --core=coredump | /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache --ids=- --size_mb=4096 -abrt-action-generate-backtrace -abrt-action-analyze-backtrace -( -bug_id=$(reporter-bugzilla -h `cat duphash`) -if test -n $bug_id; then -abrt-bodhi -r -b $bug_id -fi -) +abrt-action-analyze-ccpp-local # Bugzilla requires nonempty duphash
[ABRT PATCH] - analyze-ccpp don't suid to abrt when run as root, related rhbz#759443
Signed-off-by: Jiri Moskovcak jmosk...@redhat.com --- abrt.spec.in | 1 + src/plugins/Makefile.am| 6 -- src/plugins/abrt-action-analyze-ccpp-local | 17 + src/plugins/ccpp_event.conf| 10 +- 4 files changed, 23 insertions(+), 11 deletions(-) create mode 100755 src/plugins/abrt-action-analyze-ccpp-local diff --git a/abrt.spec.in b/abrt.spec.in index 49b2196..180abce 100644 --- a/abrt.spec.in +++ b/abrt.spec.in @@ -575,6 +575,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor /dev/null || : %{_bindir}/abrt-action-list-dsos %{_bindir}/abrt-action-perform-ccpp-analysis %{_bindir}/abrt-dedup-client +%{_bindir}/abrt-action-analyze-ccpp-local %{_sbindir}/abrt-install-ccpp-hook %{_sysconfdir}/libreport/events.d/ccpp_event.conf %{_sysconfdir}/libreport/events.d/gconf_event.conf diff --git a/src/plugins/Makefile.am b/src/plugins/Makefile.am index 6f809b6..33f201d 100644 --- a/src/plugins/Makefile.am +++ b/src/plugins/Makefile.am @@ -6,7 +6,8 @@ bin_SCRIPTS = \ abrt-action-analyze-vmcore \ abrt-action-list-dsos \ abrt-action-perform-ccpp-analysis \ -abrt-action-save-kernel-data +abrt-action-save-kernel-data \ +abrt-action-analyze-ccpp-local bin_PROGRAMS = \ abrt-watch-log \ @@ -83,7 +84,8 @@ EXTRA_DIST = \ abrt-action-save-kernel-data \ abrt-action-ureport \ https-utils.h \ -post_report.xml.in +post_report.xml.in \ +abrt-action-analyze-ccpp-local confdir = $(CONF_DIR) dist_conf_DATA = \ diff --git a/src/plugins/abrt-action-analyze-ccpp-local b/src/plugins/abrt-action-analyze-ccpp-local new file mode 100755 index 000..0c5ab34 --- /dev/null +++ b/src/plugins/abrt-action-analyze-ccpp-local @@ -0,0 +1,17 @@ +#! /bin/sh +if [ `id -u`x == 0x ]; then +abrt-action-analyze-core --core=coredump | abrt-action-install-debuginfo --ids=- --size_mb=4096 +else +abrt-action-analyze-core --core=coredump | /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache --ids=- --size_mb=4096 +fi; + +if [ $?x == 0x ]; then +abrt-action-generate-backtrace +abrt-action-analyze-backtrace +( +bug_id=$(reporter-bugzilla -h `cat duphash`) +if test -n $bug_id; then +abrt-bodhi -r -b $bug_id +fi +) +fi \ No newline at end of file diff --git a/src/plugins/ccpp_event.conf b/src/plugins/ccpp_event.conf index 612ab1c..b608c2d 100644 --- a/src/plugins/ccpp_event.conf +++ b/src/plugins/ccpp_event.conf @@ -53,15 +53,7 @@ EVENT=collect_xsession_errors analyzer=CCpp dso_list~=.*/libX11.* # TODO: can we still specify additional directories to search for debuginfos, # or was this ability lost with move to python installer? EVENT=analyze_LocalGDB analyzer=CCpp -abrt-action-analyze-core --core=coredump | /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache --ids=- --size_mb=4096 -abrt-action-generate-backtrace -abrt-action-analyze-backtrace -( -bug_id=$(reporter-bugzilla -h `cat duphash`) -if test -n $bug_id; then -abrt-bodhi -r -b $bug_id -fi -) +abrt-action-analyze-ccpp-local # Bugzilla requires nonempty duphash -- 1.8.1.2
Re: [ABRT PATCH] - analyze-ccpp don't suid to abrt when run as root, related rhbz#759443
I thought you are the one who is against commits which modify the spec file and sources :) On Monday, March 04, 2013 10:55:52 AM Jiri Moskovcak wrote: Signed-off-by: Jiri Moskovcak jmosk...@redhat.com --- abrt.spec.in | 1 + src/plugins/Makefile.am| 6 -- src/plugins/abrt-action-analyze-ccpp-local | 17 + src/plugins/ccpp_event.conf| 10 +- 4 files changed, 23 insertions(+), 11 deletions(-) create mode 100755 src/plugins/abrt-action-analyze-ccpp-local diff --git a/abrt.spec.in b/abrt.spec.in index 49b2196..180abce 100644 --- a/abrt.spec.in +++ b/abrt.spec.in @@ -575,6 +575,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor /dev/null || : %{_bindir}/abrt-action-list-dsos %{_bindir}/abrt-action-perform-ccpp-analysis %{_bindir}/abrt-dedup-client +%{_bindir}/abrt-action-analyze-ccpp-local Why not to install it to /usr/libexec ? %{_sbindir}/abrt-install-ccpp-hook %{_sysconfdir}/libreport/events.d/ccpp_event.conf %{_sysconfdir}/libreport/events.d/gconf_event.conf diff --git a/src/plugins/Makefile.am b/src/plugins/Makefile.am index 6f809b6..33f201d 100644 --- a/src/plugins/Makefile.am +++ b/src/plugins/Makefile.am @@ -6,7 +6,8 @@ bin_SCRIPTS = \ abrt-action-analyze-vmcore \ abrt-action-list-dsos \ abrt-action-perform-ccpp-analysis \ -abrt-action-save-kernel-data +abrt-action-save-kernel-data \ +abrt-action-analyze-ccpp-local bin_PROGRAMS = \ abrt-watch-log \ @@ -83,7 +84,8 @@ EXTRA_DIST = \ abrt-action-save-kernel-data \ abrt-action-ureport \ https-utils.h \ -post_report.xml.in +post_report.xml.in \ +abrt-action-analyze-ccpp-local confdir = $(CONF_DIR) dist_conf_DATA = \ diff --git a/src/plugins/abrt-action-analyze-ccpp-local b/src/plugins/abrt-action-analyze-ccpp-local new file mode 100755 index 000..0c5ab34 --- /dev/null +++ b/src/plugins/abrt-action-analyze-ccpp-local @@ -0,0 +1,17 @@ +#! /bin/sh +if [ `id -u`x == 0x ]; then +abrt-action-analyze-core --core=coredump | abrt-action-install-debuginfo --ids=- --size_mb=4096 +else +abrt-action-analyze-core --core=coredump | /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache --ids=- --size_mb=4096 +fi; + +if [ $?x == 0x ]; then +abrt-action-generate-backtrace +abrt-action-analyze-backtrace +( +bug_id=$(reporter-bugzilla -h `cat duphash`) +if test -n $bug_id; then +abrt-bodhi -r -b $bug_id +fi +) +fi \ No newline at end of file diff --git a/src/plugins/ccpp_event.conf b/src/plugins/ccpp_event.conf index 612ab1c..b608c2d 100644 --- a/src/plugins/ccpp_event.conf +++ b/src/plugins/ccpp_event.conf @@ -53,15 +53,7 @@ EVENT=collect_xsession_errors analyzer=CCpp dso_list~=.*/libX11.* # TODO: can we still specify additional directories to search for debuginfos, # or was this ability lost with move to python installer? EVENT=analyze_LocalGDB analyzer=CCpp -abrt-action-analyze-core --core=coredump | /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache --ids=- --size_mb=4096 -abrt-action-generate-backtrace -abrt-action-analyze-backtrace -( -bug_id=$(reporter-bugzilla -h `cat duphash`) -if test -n $bug_id; then -abrt-bodhi -r -b $bug_id -fi -) +abrt-action-analyze-ccpp-local # Bugzilla requires nonempty duphash