Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rungetty for openSUSE:Factory checked in at 2021-11-17 01:14:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rungetty (Old) and /work/SRC/openSUSE:Factory/.rungetty.new.1890 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rungetty" Wed Nov 17 01:14:28 2021 rev:6 rq:931831 version:1.2 Changes: -------- --- /work/SRC/openSUSE:Factory/rungetty/rungetty.changes 2021-01-30 13:58:01.086422422 +0100 +++ /work/SRC/openSUSE:Factory/.rungetty.new.1890/rungetty.changes 2021-11-17 01:15:44.662192071 +0100 @@ -1,0 +2,16 @@ +Wed Nov 10 11:01:52 UTC 2021 - l...@linux-schulserver.de - 1.2 + +- finish UsrMerge, install to /usr/sbin (boo#1191106) +- rename rungetty.patch to 01_rungetty-remove_sys_errlist.patch +- copied patches from Debian: + 02_rungetty-manpage.patch to fix some errors in the manpage + 03_rungetty-disable_path.patch do not hardcode the search path + 04_rungetty-use_signed_int.patch change type of c in do_prompt to signed int + 06_rungetty-get_supplementary_groups_for_process.patch call + initgroups to get supplementary groups for processes + 07_rungetty-allow_autologin-on-all-ttys.patch allow autologin on + all TTYs (not only tty1) +- added patch to remove any extraneous groups when dropping root + privileges: 05_rungetty-missing-call-to-setgroups-before-setuid.patch + +------------------------------------------------------------------- Old: ---- rungetty.patch New: ---- 01_rungetty-remove_sys_errlist.patch 02_rungetty-manpage.patch 03_rungetty-disable_path.patch 04_rungetty-use_signed_int.patch 05_rungetty-missing-call-to-setgroups-before-setuid.patch 06_rungetty-get_supplementary_groups_for_process.patch 07_rungetty-allow_autologin-on-all-ttys.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rungetty.spec ++++++ --- /var/tmp/diff_new_pack.1XSqO1/_old 2021-11-17 01:15:45.150192093 +0100 +++ /var/tmp/diff_new_pack.1XSqO1/_new 2021-11-17 01:15:45.154192093 +0100 @@ -1,7 +1,7 @@ # # spec file for package rungetty # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -20,11 +20,17 @@ Version: 1.2 Release: 0 Summary: Minimal Getty for Virtual Consoles -License: GPL-2.0+ +License: GPL-2.0-or-later Group: System/Base -Provides: sysvinit:/sbin/mingetty Source: %{name}-%{version}.tar.bz2 -Patch0: rungetty.patch +Patch1: 01_rungetty-remove_sys_errlist.patch +Patch2: 02_rungetty-manpage.patch +Patch3: 03_rungetty-disable_path.patch +Patch4: 04_rungetty-use_signed_int.patch +Patch5: 05_rungetty-missing-call-to-setgroups-before-setuid.patch +Patch6: 06_rungetty-get_supplementary_groups_for_process.patch +Patch7: 07_rungetty-allow_autologin-on-all-ttys.patch +Provides: sysvinit:/sbin/mingetty %description rungetty might be the getty you were looking for when you want to run any @@ -33,7 +39,7 @@ rungetty can even be configured to autologin, under certain circumstances. See the manual page for more information. -You have to change some lines in /etc/inittab for having any effect after +You have to change some lines in %{_sysconfdir}/inittab for having any effect after installing the package. rungetty is based on mingetty and therefore not suitable for serial use. @@ -41,15 +47,17 @@ %autosetup -p1 %build -make CFLAGS="%optflags -D_FILE_OFFSET_BITS=64" +%make_build CFLAGS="%{optflags} -D_FILE_OFFSET_BITS=64" %install -mkdir -p %buildroot{/sbin,%{_mandir}/man8} -install -m 755 rungetty %buildroot/sbin/ -install -m 644 rungetty.8 %buildroot/%{_mandir}/man8/ +mkdir -p %{buildroot}%{_sbindir} %{buildroot}%{_mandir}/man8 +install -m 755 rungetty %{buildroot}%{_sbindir}/ +install -m 644 rungetty.8 %{buildroot}%{_mandir}/man8/ %files -%doc %{_mandir}/man8/rungetty.8.gz -/sbin/rungetty +%license COPYING +%doc CHANGELOG README THANKS +%{_mandir}/man8/rungetty.8%{?ext_man} +%{_sbindir}/rungetty %changelog ++++++ 01_rungetty-remove_sys_errlist.patch ++++++ --- a/rungetty.c +++ b/rungetty.c @@ -313,7 +313,7 @@ get_logname (void) { if (errno == EINTR || errno == EIO || errno == ENOENT) exit (0); - error ("%s: read: %s", tty, sys_errlist[errno]); + error ("%s: read: %m", tty); } if (c == '\n' || c == '\r') { @@ -430,7 +430,7 @@ mingetty_login (char *logname, char *tty while ((logname = get_logname ()) == 0); execl (_PATH_LOGIN, _PATH_LOGIN, "--", logname, NULL); } - error ("%s: can't exec " _PATH_LOGIN ": %s", tty, sys_errlist[errno]); + error ("%s: can't exec " _PATH_LOGIN ": %m", tty); exit (0); } @@ -446,7 +446,7 @@ open_tty (void) strcpy (buf, "/dev/"); strcat (buf, tty); if (chown (buf, 0, 0) || chmod (buf, 0600)) - error ("%s: %s", buf, sys_errlist[errno]); + error ("%s: %m", buf); sa.sa_handler = SIG_IGN; sa.sa_flags = 0; @@ -461,7 +461,7 @@ open_tty (void) */ if ((fd = open (buf, O_RDWR, 0)) < 0 || ioctl (fd, TIOCSCTTY, (void *) 1) == -1) - error ("%s: cannot open tty: %s", buf, sys_errlist[errno]); + error ("%s: cannot open tty: %m", buf); if (!isatty (fd)) error ("%s: not a tty", buf); @@ -474,12 +474,11 @@ open_tty (void) /* ioctl (0, TIOCNOTTY, (char *)1); */ if (open (buf, O_RDWR, 0) != 0) - error ("%s: cannot open as standard input: %s", buf, - sys_errlist[errno]); + error ("%s: cannot open as standard input: %m", buf); /* Set up standard output and standard error file descriptors. */ if (dup (0) != 1 || dup (0) != 2) - error ("%s: dup problem: %s", buf, sys_errlist[errno]); + error ("%s: dup problem: %m", buf); /* Write a reset string to the terminal. This is very linux-specific and should be checked for other systems. */ @@ -605,6 +604,6 @@ main (int argc, char **argv) nice (priority); execvp (program_run, &argv[optind + 1]); - error ("%s: can't exec %s : %s", tty, program_run, sys_errlist[errno]); + error ("%s: can't exec %s : %m", tty, program_run); exit (0); } ++++++ 02_rungetty-manpage.patch ++++++ Author: Rhonda D'Vine <rho...@debian.org> vim:ft=diff: Description: Fixes small errors in the manpage Index: VCS/rungetty.8 =================================================================== --- VCS.orig/rungetty.8 2016-01-04 23:57:47.472794432 +0100 +++ VCS/rungetty.8 2016-01-04 23:57:58.424848740 +0100 @@ -16,7 +16,7 @@ [\-\-autologin .IR username ] .I tty -[--] [command] [arguments] +[\-\-] [command] [arguments] .PP .SH DESCRIPTION .B rungetty @@ -74,7 +74,7 @@ Working directory of specified program. .TP .B \-d n -Specifying -d will make rungetty wait +Specifying \-d will make rungetty wait .I n seconds before running the specified program. .TP @@ -113,7 +113,7 @@ will revert to performing normal interactive logins for all subsequent login requests. .TP -.B -- +.B \-\- Tells .B rungetty that there are no more options to parse, useful for passing arguments with @@ -141,7 +141,7 @@ .PP .SH "ISSUE ESCAPES" .B rungetty -recognizes the following escapes sequences which might be embedded in the +recognizes the following escape sequences which might be embedded in the .I /etc/issue file: .IP \fB\ed\fP @@ -151,22 +151,22 @@ .B rungetty is running, .IP \fB\em\fP -inserts machine architecture (uname -m), +inserts machine architecture (uname \-m), .IP \fB\en\fP -inserts machine's network node hostname (uname -n), +inserts machine's network node hostname (uname \-n), .IP \fB\eo\fP inserts domain name, .IP \fB\er\fP -inserts operating system release (uname -r), +inserts operating system release (uname \-r), .IP \fB\et\fP insert current time (localtime), .IP \fB\es\fP inserts operating system name, -.IP \fB\eu\fP resp. \fB\eU\fP +.IP \fB\eu\fP\ resp.\ \fB\eU\fP the current number of users which are currently logged in. \\U inserts "\fIn\fP users", where as \\u only inserts "\fIn\fP". .IP \fB\ev\fP -inserts operating system version (uname -v). +inserts operating system version (uname \-v). .PP .SH EXAMPLE In @@ -178,9 +178,9 @@ .br .B r2:2345:respawn:/sbin/rungetty tty2 telnet mail.foo.com .br -.B r3:2345:respawn:/sbin/rungetty tty3 -u support top +.B r3:2345:respawn:/sbin/rungetty tty3 \-u support top .br -.B r4:2345:respawn:/sbin/rungetty tty4 -n 20 -w /etc rc5des +.B r4:2345:respawn:/sbin/rungetty tty4 \-n 20 \-w /etc rc5des .br Would run a local login on .BR /dev/tty1 , a ++++++ 03_rungetty-disable_path.patch ++++++ Index: rungetty-1.2/rungetty.c =================================================================== --- rungetty-1.2.orig/rungetty.c +++ rungetty-1.2/rungetty.c @@ -587,7 +587,7 @@ main (int argc, char **argv) #else putenv ("TERM=vt100"); #endif - putenv ("PATH=/bin:/usr/bin:/usr/ucb:/usr/local/bin"); + /* disabled -- get path from init: putenv ("PATH=/bin:/usr/bin:/usr/ucb:/usr/local/bin"); */ /* flush input and output queues, important for modems */ ioctl (0, TCFLSH, 2); ++++++ 04_rungetty-use_signed_int.patch ++++++ Index: rungetty-1.2/rungetty.c =================================================================== --- rungetty-1.2.orig/rungetty.c +++ rungetty-1.2/rungetty.c @@ -275,7 +275,7 @@ static void do_prompt (void) { FILE *fd; - char c; + signed int c; write (1, "\n", 1); /* start a new line */ if ((fd = fopen (ISSUE, "r"))) ++++++ 05_rungetty-missing-call-to-setgroups-before-setuid.patch ++++++ Index: rungetty-1.2/rungetty.c =================================================================== --- rungetty-1.2.orig/rungetty.c +++ rungetty-1.2/rungetty.c @@ -595,6 +595,15 @@ main (int argc, char **argv) if (!program_run) mingetty_login (logname, tty); + /* When dropping privileges from root, the `setgroups` call will + * remove any extraneous groups. If we don't call this, then + * even though our uid has dropped, we may still have groups + * that enable us to do super-user things. This will fail if we + * aren't root, so don't bother checking the return value, this + * is just done as an optimistic privilege dropping function. + */ + setgroups(0, NULL); + setgid (u_group->gr_gid); setuid (user->pw_uid); ++++++ 06_rungetty-get_supplementary_groups_for_process.patch ++++++ Index: rungetty-1.2/rungetty.c =================================================================== --- rungetty-1.2.orig/rungetty.c +++ rungetty-1.2/rungetty.c @@ -605,6 +605,7 @@ main (int argc, char **argv) setgroups(0, NULL); setgid (u_group->gr_gid); + initgroups (user->pw_name, user->pw_gid); setuid (user->pw_uid); if (progpath) ++++++ 07_rungetty-allow_autologin-on-all-ttys.patch ++++++ Index: rungetty-1.2/rungetty.c =================================================================== --- rungetty-1.2.orig/rungetty.c +++ rungetty-1.2/rungetty.c @@ -105,7 +105,7 @@ static int delay = 0; #define AUTO_LAST "/var/log/autologin" /* AUTO_TTY is the tty on which autologins will be accepted. If set to an empty string, autologins will be accepted on any tty. */ -#define AUTO_TTY "tty1" +#define AUTO_TTY "" /* If supplied, attempt an automatic login with this username. */ static char *autologin_name = NULL;
