Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package cscreen for openSUSE:Factory checked
in at 2022-03-16 20:21:39
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cscreen (Old)
and /work/SRC/openSUSE:Factory/.cscreen.new.25692 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cscreen"
Wed Mar 16 20:21:39 2022 rev:7 rq:962216 version:1.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/cscreen/cscreen.changes 2021-10-04
18:42:39.918320711 +0200
+++ /work/SRC/openSUSE:Factory/.cscreen.new.25692/cscreen.changes
2022-03-16 20:21:56.853034183 +0100
@@ -1,0 +2,15 @@
+Wed Mar 9 14:14:14 UTC 2022 - o...@aepfle.de
+
+- version 1.4
+- remove braces from rpm macros
+- expand %name in rpm specfile for some files
+- Include new tmpfile in files section
+
+-------------------------------------------------------------------
+Wed Mar 9 13:13:13 UTC 2022 - o...@aepfle.de
+
+- version 1.3
+- restrict usage of cscreen to a trusted set of users (bsc#1196451,
CVE-2022-21946)
+- remove usage of fixed path /tmp/cscreen.debug (bsc#1196446, CVE-2022-21945)
+
+-------------------------------------------------------------------
Old:
----
cscreen-1.2.tar.xz
New:
----
cscreen-1.4.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cscreen.spec ++++++
--- /var/tmp/diff_new_pack.3j0fVT/_old 2022-03-16 20:21:57.445034609 +0100
+++ /var/tmp/diff_new_pack.3j0fVT/_new 2022-03-16 20:21:57.449034612 +0100
@@ -18,9 +18,9 @@
%define GROUPNAME _cscreen
%define USERNAME _cscreen
-%define HOMEDIR %{_localstatedir}/lib/cscreen
+%define HOMEDIR %_localstatedir/lib/cscreen
%if ! %{defined _fillupdir}
- %define _fillupdir %{_localstatedir}/adm/fillup-templates
+ %define _fillupdir %_localstatedir/adm/fillup-templates
%endif
%if 0%{?suse_version} > 1210
%define has_systemd 1
@@ -31,14 +31,14 @@
Requires(pre): %insserv_prereq
%endif
Name: cscreen
-Version: 1.2
+Version: 1.4
Release: 0
Summary: Console screen
License: BSD-4-Clause
Group: System/Management
URL: https://github.com/openSUSE/cscreen
-Source: %{name}-%{version}.tar.xz
-Source1: %{name}-rpmlintrc
+Source: %name-%version.tar.xz
+Source1: %name-rpmlintrc
BuildRequires: sudo
Recommends: logrotate
Requires: screen
@@ -50,7 +50,7 @@
PreReq: %fillup_prereq
%endif
BuildArch: noarch
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
+BuildRoot: %_tmppath/%name-%version-build
%description
This package allows to run multiple consoles in one 'screen' and
@@ -62,40 +62,44 @@
%build
#
%install
-> %{name}.files
-if ! test -d %{_sysconfdir}/sudoers.d
+> %name.files
+if ! test -d %_sysconfdir/sudoers.d
then
- echo '%%dir %{_sysconfdir}/sudoers.d' >> %{name}.files
+ echo '%%dir %_sysconfdir/sudoers.d' >> %name.files
fi
-mkdir -p %{buildroot}/%{_sbindir}
+mkdir -p %buildroot/%_sbindir
%if 0%{?has_systemd}
-install -Dm644 systemd/cscreen.service
%{buildroot}/%{_unitdir}/%{name}d.service
-pushd %{buildroot}/%{_sbindir}
-ln -sf service %{buildroot}%{_sbindir}/rc%{name}d
+install -Dm644 systemd/cscreen.service %buildroot/%_unitdir/cscreend.service
+pushd %buildroot/%_sbindir
+ln -sf service %buildroot%_sbindir/rccscreend
popd
-%else
-install -Dm644 configs/%{name}.sysconfig
%{buildroot}/%{_fillupdir}/sysconfig.%{name}
-install -Dm755 systemd/cscreen.init %{buildroot}/%{_sysconfdir}/init.d/%{name}d
-pushd %{buildroot}/%{_sbindir}
-ln -s %{_sysconfdir}/init.d/%{name}d rc%{name}d
+mkdir -vp %buildroot%_tmpfilesdir
+tee %buildroot%_tmpfilesdir/%name.conf <<'_EOF_'
+d %_rundir/%name 0750 %USERNAME %GROUPNAME -
+_EOF_
+%else
+install -Dm644 configs/cscreen.sysconfig %buildroot/%_fillupdir/sysconfig.%name
+install -Dm755 systemd/cscreen.init %buildroot/%_sysconfdir/init.d/cscreend
+pushd %buildroot/%_sbindir
+ln -s %_sysconfdir/init.d/cscreend rccscreend
popd
%endif
-install -Dm640 configs/%{name}.config %{buildroot}/%{_sysconfdir}/%{name}rc
-install -Dm644 configs/%{name}.logrotate
%{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
-install -Dm644 configs/%{name}.sudoers
%{buildroot}%{_sysconfdir}/sudoers.d/%{name}
-install -Dm755 src/%{name}-shell %{buildroot}/%{_datadir}/%{name}/%{name}-shell
-install -Dm755 src/%{name} %{buildroot}/%{_bindir}/%{name}
-install -Dm755 src/%{name}_update_config.sh
%{buildroot}/%{_bindir}/cscreen_update_config.sh
-
-mkdir -p %{buildroot}%{_localstatedir}/log/screen/old
-mkdir -pm700 %{buildroot}/%{HOMEDIR}
-mkdir -pm700 %{buildroot}/%{HOMEDIR}/.ssh
+install -Dm640 configs/cscreen.config %buildroot/%_sysconfdir/cscreenrc
+install -Dm644 configs/cscreen.logrotate
%buildroot/%_sysconfdir/logrotate.d/%name
+install -Dm644 configs/cscreen.sudoers %buildroot%_sysconfdir/sudoers.d/%name
+install -Dm755 src/cscreen-shell %buildroot/%_datadir/%name/cscreen-shell
+install -Dm755 src/cscreen %buildroot/%_bindir/%name
+install -Dm755 src/cscreen_update_config.sh
%buildroot/%_bindir/cscreen_update_config.sh
+
+mkdir -p %buildroot%_localstatedir/log/screen/old
+mkdir -pm700 %buildroot/%{HOMEDIR}
+mkdir -pm700 %buildroot/%{HOMEDIR}/.ssh
%pre
%if 0%{?has_systemd}
-%service_add_pre %{name}d.service
+%service_add_pre cscreend.service
%endif
getent group %{GROUPNAME} >/dev/null || groupadd -r %{GROUPNAME}
if getent group tty >/dev/null;then
@@ -113,30 +117,31 @@
%post
%if 0%{?has_systemd}
-%service_add_post %{name}d.service
+%service_add_post cscreend.service
+%tmpfiles_create %_tmpfilesdir/%name.conf
%else
-%{fillup_and_insserv %{name}d }
-%fillup_only %{name}
+%{fillup_and_insserv cscreend }
+%fillup_only cscreen
%endif
%preun
%if 0%{?has_systemd}
-%service_del_preun %{name}d.service
+%service_del_preun cscreend.service
%else
-%stop_on_removal %{name}d
+%stop_on_removal cscreend
%endif
%postun
%if 0%{?has_systemd}
%if %{defined service_del_postun_without_restart}
-%service_del_postun_without_restart %{name}d.service
+%service_del_postun_without_restart cscreend.service
%else
DISABLE_RESTART_ON_UPDATE=yes
-%service_del_postun %{name}d.service
+%service_del_postun cscreend.service
%endif
%else
DISABLE_RESTART_ON_UPDATE=yes
-%restart_on_update %{name}d
+%restart_on_update cscreend
%insserv_cleanup
%endif
if [ -d /run/uscreens/S-cscreen ];then
@@ -146,29 +151,30 @@
fi
fi
-%files -f %{name}.files
+%files -f %name.files
%defattr(-,root,root)
%doc docs/motd_example
%if 0%{?suse_version} > 1320
%license License
%endif
-%{_bindir}/%{name}
-%{_bindir}/cscreen_update_config.sh
-%{_datadir}/%{name}
+%_bindir/%name
+%_bindir/cscreen_update_config.sh
+%_datadir/%name
%if 0%{?has_systemd}
-%{_unitdir}/%{name}d.service
+%_tmpfilesdir/%name.conf
+%_unitdir/cscreend.service
%else
-%attr(0644,root,root) %{_fillupdir}/sysconfig.%{name}
-%{_sysconfdir}/init.d/%{name}d
+%attr(0644,root,root) %_fillupdir/sysconfig.%name
+%_sysconfdir/init.d/cscreend
%endif
-%{_sbindir}/rc%{name}d
+%_sbindir/rccscreend
-%attr(0640,root,root) %config %{_sysconfdir}/sudoers.d/%{name}
-%attr(755,%{USERNAME}, %{GROUPNAME}) %dir %{_localstatedir}/log/screen
-%attr(755,%{USERNAME}, %{GROUPNAME}) %dir %{_localstatedir}/log/screen/old
+%attr(0640,root,root) %config %_sysconfdir/sudoers.d/%name
+%attr(755,%{USERNAME}, %{GROUPNAME}) %dir %_localstatedir/log/screen
+%attr(755,%{USERNAME}, %{GROUPNAME}) %dir %_localstatedir/log/screen/old
%attr(700,%{USERNAME}, %{GROUPNAME}) %dir %{HOMEDIR}
%attr(700,%{USERNAME}, %{GROUPNAME}) %dir %{HOMEDIR}/.ssh
-%attr(644,%{USERNAME}, %{GROUPNAME}) %config(noreplace)
%{_sysconfdir}/%{name}rc
-%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
+%attr(644,%{USERNAME}, %{GROUPNAME}) %config(noreplace) %_sysconfdir/cscreenrc
+%config(noreplace) %_sysconfdir/logrotate.d/%name
%changelog
++++++ _service ++++++
--- /var/tmp/diff_new_pack.3j0fVT/_old 2022-03-16 20:21:57.489034641 +0100
+++ /var/tmp/diff_new_pack.3j0fVT/_new 2022-03-16 20:21:57.493034644 +0100
@@ -2,7 +2,7 @@
<service mode="disabled" name="obs_scm">
<param name="url">https://github.com/openSUSE/cscreen.git</param>
<param name="scm">git</param>
- <param name="revision">ec5bffe40e3074ac208c1b233f4ff5ae305469c8</param>
+ <param name="revision">0fd690eb5a060be92dc07d7dd784f12995264afe</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">[v]?([^\+]+)(.*)</param>
<param name="versionrewrite-replacement">\1</param>
++++++ cscreen-1.2.tar.xz -> cscreen-1.4.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cscreen-1.2/configs/cscreen.sudoers
new/cscreen-1.4/configs/cscreen.sudoers
--- old/cscreen-1.2/configs/cscreen.sudoers 2021-09-27 15:48:15.000000000
+0200
+++ new/cscreen-1.4/configs/cscreen.sudoers 2022-03-09 14:39:38.000000000
+0100
@@ -1 +1 @@
-ALL ALL=(_cscreen) NOPASSWD:/usr/bin/screen
+%_cscreen ALL=(_cscreen) NOPASSWD:/usr/bin/screen
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cscreen-1.2/cscreen.spec new/cscreen-1.4/cscreen.spec
--- old/cscreen-1.2/cscreen.spec 2021-09-27 15:48:15.000000000 +0200
+++ new/cscreen-1.4/cscreen.spec 2022-03-09 14:39:38.000000000 +0100
@@ -18,9 +18,9 @@
%define GROUPNAME _cscreen
%define USERNAME _cscreen
-%define HOMEDIR %{_localstatedir}/lib/cscreen
+%define HOMEDIR %_localstatedir/lib/cscreen
%if ! %{defined _fillupdir}
- %define _fillupdir %{_localstatedir}/adm/fillup-templates
+ %define _fillupdir %_localstatedir/adm/fillup-templates
%endif
%if 0%{?suse_version} > 1210
%define has_systemd 1
@@ -37,8 +37,8 @@
License: BSD-4-Clause
Group: System/Management
URL: https://github.com/openSUSE/cscreen
-Source: %{name}-%{version}.tar.xz
-Source1: %{name}-rpmlintrc
+Source: %name-%version.tar.xz
+Source1: %name-rpmlintrc
BuildRequires: sudo
Recommends: logrotate
Requires: screen
@@ -50,7 +50,7 @@
PreReq: %fillup_prereq
%endif
BuildArch: noarch
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
+BuildRoot: %_tmppath/%name-%version-build
%description
This package allows to run multiple consoles in one 'screen' and
@@ -62,40 +62,44 @@
%build
#
%install
-> %{name}.files
-if ! test -d %{_sysconfdir}/sudoers.d
+> %name.files
+if ! test -d %_sysconfdir/sudoers.d
then
- echo '%%dir %{_sysconfdir}/sudoers.d' >> %{name}.files
+ echo '%%dir %_sysconfdir/sudoers.d' >> %name.files
fi
-mkdir -p %{buildroot}/%{_sbindir}
+mkdir -p %buildroot/%_sbindir
%if 0%{?has_systemd}
-install -Dm644 systemd/cscreen.service
%{buildroot}/%{_unitdir}/%{name}d.service
-pushd %{buildroot}/%{_sbindir}
-ln -sf service %{buildroot}%{_sbindir}/rc%{name}d
+install -Dm644 systemd/cscreen.service %buildroot/%_unitdir/cscreend.service
+pushd %buildroot/%_sbindir
+ln -sf service %buildroot%_sbindir/rccscreend
popd
-%else
-install -Dm644 configs/%{name}.sysconfig
%{buildroot}/%{_fillupdir}/sysconfig.%{name}
-install -Dm755 systemd/cscreen.init %{buildroot}/%{_sysconfdir}/init.d/%{name}d
-pushd %{buildroot}/%{_sbindir}
-ln -s %{_sysconfdir}/init.d/%{name}d rc%{name}d
+mkdir -vp %buildroot%_tmpfilesdir
+tee %buildroot%_tmpfilesdir/%name.conf <<'_EOF_'
+d %_rundir/%name 0750 %USERNAME %GROUPNAME -
+_EOF_
+%else
+install -Dm644 configs/cscreen.sysconfig %buildroot/%_fillupdir/sysconfig.%name
+install -Dm755 systemd/cscreen.init %buildroot/%_sysconfdir/init.d/cscreend
+pushd %buildroot/%_sbindir
+ln -s %_sysconfdir/init.d/cscreend rccscreend
popd
%endif
-install -Dm640 configs/%{name}.config %{buildroot}/%{_sysconfdir}/%{name}rc
-install -Dm644 configs/%{name}.logrotate
%{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
-install -Dm644 configs/%{name}.sudoers
%{buildroot}%{_sysconfdir}/sudoers.d/%{name}
-install -Dm755 src/%{name}-shell %{buildroot}/%{_datadir}/%{name}/%{name}-shell
-install -Dm755 src/%{name} %{buildroot}/%{_bindir}/%{name}
-install -Dm755 src/%{name}_update_config.sh
%{buildroot}/%{_bindir}/cscreen_update_config.sh
-
-mkdir -p %{buildroot}%{_localstatedir}/log/screen/old
-mkdir -pm700 %{buildroot}/%{HOMEDIR}
-mkdir -pm700 %{buildroot}/%{HOMEDIR}/.ssh
+install -Dm640 configs/cscreen.config %buildroot/%_sysconfdir/cscreenrc
+install -Dm644 configs/cscreen.logrotate
%buildroot/%_sysconfdir/logrotate.d/%name
+install -Dm644 configs/cscreen.sudoers %buildroot%_sysconfdir/sudoers.d/%name
+install -Dm755 src/cscreen-shell %buildroot/%_datadir/%name/cscreen-shell
+install -Dm755 src/cscreen %buildroot/%_bindir/%name
+install -Dm755 src/cscreen_update_config.sh
%buildroot/%_bindir/cscreen_update_config.sh
+
+mkdir -p %buildroot%_localstatedir/log/screen/old
+mkdir -pm700 %buildroot/%{HOMEDIR}
+mkdir -pm700 %buildroot/%{HOMEDIR}/.ssh
%pre
%if 0%{?has_systemd}
-%service_add_pre %{name}d.service
+%service_add_pre cscreend.service
%endif
getent group %{GROUPNAME} >/dev/null || groupadd -r %{GROUPNAME}
if getent group tty >/dev/null;then
@@ -113,30 +117,31 @@
%post
%if 0%{?has_systemd}
-%service_add_post %{name}d.service
+%service_add_post cscreend.service
+%tmpfiles_create %_tmpfilesdir/%name.conf
%else
-%{fillup_and_insserv %{name}d }
-%fillup_only %{name}
+%{fillup_and_insserv cscreend }
+%fillup_only cscreen
%endif
%preun
%if 0%{?has_systemd}
-%service_del_preun %{name}d.service
+%service_del_preun cscreend.service
%else
-%stop_on_removal %{name}d
+%stop_on_removal cscreend
%endif
%postun
%if 0%{?has_systemd}
%if %{defined service_del_postun_without_restart}
-%service_del_postun_without_restart %{name}d.service
+%service_del_postun_without_restart cscreend.service
%else
DISABLE_RESTART_ON_UPDATE=yes
-%service_del_postun %{name}d.service
+%service_del_postun cscreend.service
%endif
%else
DISABLE_RESTART_ON_UPDATE=yes
-%restart_on_update %{name}d
+%restart_on_update cscreend
%insserv_cleanup
%endif
if [ -d /run/uscreens/S-cscreen ];then
@@ -146,29 +151,30 @@
fi
fi
-%files -f %{name}.files
+%files -f %name.files
%defattr(-,root,root)
%doc docs/motd_example
%if 0%{?suse_version} > 1320
%license License
%endif
-%{_bindir}/%{name}
-%{_bindir}/cscreen_update_config.sh
-%{_datadir}/%{name}
+%_bindir/%name
+%_bindir/cscreen_update_config.sh
+%_datadir/%name
%if 0%{?has_systemd}
-%{_unitdir}/%{name}d.service
+%_tmpfilesdir/%name.conf
+%_unitdir/cscreend.service
%else
-%attr(0644,root,root) %{_fillupdir}/sysconfig.%{name}
-%{_sysconfdir}/init.d/%{name}d
+%attr(0644,root,root) %_fillupdir/sysconfig.%name
+%_sysconfdir/init.d/cscreend
%endif
-%{_sbindir}/rc%{name}d
+%_sbindir/rccscreend
-%attr(0640,root,root) %config %{_sysconfdir}/sudoers.d/%{name}
-%attr(755,%{USERNAME}, %{GROUPNAME}) %dir %{_localstatedir}/log/screen
-%attr(755,%{USERNAME}, %{GROUPNAME}) %dir %{_localstatedir}/log/screen/old
+%attr(0640,root,root) %config %_sysconfdir/sudoers.d/%name
+%attr(755,%{USERNAME}, %{GROUPNAME}) %dir %_localstatedir/log/screen
+%attr(755,%{USERNAME}, %{GROUPNAME}) %dir %_localstatedir/log/screen/old
%attr(700,%{USERNAME}, %{GROUPNAME}) %dir %{HOMEDIR}
%attr(700,%{USERNAME}, %{GROUPNAME}) %dir %{HOMEDIR}/.ssh
-%attr(644,%{USERNAME}, %{GROUPNAME}) %config(noreplace)
%{_sysconfdir}/%{name}rc
-%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
+%attr(644,%{USERNAME}, %{GROUPNAME}) %config(noreplace) %_sysconfdir/cscreenrc
+%config(noreplace) %_sysconfdir/logrotate.d/%name
%changelog
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cscreen-1.2/src/cscreen_update_config.sh
new/cscreen-1.4/src/cscreen_update_config.sh
--- old/cscreen-1.2/src/cscreen_update_config.sh 2021-09-27
15:48:15.000000000 +0200
+++ new/cscreen-1.4/src/cscreen_update_config.sh 2022-03-09
14:39:38.000000000 +0100
@@ -39,20 +39,24 @@
function add_window()
{
local TITLE COMMAND
+ local _host _status
+ local debug='/run/cscreen/.debug'
TITLE="$1"
COMMAND="$2"
+ test -w "${debug%/*}" || debug='/dev/null'
+
# change defhstatus
_host=$(echo $COMMAND | cut -d" " -f 3)
_status="$(sed -n "/${_host}/{n;p}" $SCREENRC)"
_status="$(echo $_status |sed 's/defhstatus "\(.*\)"/\1/')"
- echo $_host >> /tmp/cscreen.debug
- echo $_status >> /tmp/cscreen.debug
+ echo $_host >> "${debug}"
+ echo $_status >> "${debug}"
if [ -n "$_status" ];then
- echo "screen -x $session -X $_status" >> /tmp/cscreen.debug
- screen -x $session -X defhstatus "$_status" >>/tmp/cscreen.debug 2>&1
+ echo "screen -x $session -X $_status" >> "${debug}"
+ screen -x $session -X defhstatus "$_status" &>> "${debug}"
fi
- echo "Add Window $TITLE: screen -x $session -X $COMMAND"
>>/tmp/cscreen.debug
+ echo "Add Window $TITLE: screen -x $session -X $COMMAND" >> "${debug}"
screen -x $session -X $COMMAND
}
