.screenrc * added missing backup=()

crazy Sat, 28 Jan 2017 07:30:06 -0800

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=76e381f574de44ff18b6226da0f67c979f76ac6a


commit 76e381f574de44ff18b6226da0f67c979f76ac6a
Author: crazy <[email protected]>
Date:   Sat Jan 28 16:24:59 2017 +0100

screen-4.5.0-2-x86_64
* pkgrel++
* added revert patch for the root-exploit bug , see :
https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html
* added tmpfiles.d && PAM support
* socket dir changed to /run/screen
* config dir changed to /etc/screen/<file>
* added default screenrc and example for ~/.screenrc
* added missing backup=()

diff --git a/source/apps/screen/FrugalBuild b/source/apps/screen/FrugalBuild
index 6e2d943..c2e375e 100644
--- a/source/apps/screen/FrugalBuild
+++ b/source/apps/screen/FrugalBuild
@@ -3,20 +3,57 @@

pkgname=screen
pkgver=4.5.0
-pkgrel=1
+pkgrel=2
pkgdesc="A full-screen window manager that multiplexes a physical terminal"
url="http://www.gnu.org/software/screen/screen.html";
pkgurl="http://ftp.gnu.org/gnu/$pkgname/";
-depends=('ncurses>=6.0-6')
+depends=('ncurses>=6.0-6' 'pam')
groups=('apps')
archs=("x86_64")
up2date="Flasttar $pkgurl"
source=("$pkgurl/$pkgname-$pkgver.tar.gz" \
-       screen-4.0.3-nosuid.diff \
-       README.Frugalware)
+       revert-5460f5d2-aka-root-exploit.patch \
+       screen.conf screen-pam README.Frugalware)
+backup=('etc/screen/screenrc' 'etc/pam.d/screen')
sha1sums=('b329f538e7265405a5c14e13520e95ced9d2cb17' \
-          '41890308184675c90cd528a206ce4117760188ca' \
+          '641bf674b8d279475f474e9fb1fe41c7b635b9e3' \
+          '523a61585ff9571b8fa9cd511a95d1040218da87' \
+          '7bde8592f01e9eab13a5cc85a4902230a6fc47e4' \
'aee108ed81e41b3fd2e6d6d028a659fa7abd100a')
-Fconfopts+=" --disable-pam --enable-locale --enable-rxvt_osc 
--enable-colors256"
-unset MAKEFLAGS
+_Fbuild_no_patch="yes"
+
+build() {
+
+       Fcd
+       Fpatchall
+
+       _F_make_opts="-j1"
+
+       Fbuild \
+               --enable-pam \
+               --enable-colors256 \
+               --with-pty-group=5 \
+               --with-socket-dir=/run/screen \
+               --with-sys-screenrc=/etc/screen/screenrc \
+               --enable-rxvt_osc \
+               --enable-use-locale \
+               --enable-telnet
+
+       ## no need for that
+       Frm usr/bin/${pkgname}
+       Fmv usr/bin/${pkgname}-${pkgver} usr/bin/${pkgname}
+
+       ## PAM file
+       Finstall 0644 "$pkgname-pam" etc/pam.d/screen
+
+       ## systemd file
+       Fmkdir run/screen
+       Finstall 0644 "$pkgname.conf" usr/lib/tmpfiles.d/screen.conf
+
+       ## default rc file
+       Finstallrel 0644 ./etc/etcscreenrc etc/screen/screenrc
+
+       ## example ~/.screenrc file
+       Finstallrel 0644 ./etc/screenrc etc/screen/screenrc.user.example
+}
# optimization OK
diff --git a/source/apps/screen/revert-5460f5d2-aka-root-exploit.patch 
b/source/apps/screen/revert-5460f5d2-aka-root-exploit.patch
new file mode 100644
index 0000000..32c6c61
--- /dev/null
+++ b/source/apps/screen/revert-5460f5d2-aka-root-exploit.patch
@@ -0,0 +1,22 @@
+Description: Fix privilege escalation by reverting upstream commit 5460f5d2
+Author: Axel Beckert <[email protected]>
+Bug-Debian: https://bugs.debian.org/852484
+Bug-CVE: http://www.openwall.com/lists/oss-security/2017/01/24/10
+Bug: https://savannah.gnu.org/bugs/?50142
+     https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html
+
+--- a/screen.c
++++ b/screen.c
+@@ -673,12 +673,6 @@
+                 Panic(0, "-L: logfile name can not start with \"-\" symbol");
+               if (strlen(screenlogfile) > PATH_MAX)
+                 Panic(0, "-L: logfile name too long. (max. %d char)", 
PATH_MAX);
+-
+-              FILE *w_check;
+-              if ((w_check = fopen(screenlogfile, "w")) == NULL)
+-                Panic(0, "-L: logfile name access problem");
+-              else
+-                fclose(w_check);
+             }
+             nwin_options.Lflag = 1;
+             break;
diff --git a/source/apps/screen/screen-4.0.3-nosuid.diff 
b/source/apps/screen/screen-4.0.3-nosuid.diff
deleted file mode 100644
index 146b802..0000000
--- a/source/apps/screen/screen-4.0.3-nosuid.diff
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -Naur screen-4.0.3.orig/Makefile.in screen-4.0.3/Makefile.in
---- screen-4.0.3.orig/Makefile.in      2006-10-23 15:06:32.000000000 +0200
-+++ screen-4.0.3/Makefile.in   2006-10-24 11:40:34.000000000 +0200
-@@ -74,7 +74,6 @@
-       -if [ -f $(DESTDIR)$(bindir)/$(SCREEN) ] && [ ! -f 
$(DESTDIR)$(bindir)/$(SCREEN).old ]; \
-               then mv $(DESTDIR)$(bindir)/$(SCREEN) 
$(DESTDIR)$(bindir)/$(SCREEN).old; fi
-       $(INSTALL_PROGRAM) screen $(DESTDIR)$(bindir)/$(SCREEN)
--      -chown root $(DESTDIR)$(bindir)/$(SCREEN) && chmod 4755 
$(DESTDIR)$(bindir)/$(SCREEN)
- # This doesn't work if $(bindir)/screen is a symlink
-       -if [ -f $(DESTDIR)$(bindir)/screen ] && [ ! -f 
$(DESTDIR)$(bindir)/screen.old ]; then mv $(DESTDIR)$(bindir)/screen 
$(DESTDIR)$(bindir)/screen.old; fi
-       rm -f $(DESTDIR)$(bindir)/screen
diff --git a/source/apps/screen/screen-pam b/source/apps/screen/screen-pam
new file mode 100644
index 0000000..143c372
--- /dev/null
+++ b/source/apps/screen/screen-pam
@@ -0,0 +1,2 @@
+#%PAM-1.0
+auth   include         system-auth
diff --git a/source/apps/screen/screen.conf b/source/apps/screen/screen.conf
new file mode 100644
index 0000000..0dca607
--- /dev/null
+++ b/source/apps/screen/screen.conf
@@ -0,0 +1 @@
+d /run/screen 0755 root root
_______________________________________________
Frugalware-git mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to