[CVS] OpenPKG: openpkg-src/amanda/ amanda.spec

Fri, 07 Oct 2005 04:55:54 -0700 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /v/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   07-Oct-2005 13:55:52
  Branch: HEAD                             Handle: 2005100712555200

  Modified files:
    openpkg-src/amanda      amanda.spec

  Log:
    as discussioned, OpenPKG user/group ownerships should be built-time
    options to not allow circumvent the security design decisions of
    packages. If different user/groups are necessary because of access
    restrictions and environment constraints, either a local package
    modification should be made or some setuid/setgid-wrappers locally
    installed, etc

  Summary:
    Revision    Changes     Path
    1.11        +20 -22     openpkg-src/amanda/amanda.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/amanda/amanda.spec
  ============================================================================
  $ cvs diff -u -r1.10 -r1.11 amanda.spec
  --- openpkg-src/amanda/amanda.spec    21 Apr 2005 06:06:58 -0000      1.10
  +++ openpkg-src/amanda/amanda.spec    7 Oct 2005 11:55:52 -0000       1.11
  @@ -33,13 +33,11 @@
   Group:        System
   License:      BSD-style
   Version:      2.4.5
  -Release:      20050421
  +Release:      20051007
   
   #   package options
   %option       with_server      no
   %option       with_port_range  yes
  -%option       with_user        %{l_musr}
  -%option       with_group       %{l_mgrp}
   %option       with_config      default
   %option       with_tape_srv    default
   %option       with_index_srv   default
  @@ -109,8 +107,8 @@
           --localstatedir=%{l_prefix}/var/amanda \
           --includedir=%{l_prefix}/include/amanda \
           --disable-shared \
  -        --with-user=%{with_user} \
  -        --with-group=%{with_group} \
  +        --with-user=%{l_musr} \
  +        --with-group=%{l_mgrp} \
           --with-configdir=%{l_prefix}/etc/amanda \
           --with-gnutar=%{l_prefix}/bin/tar \
           --with-gnutar-listdir=%{l_prefix}/var/amanda/gnutar-lists \
  @@ -172,21 +170,21 @@
   
       #   install xinetd configuration files
       %{l_shtool} install -c -m 644 \
  -        -e 's;@USER@;%{with_user};g' \
  -        -e 's;@GROUP@;%{with_group};g' \
  +        -e 's;@USER@;%{l_musr};g' \
  +        -e 's;@GROUP@;%{l_mgrp};g' \
           -e 's;@LIBDIR@;%{l_prefix}/libexec/amanda;g' \
           %{SOURCE xinetd.amanda} \
           $RPM_BUILD_ROOT%{l_prefix}/etc/xinetd/xinetd.d/amanda
   %if "%{with_server}" == "yes"
       %{l_shtool} install -c -m 644 \
  -        -e 's;@USER@;%{with_user};g' \
  -        -e 's;@GROUP@;%{with_group};g' \
  +        -e 's;@USER@;%{l_musr};g' \
  +        -e 's;@GROUP@;%{l_mgrp};g' \
           -e 's;@LIBDIR@;%{l_prefix}/libexec/amanda;g' \
           %{SOURCE xinetd.amandaidx} \
           $RPM_BUILD_ROOT%{l_prefix}/etc/xinetd/xinetd.d/amandaidx
       %{l_shtool} install -c -m 644 \
  -        -e 's;@USER@;%{with_user};g' \
  -        -e 's;@GROUP@;%{with_group};g' \
  +        -e 's;@USER@;%{l_musr};g' \
  +        -e 's;@GROUP@;%{l_mgrp};g' \
           -e 's;@LIBDIR@;%{l_prefix}/libexec/amanda;g' \
           %{SOURCE xinetd.amidxtape} \
           $RPM_BUILD_ROOT%{l_prefix}/etc/xinetd/xinetd.d/amidxtape
  @@ -209,18 +207,18 @@
           '%config %{l_prefix}/etc/amanda/DailySet1/*' \
           '%not %dir %{l_prefix}/etc/xinetd/xinetd.d' \
           '%config(noreplace) %{l_prefix}/etc/xinetd/xinetd.d/*' \
  -        '%attr(660,%{with_user},%{with_group}) %config(noreplace) 
%{l_prefix}/etc/amanda/.amandahosts' \
  +        '%attr(660,%{l_musr},%{l_mgrp}) %config(noreplace) 
%{l_prefix}/etc/amanda/.amandahosts' \
   %if "%{with_server}" == "yes"
  -        '%attr(4711,%{l_susr},%{with_group}) %{l_prefix}/sbin/amcheck' \
  -        '%attr(4711,%{l_susr},%{with_group}) 
%{l_prefix}/libexec/amanda/dumper' \
  -        '%attr(4711,%{l_susr},%{with_group}) 
%{l_prefix}/libexec/amanda/planner' \
  -%endif
  -        '%attr(4711,%{l_susr},%{with_group}) 
%{l_prefix}/libexec/amanda/runtar' \
  -        '%attr(4711,%{l_susr},%{with_group}) 
%{l_prefix}/libexec/amanda/rundump' \
  -        '%attr(4711,%{l_susr},%{with_group}) 
%{l_prefix}/libexec/amanda/calcsize' \
  -        '%attr(4711,%{l_susr},%{with_group}) 
%{l_prefix}/libexec/amanda/killpgrp' \
  -        '%attr(644,%{with_user},%{with_group}) 
%{l_prefix}/etc/amanda/amandates' \
  -        '%attr(755,%{with_user},%{with_group}) 
%{l_prefix}/var/amanda/gnutar-lists'
  +        '%attr(4711,%{l_susr},%{l_mgrp}) %{l_prefix}/sbin/amcheck' \
  +        '%attr(4711,%{l_susr},%{l_mgrp}) %{l_prefix}/libexec/amanda/dumper' \
  +        '%attr(4711,%{l_susr},%{l_mgrp}) %{l_prefix}/libexec/amanda/planner' 
\
  +%endif
  +        '%attr(4711,%{l_susr},%{l_mgrp}) %{l_prefix}/libexec/amanda/runtar' \
  +        '%attr(4711,%{l_susr},%{l_mgrp}) %{l_prefix}/libexec/amanda/rundump' 
\
  +        '%attr(4711,%{l_susr},%{l_mgrp}) 
%{l_prefix}/libexec/amanda/calcsize' \
  +        '%attr(4711,%{l_susr},%{l_mgrp}) 
%{l_prefix}/libexec/amanda/killpgrp' \
  +        '%attr(644,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/amanda/amandates' \
  +        '%attr(755,%{l_musr},%{l_mgrp}) %{l_prefix}/var/amanda/gnutar-lists'
   
   %files -f files
   
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [email protected]

Reply via email to