This is an automated email from the git hooks/post-receive script. gregoa pushed a commit to branch master in repository frozen-bubble.
commit 1f616f53a66268eb7b20e925fdf305018697efc6 Author: gregor herrmann <gre...@debian.org> Date: Tue Jun 24 00:02:12 2014 +0200 Add patch hardening-server to add hardening flags to build. Fix a compiler error about unused return values that is triggered by this change. --- debian/patches/hardening-server | 35 +++++++++++++++++++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 36 insertions(+) diff --git a/debian/patches/hardening-server b/debian/patches/hardening-server new file mode 100644 index 0000000..c033462 --- /dev/null +++ b/debian/patches/hardening-server @@ -0,0 +1,35 @@ +Description: pass CPPFLAGS to compile flags for server + And then the build fails with an unused-return-value error. + So let's handle setgid/setuid results. +Origin: vendor +Forwarded: no +Author: gregor herrmann <gre...@debian.org> +Last-Update: 2014-06-24 + +--- a/inc/My/Builder.pm ++++ b/inc/My/Builder.pm +@@ -127,6 +127,7 @@ + '-I' . $server_directory, # does not seem to be necessary + $cbuilder->split_like_shell(`pkg-config glib-2.0 --cflags`), + $cbuilder->split_like_shell(`pkg-config glib-2.0 --libs`), ++ $ENV{CPPFLAGS}, + ], + ); + } +--- a/server/tools.c ++++ b/server/tools.c +@@ -261,8 +261,12 @@ + if (user_to_switch != NULL) { + struct passwd* user = getpwnam(user_to_switch); + if (user) { +- setgid(user->pw_gid); +- setuid(user->pw_uid); ++ if (setgid(user->pw_gid) < 0) { ++ l3(OUTPUT_TYPE_ERROR, "Can set gid to %d for user %s: %s", user->pw_gid, user_to_switch, strerror(errno)); ++ } ++ if (setuid(user->pw_uid) < 0) { ++ l3(OUTPUT_TYPE_ERROR, "Can set uid to %d for user %s: %s", user->pw_uid, user_to_switch, strerror(errno)); ++ } + } else { + l2(OUTPUT_TYPE_ERROR, "Cannot switch user to %s: %s", user_to_switch, strerror(errno)); + } diff --git a/debian/patches/series b/debian/patches/series index e1d4a6c..354a481 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -4,3 +4,4 @@ de_po spelling-error-in-manpage.patch shorter-nick kick-out-accelerometers +hardening-server -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/frozen-bubble.git _______________________________________________ Pkg-perl-cvs-commits mailing list Pkg-perl-cvs-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-perl-cvs-commits