rpms/zabbix/F-8 zabbix-1.4.2-initgroups.patch, NONE, 1.1 zabbix.spec, 1.14, 1.15
Dan Horak (sharkcz)
fedora-extras-commits at redhat.com
Sat Dec 1 09:06:06 UTC 2007
- Previous message (by thread): rpms/zabbix/devel zabbix-1.4.2-initgroups.patch, NONE, 1.1 zabbix.spec, 1.14, 1.15
- Next message (by thread): rpms/xapian-bindings/F-8 .cvsignore, 1.1, 1.2 sources, 1.2, 1.3 xapian-bindings.spec, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: sharkcz
Update of /cvs/pkgs/rpms/zabbix/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31408
Modified Files:
zabbix.spec
Added Files:
zabbix-1.4.2-initgroups.patch
Log Message:
* Sat Dec 01 2007 Dan Horak <dan[at]danny.cz> 1.4.2-4
- add security fix (#407181)
zabbix-1.4.2-initgroups.patch:
--- NEW FILE zabbix-1.4.2-initgroups.patch ---
--- /home/abi/zabbix-1.4.2/src/libs/zbxnix/daemon.c 2007-08-20 21:22:22.000000000 +0200
+++ zabbix-1.4.2/src/libs/zbxnix/daemon.c 2007-11-25 15:53:31.890046746 +0100
@@ -90,20 +90,33 @@
pid_t pid;
struct passwd *pwd;
struct sigaction phan;
+ char user[7] = "zabbix";
/* running as root ?*/
if((0 == allow_root) && (0 == getuid() || 0 == getgid()))
{
- pwd = getpwnam("zabbix");
+ pwd = getpwnam(user);
if (NULL == pwd)
{
zbx_error("User zabbix does not exist.");
zbx_error("Cannot run as root !");
exit(FAIL);
}
- if( (setgid(pwd->pw_gid) ==-1) || (setuid(pwd->pw_uid) == -1) )
+ if( (setgid(pwd->pw_gid) ==-1) )
{
- zbx_error("Cannot setgid or setuid to zabbix [%s].", strerror(errno));
+ zbx_error("Cannot setgid to zabbix [%s].", strerror(errno));
+ exit(FAIL);
+ }
+
+ if( (initgroups(user, pwd->pw_gid) == -1) )
+ {
+ zbx_error("Cannot initgroups to zabbix [%s].", strerror(errno));
+ exit(FAIL);
+ }
+
+ if( (setuid(pwd->pw_uid) ==-1) )
+ {
+ zbx_error("Cannot setuid to zabbix [%s].", strerror(errno));
exit(FAIL);
}
Index: zabbix.spec
===================================================================
RCS file: /cvs/pkgs/rpms/zabbix/F-8/zabbix.spec,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- zabbix.spec 20 Sep 2007 16:23:08 -0000 1.14
+++ zabbix.spec 1 Dec 2007 09:05:30 -0000 1.15
@@ -1,6 +1,6 @@
Name: zabbix
Version: 1.4.2
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: Open-source monitoring solution for your IT infrastructure
Group: Applications/Internet
@@ -13,6 +13,7 @@
Source4: zabbix-logrotate.in
Patch0: zabbix-1.4.2-include.patch
Patch1: zabbix-1.4.2-cpustats.patch
+Patch2: zabbix-1.4.2-initgroups.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
%define database mysql
@@ -81,6 +82,7 @@
%setup -q
%patch0 -p1 -b .include
%patch1 -p1 -b .cpustats
+%patch2 -p1 -b .initgroups
# shuffle sql init files around to fix up install
mkdir -p dbinit/{schema,data}
@@ -252,6 +254,9 @@
%{_datadir}/%{name}/js/*
%changelog
+* Sat Dec 01 2007 Dan Horak <dan[at]danny.cz> 1.4.2-4
+- add security fix (#407181)
+
* Thu Sep 20 2007 Dan Horak <dan[at]danny.cz> 1.4.2-3
- Add a patch to clean a warning during compile
- Add a patch to fix cpu load computations
- Previous message (by thread): rpms/zabbix/devel zabbix-1.4.2-initgroups.patch, NONE, 1.1 zabbix.spec, 1.14, 1.15
- Next message (by thread): rpms/xapian-bindings/F-8 .cvsignore, 1.1, 1.2 sources, 1.2, 1.3 xapian-bindings.spec, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list