rpms/tmux/F-12 tmux-1.0-02_fix_wrong_location.diff, NONE, 1.1 tmux-1.0-03_proper_socket_handling.diff, NONE, 1.1 tmux-1.0-04_dropping_unnecessary_privileges.diff, NONE, 1.1 tmux-1.0-06_hardening_write_return.diff, NONE, 1.1 tmux.spec, NONE, 1.1 sources, 1.1, 1.2
Sven Lankes
slankes at fedoraproject.org
Mon Nov 9 21:42:17 UTC 2009
- Previous message (by thread): rpms/tmux/devel .cvsignore, 1.2, 1.3 sources, 1.2, 1.3 tmux-1.0-02_fix_wrong_location.diff, 1.1, 1.2 tmux-1.0-03_proper_socket_handling.diff, 1.1, 1.2 tmux-1.0-06_hardening_write_return.diff, 1.1, 1.2 tmux.spec, 1.3, 1.4
- Next message (by thread): rpms/argyllcms/F-12 argyllcms-1.0.4-dispwin-randr-fix.patch, NONE, 1.1 argyllcms.spec, 1.14, 1.15
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: slankes
Update of /cvs/pkgs/rpms/tmux/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17019
Modified Files:
sources
Added Files:
tmux-1.0-02_fix_wrong_location.diff
tmux-1.0-03_proper_socket_handling.diff
tmux-1.0-04_dropping_unnecessary_privileges.diff
tmux-1.0-06_hardening_write_return.diff tmux.spec
Log Message:
Initial tmux build for F-12
tmux-1.0-02_fix_wrong_location.diff:
GNUmakefile | 8 ++++----
Makefile | 8 ++++----
2 files changed, 8 insertions(+), 8 deletions(-)
--- NEW FILE tmux-1.0-02_fix_wrong_location.diff ---
diff --git a/GNUmakefile b/GNUmakefile
index f8f1911..5e7b6f3 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -23,7 +23,7 @@ VERSION= 1.1
CC?= cc
CFLAGS+= -DBUILD="\"$(VERSION)\""
-LDFLAGS+= -L/usr/local/lib
+LDFLAGS+= -L/usr/lib
LIBS+=
# Sun CC
@@ -51,7 +51,7 @@ CFLAGS+= -Wno-pointer-sign
endif
endif
-PREFIX?= /usr/local
+PREFIX?= /usr
INSTALLDIR= install -d
INSTALLBIN= install -g bin -o root -m 555
INSTALLMAN= install -g bin -o root -m 444
@@ -80,7 +80,7 @@ clean-all: clean clean-depend
install: all
$(INSTALLDIR) $(DESTDIR)$(PREFIX)/bin
$(INSTALLBIN) tmux $(DESTDIR)$(PREFIX)/bin/tmux
- $(INSTALLDIR) $(DESTDIR)$(PREFIX)/man/man1
- $(INSTALLMAN) tmux.1 $(DESTDIR)$(PREFIX)/man/man1/tmux.1
+ $(INSTALLDIR) $(DESTDIR)$(PREFIX)/share/man/man1
+ $(INSTALLMAN) tmux.1 $(DESTDIR)$(PREFIX)/share/man/man1/tmux.1
-include .depend
diff --git a/Makefile b/Makefile
index f713677..c5b1ece 100644
--- a/Makefile
+++ b/Makefile
@@ -24,7 +24,7 @@ VERSION= 1.1
CC?= cc
CFLAGS+= -DBUILD="\"$(VERSION)\""
-LDFLAGS+= -L/usr/local/lib
+LDFLAGS+= -L/usr/lib
LIBS+=
.ifdef FDEBUG
@@ -47,7 +47,7 @@ CFLAGS+= -Wno-pointer-sign
.endif
.endif
-PREFIX?= /usr/local
+PREFIX?= /usr
INSTALLDIR= install -d
INSTALLBIN= install -g bin -o root -m 555
INSTALLMAN= install -g bin -o root -m 444
@@ -79,5 +79,5 @@ clean-all: clean clean-depend
install: all
${INSTALLDIR} ${DESTDIR}${PREFIX}/bin
${INSTALLBIN} tmux ${DESTDIR}${PREFIX}/bin/
- ${INSTALLDIR} ${DESTDIR}${PREFIX}/man/man1
- ${INSTALLMAN} tmux.1 ${DESTDIR}${PREFIX}/man/man1/
+ ${INSTALLDIR} ${DESTDIR}${PREFIX}/share/man/man1
+ ${INSTALLMAN} tmux.1 ${DESTDIR}${PREFIX}/share/man/man1/
tmux-1.0-03_proper_socket_handling.diff:
GNUmakefile | 2 +-
Makefile | 2 +-
compat.h | 1 +
tmux.c | 2 +-
4 files changed, 4 insertions(+), 3 deletions(-)
--- NEW FILE tmux-1.0-03_proper_socket_handling.diff ---
diff --git a/GNUmakefile b/GNUmakefile
index 5e7b6f3..c11120e 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -53,7 +53,7 @@ endif
PREFIX?= /usr
INSTALLDIR= install -d
-INSTALLBIN= install -g bin -o root -m 555
+INSTALLBIN= install -g tmux -o root -m 2755
INSTALLMAN= install -g bin -o root -m 444
SRCS= $(shell echo *.c|sed 's|osdep-[a-z0-9]*.c||g')
diff --git a/Makefile b/Makefile
index c5b1ece..9cb822a 100644
--- a/Makefile
+++ b/Makefile
@@ -49,7 +49,7 @@ CFLAGS+= -Wno-pointer-sign
PREFIX?= /usr
INSTALLDIR= install -d
-INSTALLBIN= install -g bin -o root -m 555
+INSTALLBIN= install -g tmux -o root -m 2755
INSTALLMAN= install -g bin -o root -m 444
SRCS!= echo *.c|sed 's|osdep-[a-z0-9]*.c||g'
diff --git a/compat.h b/compat.h
index 68fde0a..d63e7d3 100644
--- a/compat.h
+++ b/compat.h
@@ -26,6 +26,7 @@ typedef uint64_t u_int64_t;
#ifndef HAVE_PATHS_H
#define _PATH_BSHELL "/bin/sh"
#define _PATH_TMP "/tmp/"
+#define _PATH_VARRUN "/var/run/"
#define _PATH_DEVNULL "/dev/null"
#define _PATH_TTY "/dev/tty"
#define _PATH_DEV "/dev/"
diff --git a/tmux.c b/tmux.c
index b590ec1..8c07180 100644
--- a/tmux.c
+++ b/tmux.c
@@ -264,7 +264,7 @@ makesockpath(const char *label)
u_int uid;
uid = getuid();
- xsnprintf(base, MAXPATHLEN, "%s/tmux-%d", _PATH_TMP, uid);
+ xsnprintf(base, MAXPATHLEN, "%s/%s/%s-%d", _PATH_VARRUN, __progname, __progname, uid);
if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
return (NULL);
tmux-1.0-04_dropping_unnecessary_privileges.diff:
tmux.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
--- NEW FILE tmux-1.0-04_dropping_unnecessary_privileges.diff ---
# using setresgid() for safely dropping utmp group membership.
--- a/tmux.c
+++ b/tmux.c
@@ -236,9 +236,11 @@
{
char base[MAXPATHLEN], *path;
struct stat sb;
- u_int uid;
+ u_int uid,gid;
uid = getuid();
+ gid = getgid();
+
xsnprintf(base, MAXPATHLEN, "%s/%s/%s-%d", _PATH_VARRUN, __progname, __progname, uid);
if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
@@ -254,6 +256,9 @@
errno = EACCES;
return (NULL);
}
+ /* drop unnecessary privileges */
+ if (setresgid(gid, gid, gid) != 0)
+ return (NULL);
xasprintf(&path, "%s/%s", base, label);
return (path);
tmux-1.0-06_hardening_write_return.diff:
tty.c | 14 ++++++++++----
window.c | 4 +++-
2 files changed, 13 insertions(+), 5 deletions(-)
--- NEW FILE tmux-1.0-06_hardening_write_return.diff ---
diff --git a/tty.c b/tty.c
index 9d30ed9..2535bf3 100644
--- a/tty.c
+++ b/tty.c
@@ -283,7 +283,8 @@ tty_free(struct tty *tty)
void
tty_raw(struct tty *tty, const char *s)
{
- write(tty->fd, s, strlen(s));
+ if (write(tty->fd, s, strlen(s)) == -1)
+ fatal("write failed");
}
void
@@ -316,7 +317,9 @@ tty_puts(struct tty *tty, const char *s)
buffer_write(tty->out, s, strlen(s));
if (tty->log_fd != -1)
- write(tty->log_fd, s, strlen(s));
+ if (write(tty->log_fd, s, strlen(s)) == -1)
+ fatal("write failed");
+
}
void
@@ -342,7 +345,8 @@ tty_putc(struct tty *tty, u_char ch)
}
if (tty->log_fd != -1)
- write(tty->log_fd, &ch, 1);
+ if (write(tty->log_fd, &ch, 1) == -1)
+ fatal("write failed");
}
void
@@ -355,7 +359,9 @@ tty_pututf8(struct tty *tty, const struct grid_utf8 *gu)
break;
buffer_write8(tty->out, gu->data[i]);
if (tty->log_fd != -1)
- write(tty->log_fd, &gu->data[i], 1);
+ if (write(tty->log_fd, &gu->data[i], 1) == -1)
+ fatal("write failed");
+
}
tty->cx += gu->width;
diff --git a/window.c b/window.c
index f4be17d..318d2e9 100644
--- a/window.c
+++ b/window.c
@@ -516,7 +516,9 @@ window_pane_spawn(struct window_pane *wp, const char *cmd, const char *shell,
return (-1);
case 0:
if (chdir(wp->cwd) != 0)
- chdir("/");
+ if (chdir("/") <0)
+ fatal("chdir failed");
+
if (tcgetattr(STDIN_FILENO, &tio2) != 0)
fatal("tcgetattr failed");
--- NEW FILE tmux.spec ---
Name: tmux
Version: 1.1
Release: 1%{?dist}
Summary: A terminal multiplexer
Group: Applications/System
# Most of the source is ISC licensed; some of the files in compat/ are 2 and
# 3 clause BSD licensed.
License: ISC and BSD
URL: http://sourceforge.net/projects/tmux
Requires(pre): shadow-utils
Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
# This first patch creates MANDIR in the GNUmakefile. This has been sent
# upstream via email but upstream replied and said would not change.
Patch0: tmux-1.0-02_fix_wrong_location.diff
Patch1: tmux-1.0-03_proper_socket_handling.diff
Patch2: tmux-1.0-04_dropping_unnecessary_privileges.diff
Patch3: tmux-1.0-06_hardening_write_return.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: ncurses-devel
%description
tmux is a "terminal multiplexer." It enables a number of terminals (or
windows) to be accessed and controlled from a single terminal. tmux is
intended to be a simple, modern, BSD-licensed alternative to programs such
as GNU Screen.
%prep
%setup -q
%patch0 -p1 -b .location
%patch1 -p1 -b .sockethandling
%patch2 -p1 -b .dropprivs
%patch3 -p1 -b .writehard
%build
%configure
make %{?_smp_mflags} LDFLAGS="%{optflags}"
%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot} INSTALLBIN="install -p -m 755" INSTALLMAN="install -p -m 644"
# Create the socket dir
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/%{name}
%clean
rm -rf %{buildroot}
%pre
getent group tmux >/dev/null || groupadd -r tmux
%files
%defattr(-,root,root,-)
%doc CHANGES FAQ NOTES TODO examples/
%attr(2755,root,tmux) %{_bindir}/tmux
%{_mandir}/man1/tmux.1.*
%attr(775,root,tmux) %{_localstatedir}/run/tmux
%changelog
* Mon Nov 09 2009 Sven Lankes <sven at lank.es> 1.1-1
- New upstream release
* Sun Nov 01 2009 Sven Lankes <sven at lank.es> 1.0-2
- Add debian patches
- Add tmux group for improved socket handling
* Sat Oct 24 2009 Sven Lankes <sven at lank.es> 1.0-1
- New upstream release
* Mon Jul 13 2009 Chess Griffin <chess at chessgriffin.com> 0.9-1
- Update to version 0.9.
- Remove sed invocation as this was adopted upstream.
- Remove optflags patch since upstream source now uses ./configure and
detects the flags when passed to make.
* Tue Jun 23 2009 Chess Griffin <chess at chessgriffin.com> 0.8-5
- Note that souce is mostly ISC licensed with some 2 and 3 clause BSD in
compat/.
- Remove fixiquote.patch and instead use a sed invocation in setup.
* Mon Jun 22 2009 Chess Griffin <chess at chessgriffin.com> 0.8-4
- Add optimization flags by patching GNUmakefile and passing LDFLAGS
to make command.
- Use consistent macro format.
- Change examples/* to examples/ and add TODO to docs.
* Sun Jun 21 2009 Chess Griffin <chess at chessgriffin.com> 0.8-3
- Remove fixperms.patch and instead pass them at make install stage.
* Sat Jun 20 2009 Chess Griffin <chess at chessgriffin.com> 0.8-2
- Fix Source0 URL to point to correct upstream source.
- Modify fixperms.patch to set 644 permissions on the tmux.1.gz man page.
- Remove wildcards from 'files' section and replace with specific paths and
filenames.
* Mon Jun 15 2009 Chess Griffin <chess at chessgriffin.com> 0.8-1
- Initial RPM release.
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/tmux/F-12/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- sources 31 Oct 2009 23:41:30 -0000 1.1
+++ sources 9 Nov 2009 21:42:16 -0000 1.2
@@ -0,0 +1 @@
+faf2fc52ac3ae63d899f6fece2c112cd tmux-1.1.tar.gz
- Previous message (by thread): rpms/tmux/devel .cvsignore, 1.2, 1.3 sources, 1.2, 1.3 tmux-1.0-02_fix_wrong_location.diff, 1.1, 1.2 tmux-1.0-03_proper_socket_handling.diff, 1.1, 1.2 tmux-1.0-06_hardening_write_return.diff, 1.1, 1.2 tmux.spec, 1.3, 1.4
- Next message (by thread): rpms/argyllcms/F-12 argyllcms-1.0.4-dispwin-randr-fix.patch, NONE, 1.1 argyllcms.spec, 1.14, 1.15
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list