main/fprobe-ulogd: fix setre[ug]id usage

add uclibc specific hack
author: Timo Teräs <timo.teras@iki.fi> 2014-07-30 11:24:52 +0000
committer: Timo Teräs <timo.teras@iki.fi> 2014-07-30 11:24:52 +0000
commit: d21088ca36ae434afe7d3c72a8dbc3ffda943fbd (patch)
tree: 568f4ffb90bf6cc527b9626060a3203aab109324 /main
parent: 0affba121160bd27a30e4334736f19265dca97ae (diff)
download: aports-d21088ca36ae434afe7d3c72a8dbc3ffda943fbd.tar.bz2
aports-d21088ca36ae434afe7d3c72a8dbc3ffda943fbd.tar.xz
2 files changed, 59 insertions, 2 deletions
diff --git a/main/fprobe-ulog/APKBUILD b/main/fprobe-ulog/APKBUILD
index ff8afad471..10aa97f23f 100644
--- a/main/fprobe-ulog/APKBUILD
+++ b/main/fprobe-ulog/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
 pkgname=fprobe-ulog
 pkgver=1.1
-pkgrel=2
+pkgrel=3
 pkgdesc="netfilter-based tool that collect network traffic"
 url="http://fprobe.sourceforge.net/"
 arch="all"
@@ -14,6 +14,7 @@ source="http://downloads.sourceforge.net/project/fprobe/$pkgname/$pkgver/$pkgnam
 	fprobe-ulog.confd
 	fprobe-ulog.initd
 	fprobe-1.1-pidfile-sanity.patch
+	fix-setuser.patch
 	"
 
 _builddir="$srcdir"/$pkgname-$pkgver
@@ -53,4 +54,15 @@ package() {
 md5sums="cdb2e4edc47e8a3d5479eeabfb979ebc  fprobe-ulog-1.1.tar.bz2
 8aabfe548f2fb197a10c8ccfaa4d0a23  fprobe-ulog.confd
 df64f84f28af0976bff35a8fda8d663a  fprobe-ulog.initd
-f1316ad835c1a2b6565b4dc448b022df  fprobe-1.1-pidfile-sanity.patch"
+f1316ad835c1a2b6565b4dc448b022df  fprobe-1.1-pidfile-sanity.patch
+9d964de64e18302e294ddb540138969b  fix-setuser.patch"
+sha256sums="53b9ccbca4469dfb0e9da91f9f0789dbf732f2adac9de18842e3c210b445f2ad  fprobe-ulog-1.1.tar.bz2
+7101091e238f5b0719a66f525f5bdc000ad593f492dd51896e2bd077fcada8f4  fprobe-ulog.confd
+5408a87e4d736918afb754bbfada578e504b5583203c3e7f7760f6fe1bdb6c75  fprobe-ulog.initd
+660531f8ba574f80835bb26390e47c2541a3c75985656d46a334c38bfaa4e362  fprobe-1.1-pidfile-sanity.patch
+8a1f70ff3fcf8dc4cd385408d74d047f5b5bc2ac578738d3ca2a02ca932b07da  fix-setuser.patch"
+sha512sums="144c420709e19d6d9212d5d849c9d68526aeabbb2a17c6d7c84f4ebc5760473b9adef2c1fb99ae4d70a15daa48a9e05e340a4928203f8bb88aeadf8317410fe1  fprobe-ulog-1.1.tar.bz2
+388522863b5c77a334ee11bd771717d829448c85755b58088e22558b99a98514ac95ec3122cf3cb1ce7376f40ac0bae6bf1488dbd4ef60170c3ff83824988195  fprobe-ulog.confd
+557fc66e7aeaea92800d7457c8f637dd78ccd99765e0f37bf49bf91eccb744c2b68f2aace79babe823af5daee86afc7b4e3c846969cc444325b3703d3ffbccd5  fprobe-ulog.initd
+e8d5103d2c12fffb913b327badf07e6ac3a0ad8b6e39e942c50dc7e472391b345006b7ee7b7d12a4613c351db2b4e88a6fbd17cfa0907c7c9010faeced3ff557  fprobe-1.1-pidfile-sanity.patch
+83457df80bc7baade6f8792bda42cb958bdbb443cba4254d2395719620434c194a5614005f3b7d9b3f7e0e16c9e859ec8bfbd7affcd0d2ecb19bc19ad7957ae6  fix-setuser.patch"
diff --git a/main/fprobe-ulog/fix-setuser.patch b/main/fprobe-ulog/fix-setuser.patch
new file mode 100644
index 0000000000..0b10a9e7f8
--- /dev/null
+++ b/main/fprobe-ulog/fix-setuser.patch
@@ -0,0 +1,45 @@
+From: Timo Teräs <timo.teras@iki.fi>
+
+Fix setre[gu]id handling for uclibc. uclibc may have non-compliant
+setre[gu]id implementation calling directly the syscall. This causes
+per-thread functionality instead of the specified per-process functinality.
+
+Fix potential race condition by doing setgroups() only in the main
+and doing it early. Later call setre[gu]id in all threads.
+
+diff -ru fprobe-ulog-1.1.orig/src/fprobe-ulog.c fprobe-ulog-1.1/src/fprobe-ulog.c
+--- fprobe-ulog-1.1.orig/src/fprobe-ulog.c	2014-07-30 14:13:32.089399841 -0300
++++ fprobe-ulog-1.1/src/fprobe-ulog.c	2014-07-30 14:12:13.626065731 -0300
+@@ -625,7 +625,6 @@
+ 	Try to change EUID independently of main thread
+ 	*/
+ 	if (pw) {
+-		setgroups(0, NULL);
+ 		setregid(pw->pw_gid, pw->pw_gid);
+ 		setreuid(pw->pw_uid, pw->pw_uid);
+ 	}
+@@ -1382,6 +1381,13 @@
+ 		}
+ 	}
+ 
++	if (pw) {
++		if (setgroups(0, NULL)) {
++			my_log(LOG_CRIT, "setgroups(): %s", strerror(errno));
++			exit(1);
++		}
++	}
++
+ 	schedp.sched_priority = schedp.sched_priority - THREADS + 2;
+ 	pthread_attr_init(&tattr);
+ 	for (i = 0; i < THREADS - 1; i++) {
+@@ -1401,10 +1407,6 @@
+ 	}
+ 
+ 	if (pw) {
+-		if (setgroups(0, NULL)) {
+-			my_log(LOG_CRIT, "setgroups(): %s", strerror(errno));
+-			exit(1);
+-		}
+ 		if (setregid(pw->pw_gid, pw->pw_gid)) {
+ 			my_log(LOG_CRIT, "setregid(%u): %s", pw->pw_gid, strerror(errno));
+ 			exit(1);
author	Timo Teräs <timo.teras@iki.fi>	2014-07-30 11:24:52 +0000
committer	Timo Teräs <timo.teras@iki.fi>	2014-07-30 11:24:52 +0000
commit	d21088ca36ae434afe7d3c72a8dbc3ffda943fbd (patch)
tree	568f4ffb90bf6cc527b9626060a3203aab109324 /main
parent	0affba121160bd27a30e4334736f19265dca97ae (diff)
download	aports-d21088ca36ae434afe7d3c72a8dbc3ffda943fbd.tar.bz2 aports-d21088ca36ae434afe7d3c72a8dbc3ffda943fbd.tar.xz