diff options
3 files changed, 92 insertions, 2 deletions
diff --git a/main/apk-tools/0001-db-strip-leading-and-trailing-slashes-from-protected.patch b/main/apk-tools/0001-db-strip-leading-and-trailing-slashes-from-protected.patch new file mode 100644 index 0000000000..8f11204bec --- /dev/null +++ b/main/apk-tools/0001-db-strip-leading-and-trailing-slashes-from-protected.patch @@ -0,0 +1,30 @@ +From 38c1e65afbb334af0107c6bdd5362303473d866f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> +Date: Tue, 1 May 2012 14:30:06 +0300 +Subject: [PATCH 1/2] db: strip leading and trailing slashes from protected + path spec + +--- + src/database.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/database.c b/src/database.c +index 26774be..bcc707f 100644 +--- a/src/database.c ++++ b/src/database.c +@@ -1181,6 +1181,12 @@ static int add_protected_path(void *ctx, apk_blob_t blob) + break; + } + ++ /* skip leading and trailing path separators */ ++ while (blob.len && blob.ptr[0] == '/') ++ blob.ptr++, blob.len--; ++ while (blob.len && blob.ptr[blob.len-1] == '/') ++ blob.len--; ++ + *apk_protected_path_array_add(&db->protected_paths) = (struct apk_protected_path) { + .relative_pattern = apk_blob_cstr(blob), + .protected = protected, +-- +1.7.10 + diff --git a/main/apk-tools/0002-audit-apply-protected_paths.d-masks-to-individual-fi.patch b/main/apk-tools/0002-audit-apply-protected_paths.d-masks-to-individual-fi.patch new file mode 100644 index 0000000000..84989a7511 --- /dev/null +++ b/main/apk-tools/0002-audit-apply-protected_paths.d-masks-to-individual-fi.patch @@ -0,0 +1,56 @@ +From c9a43a14697fa955f31e495a8b03a523975ad285 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> +Date: Tue, 1 May 2012 15:40:31 +0300 +Subject: [PATCH 2/2] audit: apply protected_paths.d masks to individual files + +--- + src/audit.c | 21 ++++++++++++++++++--- + 1 file changed, 18 insertions(+), 3 deletions(-) + +diff --git a/src/audit.c b/src/audit.c +index 071ff4d..03f977b 100644 +--- a/src/audit.c ++++ b/src/audit.c +@@ -14,6 +14,7 @@ + #include <fcntl.h> + #include <unistd.h> + #include <dirent.h> ++#include <fnmatch.h> + #include <sys/stat.h> + #include "apk_applet.h" + #include "apk_database.h" +@@ -199,14 +200,28 @@ recurse_check: + atctx->pathlen--; + } else { + struct apk_db_file *dbf; ++ struct apk_protected_path_array *ppaths = dbd->protected_paths; ++ int i, protected = dbd->protected, symlinks_only = dbd->symlinks_only; ++ ++ /* inherit file's protection mask */ ++ for (i = 0; i < ppaths->num; i++) { ++ struct apk_protected_path *ppath = &ppaths->item[i]; ++ char *slash = strchr(ppath->relative_pattern, '/'); ++ if (slash == NULL) { ++ if (fnmatch(ppath->relative_pattern, name, FNM_PATHNAME) != 0) ++ continue; ++ protected = ppath->protected; ++ symlinks_only = ppath->symlinks_only; ++ } ++ } + + if (actx->mode == MODE_BACKUP) { +- if (!dbd->protected) ++ if (!protected) + goto done; +- if (dbd->symlinks_only && !S_ISLNK(fi.mode)) ++ if (symlinks_only && !S_ISLNK(fi.mode)) + goto done; + } else { +- if (dbd->protected) ++ if (protected) + goto done; + } + +-- +1.7.10 + diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD index 4eabd16fce..bd3f542544 100644 --- a/main/apk-tools/APKBUILD +++ b/main/apk-tools/APKBUILD @@ -1,12 +1,14 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=apk-tools pkgver=2.3.1 -pkgrel=0 +pkgrel=1 pkgdesc="Alpine Package Keeper - package manager for alpine" subpackages="$pkgname-static lua-apk:luaapk" depends= makedepends="zlib-dev openssl-dev lua-dev" source="http://git.alpinelinux.org/cgit/$pkgname/snapshot/$pkgname-$pkgver.tar.bz2 + 0001-db-strip-leading-and-trailing-slashes-from-protected.patch + 0002-audit-apply-protected_paths.d-masks-to-individual-fi.patch " url="http://git.alpinelinux.org/cgit/apk-tools/" @@ -58,4 +60,6 @@ luaapk() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr/lib/ } -md5sums="e343935cc2680a42f3da0f442045f046 apk-tools-2.3.1.tar.bz2" +md5sums="e343935cc2680a42f3da0f442045f046 apk-tools-2.3.1.tar.bz2 +cc7c61312f403280dcb4c04eca53df81 0001-db-strip-leading-and-trailing-slashes-from-protected.patch +1156d61cd9ea475ebac209e1dec1175f 0002-audit-apply-protected_paths.d-masks-to-individual-fi.patch" |