[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/02: gnu: linux-pam: Allow compilation on GNU/Hurd.
From: |
Ludovic Courtès |
Subject: |
01/02: gnu: linux-pam: Allow compilation on GNU/Hurd. |
Date: |
Wed, 28 Sep 2016 21:04:33 +0000 (UTC) |
civodul pushed a commit to branch core-updates
in repository guix.
commit 411264c250cb6a6485851890f0d3ec5fb508dbfa
Author: Rene Saavedra <address@hidden>
Date: Tue Sep 20 14:59:20 2016 -0500
gnu: linux-pam: Allow compilation on GNU/Hurd.
* gnu/packages/patches/linux-pam-no-setfsuid.patch: New file.
* gnu/packages/linux.scm (linux-pam)[source]: Use it.
(linux-pam-1.2)[source]: Likewise.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Ludovic Courtès <address@hidden>
---
gnu/local.mk | 2 +
gnu/packages/linux.scm | 9 ++-
gnu/packages/patches/linux-pam-no-setfsuid.patch | 75 ++++++++++++++++++++++
3 files changed, 83 insertions(+), 3 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 8ca2462..f86fc02 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -5,6 +5,7 @@
# Copyright © 2013, 2014, 2015, 2016 Mark H Weaver <address@hidden>
# Copyright © 2016 Chris Marusich <address@hidden>
# Copyright © 2016 Kei Kebreau <address@hidden>
+# Copyright © 2016 Rene Saavedra <address@hidden>
#
# This file is part of GNU Guix.
#
@@ -651,6 +652,7 @@ dist_patch_DATA =
\
%D%/packages/patches/libwmf-CVE-2015-4695.patch \
%D%/packages/patches/libwmf-CVE-2015-4696.patch \
%D%/packages/patches/libxslt-generated-ids.patch \
+ %D%/packages/patches/linux-pam-no-setfsuid.patch \
%D%/packages/patches/lirc-localstatedir.patch \
%D%/packages/patches/lm-sensors-hwmon-attrs.patch \
%D%/packages/patches/lua-CVE-2014-5461.patch \
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 50568d2..2069170 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -15,6 +15,7 @@
;;; Copyright © 2016 Ricardo Wurmus <address@hidden>
;;; Copyright © 2016 David Craven <address@hidden>
;;; Copyright © 2016 John Darrington <address@hidden>
+;;; Copyright © 2016 Rene Saavedra <address@hidden>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -414,7 +415,9 @@ It has been modified to remove all non-free binary blobs.")
"Linux-PAM-" version ".tar.bz2"))
(sha256
(base32
- "1fyi04d5nsh8ivd0rn2y0z83ylgc0licz7kifbb6xxi2ylgfs6i4"))))
+ "1fyi04d5nsh8ivd0rn2y0z83ylgc0licz7kifbb6xxi2ylgfs6i4"))
+ (patches (search-patches "linux-pam-no-setfsuid.patch"))))
+
(build-system gnu-build-system)
(native-inputs
`(("flex" ,flex)
@@ -455,8 +458,8 @@ at login. Local and dynamic reconfiguration are its key
features.")
"Linux-PAM-" version ".tar.bz2"))
(sha256
(base32
- "1n9lnf9gjs72kbj1g354v1xhi2j27aqaah15vykh7cnkq08i4arl"))))))
-
+ "1n9lnf9gjs72kbj1g354v1xhi2j27aqaah15vykh7cnkq08i4arl"))
+ (patches (search-patches "linux-pam-no-setfsuid.patch"))))))
;;;
diff --git a/gnu/packages/patches/linux-pam-no-setfsuid.patch
b/gnu/packages/patches/linux-pam-no-setfsuid.patch
new file mode 100644
index 0000000..f92fbc0
--- /dev/null
+++ b/gnu/packages/patches/linux-pam-no-setfsuid.patch
@@ -0,0 +1,75 @@
+On systems without 'setfsuid', use 'setreuid' instead.
+
+The patch originates from the Debian project for GNU/Hurd.
+Authors: Steve Langasek <address@hidden>
+Upstream status: A ticket was opened to request apply the patch,
+ticket: 'https://fedorahosted.org/linux-pam/ticket/64'.
+
+--- Linux-PAM-1.2.1/libpam/pam_modutil_priv.c 2015-03-24 06:02:32.000000000
-0600
++++ pam_modutil_priv-mod.c 2016-09-20 13:36:53.150663205 -0500
+@@ -14,7 +14,9 @@
+ #include <syslog.h>
+ #include <pwd.h>
+ #include <grp.h>
++#ifdef HAVE_SYS_FSUID_H
+ #include <sys/fsuid.h>
++#endif /* HAVE_SYS_FSUID_H */
+
+ /*
+ * Two setfsuid() calls in a row are necessary to check
+@@ -22,17 +24,55 @@
+ */
+ static int change_uid(uid_t uid, uid_t *save)
+ {
++#ifdef HAVE_SYS_FSUID_H
+ uid_t tmp = setfsuid(uid);
+ if (save)
+ *save = tmp;
+ return (uid_t) setfsuid(uid) == uid ? 0 : -1;
++#else
++ uid_t euid = geteuid();
++ uid_t ruid = getuid();
++ if (save)
++ *save = ruid;
++ if (ruid == uid && uid != 0)
++ if (setreuid(euid, uid))
++ return -1;
++ else {
++ setreuid(0, -1);
++ if (setreuid(-1, uid)) {
++ setreuid(-1, 0);
++ setreuid(0, -1);
++ if (setreuid(-1, uid))
++ return -1;
++ }
++ }
++#endif
+ }
+ static int change_gid(gid_t gid, gid_t *save)
+ {
++#ifdef HAVE_SYS_FSUID_H
+ gid_t tmp = setfsgid(gid);
+ if (save)
+ *save = tmp;
+ return (gid_t) setfsgid(gid) == gid ? 0 : -1;
++#else
++ gid_t egid = getegid();
++ gid_t rgid = getgid();
++ if (save)
++ *save = rgid;
++ if (rgid == gid)
++ if (setregid(egid, gid))
++ return -1;
++ else {
++ setregid(0, -1);
++ if (setregid(-1, gid)) {
++ setregid(-1, 0);
++ setregid(0, -1);
++ if (setregid(-1, gid))
++ return -1;
++ }
++ }
++#endif
+ }
+
+ static int cleanup(struct pam_modutil_privs *p)