This is related to #195.
This is an attempt to shorten the window for the first two issues
discussed by using a file descriptor which does not follow symbolic
links and using the fchmod and fchown calls instead of chown and chmod.
with.
In the past, OpenRC was a hybrid of a centralized and file-scope
license/copyright structure.
I followed the instructions from the Software Freedom Law Center [1] to
convert to a Centralized structure where possible, for easier future
maintenance.
[1] https://softwarefreedom.org/resources/2012/ManagingCopyrightInformation.html
If selinux is disabled, then stub methods will be provided instead of
calling the real methods. This removes some warnings about unused
parameters which used to be covered up with #ifdef HAVE_SELINUX.
Signed-off-by: Jason Zaman <jason@perfinion.com>
This is another security fix. If you use chown() or chmod() on a
symbolic link, it affects the referenced file, not the symbolic link
itself.
X-Gentoo-Bug: 540006
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=540006
Do not change permissions on the target if it is a file and has multiple
hard links. This is necessary because a hard link can be an attack
vector to gain privilege escalation.
X-Gentoo-Bug: 540006
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=540006
The stat structure was not being initialized correctly in do_check. This
was causing the owner adjustment to be skipped if the first path had the
correct owner.
Also, the "correcting owner" message should always be printed when the
owner is being changed.
X-Gentoo-Bug: 518042
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=518042
The -W option does not need an argument of its own; it can take the
first path after all other options are processed on the command line.
Also, move the processing for the -W option out of the switch so it will
be in the same loop as the other processing.
Before this commit, not specifying -d, -f, -p or -W in a checkpath
command meant the command exited successfully but actually did nothing.
This is an error condition, so report it as such.
Checkpath was printing the path it was working with unless it was
correcting the owner. In this case, it was printing "checkpath", which
is not very useful.
Reported-by: <devurandom@gmx.net>
X-Gentoo-Bug: 439014
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=439014
Checkpath -W will use access(3p) to determine whether or not a path is
writable. This is more accurate than test(1p) because it also takes into
account whether or not the filesystem is mounted read-only.
Modified by William Hubbs to add the man page update.
The following information is taken from the feature_test_macros man
page:
<features.h> is a Linux/glibc-specific header file. Other systems have
an analogous file, but typically with a different name. This header
file is automatically included by other header files as required: it is
not necessary to explicitly include it in order to employ feature test
macros.
Reported-by: Tibor Vago <tibor.vago@gmail.com>
X-Gentoo-Bug: 399635
X-Gentoo-Bug-URL: http://bugs.gentoo.org/show_bug.cgi?id=399635
This commit provides the checkpath applet with feature parity to
systemd's tmpfiles.c create_item function.
Very similarly to the systemd function, it does NOT do any of the
cleanup work in this function.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
