Mercurial Mercurial > sustaining > oi_151a > spec-files / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
2006-07-28 Laszlo (Laca) Peter <[email protected]> gnome-2-14 VERMILLION_46
authorlp117937
Sat, 29 Jul 2006 02:31:16 +0000
branchgnome-2-14
changeset 19118 9c583c2691b8
parent 19117 52b6e90b31a7
child 19119 90058e668f67
2006-07-28 Laszlo (Laca) Peter <[email protected]> * dbus.spec: add patch priv.spec (from Artem Kachitchkine), * patches/dbus-05-priv.diff: (new) patch that makes dbus run as user 'daemon' and also with least privileges 2006-07-28 Laszlo (Laca) Peter <[email protected]> * SUNWdbus.spec: add pre and post scripts for enabling the dbus svc upon installation but leaving it as is upon upgrade (Artem Kachitchkine, reviewed by David Bustos); add %{_libexecdir}/dbus-daemon to the pkgmap
ChangeLog file | annotate | diff | comparison | revisions
Solaris/ChangeLog file | annotate | diff | comparison | revisions
Solaris/SUNWdbus.spec file | annotate | diff | comparison | revisions
dbus.spec file | annotate | diff | comparison | revisions
patches/dbus-05-priv.diff file | annotate | diff | comparison | revisions 
--- a/ChangeLog	Fri Jul 28 19:42:59 2006 +0000
+++ b/ChangeLog	Sat Jul 29 02:31:16 2006 +0000
@@ -1,3 +1,9 @@
+2006-07-28  Laszlo (Laca) Peter  <[email protected]>
+
+	* dbus.spec: add patch priv.spec (from Artem Kachitchkine),
+	* patches/dbus-05-priv.diff: (new) patch that makes dbus run as user
+	  'daemon' and also with least privileges
+
 2006-07-27  Brian Cameron  <[email protected]>
 
 	* gnome-session.spec,
--- a/Solaris/ChangeLog	Fri Jul 28 19:42:59 2006 +0000
+++ b/Solaris/ChangeLog	Sat Jul 29 02:31:16 2006 +0000
@@ -1,3 +1,10 @@
+2006-07-28  Laszlo (Laca) Peter  <[email protected]>
+
+	* SUNWdbus.spec: add pre and post scripts for enabling the dbus
+	  svc upon installation but leaving it as is upon upgrade
+	  (Artem Kachitchkine, reviewed by David Bustos);
+	  add %{_libexecdir}/dbus-daemon to the pkgmap
+
 2006-07-28  Brian Cameron  <[email protected]>
 
 	* Solaris/SUNWgnome-file-mgr.spec: Add gnome-volume-manager and
@@ -11,10 +18,10 @@
 	  apply if HAL is not enabled, since we only want to run gnome-volcheck
 	  if HAL is not enabled.
 
-2006-07-28 	Darren Kenny <[email protected]>
-
-	* SUNWgnome-perf-meter.spec:
-	  Remove as per LSARC 2006/347 - replaced by the multiload panel applet.
+2006-07-28 Darren Kenny <[email protected]>
+
+	* SUNWgnome-perf-meter.spec: Remove as per LSARC 2006/347 - replaced
+	  by the multiload panel applet.
 
 2006-07-27  Laszlo (Laca) Peter  <[email protected]>
 
@@ -38,8 +45,10 @@
 	* manpages/sman1/gnome-system-log.1: Changed to nroff manpages.
 
 2006-07-24  Darren Kenny <[email protected]>
-	* SUNWgnome-pdf-viewer.spec: Add XPDF Language Support Packages that are
-	used by poppler to correctly view localised PDF files. Fixes Bug 6439544.
+	
+	* SUNWgnome-pdf-viewer.spec: Add XPDF Language Support Packages that
+	  are used by poppler to correctly view localised PDF files. Fixes
+	  Bug 6439544.
 
 2006-07-21  Laszlo (Laca) Peter  <[email protected]>
 
--- a/Solaris/SUNWdbus.spec	Fri Jul 28 19:42:59 2006 +0000
+++ b/Solaris/SUNWdbus.spec	Sat Jul 29 02:31:16 2006 +0000
@@ -80,12 +80,64 @@
 %iclass manifest -f i.manifest
 %endif
 
+%pre root
+#!/bin/sh
+#
+# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+# Use is subject to license terms.
+#
+
+# Presence of this temp file will tell postinstall script
+# that the dbus service is already installed, in which case
+# the current service state will be preserved, be it enabled
+# or disabled.
+rm -f $PKG_INSTALL_ROOT/var/dbus_installed.tmp > /dev/null 2>&1
+
+if [ -f $PKG_INSTALL_ROOT/var/svc/manifest/system/dbus.xml ]; then 
+	touch $PKG_INSTALL_ROOT/var/dbus_installed.tmp
+fi
+
+exit 0
+
+%post root
+#!/bin/sh
+#
+# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+# Use is subject to license terms.
+#
+
+# Preinstall script will create this file if dbus service was already
+# installed, in which case we preserve current service state,
+# be it enabled or disabled.
+if [ -f $PKG_INSTALL_ROOT/var/dbus_installed.tmp ]; then
+	rm -f $PKG_INSTALL_ROOT/var/dbus_installed.tmp
+else
+	# enable dbus:
+	# - PKG_INSTALL_ROOT is / or empty when installing onto a live system
+	#   and we can invoke svcadm directly;
+	# - otherwise it's upgrade, so we append to the upgrade script
+	if [ "${PKG_INSTALL_ROOT:-/}" = "/" ]; then
+		if [ `/sbin/zonename` = global ]; then
+			/usr/sbin/svcadm enable svc:/system/dbus:default
+		fi
+	else
+		cat >> ${PKG_INSTALL_ROOT}/var/svc/profile/upgrade <<-EOF
+		if [ \`/sbin/zonename\` = global ]; then
+			/usr/sbin/svcadm enable svc:/system/dbus:default
+		fi
+EOF
+	fi
+fi
+
+exit 0
+
 %files
 %defattr (-, root, bin)
 %dir %attr (0755, root, bin) %{_bindir}
 %{_bindir}/*
 %dir %attr (0755, root, bin) %{_libdir}
 %{_libdir}/libdbus*
+%{_libexecdir}/dbus-daemon
 %dir %attr (0755, root, sys) %dir %{_datadir}
 %{_datadir}/dbus-1
 %dir %attr(0755, root, bin) %{_mandir}
@@ -119,6 +171,10 @@
 
 
 %changelog
+* Fri Jul 28 2006 - [email protected]
+- add pre and post scripts for enabling the dbus svc upon installation
+  but leaving it as is upon upgrade (Artem Kachitchkine, David Bustos)
+- add %{_libexecdir}/dbus-daemon to the pkgmap
 * Fri Jul 21 2006 - [email protected]
 - Add dbus RBAC entries to auth_attr and prof_attr
 * Mon May 08 2006 - [email protected]
--- a/dbus.spec	Fri Jul 28 19:42:59 2006 +0000
+++ b/dbus.spec	Sat Jul 29 02:31:16 2006 +0000
@@ -19,6 +19,7 @@
 Patch2:       dbus-02-python.diff
 Patch3:       dbus-03-dbus-launch.diff
 Patch4:       dbus-04-libexec.diff
+Patch5:       dbus-05-priv.diff
 BuildRoot:    %{_tmppath}/%{name}-%{version}-build
 Docdir:	      %{_defaultdocdir}/doc
 Autoreqprov:  on
@@ -66,6 +67,7 @@
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 %endif
 
 %build
@@ -127,43 +129,34 @@
 %{_libdir}/python?.?/vendor-packages/*
 
 %changelog
+* Fri Jul 28 2006 - [email protected]
+- add patch priv.spec (from Artem Kachitchkine), makes dbus run as user
+  'daemon' and also with least privileges
 * Fri Jul 21 2006 - [email protected]
 - Add patch to move dbus-daemon to /usr/lib, required by ARC.
-
 * Tue May 02 2006 - [email protected]
 - add patch console.diff that allows D-BUS to authenticate console user
-
 * Sun Feb 26 2006 - [email protected]
 - Bump to 0.61.
 - move python stuff to vendor-packages, remove .pyo and *.la
-
 * Thu Jan 19 2006 - [email protected]
 - Remove upstream patch, 01-auth-external. Renumber remaining.
-
 * Tue Jan 17 2006 - [email protected]
 - Bump to 0.60.
-
 * Tue Oct 25 2005 - [email protected]
 - Remove patch3 as an include dir under _libdir is okay. Bump to 0.50. Disable
   python bindings as they fail. Bug 4878 files at freedesktop.org.
-
 * Fri Oct 21 2005 - [email protected]
 - Add patches to build on Solaris.
-
 * Tue Aug 30 2005 - [email protected]
 - Create the dbus-1 services directory
-
 * Tue Aug 16 2005 - [email protected]
 - Add python >= 2.4 dependency. Reformat description text.
-
 * Mon Aug 15 2005 - [email protected]
 - Bump to 0.35.2.
-
 * Mon Jun 20 2005 - [email protected]
 - dbus 0.23 is actually shipped with gnome 2.10 so bumping down tarball
-
 * Thu Jun 09 2005 - [email protected]
 - add buildrequires glib2, libxml2
-
 * Thu May 12 2005 - [email protected]
 - Initial spec file for dbus.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/dbus-05-priv.diff	Sat Jul 29 02:31:16 2006 +0000
@@ -0,0 +1,82 @@
+--- dbus-0.62/dbus/dbus-sysdeps-util-orig.c	Fri Jul 28 17:54:16 2006
++++ dbus-0.62/dbus/dbus-sysdeps-util.c	Fri Jul 28 17:54:24 2006
+@@ -43,6 +43,10 @@
+ #include <dirent.h>
+ #include <sys/un.h>
+ 
++#ifdef sun
++#include <priv.h>
++#endif
++
+ #ifndef O_BINARY
+ #define O_BINARY 0
+ #endif
+@@ -242,6 +246,8 @@
+  * @param error return location for errors
+  * @returns #FALSE on failure
+  */
++#ifndef sun
++
+ dbus_bool_t
+ _dbus_change_identity  (dbus_uid_t     uid,
+                         dbus_gid_t     gid,
+@@ -279,6 +285,59 @@
+   return TRUE;
+ }
+ 
++#else /* sun */
++
++dbus_bool_t
++_dbus_change_identity  (dbus_uid_t     uid,
++                        dbus_gid_t     gid,
++                        DBusError     *error)
++{
++  priv_set_t *pPrivSet = NULL;
++  priv_set_t *lPrivSet = NULL;
++
++  /* become user daemon */
++  (void) setgroups(0, NULL);
++  if (setgid(12) != 0)
++    return FALSE;
++  if (setreuid(1, 1) != 0)
++    return FALSE;
++  
++  /*
++  * Start with the 'basic' privilege set and then remove any
++  * of the 'basic' privileges that will not be needed by this
++  * process.  The 'net_icmpaccess' privilege will be added
++  * since we know that we will need it for the permitted set.
++  */
++  if ((pPrivSet = priv_str_to_set("basic", ",", NULL)) == NULL)
++    return FALSE;
++
++  /*
++   * Let's clear all of the privileges we know we will not
++   * need from the 'basic' set.
++   */
++  (void) priv_delset(pPrivSet, PRIV_FILE_LINK_ANY);
++  (void) priv_delset(pPrivSet, PRIV_PROC_INFO);
++
++  /* Set the permitted privilege set. */
++  if (setppriv(PRIV_SET, PRIV_PERMITTED, pPrivSet) != 0)
++    return FALSE;
++
++  /* Clear the limit set. */
++  if ((lPrivSet = priv_allocset()) == NULL)
++    return FALSE;
++
++  priv_emptyset(lPrivSet);
++
++  if (setppriv(PRIV_SET, PRIV_LIMIT, lPrivSet) != 0)
++    return FALSE;
++
++  priv_freeset(lPrivSet);
++
++  return TRUE;
++}
++
++#endif /* sun */
++
+ /** Installs a UNIX signal handler
+  *
+  * @param sig the signal to handle
sustaining/oi_151a/spec-files