[Bug 1062911] Review Request: srcpd - Simple Railroad Command Protocol (SRCP) server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.redhat.com/show_bug.cgi?id=1062911



--- Comment #11 from Denis Fateyev <denis@xxxxxxxxxxx> ---
Made some changes in spec, as discussed above. Although, I like it less since
RHEL 5 and 6 both don't include %{_udevrulesdir}, and I needed to define it
manually.

Spec URL: http://www.fateyev.com/RPMS/Fedora20/testing/srcpd.spec
SRPM URL:
http://www.fateyev.com/RPMS/Fedora20/testing/SRPMS/srcpd-2.1.2-2.fc21.src.rpm

Koji scratch builds:
https://koji.fedoraproject.org/koji/taskinfo?taskID=7081182 (Rawhide)
https://koji.fedoraproject.org/koji/taskinfo?taskID=7081199 (EPEL 6)
https://koji.fedoraproject.org/koji/taskinfo?taskID=7081193 (EPEL 5)

As for the "E: missing-call-to-setgroups /usr/sbin/srcpd" I did some
investigations. seteuid() / setegid() are used twice in the code:

netservice.c:
------------
...
    if (grp != NULL) {
        if ((group = getgrnam(grp)) != NULL ||
            (group = getgrgid((gid_t) atoi(grp))) != NULL) {
            if (setegid(group->gr_gid) != 0) {
                syslog_bus(0, DBG_WARN, "Could not change to group %s: %s",
                           group->gr_name, strerror(errno));
            }
            else {
                syslog_bus(0, DBG_INFO, "Changed to group %s",
                           group->gr_name);
            }
        }
        else {
            syslog_bus(0, DBG_WARN, "Could not change to group %s", grp);
        }
    }

    if (uid != NULL) {
        if ((passwd = getpwnam(uid)) != NULL ||
            (passwd = getpwuid((uid_t) atoi(uid))) != NULL) {
            if (seteuid(passwd->pw_uid) != 0) {
                syslog_bus(0, DBG_INFO, "Could not change to user %s: %s",
                           passwd->pw_name, strerror(errno));
            }
            else {
                syslog_bus(0, DBG_INFO, "Changed to user %s",
                           passwd->pw_name);
            }
        }
        else {
            syslog_bus(0, DBG_INFO, "Could not change to user %s", uid);
        }
    }
}

I think it's pretty normal usage, and the call order is basically the same as
recommended in POS36-C. The second one is:
srpcd.c:
--------
...
    if (seteuid(0) != 0) {
        syslog(LOG_INFO, "seteuid() failed: %s (errno = %d)\n",
               strerror(errno), errno);
    }

    DeletePIDFile();
    closelog();
    exit(EXIT_SUCCESS);

It's invoked only during exit to make cleanup, so I don't think it matters.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list
package-review@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/package-review
[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]