diff options
| author |   Raphaël Marichez <falco@gentoo.org> | 2007-09-26 21:36:28 +0000 |
|---|---|---|
| committer | Raphaël Marichez <falco@gentoo.org> | 2007-09-26 21:36:28 +0000 |
| commit | 8e0c68ac131a0c15b74de82c5a40055440af09c7 (patch) | |
| tree | 9559bc6501e01ec47a80a1002b538482d9becc11 | |
| parent | New series for Gnome 2.20 (diff) | |
| download | gentoo-2-8e0c68ac131a0c15b74de82c5a40055440af09c7.tar.gz gentoo-2-8e0c68ac131a0c15b74de82c5a40055440af09c7.tar.bz2 gentoo-2-8e0c68ac131a0c15b74de82c5a40055440af09c7.zip | |
Enforce proper permissions on existing directories (security bug 182998)
(Portage version: 2.1.3.9)
| -rw-r--r-- | sys-process/cronbase/ChangeLog | 10 | ||||
| -rw-r--r-- | sys-process/cronbase/cronbase-0.3.2-r1.ebuild | 48 | ||||
| -rw-r--r-- | sys-process/cronbase/files/digest-cronbase-0.3.2-r1 | 0 |
3 files changed, 56 insertions, 2 deletions
diff --git a/sys-process/cronbase/ChangeLog b/sys-process/cronbase/ChangeLog index d98d0a69e57c..283ce04ac42f 100644 --- a/sys-process/cronbase/ChangeLog +++ b/sys-process/cronbase/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-process/cronbase -# Copyright 2002-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-process/cronbase/ChangeLog,v 1.19 2006/11/02 22:33:11 bangert Exp $ +# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/cronbase/ChangeLog,v 1.20 2007/09/26 21:36:27 falco Exp $ + +*cronbase-0.3.2-r1 (26 Sep 2007) + + 26 Sep 2007; Raphael Marichez <falco@gentoo.org> + +cronbase-0.3.2-r1.ebuild: + Enforce proper permissions on existing directories (security bug 182998) 02 Nov 2006; Thilo Bangert <bangert@gentoo.org> -files/README, cronbase-0.2.1-r3.ebuild, cronbase-0.3.ebuild, cronbase-0.3.1.ebuild, diff --git a/sys-process/cronbase/cronbase-0.3.2-r1.ebuild b/sys-process/cronbase/cronbase-0.3.2-r1.ebuild new file mode 100644 index 000000000000..b72dffc58a6a --- /dev/null +++ b/sys-process/cronbase/cronbase-0.3.2-r1.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-process/cronbase/cronbase-0.3.2-r1.ebuild,v 1.1 2007/09/26 21:36:27 falco Exp $ + +inherit eutils + +DESCRIPTION="base for all cron ebuilds" +HOMEPAGE="http://www.gentoo.org/" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" +IUSE="" + +pkg_setup() { + enewgroup cron 16 + enewuser cron 16 -1 /var/spool/cron cron +} + +src_install() { + newsbin "${FILESDIR}"/run-crons-${PV} run-crons || die + + diropts -m0750; keepdir /etc/cron.hourly + diropts -m0750; keepdir /etc/cron.daily + diropts -m0750; keepdir /etc/cron.weekly + diropts -m0750; keepdir /etc/cron.monthly + + diropts -m0750 -o root -g cron; keepdir /var/spool/cron + + diropts -m0750; keepdir /var/spool/cron/lastrun +} + +pkg_postinst() { + if has_version '<sys-process/cronbase-0.3.2-r1' ; then + echo + elog "Previous ebuilds didn't enforce proper permissions on already" + elog "existing directories. Appropriate permissions are now being set on" + elog "${ROOT}/etc/cron.{hourly,daily,weekly,monthly}," + elog "${ROOT}/var/spool/cron/ and ${ROOT}/var/spool/cron/lastrun/" + elog "(see bug 182998)" + echo + chmod 0750 "${ROOT}"/etc/cron.{hourly,daily,weekly,monthly} \ + || die "chmod failed" + chmod 0750 "${ROOT}"/var/spool/{cron,cron/lastrun} || die "chmod failed" + chown root:cron "${ROOT}/var/spool/cron" || die "chown failed" + fi +} + diff --git a/sys-process/cronbase/files/digest-cronbase-0.3.2-r1 b/sys-process/cronbase/files/digest-cronbase-0.3.2-r1 new file mode 100644 index 000000000000..e69de29bb2d1 --- /dev/null +++ b/sys-process/cronbase/files/digest-cronbase-0.3.2-r1 |