From f60a6cf4b6484ec7f03ee69cbd92f49308df3e3e Mon Sep 17 00:00:00 2001 From: Roman Mohr Date: Jun 25 2013 19:19:20 +0000 Subject: Initial import --- diff --git a/.gitignore b/.gitignore index e69de29..ef6e9aa 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1 @@ +/fido-1.0.7.tar.gz diff --git a/fido-fix-fsf-address.patch b/fido-fix-fsf-address.patch new file mode 100644 index 0000000..6dde88e --- /dev/null +++ b/fido-fix-fsf-address.patch @@ -0,0 +1,236 @@ +diff --git include/joedog/getopt.h include/joedog/getopt.h +index b01e4ef..057a42f 100644 +--- include/joedog/getopt.h ++++ include/joedog/getopt.h +@@ -14,8 +14,8 @@ + + You should have received a copy of the GNU Library General Public + License along with the GNU C Library; see the file COPYING.LIB. If not, +- write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, +- Boston, MA 02111-1307, USA. ++ write to the Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA ++ 02110-1301 USA. + + $Id: getopt.h,v 1.1.1.1 2012/02/02 16:11:59 jdfulmer Exp $ + */ +diff --git include/joedog/joedog.h include/joedog/joedog.h +index 35a4f89..5698529 100644 +--- include/joedog/joedog.h ++++ include/joedog/joedog.h +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + */ + #include +diff --git lib/joedog/memory.c lib/joedog/memory.c +index 1a82647..6a5db28 100644 +--- lib/joedog/memory.c ++++ lib/joedog/memory.c +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + * + */ +diff --git lib/joedog/memory.h lib/joedog/memory.h +index b8921dc..45276fb 100644 +--- lib/joedog/memory.h ++++ lib/joedog/memory.h +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + */ + #ifndef MEMORY_H +diff --git lib/joedog/notify.c lib/joedog/notify.c +index d22731e..19d2953 100644 +--- lib/joedog/notify.c ++++ lib/joedog/notify.c +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + +diff --git lib/joedog/notify.h lib/joedog/notify.h +index 3defe25..bdb6959 100644 +--- lib/joedog/notify.h ++++ lib/joedog/notify.h +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + */ + #ifndef NOTIFY_H +diff --git lib/joedog/perl.c lib/joedog/perl.c +index f6e39ee..4790def 100644 +--- lib/joedog/perl.c ++++ lib/joedog/perl.c +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + * + */ +diff --git lib/joedog/perl.h lib/joedog/perl.h +index 0c733da..a15ab29 100644 +--- lib/joedog/perl.h ++++ lib/joedog/perl.h +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + * + */ +diff --git lib/joedog/stralloc.c lib/joedog/stralloc.c +index 06cb2b3..f48d098 100644 +--- lib/joedog/stralloc.c ++++ lib/joedog/stralloc.c +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + * + */ +diff --git lib/joedog/stralloc.h lib/joedog/stralloc.h +index 56b4e9a..1748cd0 100644 +--- lib/joedog/stralloc.h ++++ lib/joedog/stralloc.h +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + * + */ +diff --git lib/joedog/util.c lib/joedog/util.c +index 75d8c99..14988a7 100644 +--- lib/joedog/util.c ++++ lib/joedog/util.c +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + #include +diff --git lib/joedog/util.h lib/joedog/util.h +index 9685af1..49850aa 100644 +--- lib/joedog/util.h ++++ lib/joedog/util.h +@@ -18,7 +18,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + */ + #ifndef UTIL_H +diff --git src/crew.c src/crew.c +index e1fabb0..e95af2f 100644 +--- src/crew.c ++++ src/crew.c +@@ -16,7 +16,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + +diff --git src/crew.h src/crew.h +index f878a95..b775329 100644 +--- src/crew.h ++++ src/crew.h +@@ -16,7 +16,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + #ifndef __CREW_H +diff --git src/hash.c src/hash.c +index 12c7094..a305b16 100644 +--- src/hash.c ++++ src/hash.c +@@ -16,7 +16,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + #include +diff --git src/hash.h src/hash.h +index fbbbc63..bba72d0 100644 +--- src/hash.h ++++ src/hash.h +@@ -16,7 +16,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + #ifndef HASH_H +diff --git src/util.c src/util.c +index 4534abc..685aa96 100644 +--- src/util.c ++++ src/util.c +@@ -17,7 +17,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + * + */ +diff --git src/util.h src/util.h +index ceb443e..55a9a4c 100644 +--- src/util.h ++++ src/util.h +@@ -17,7 +17,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software +- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * -- + * + */ diff --git a/fido-overflow.patch b/fido-overflow.patch new file mode 100644 index 0000000..6660bc5 --- /dev/null +++ b/fido-overflow.patch @@ -0,0 +1,41 @@ +diff --git src/base16.c src/base16.c +index 8001cd5..e70c1c5 100644 +--- src/base16.c ++++ src/base16.c +@@ -48,7 +48,7 @@ base16_encode(char *src) + return NULL; + } + +- memset(dst, len, '\0'); ++ memset(dst, len + 1, '\0'); + + for (i = 0,j = 0; i < (len/2); i++) { + x1=((unsigned char)src[i])/16; +@@ -69,12 +69,12 @@ base16_decode(char *src) + unsigned char x1,x2; + + len = strlen(src) / 2; +- ret = malloc(len); ++ ret = malloc(len + 1); + if (! ret) { + return NULL; + } + +- memset(ret, len, '\0'); ++ memset(ret, len + 1, '\0'); + + for ( i=0,j=0; j < len; i+=2,j++ ) { + x1 = (unsigned char) src[i]; +diff --git src/date.c src/date.c +index 0bebe78..c41bc24 100644 +--- src/date.c ++++ src/date.c +@@ -148,7 +148,7 @@ date_get(DATE this) + #define DATESZ 128 + time_t now; + char * date; +- date = malloc(DATESZ); ++ date = malloc(DATESZ+1); + memset(date, '\0', DATESZ+1); + + now = time(NULL); diff --git a/fido-segfault.patch b/fido-segfault.patch new file mode 100644 index 0000000..4ea1dd2 --- /dev/null +++ b/fido-segfault.patch @@ -0,0 +1,27 @@ +diff --git src/base16.c src/base16.c +index 889f77d..8001cd5 100644 +--- src/base16.c ++++ src/base16.c +@@ -42,7 +42,7 @@ base16_encode(char *src) + + len = (strlen(src) * 2); + +- dst = malloc(len); ++ dst = malloc(len + 1); + + if (!dst) { + return NULL; +diff --git src/conf.c src/conf.c +index 3433d7f..05301a1 100644 +--- src/conf.c ++++ src/conf.c +@@ -245,7 +245,8 @@ parse_cfgfile(CONF this) + optionptr = option = xstrdup(line); + while (*optionptr && !ISSPACE((int)*optionptr) && !ISSEPARATOR(*optionptr)) + optionptr++; +- *optionptr++=0; ++ if (*optionptr) // are we already at the end? ++ *optionptr++=0; + while (ISSPACE((int)*optionptr) || ISSEPARATOR(*optionptr)) + optionptr++; + value = xstrdup(optionptr); diff --git a/fido-setgroups.patch b/fido-setgroups.patch new file mode 100644 index 0000000..1aa8c84 --- /dev/null +++ b/fido-setgroups.patch @@ -0,0 +1,18 @@ +diff --git src/runner.c src/runner.c +index 493fcda..fbf04d2 100644 +--- src/runner.c ++++ src/runner.c +@@ -103,8 +103,12 @@ runas(RUNNER this) + return FALSE; + } + ++ if (setgroups(0,0) != 0){ ++ NOTIFY(ERROR, "Dropping supplementary group privileges failed."); ++ return FALSE; ++ } + if (setgid((long)this->grp.gr_gid) != 0) { +- NOTIFY(ERROR, "Unable to runas group: %s [%ld]", this->grp.gr_name, (long)this->grp.gr_gid); ++ NOTIFY(ERROR, "Unable to run as group: %s [%ld]", this->grp.gr_name, (long)this->grp.gr_gid); + return FALSE; + } + if (setuid((long)this->pwd.pw_uid) != 0) { diff --git a/fido-shared-library.patch b/fido-shared-library.patch new file mode 100644 index 0000000..d3e3ab0 --- /dev/null +++ b/fido-shared-library.patch @@ -0,0 +1,44 @@ +diff --git Makefile.am Makefile.am +index ed3b4d5..86984fa 100644 +--- Makefile.am ++++ Makefile.am +@@ -26,7 +26,7 @@ WARN_CFLAGS = @WARN_CFLAGS@ + + AM_CFLAGS = $(WARN_CFLAGS) + +-SUBDIRS = . include lib src utils doc ++SUBDIRS = . include src utils doc + + DIST_SUBDIRS = $(SUBDIRS) + +diff --git include/Makefile.am include/Makefile.am +index 77a511a..5d5b20a 100644 +--- include/Makefile.am ++++ include/Makefile.am +@@ -20,8 +20,6 @@ + ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + ## + +-SUBDIRS = joedog +- + WARN_CFLAGS = @WARN_CFLAGS@ + AM_CFLAGS = $(WARN_CFLAGS) + +diff --git src/Makefile.am src/Makefile.am +index b7efb29..3aacfae 100644 +--- src/Makefile.am ++++ src/Makefile.am +@@ -25,11 +25,9 @@ WARN_CFLAGS = @WARN_CFLAGS@ + + AM_CFLAGS = $(WARN_CFLAGS) $(PTHREAD_CFLAGS) + +-LDFLAGS = $(PTHREAD_LDFLAGS) ++LDFLAGS := $(PTHREAD_LDFLAGS) $(LDFLAGS) + +-fido_LDADD = $(top_srcdir)/lib/joedog/libjoedog.la +- +-fido_DEPENDENCIES = $(top_srcdir)/lib/joedog/libjoedog.la ++fido_LDFLAGS = -ljoedog -lpthread + + fido_SOURCES = \ + array.c array.h \ diff --git a/fido-support_destdir_in_doc.patch b/fido-support_destdir_in_doc.patch new file mode 100644 index 0000000..f822be1 --- /dev/null +++ b/fido-support_destdir_in_doc.patch @@ -0,0 +1,21 @@ +diff --git doc/Makefile.am doc/Makefile.am +index 586aaad..86e8d82 100644 +--- doc/Makefile.am ++++ doc/Makefile.am +@@ -32,11 +32,10 @@ FIDOCONF = $(sysconfdir)/fido.conf.sample + RULESDIR = $(sysconfdir)/rules + + install-exec-hook: +- @if ! test -d $(sysconfdir); then \ +- $(mkinstalldirs) $(sysconfdir); \ ++ @if ! test -d $(DESTDIR)$(sysconfdir); then \ ++ $(mkinstalldirs) $(DESTDIR)$(sysconfdir); \ + fi; \ +- if ! test -d $(RULESDIR); then \ +- $(mkinstalldirs) $(RULESDIR); \ ++ if ! test -d $(DESTDIR)$(RULESDIR); then \ ++ $(mkinstalldirs) $(DESTDIR)$(RULESDIR); \ + fi; +- $(INSTALL_DATA) $(srcdir)/fido.conf.sample $(FIDOCONF) +- ++ $(INSTALL_DATA) $(srcdir)/fido.conf.sample $(DESTDIR)$(FIDOCONF) diff --git a/fido-systemd.patch b/fido-systemd.patch new file mode 100644 index 0000000..bc54984 --- /dev/null +++ b/fido-systemd.patch @@ -0,0 +1,16 @@ +diff --git fido.service fido.service +new file mode 100644 +index 0000000..6f2f0d6 +--- /dev/null ++++ fido.service +@@ -0,0 +1,10 @@ ++[Unit] ++Description= Fido, a multi-threaded file watch utility ++Documentation=man:fido(8) man:fido.conf(8) ++ ++[Service] ++Type=forking ++ExecStart=/usr/sbin/fido -f /etc/fido/fido.conf -d true ++ ++[Install] ++WantedBy=multi-user.target diff --git a/fido.spec b/fido.spec new file mode 100644 index 0000000..ecf4f9e --- /dev/null +++ b/fido.spec @@ -0,0 +1,175 @@ +%global _hardened_build 1 + +Name: fido +Version: 1.0.7 +Release: 5%{?dist} +Summary: Multi-threaded file watch utility +Group: System Environment/Daemons + +License: GPLv2+ and LGPLv2+ +URL: http://www.joedog.org/%{name}-home/ +Source0: http://www.joedog.org/pub/%{name}/%{name}-%{version}.tar.gz + +#Patch0-2: Sent upstream via email 20130206 +Patch0: %{name}-support_destdir_in_doc.patch +Patch1: %{name}-fix-fsf-address.patch +Patch2: %{name}-systemd.patch + +#fixing some memory leaks +#Sent upstream via email 20130906 +Patch3: %{name}-segfault.patch + +#drop supplementary groups of calling user when switching to a non-privileged +#user. +#Sent upstream via email 20130906 +Patch4: %{name}-setgroups.patch + +#another overflow showed up because of the hardened build +#Sent upstream via email 20131206 +Patch5: %{name}-overflow.patch + +#Upstream whants to keep the static library +Patch6: %{name}-shared-library.patch + +%{?el5:BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)} + +Requires: libjoedog +%if 0%{?fedora} || 0%{?rhel} >= 7 +BuildRequires: systemd +%systemd_requires +%else +Requires(post): /sbin/chkconfig +Requires(preun): /sbin/chkconfig +Requires(preun): initscripts +%endif +BuildRequires: libtool, libjoedog-devel + + +%description +A multi-threaded file watch utility. It can monitor files for changes in +content or modification times. If it notices a change, it will kick off a +user-defined script. + + +%prep +%setup -q + +%patch0 +%patch1 +%patch2 +%patch3 +%patch4 +%patch5 +%patch6 + +rm -f *.m4 +rm -rf include/joedog/*.h +sed -i -e 's/AC_PROG_SHELL//' configure.in +autoreconf --install --force + + +%build +%configure +make %{?_smp_mflags} + + +%install +%if 0%{?el5} +rm -rf %{buildroot} +make install DESTDIR=%{buildroot} +%else +%make_install +%endif + +%if 0%{?fedora} || 0%{?rhel} >= 7 +#systemd +install -D -p -m 0644 %{name}.service %{buildroot}%{_unitdir}/%{name}.service +%else +#SysVinit +install -D -p -m 0644 utils/%{name}-redhat-config %{buildroot}%{_sysconfdir}/sysconfig/%{name} +install -D -p -m 0755 utils/%{name}-redhat-start %{buildroot}%{_initddir}/%{name} +%endif + +#prepare sample configs for doc +for _file in doc/*.conf +do + ln -f "${_file}" "${_file}.sample" +done + +#provide a reasonable minimal config as starting point +sed -e 's/^verbose = true/verbose = false/' \ + %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf.sample \ + > %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf +rm -f %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf.sample + + +%clean +%{?el5:rm -rf %{buildroot}} + + +%files +%doc ChangeLog README COPYING +%doc doc/*.sample +%{_sbindir}/%{name} +%{_mandir}/man*/* +%{_sysconfdir}/%{name}/rules +%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf + +%if 0%{?fedora} || 0%{?rhel} >= 7 +#systemd +%{_unitdir}/%{name}.service + + +%post +%systemd_post %{name}.service + +%preun +%systemd_preun %{name}.service + +%postun +%systemd_postun_with_restart %{name}.service +%else +#SysVinit +%config(noreplace) %{_sysconfdir}/sysconfig/%{name} +%{_initddir}/%{name} + + +%post +/sbin/chkconfig --add %{name} + +%preun +if [ $1 -eq 0 ] ; then + /sbin/service %{name} stop >/dev/null 2>&1 + /sbin/chkconfig --del %{name} +fi + +%postun +if [ "$1" -ge "1" ] ; then + /sbin/service %{name} condrestart >/dev/null 2>&1 || : +fi +%endif + + +%changelog +* Mon Jun 24 2013 Roman Mohr - 1.0.7-5 +- trimmed/rearranged BuildRequires +- nuked explicit Requires: libjoedog +- removed article from Summary + +* Mon Jun 24 2013 Roman Mohr - 1.0.7-4 +- Use libjoedog instead of the bundled satic library +- Fixed hardening build +- Added missing Group for EPEL5 + +* Tue Jun 11 2013 Roman Mohr - 1.0.7-3 +- Refactoring spec to support EPEL builds +- Hunting down some more memory leaks + +* Sun Jun 09 2013 Roman Mohr - 1.0.7-2 +- Added systemd unit file +- Fixed some memory leaks +- Fixed a security issue when switching to a non-privileged user + +* Mon May 20 2013 Roman Mohr - 1.0.7-1 +- Fixed custom rules in Makefile.in to support DESTDIR +- Fixed incorrect-fsf-address errors diff --git a/sources b/sources index e69de29..7ac542f 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +ecf5d5a7e6d1e16b9dc4f48f3155a025 fido-1.0.7.tar.gz