From 7313e92080d9d7f4d86719272ef5c775074c564f Mon Sep 17 00:00:00 2001
From: Thorsten Leemhuis <thl@fedoraproject.org>
Date: Nov 23 2005 19:29:35 +0000
Subject: auto-import fuse-2.4.2-1 on branch devel from fuse-2.4.2-1.src.rpm


---

diff --git a/.cvsignore b/.cvsignore
index e69de29..0870e75 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -0,0 +1 @@
+fuse-2.4.2.tar.gz
diff --git a/fuse-README.fedora b/fuse-README.fedora
new file mode 100644
index 0000000..26034c2
--- /dev/null
+++ b/fuse-README.fedora
@@ -0,0 +1,17 @@
+This fuse package for security reasons only allows members of the group "fuse"
+to (u)mount fuse filesystems. If you for example want to allow the user "foo" 
+to mount fuse filesystems you have to add him to the fuse group by running
+
+# /usr/sbin/usermod -a -G fuse foo
+
+Or use tools like "system-config-users" to add user "foo" to the fuse group.
+
+Note that the user has to re-login after he was added to the group.
+
+
+If you don't want to add all users to the fuse group you can also run
+
+# chmod 4755 /usr/bin/fusermount
+
+to allow everyone to mount fuse filesystems. You have to re-run that command
+after each fuse update.
diff --git a/fuse-makedev.d-fuse b/fuse-makedev.d-fuse
new file mode 100644
index 0000000..c71ea7b
--- /dev/null
+++ b/fuse-makedev.d-fuse
@@ -0,0 +1 @@
+c 660 root     fuse      10 229  1   1 fuse
diff --git a/fuse-mount.fuse.patch b/fuse-mount.fuse.patch
new file mode 100644
index 0000000..7901ee2
--- /dev/null
+++ b/fuse-mount.fuse.patch
@@ -0,0 +1,23 @@
+diff -u util.org/mount.fuse util/mount.fuse
+--- util.org/mount.fuse	2005-11-02 20:52:12.000000000 +0100
++++ util/mount.fuse	2005-11-02 20:59:51.000000000 +0100
+@@ -5,6 +5,7 @@
+ # Thanks to Miklos Szeredi <miklos@szeredi.hu>
+ # to kick me to the right way
+ #
++export PATH
+ 
+ VERSION="0.0.1"
+ PRGNAME=`basename $0`
+@@ -40,9 +41,9 @@
+ shift
+ shift
+ 
+-OPTIONS="$@"
++# If there is a better regex that can remove all user from a sting like "-o user,rw,noexec,user,nosuid,nodev,user" tell me, thx
++OPTIONS="`echo $@ | sed 's|,user$|| ; s| user,| | ; s|,user,|,|'`"
+ 
+-export PATH
+ ${FSTYPE} ${MOUNTPATH} ${MOUNTPOINT} ${OPTIONS}
+ 
+ 
diff --git a/fuse-udev.nodes b/fuse-udev.nodes
new file mode 100644
index 0000000..a517c48
--- /dev/null
+++ b/fuse-udev.nodes
@@ -0,0 +1 @@
+fuse
diff --git a/fuse-udev_rules.patch b/fuse-udev_rules.patch
new file mode 100644
index 0000000..d641c4a
--- /dev/null
+++ b/fuse-udev_rules.patch
@@ -0,0 +1,6 @@
+diff -u util.org/udev.rules util/udev.rules
+--- util.org/udev.rules	2005-11-03 19:38:05.000000000 +0100
++++ util/udev.rules	2005-11-03 19:38:13.000000000 +0100
+@@ -1 +1 @@
+-KERNEL="fuse", NAME="%k", MODE="0666"
++KERNEL="fuse", NAME="%k", MODE="0660",OWNER="root" GROUP="fuse"
diff --git a/fuse.spec b/fuse.spec
new file mode 100644
index 0000000..6e689f7
--- /dev/null
+++ b/fuse.spec
@@ -0,0 +1,137 @@
+Name:           fuse
+Version:        2.4.2
+Release:        1
+Summary:        File System in Userspace (FUSE) utilities
+
+Group:          System Environment/Base
+License:        GPL
+URL:            http://fuse.sf.net
+Source0:        http://dl.sourceforge.net/sourceforge/fuse/fuse-2.4.2.tar.gz
+Source1:	fuse-udev.nodes
+Source2:	fuse-makedev.d-fuse
+Source3:	fuse-README.fedora
+
+Patch0:		fuse-mount.fuse.patch
+Patch1:		fuse-udev_rules.patch
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Requires:	kernel >= 2.6.14
+Requires(pre):	  %{_sbindir}/groupadd
+Requires(post):   /sbin/MAKEDEV
+Requires(postun): %{_sbindir}/groupdel
+
+%description
+With FUSE it is possible to implement a fully functional filesystem in a 
+userspace program. This package contains the FUSE userspace tools to 
+mount a FUSE filesystem.
+
+Note: For security reasons only members of the group "fuse" are allowed to
+(u)mount fuse filesystems. You can find more details on this issue in
+%{_docdir}/%{name}-%{version}/README.fedora
+
+
+%package libs
+Summary:        File System in Userspace (FUSE) libraries
+Group:          System Environment/Libraries
+License:        LGPL
+
+%description libs
+Devel With FUSE it is possible to implement a fully functional filesystem in a 
+userspace program. This package contains the FUSE libraries. 
+
+
+%package devel
+Summary:        File System in Userspace (FUSE) devel files
+Group:          Development/Libraries
+Requires:	%{name}-libs = %{version}-%{release}
+License:        LGPL
+
+%description devel
+With FUSE it is possible to implement a fully functional filesystem in a 
+userspace program. This package contains development files (headers, 
+pgk-config) to develop FUSE based applications/filesystems.
+
+
+%prep
+%setup -q
+#disable device creation during build/install
+sed -i 's|mknod|echo Disabled: mknod |g' util/Makefile.in
+%patch0 -b .patch0
+%patch1 -b .patch1
+cp %{SOURCE3} README.fedora
+
+%build
+%configure \
+ --disable-static \
+ --disable-kernel-module 
+make %{?_smp_mflags}
+
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install DESTDIR=$RPM_BUILD_ROOT
+find $RPM_BUILD_ROOT -type f -name "*.la" -exec rm -f {} ';'
+install -D -p -m 644 %{SOURCE1} $RPM_BUILD_ROOT/%{_sysconfdir}/udev/makedev.d/40-fuse.nodes
+install -D -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/makedev.d/z-fuse
+# change from 4755 to 0755 to allow stripping -- fixed later in files
+chmod 0755 $RPM_BUILD_ROOT/%{_bindir}/fusermount
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%pre 
+if [ $1 -eq 1 ]; then
+     %{_sbindir}/groupadd -r fuse &>/dev/null || :
+fi
+
+%post
+/sbin/MAKEDEV fuse
+
+%postun 
+if [ $1 = 0 ]; then
+ %{_sbindir}/groupdel fuse || :
+fi
+
+%post libs -p /sbin/ldconfig
+
+%postun libs -p /sbin/ldconfig
+
+
+%files
+%doc AUTHORS ChangeLog COPYING FAQ Filesystems NEWS README README.NFS README.fedora
+/sbin/mount.fuse
+%attr(4754,root,fuse) %{_bindir}/fusermount
+%{_sysconfdir}/makedev.d/z-fuse
+%{_sysconfdir}/udev/rules.d/40-fuse.rules
+%{_sysconfdir}/udev/makedev.d/40-fuse.nodes
+
+%files libs
+%doc COPYING.LIB
+%{_libdir}/libfuse.so.*
+
+%files devel
+%defattr(-,root,root,-)
+%{_libdir}/libfuse.so
+%{_libdir}/pkgconfig/*.pc
+%{_includedir}/fuse.h
+%{_includedir}/fuse
+
+%changelog
+* Sat Nov 12 2005 Thorsten Leemhuis <fedora[AT]leemhuis[DOT]info> - 2.4.2-1
+- Update to 2.4.2 (solves CVE-2005-3531)
+- Update README.fedora
+
+* Sat Nov 12 2005 Thorsten Leemhuis <fedora[AT]leemhuis[DOT]info> - 2.4.1-3
+- Add README.fedora
+- Add hint to README.fedora and that you have to be member of the group "fuse"
+  in the description
+- Use groupadd instead of fedora-groupadd
+
+* Fri Nov 04 2005 Thorsten Leemhuis <fedora[AT]leemhuis[DOT]info> - 2.4.1-2
+- Rename packages a bit
+- use makedev.d/40-fuse.nodes
+- fix /sbin/mount.fuse
+- Use a fuse group to restict access to fuse-filesystems
+
+* Fri Oct 28 2005 Thorsten Leemhuis <fedora[AT]leemhuis[DOT]info> - 2.4.1-1
+- Initial RPM release.
diff --git a/sources b/sources
index e69de29..af3a9a6 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+6e3d9a580c45ddf4a06558c135c158c2  fuse-2.4.2.tar.gz