diff options
| author | CoprDistGit <copr-devel@lists.fedorahosted.org> | 2023-07-05 10:06:19 +0000 |
|---|---|---|
| committer | CoprDistGit <copr-devel@lists.fedorahosted.org> | 2023-07-05 10:06:19 +0000 |
| commit | c6ca9b57e561912899b384d7d048eeb7e57e2ab3 (patch) | |
| tree | 8ca382c4034f289266c718bd05cd8d57ab7a2707 | |
| parent | 3261134cced2344f2faa11c70c24884ba5f02082 (diff) | |
| -rw-r--r-- | minidlna-1.3.3-setgroups.patch | 14 | ||||
| -rw-r--r-- | minidlna.spec | 11 |
2 files changed, 24 insertions, 1 deletions
diff --git a/minidlna-1.3.3-setgroups.patch b/minidlna-1.3.3-setgroups.patch new file mode 100644 index 0000000..1445c1e --- /dev/null +++ b/minidlna-1.3.3-setgroups.patch @@ -0,0 +1,14 @@ +diff -up minidlna-1.3.3/minidlna.c.orig minidlna-1.3.3/minidlna.c +--- minidlna-1.3.3/minidlna.c.orig 2023-05-31 10:25:59.000000000 +0200 ++++ minidlna-1.3.3/minidlna.c 2023-07-05 11:29:50.581828376 +0200 +@@ -1069,6 +1069,10 @@ init(int argc, char **argv) + DPRINTF(E_FATAL, L_GENERAL, "Failed to switch to gid '%d'. [%s] EXITING.\n", + gid, strerror(errno)); + ++ if (setgroups(0, NULL) == -1) ++ DPRINTF(E_FATAL, L_GENERAL, "Failed to drop supplementary groups. [%s] EXITING.\n", ++ strerror(errno)); ++ + if (uid > 0 && setuid(uid) == -1) + DPRINTF(E_FATAL, L_GENERAL, "Failed to switch to uid '%d'. [%s] EXITING.\n", + uid, strerror(errno)); diff --git a/minidlna.spec b/minidlna.spec index b0110d6..5fc7b36 100644 --- a/minidlna.spec +++ b/minidlna.spec @@ -1,6 +1,6 @@ Name: minidlna Version: 1.3.3 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Lightweight DLNA/UPnP-AV server targeted at embedded systems # see minidlna-licensing-breakdown.txt for complete breakdown @@ -17,6 +17,9 @@ Source5: %{name}.sysusers # Fix core dump # https://sourceforge.net/p/minidlna/bugs/333/ Patch0: %{name}-1.3.0-select_use_after_free.patch +# drop supplementary groups before calling setuid() +# https://sourceforge.net/p/minidlna/bugs/356/ +Patch1: %{name}-1.3.3-setgroups.patch BuildRequires: avahi-devel BuildRequires: flac-devel @@ -34,6 +37,7 @@ BuildRequires: pkgconfig(libavutil) BuildRequires: sqlite-devel BuildRequires: systemd-rpm-macros BuildRequires: zlib-devel +Recommends: logrotate Requires(pre): shadow-utils %{?systemd_requires} @@ -137,6 +141,10 @@ install -d -m 755 %{buildroot}%{_localstatedir}/log/%{name}/ %changelog +* Wed Jul 05 2023 Dominik Mierzejewski <dominik@greysector.net> - 1.3.3-2 +- fix missing-call-to-setgroups-before-setuid rpmlint error +- add weak dependency on logrotate + * Tue Jul 04 2023 Dominik Mierzejewski <dominik@greysector.net> - 1.3.3-1 - update to 1.3.3 @@ -331,3 +339,4 @@ install -d -m 755 %{buildroot}%{_localstatedir}/log/%{name}/ * Sat Jun 18 2011 Andrea Musuruane <musuruan@gmail.com> 1.0.20-1 - First release - Used Debian man pages + |