forked from altlinux/hasher-priv
-
Notifications
You must be signed in to change notification settings - Fork 0
/
keksher-priv.spec
413 lines (322 loc) · 15.3 KB
/
keksher-priv.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
Name: keksher-priv
Version: 2.0.12
Release: alt0.1
Summary: Hacked helper for the hasher
License: GPLv2+
Group: Development/Other
Source: %name-%version.tar
%define _libexecdir %_prefix/libexec
%define helperdir %_libexecdir/hasher-priv
%define configdir %_sysconfdir/hasher-priv
Provides: %helperdir
Obsoletes: hasher-priv
# Due to makedev removal.
Conflicts: hasher < 1.4.0
BuildPreReq: help2man, sisyphus_check >= 0:0.7.11
BuildRequires: setproctitle-devel
%description
This package provides helpers for executing privileged operations
required by hasher utilities.
%prep
%setup
%build
%make_build CC="%__cc" CFLAGS="%optflags" libexecdir="%_libexecdir"
echo "enable hasher-privd.service" > 50-hasher-privd.preset
%install
%makeinstall_std \
libexecdir="%_libexecdir" \
tmpfilesdir="%_tmpfilesdir" \
systemd_unitdir="%_unitdir" \
%nil
install -Dpm644 50-hasher-privd.preset -t %buildroot%_presetdir
%pre
groupadd -r -f hashman
%post
%post_service hasher-privd
%preun
%preun_service hasher-privd
%triggerpostun -- hasher-priv < 2.0
/sbin/chkconfig --add hasher-privd
if [ -n "$(getent group hashman |cut -d: -f4)" ]; then
/sbin/chkconfig hasher-privd on
/sbin/service hasher-privd start
fi
%files
%_sbindir/hasher-useradd
%_mandir/man?/*
# config
%attr(750,root,hashman) %dir %configdir
%attr(750,root,hashman) %dir %configdir/user.d
%attr(640,root,hashman) %config(noreplace) %configdir/fstab
%attr(640,root,hashman) %config(noreplace) %configdir/system
%attr(640,root,hashman) %config(noreplace) %configdir/daemon.conf
# helpers
%attr(750,root,hashman) %dir %helperdir
%attr(710,root,hashman) %helperdir/hasher-priv
%attr(755,root,root) %helperdir/*.sh
# daemon
%_sbindir/hasher-privd
%_unitdir/hasher-privd.service
%_presetdir/50-hasher-privd.preset
%_initdir/hasher-privd
# socketdir
%_tmpfilesdir/hasher-priv.conf
%attr(710,root,hashman) %dir /run/hasher-priv
%doc DESIGN
%changelog
* Sun Nov 19 2023 Vitaly Chikunov <[email protected]> 2.0.12-alt0.1
- Based on hasher-priv version 2.0.12-alt1.
* Tue Jul 25 2023 Arseny Maslennikov <[email protected]> 2.0.12-alt1
- hasher-useradd: Started using gpasswd(8) again.
* Wed Jun 28 2023 Arseny Maslennikov <[email protected]> 2.0.11-alt1
- hasher-useradd: Fixed service auto-enable on sysvinit.
* Wed Jun 28 2023 Arseny Maslennikov <[email protected]> 2.0.10-alt1
- hasher-useradd: Fixed implementation of "--system".
- Made hasher-useradd auto-enable hasher-privd if users were added.
- hasher-useradd: Replaced gpasswd(8) with usermod(8).
* Tue Jan 10 2023 Dmitry V. Levin <[email protected]> 2.0.9-alt1
- Fixed wlimit_time_elapsed support introduced in 0.6-alt1.
* Sat Oct 29 2022 Dmitry V. Levin <[email protected]> 2.0.8-alt1
- Fixed build with lcc (reported by Ilya Kurdyukov).
* Wed Oct 26 2022 Dmitry V. Levin <[email protected]> 2.0.7-alt1
- hasher-privd(8): added a note on cgroup handling
(by Arseny Maslennikov).
* Fri Oct 21 2022 Dmitry V. Levin <[email protected]> 2.0.6-alt1
- Packaged socket directory.
- chrootuid.sh: moved systemd-run invocation to the hasher project
(by Arseny Maslennikov).
* Fri Oct 14 2022 Dmitry V. Levin <[email protected]> 2.0.5-alt1
- hasher-privd(8): added an overview of the hasher-privd architecture
(by Arseny Maslennikov).
- mount: allowed non-dev subdirectories to be owned by rooter.
* Sat Sep 03 2022 Dmitry V. Levin <[email protected]> 2.0.4-alt1
- killuid: robustify by removing the limit on the number of processes.
* Fri Sep 02 2022 Dmitry V. Levin <[email protected]> 2.0.3-alt1
- Robustify the service daemon by rejecting clients passing strings
of total size exceeding the kernel limit for string arguments.
* Thu Sep 01 2022 Dmitry V. Levin <[email protected]> 2.0.2-alt1
- Harden the service daemon further by setting PR_SET_NO_NEW_PRIVS flag.
* Thu Sep 01 2022 Dmitry V. Levin <[email protected]> 2.0.1-alt1
- Forward the process personality from the client to the server.
* Wed Aug 31 2022 Dmitry V. Levin <[email protected]> 2.0-alt1
- Rewritten using a client-server architecture
(by Alexey Gladkov, Arseny Maslennikov, Gleb Fotengauer-Malinovskiy, and me).
* Thu Jul 29 2021 Dmitry V. Levin <[email protected]> 1.6.1-alt1
- sanitize_fds: changed to use close_range(2) if available (by Arseny Maslennikov).
- hasher-useradd: added new option: -r/--system (by Arseny Maslennikov).
- Added hidepid=2 to builtin /proc mount options.
* Tue Sep 10 2019 Dmitry V. Levin <[email protected]> 1.6.0-alt1
- x11_parse_display: fixed hostname:displaynumber separation.
- Do not issue the warning about X11 auth data mismatch when
the message contains no X11 auth data.
- Added /sys/fs/cgroup to the hardcoded fstab.
- Removed mount, umount, makedev, maketty, and makeconsole
operation modes, their job is now handled by chrootuid1
and chrootuid2 operation modes.
- Introduced allowed_devices configuration option.
* Wed Feb 17 2016 Dmitry V. Levin <[email protected]> 1.5.2-alt1
- chrootuid: Implemented /dev/pts/ptmx support.
- Hardened default mount options for builtin mount points.
- Changed builtin devpts mount options to use "newinstance" feature.
* Fri Jan 23 2015 Dmitry V. Levin <[email protected]> 1.5.1-alt1
- Allowed group writable sticky directories to be used as
mount points when mount namespace isolation is in effect.
- Added /dev/shm to the list of built-in mount points.
* Mon Dec 02 2013 Dmitry V. Levin <[email protected]> 1.5.0-alt1
- Made X11 forwarding work with network isolation enabled.
- Allowed mount points to be owned by the first pseudouser
when mount namespace isolation is enabled.
- Hardened default mount options for built-in mount points.
- Fixed purging IPC objects created by the first pseudouser.
* Tue Oct 16 2012 Dmitry V. Levin <[email protected]> 1.4.0-alt1
- Implemented mount namespace isolation.
* Tue Jun 05 2012 Dmitry V. Levin <[email protected]> 1.3.10-alt1
- Made IPC namespace isolation controllable by share_ipc environment
variable.
* Wed Aug 10 2011 Dmitry V. Levin <[email protected]> 1.3.9-alt1
- Merge "killuid1" and "killuid2" commands into new "killuid" command.
* Wed Jul 06 2011 Dmitry V. Levin <[email protected]> 1.3.8-alt1
- chrootuid: if unshare(2) fails with EPERM, treat it like ENOSYS.
* Fri Jul 01 2011 Dmitry V. Levin <[email protected]> 1.3.7-alt1
- Implemented System V IPC namespace isolation.
- Implemented UTS namespace isolation.
By default, if unshare(CLONE_NEWUTS) syscall is supported, then
UTS namespace inside chroot is isolated from host UTS namespace,
and hostname is set to localhost.localdomain.
* Thu Jan 13 2011 Dmitry V. Levin <[email protected]> 1.3.6-alt1
- Made some error messages a bit more specific.
- By default, when network isolation is not enabled explicitly,
do not terminate with a fatal error if unshare(CLONE_NEWNET)
is not supported by the kernel, just complain and continue
without network isolation.
Proposed by Denis Smirnov and Michael Shigorin.
* Sat Dec 04 2010 Dmitry V. Levin <[email protected]> 1.3.5-alt1
- Handle child stderr before stdout.
- Implemented network isolation (by Kirill A. Shutemov).
* Mon Jun 22 2009 Dmitry V. Levin <[email protected]> 1.3.4-alt1
- hasher-priv.conf.5.in: Updated information about default prefix values.
- Fixed new compilation warnings about dereferencing type-punned pointers.
* Wed Jan 28 2009 Dmitry V. Levin <[email protected]> 1.3.3-alt1
- Extended command options syntax to allow zero subconfig
identifier and treat it as no subconfig identifier.
* Fri Oct 31 2008 Dmitry V. Levin <[email protected]> 1.3.2-alt1
- Changed work limits type to unsigned long.
- If bind to /dev/log failed, do not attempt to chmod it.
* Mon Oct 27 2008 Dmitry V. Levin <[email protected]> 1.3.1-alt1
- hasher-useradd: Include subconfig number to default satellite user names.
- Fixed build with fresh gcc.
* Mon Mar 24 2008 Dmitry V. Levin <[email protected]> 1.3.0-alt1
- Changed parent I/O loop: parent process no longer closes master
pty descriptor when child closes all its output descriptors;
parent process now waits for child process termination or timeout.
- DESIGN: Described "handle child input/output" control flow
- Implemented /dev/log listener.
* Wed Oct 10 2007 Dmitry V. Levin <[email protected]> 1.2.11-alt1
- chrootuid.sh.in (exit_handler): Fixed exit status check (at@).
- Implemented "hasher-priv getconf" mode.
* Mon May 14 2007 Dmitry V. Levin <[email protected]> 1.2.10-alt1
- Fixed hasher-priv.conf man section number (#11613).
- Changed "prefix" option meaning from allowed prefix to
colon-separated list of allowed prefixes.
- Changed system.conf prefix value from "~" to "~:/tmp/.private".
- Made %configdir directory tree not only traversable but also
readable by "hashman" group members.
* Mon Apr 09 2007 Dmitry V. Levin <[email protected]> 1.2.9-alt1
- hasher-useradd: When creating satellite users for a system user,
make them system users, too (#11416).
* Fri Feb 23 2007 Dmitry V. Levin <[email protected]> 1.2.8-alt1
- Changed default nice change value from 10 to 8.
- Added support for new RLIMIT_* types:
sigpending, msgqueue, nice, rtprio.
* Mon Dec 18 2006 Dmitry V. Levin <[email protected]> 1.2.7-alt1
- makedev: Create /dev/full device file.
- makedev: Switch fs gid to 0 during device file creation.
- hasher-useradd: Use gpasswd for better group names handling (#10305).
* Wed Oct 18 2006 Dmitry V. Levin <[email protected]> 1.2.6-alt1
- Allowed "user.d" configs to override wlimits defined in "system" config.
* Sun Oct 15 2006 Dmitry V. Levin <[email protected]> 1.2.5-alt1
- Fixed build with -D_FORTIFY_SOURCE=2 -Werror.
* Sat Mar 18 2006 Dmitry V. Levin <[email protected]> 1.2.4-alt1
- makeconsole: New mode, creates console-specific root-only
devices initially introduced by 1.2.2's makedev.
- makedev.sh: In addition to makedev, call makeconsole
if enabled by $makedev_console.
* Sat Jan 21 2006 Dmitry V. Levin <[email protected]> 1.2.3-alt1
- Makefile: Corrected LFS_CFLAGS.
- child.c: Reworked xauth_add_entry() to support various xauth locations.
* Sun Oct 09 2005 Dmitry V. Levin <[email protected]> 1.2.2-alt1
- If use_pty is not set, handle child's stdout and stderr separately.
- In makedev mode, create few devices available to root only (mouse@).
* Mon Aug 15 2005 Dmitry V. Levin <[email protected]> 1.2.1-alt1
- hasher-priv: Do not lowercase mount points (at@).
- chrootuid1.sh: Synced with chrootuid2.sh.
- DESIGN: Fixed typo (at@).
* Sat Jul 16 2005 Dmitry V. Levin <[email protected]> 1.2.0-alt1
- Implemented X11 authentication spoofing.
- Implemented custom mounts support via %configdir/fstab.
* Sat Jul 09 2005 Dmitry V. Levin <[email protected]> 1.1.0-alt1
- Implemented X11 forwarding.
* Sat Apr 30 2005 Dmitry V. Levin <[email protected]> 1.0.5-alt1
- Fixed umount looping on 2.6 kernel (closes #6667).
* Sun Mar 13 2005 Dmitry V. Levin <[email protected]> 1.0.4-alt1
- When making device files inside chroot,
first try to hardlink existing device files,
second try to create them using mknod(2).
This approach simplifies usage in restricted environments
where mknod(2) is not allowed even for superuser.
* Mon Jan 03 2005 Dmitry V. Levin <[email protected]> 1.0.3-alt1
- Changed helper directory to %helperdir.
- Updated documentation:
+ hasher-priv.conf(5): s/lim_/limit_/ (fixes #5805);
+ hasher-priv(8): fix NAME section, document TERM variable;
+ hasher-useradd(8): fix NAME section.
* Thu Nov 18 2004 Dmitry V. Levin <[email protected]> 1.0.2-alt1
- Changed privileged helper to suid program,
to get rid of sudo dependence.
* Sat Sep 11 2004 Dmitry V. Levin <[email protected]> 1.0.1-alt1
- Enhanced use_pty mode:
pass $TERM value, translate window size changes.
- Pass libexecdir to %%make_build (#4902).
* Thu Jul 15 2004 Dmitry V. Levin <[email protected]> 1.0-alt1
- Added hasher-priv.conf(5) manpage.
- Added more docs to hasher-priv(8) manpage.
* Tue Jul 13 2004 Dmitry V. Levin <[email protected]> 0.9.9-alt1
- maketty: new mode, controlled by allow_ttydev config option.
- chrootuid: use pty for communicating with child,
controlled by use_pty environment option.
* Fri Jul 09 2004 Dmitry V. Levin <[email protected]> 0.9-alt1
- Implemented mount/umount modes, controlled by
allowed_mountpoints config option.
- New config option: allowed_mountpoints.
- DESIGN: document it.
* Wed Jul 07 2004 Dmitry V. Levin <[email protected]> 0.8-alt1
- config:
+ read work limit hints from environment variables;
+ use lstat+chdir+lstat instead of open+fstat+fchdir+close.
* Tue Jul 06 2004 Dmitry V. Levin <[email protected]> 0.7.1-alt1
- chroot prefix: trim trailing slashes.
* Fri Jan 02 2004 Dmitry V. Levin <[email protected]> 0.7-alt1
- Deal with compilation warnings generated by new gcc compiler.
- Build with -W -Wall -Werror by default.
- Enhanced prefix mismatch diagnostics.
* Wed Oct 15 2003 Dmitry V. Levin <[email protected]> 0.6.1-alt1
- Fixed exit code translation error introduced in previous release.
* Tue Oct 14 2003 Dmitry V. Levin <[email protected]> 0.6-alt1
- config, chrootuid{1,2}: handle work limits.
* Sun Sep 21 2003 Dmitry V. Levin <[email protected]> 0.5-alt1
- chrootuid{1,2}: call killuid on signal arrival.
* Sun Sep 07 2003 Dmitry V. Levin <[email protected]> 0.4-alt1
- killuid: purge all SYSV IPC objects.
* Wed Jul 02 2003 Dmitry V. Levin <[email protected]> 0.3-alt1
- Renamed project to hasher-priv.
- Renamed pkg-build group to hashman.
* Thu Jun 26 2003 Dmitry V. Levin <[email protected]> 0.2.1-alt1
- pkg-build-priv:
+ fixed typo in usage text;
+ in chrootuid, export user-dependent USER variable.
- pkg-build-useradd: add user also to the main group of user2.
* Sat May 10 2003 Dmitry V. Levin <[email protected]> 0.2.0-alt1
- Config file parser now supports options for setting umask,
nice and resource limits.
- Set umask=022 and nice=10 by default
(same values which was hardcoded before).
- Make config files readable by users.
- chrootuid{1,2}.sh: do killuid call before chrootuid call
as well as after chrootuid call.
* Tue May 06 2003 Dmitry V. Levin <[email protected]> 0.1.6-alt1
- pkg-build-priv:
+ added --version option;
+ added help2man-generated manpage.
* Mon May 05 2003 Dmitry V. Levin <[email protected]> 0.1.5-alt1
- chrootuid.c: set nice to 10.
* Thu May 01 2003 Dmitry V. Levin <[email protected]> 0.1.4-alt1
- chrootuid.c: pass user-dependent HOME to spawned process,
not just "HOME=/" as before.
* Tue Apr 29 2003 Dmitry V. Levin <[email protected]> 0.1.3-alt1
- chdiruid.c: extended error diagnostics.
* Sat Apr 12 2003 Dmitry V. Levin <[email protected]> 0.1.2-alt1
- killuid.c: fixed build and work on linux kernel 2.2.x
- chrootuid.c: added /usr/X11R6/bin to the PATH of second user
- Install helper setgid pkg-build to ensure dumpable flag is unset.
* Wed Apr 09 2003 Dmitry V. Levin <[email protected]> 0.1.1-alt1
- chdiruid.c: check for group-writable directory without sticky bit.
* Sun Apr 06 2003 Dmitry V. Levin <[email protected]> 0.1-alt1
- Added %_sbindir/pkg-build-useradd.
- Added DESIGN file.
* Sun Apr 06 2003 Dmitry V. Levin <[email protected]> 0.0.5-alt1
- Added CALLER_NUM support.
* Fri Apr 04 2003 Dmitry V. Levin <[email protected]> 0.0.4-alt1
- priv.h:
+ lowered minimal uid/gid from 100 to 34.
- chrootuid.c:
+ fixed typo.
* Thu Apr 03 2003 Dmitry V. Levin <[email protected]> 0.0.3-alt1
- chrootuid.c: set umask (022) unconditionally before exec.
* Mon Mar 31 2003 Dmitry V. Levin <[email protected]> 0.0.2-alt1
- priv.h:
+ lowered minimal uid/gid from 500 to 100.
- chdiruid.c:
+ added check for "st_gid != change_gid1";
+ removed check for "st_mode & S_IWGRP".
* Sun Mar 30 2003 Dmitry V. Levin <[email protected]> 0.0.1-alt1
- Initial revision.