From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id E3E8E13832E for ; Sat, 20 Aug 2016 21:26:21 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1463FE0944; Sat, 20 Aug 2016 21:26:19 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 9A99CE0944 for ; Sat, 20 Aug 2016 21:26:18 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E916533FA71 for ; Sat, 20 Aug 2016 21:26:16 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 40BCD2455 for ; Sat, 20 Aug 2016 21:26:15 +0000 (UTC) From: "Nathan Phillip Brink" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Nathan Phillip Brink" Message-ID: <1471728366.1a1a5528ea8d7264df4f7bb2e1b5d3e55501736d.binki@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-irc/unrealircd/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-irc/unrealircd/unrealircd-4.0.5.ebuild X-VCS-Directories: net-irc/unrealircd/ X-VCS-Committer: binki X-VCS-Committer-Name: Nathan Phillip Brink X-VCS-Revision: 1a1a5528ea8d7264df4f7bb2e1b5d3e55501736d X-VCS-Branch: master Date: Sat, 20 Aug 2016 21:26:15 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 0d2bd251-da2d-4695-b854-2874b313270a X-Archives-Hash: 96af28871194d5a7c1bd200297dddd4e commit: 1a1a5528ea8d7264df4f7bb2e1b5d3e55501736d Author: Nathan Phillip Brink gentoo org> AuthorDate: Sat Aug 20 21:26:06 2016 +0000 Commit: Nathan Phillip Brink gentoo org> CommitDate: Sat Aug 20 21:26:06 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a1a5528 net-irc/unrealircd: Precreate tune/logfile for bug #560790. If you run a program as root and it creates files those will be owned by root instead of the intended user. Since unrealircd was not intended to be run directly as root but it is easy to do so by accident, this change precreates some files so that it is easier to switch back to running unrealircd as an unprivileged user. Package-Manager: portage-2.2.28 net-irc/unrealircd/unrealircd-4.0.5.ebuild | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/net-irc/unrealircd/unrealircd-4.0.5.ebuild b/net-irc/unrealircd/unrealircd-4.0.5.ebuild index ef83305..b05a984 100644 --- a/net-irc/unrealircd/unrealircd-4.0.5.ebuild +++ b/net-irc/unrealircd/unrealircd-4.0.5.ebuild @@ -63,7 +63,7 @@ src_configure() { --with-tmpdir="${EPREFIX}"/var/lib/${PN}/tmp \ --with-nick-history=2000 \ --with-sendq=3000000 \ - --with-permissions=0600 \ + --with-permissions=0640 \ --with-fd-setsize=1024 \ --with-system-cares \ --with-system-pcre2 \ @@ -213,10 +213,29 @@ s/"and another one";/"'"${keys[2]}"'";/ eend $? fi + # Precreate ircd.tune and ircd.log with the correct ownership to + # protect people from themselves when they run unrealircd as root + # before trying the initscripts. #560790 + local f + for f in "${EROOT}"var/{lib/${PN}/ircd.tune,log/${PN}/ircd.log}; do + [[ -e ${f} ]] && continue + ebegin "Precreating ${f} to set ownership" + ( + umask 0037 + # ircd.tune must be seeded with content instead of being empty. + if [[ ${f} == *ircd.tune ]]; then + echo 0 > "${f}" + echo 0 >> "${f}" + fi + touch "${f}" + ) + chown unrealircd "${f}" + eend $? + done + elog "UnrealIRCd will not run until you've set up /etc/unrealircd/unrealircd.conf" elog elog "You can also configure ${PN} start at boot with rc-update(1)." - elog "Note that it is recommended to run unrealircd as an" - elog "unprivileged user (the provided init.d script does this" - elog "for you). Running as root will break file permissions." + elog "It is recommended to run unrealircd as an unprivileged user." + elog "The provided init.d script does this for you." }