[-- Attachment #1: Type: text/plain, Size: 1234 bytes --] There is a new pull request by travankor against master on the void-packages repository https://github.com/travankor/void-packages pam_rundir https://github.com/void-linux/void-packages/pull/35212 pam_rundir: fix conditional and set the user gid for the dir. <!-- Uncomment relevant sections and delete options which are not applicable --> #### Testing the changes - I tested the changes in this PR: **briefly** <!-- #### New package - This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO** --> <!-- Note: If the build is likely to take more than 2 hours, please [skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration) and test at least one native build and, if supported, at least one cross build. Ignore this section if this PR is not skipping CI. --> <!-- #### Local build testing - I built this PR locally for my native architecture, (ARCH-LIBC) - I built this PR locally for these architectures (if supported. mark crossbuilds): - aarch64-musl - armv7l - armv6l-musl --> A patch file from https://github.com/void-linux/void-packages/pull/35212.patch is attached [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #2: github-pr-pam_rundir-35212.patch --] [-- Type: text/x-diff, Size: 3139 bytes --] From 2d4303e847fdba6f1d9f3dfc832a387052fd7d0e Mon Sep 17 00:00:00 2001 From: travankor <travankor@tuta.io> Date: Thu, 20 Jan 2022 10:41:10 -0700 Subject: [PATCH] pam_rundir: fix conditional and set the user gid for the dir. --- srcpkgs/pam_rundir/patches/fix.patch | 1 - srcpkgs/pam_rundir/patches/fix2.patch | 13 +++++++++++++ srcpkgs/pam_rundir/patches/setegid.patch | 24 ++++++++++++++++++++++++ srcpkgs/pam_rundir/template | 2 +- 4 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 srcpkgs/pam_rundir/patches/fix2.patch create mode 100644 srcpkgs/pam_rundir/patches/setegid.patch diff --git a/srcpkgs/pam_rundir/patches/fix.patch b/srcpkgs/pam_rundir/patches/fix.patch index 3ef75edfea60..252267584934 100644 --- a/srcpkgs/pam_rundir/patches/fix.patch +++ b/srcpkgs/pam_rundir/patches/fix.patch @@ -37,4 +37,3 @@ + prctl (PR_SET_SECUREBITS, (unsigned long) secbits); close (fd); /* also unlocks */ } - diff --git a/srcpkgs/pam_rundir/patches/fix2.patch b/srcpkgs/pam_rundir/patches/fix2.patch new file mode 100644 index 000000000000..e13c85b71727 --- /dev/null +++ b/srcpkgs/pam_rundir/patches/fix2.patch @@ -0,0 +1,13 @@ +diff --git a/pam_rundir.c b/pam_rundir.c +index 2d2c201..67c7ca6 100644 +--- a/pam_rundir.c ++++ b/pam_rundir.c +@@ -197,7 +197,7 @@ write_counter (int fd, int count) + r = write (fd, buf + w, l - w); + if (r < 0) + { +- if (errno = EINTR) ++ if (errno == EINTR) + continue; + if (w > 0) + emergency_invalidate_counter (fd); diff --git a/srcpkgs/pam_rundir/patches/setegid.patch b/srcpkgs/pam_rundir/patches/setegid.patch new file mode 100644 index 000000000000..9181f616b318 --- /dev/null +++ b/srcpkgs/pam_rundir/patches/setegid.patch @@ -0,0 +1,24 @@ +diff --git a/pam_rundir.c b/pam_rundir.c +index d36584d..f92c73e 100644 +--- a/pam_rundir.c ++++ b/pam_rundir.c +@@ -404,8 +404,8 @@ + secbits = prctl (PR_GET_SECUREBITS); + if (secbits != -1) + prctl (PR_SET_SECUREBITS, (unsigned long) secbits | SECBIT_NO_SETUID_FIXUP); +- /* set euid so if we do create the dir, it is own by the user */ +- if (seteuid (pw->pw_uid) < 0) ++ /* set euid and egid so if we do create the dir, it is owned by the user */ ++ if (seteuid (pw->pw_uid) < 0 || setegid (pw->pw_gid) < 0) + { + r = -1; + goto done; +@@ -422,7 +422,7 @@ + pam_putenv (pamh, buf); + } + /* restore */ +- if (seteuid (0) < 0) ++ if (seteuid (0) < 0 || setegid (0) < 0) + { + r = -1; + goto done; diff --git a/srcpkgs/pam_rundir/template b/srcpkgs/pam_rundir/template index f08238ddb5fd..080be5afca30 100644 --- a/srcpkgs/pam_rundir/template +++ b/srcpkgs/pam_rundir/template @@ -1,7 +1,7 @@ # Template file for 'pam_rundir' pkgname=pam_rundir version=1.0.0 -revision=5 +revision=6 build_style=configure configure_args="--prefix=/usr --with-parentdir=/run/user" makedepends="pam-devel"
[-- Attachment #1: Type: text/plain, Size: 280 bytes --] New review comment by Piraty on void-packages repository https://github.com/void-linux/void-packages/pull/35212#discussion_r814708779 Comment: i assume you got this from here? https://github.com/jjk-jacky/pam_rundir/pull/5/ please put a reference, (same for the other patches)
[-- Attachment #1: Type: text/plain, Size: 1239 bytes --] There is an updated pull request by travankor against master on the void-packages repository https://github.com/travankor/void-packages pam_rundir https://github.com/void-linux/void-packages/pull/35212 pam_rundir: fix conditional and set the user gid for the dir. <!-- Uncomment relevant sections and delete options which are not applicable --> #### Testing the changes - I tested the changes in this PR: **briefly** <!-- #### New package - This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO** --> <!-- Note: If the build is likely to take more than 2 hours, please [skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration) and test at least one native build and, if supported, at least one cross build. Ignore this section if this PR is not skipping CI. --> <!-- #### Local build testing - I built this PR locally for my native architecture, (ARCH-LIBC) - I built this PR locally for these architectures (if supported. mark crossbuilds): - aarch64-musl - armv7l - armv6l-musl --> A patch file from https://github.com/void-linux/void-packages/pull/35212.patch is attached [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #2: github-pr-pam_rundir-35212.patch --] [-- Type: text/x-diff, Size: 3257 bytes --] From 8378166ba3b55fa6e6b9a8f035d259255c550689 Mon Sep 17 00:00:00 2001 From: travankor <travankor@tuta.io> Date: Thu, 20 Jan 2022 10:41:10 -0700 Subject: [PATCH] pam_rundir: fix conditional and set the user gid for the dir. --- srcpkgs/pam_rundir/patches/fix.patch | 1 - srcpkgs/pam_rundir/patches/fix2.patch | 15 ++++++++++++++ srcpkgs/pam_rundir/patches/setegid.patch | 26 ++++++++++++++++++++++++ srcpkgs/pam_rundir/template | 2 +- 4 files changed, 42 insertions(+), 2 deletions(-) create mode 100644 srcpkgs/pam_rundir/patches/fix2.patch create mode 100644 srcpkgs/pam_rundir/patches/setegid.patch diff --git a/srcpkgs/pam_rundir/patches/fix.patch b/srcpkgs/pam_rundir/patches/fix.patch index 3ef75edfea60..252267584934 100644 --- a/srcpkgs/pam_rundir/patches/fix.patch +++ b/srcpkgs/pam_rundir/patches/fix.patch @@ -37,4 +37,3 @@ + prctl (PR_SET_SECUREBITS, (unsigned long) secbits); close (fd); /* also unlocks */ } - diff --git a/srcpkgs/pam_rundir/patches/fix2.patch b/srcpkgs/pam_rundir/patches/fix2.patch new file mode 100644 index 000000000000..99e5e02658be --- /dev/null +++ b/srcpkgs/pam_rundir/patches/fix2.patch @@ -0,0 +1,15 @@ +from https://github.com/jjk-jacky/pam_rundir/pull/5 + +diff --git a/pam_rundir.c b/pam_rundir.c +index 2d2c201..67c7ca6 100644 +--- a/pam_rundir.c ++++ b/pam_rundir.c +@@ -197,7 +197,7 @@ write_counter (int fd, int count) + r = write (fd, buf + w, l - w); + if (r < 0) + { +- if (errno = EINTR) ++ if (errno == EINTR) + continue; + if (w > 0) + emergency_invalidate_counter (fd); diff --git a/srcpkgs/pam_rundir/patches/setegid.patch b/srcpkgs/pam_rundir/patches/setegid.patch new file mode 100644 index 000000000000..3c573cd41a53 --- /dev/null +++ b/srcpkgs/pam_rundir/patches/setegid.patch @@ -0,0 +1,26 @@ +backport of https://github.com/jjk-jacky/pam_rundir/pull/8 + +diff --git a/pam_rundir.c b/pam_rundir.c +index d36584d..f92c73e 100644 +--- a/pam_rundir.c ++++ b/pam_rundir.c +@@ -404,8 +404,8 @@ + secbits = prctl (PR_GET_SECUREBITS); + if (secbits != -1) + prctl (PR_SET_SECUREBITS, (unsigned long) secbits | SECBIT_NO_SETUID_FIXUP); +- /* set euid so if we do create the dir, it is own by the user */ +- if (seteuid (pw->pw_uid) < 0) ++ /* set euid and egid so if we do create the dir, it is owned by the user */ ++ if (seteuid (pw->pw_uid) < 0 || setegid (pw->pw_gid) < 0) + { + r = -1; + goto done; +@@ -422,7 +422,7 @@ + pam_putenv (pamh, buf); + } + /* restore */ +- if (seteuid (0) < 0) ++ if (seteuid (0) < 0 || setegid (0) < 0) + { + r = -1; + goto done; diff --git a/srcpkgs/pam_rundir/template b/srcpkgs/pam_rundir/template index f08238ddb5fd..080be5afca30 100644 --- a/srcpkgs/pam_rundir/template +++ b/srcpkgs/pam_rundir/template @@ -1,7 +1,7 @@ # Template file for 'pam_rundir' pkgname=pam_rundir version=1.0.0 -revision=5 +revision=6 build_style=configure configure_args="--prefix=/usr --with-parentdir=/run/user" makedepends="pam-devel"
[-- Attachment #1: Type: text/plain, Size: 1239 bytes --] There is an updated pull request by travankor against master on the void-packages repository https://github.com/travankor/void-packages pam_rundir https://github.com/void-linux/void-packages/pull/35212 pam_rundir: fix conditional and set the user gid for the dir. <!-- Uncomment relevant sections and delete options which are not applicable --> #### Testing the changes - I tested the changes in this PR: **briefly** <!-- #### New package - This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO** --> <!-- Note: If the build is likely to take more than 2 hours, please [skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration) and test at least one native build and, if supported, at least one cross build. Ignore this section if this PR is not skipping CI. --> <!-- #### Local build testing - I built this PR locally for my native architecture, (ARCH-LIBC) - I built this PR locally for these architectures (if supported. mark crossbuilds): - aarch64-musl - armv7l - armv6l-musl --> A patch file from https://github.com/void-linux/void-packages/pull/35212.patch is attached [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #2: github-pr-pam_rundir-35212.patch --] [-- Type: text/x-diff, Size: 3257 bytes --] From c5cbbeb906e5ac70ee3467e539daa4a3d6412d6c Mon Sep 17 00:00:00 2001 From: travankor <travankor@tuta.io> Date: Thu, 20 Jan 2022 10:41:10 -0700 Subject: [PATCH] pam_rundir: fix conditional and set the user gid for the dir. --- srcpkgs/pam_rundir/patches/fix.patch | 1 - srcpkgs/pam_rundir/patches/fix2.patch | 15 ++++++++++++++ srcpkgs/pam_rundir/patches/setegid.patch | 26 ++++++++++++++++++++++++ srcpkgs/pam_rundir/template | 2 +- 4 files changed, 42 insertions(+), 2 deletions(-) create mode 100644 srcpkgs/pam_rundir/patches/fix2.patch create mode 100644 srcpkgs/pam_rundir/patches/setegid.patch diff --git a/srcpkgs/pam_rundir/patches/fix.patch b/srcpkgs/pam_rundir/patches/fix.patch index 3ef75edfea60..252267584934 100644 --- a/srcpkgs/pam_rundir/patches/fix.patch +++ b/srcpkgs/pam_rundir/patches/fix.patch @@ -37,4 +37,3 @@ + prctl (PR_SET_SECUREBITS, (unsigned long) secbits); close (fd); /* also unlocks */ } - diff --git a/srcpkgs/pam_rundir/patches/fix2.patch b/srcpkgs/pam_rundir/patches/fix2.patch new file mode 100644 index 000000000000..99e5e02658be --- /dev/null +++ b/srcpkgs/pam_rundir/patches/fix2.patch @@ -0,0 +1,15 @@ +from https://github.com/jjk-jacky/pam_rundir/pull/5 + +diff --git a/pam_rundir.c b/pam_rundir.c +index 2d2c201..67c7ca6 100644 +--- a/pam_rundir.c ++++ b/pam_rundir.c +@@ -197,7 +197,7 @@ write_counter (int fd, int count) + r = write (fd, buf + w, l - w); + if (r < 0) + { +- if (errno = EINTR) ++ if (errno == EINTR) + continue; + if (w > 0) + emergency_invalidate_counter (fd); diff --git a/srcpkgs/pam_rundir/patches/setegid.patch b/srcpkgs/pam_rundir/patches/setegid.patch new file mode 100644 index 000000000000..3c573cd41a53 --- /dev/null +++ b/srcpkgs/pam_rundir/patches/setegid.patch @@ -0,0 +1,26 @@ +backport of https://github.com/jjk-jacky/pam_rundir/pull/8 + +diff --git a/pam_rundir.c b/pam_rundir.c +index d36584d..f92c73e 100644 +--- a/pam_rundir.c ++++ b/pam_rundir.c +@@ -404,8 +404,8 @@ + secbits = prctl (PR_GET_SECUREBITS); + if (secbits != -1) + prctl (PR_SET_SECUREBITS, (unsigned long) secbits | SECBIT_NO_SETUID_FIXUP); +- /* set euid so if we do create the dir, it is own by the user */ +- if (seteuid (pw->pw_uid) < 0) ++ /* set euid and egid so if we do create the dir, it is owned by the user */ ++ if (seteuid (pw->pw_uid) < 0 || setegid (pw->pw_gid) < 0) + { + r = -1; + goto done; +@@ -422,7 +422,7 @@ + pam_putenv (pamh, buf); + } + /* restore */ +- if (seteuid (0) < 0) ++ if (seteuid (0) < 0 || setegid (0) < 0) + { + r = -1; + goto done; diff --git a/srcpkgs/pam_rundir/template b/srcpkgs/pam_rundir/template index f08238ddb5fd..080be5afca30 100644 --- a/srcpkgs/pam_rundir/template +++ b/srcpkgs/pam_rundir/template @@ -1,7 +1,7 @@ # Template file for 'pam_rundir' pkgname=pam_rundir version=1.0.0 -revision=5 +revision=6 build_style=configure configure_args="--prefix=/usr --with-parentdir=/run/user" makedepends="pam-devel"
[-- Attachment #1: Type: text/plain, Size: 1076 bytes --] There's a merged pull request on the void-packages repository pam_rundir: fix conditional and set the user gid for the dir. https://github.com/void-linux/void-packages/pull/35212 Description: <!-- Uncomment relevant sections and delete options which are not applicable --> #### Testing the changes - I tested the changes in this PR: **briefly** <!-- #### New package - This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO** --> <!-- Note: If the build is likely to take more than 2 hours, please [skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration) and test at least one native build and, if supported, at least one cross build. Ignore this section if this PR is not skipping CI. --> <!-- #### Local build testing - I built this PR locally for my native architecture, (ARCH-LIBC) - I built this PR locally for these architectures (if supported. mark crossbuilds): - aarch64-musl - armv7l - armv6l-musl -->
[-- Attachment #1: Type: text/plain, Size: 345 bytes --] New comment by eoli3n on void-packages repository https://github.com/void-linux/void-packages/pull/35212#issuecomment-1052124075 Comment: I have a problem when disconnecting from my session. I can't run sway anymore, I need to reboot to be able to relaunch a new sway session. I get an error "XDG_DIR not set". Do you experienced that issue ?
[-- Attachment #1: Type: text/plain, Size: 234 bytes --] New comment by Piraty on void-packages repository https://github.com/void-linux/void-packages/pull/35212#issuecomment-1052673681 Comment: @eoli3n is this caused by these patches? (test by downgrading pam_rundir to previous version)
[-- Attachment #1: Type: text/plain, Size: 169 bytes --] New comment by eoli3n on void-packages repository https://github.com/void-linux/void-packages/pull/35212#issuecomment-1053618814 Comment: No, just a general question.
[-- Attachment #1: Type: text/plain, Size: 290 bytes --] New comment by travankor on void-packages repository https://github.com/void-linux/void-packages/pull/35212#issuecomment-1054228284 Comment: If it's not related to this PR, could you please open a separate issue, instead? I have not run into that issue if I understood correctly, though.