1. Forum
  2. Usenet
  3. LINUX.GENTOO.DEV

  • [gentoo-dev] [PATCH 0/9] eclass: Use UID 0 instead of root and other fi

    From =?UTF-8?q?Ulrich=20M=C3=BCller?=@21:1/5 to All on Sun Mar 27 09:30:01 2022
    This series of patches addresses eclasses using the "root" user name
    to check for superuser privileges. Using UID or GID 0 will work in
    more situations (e.g. when the superuser isn't named root).

    Additionally, change string comparison to arithmetic comparision for
    testing EUID. Introduce an additional sanity check preventing lockout
    of the superuser in acct-user.eclass.

    Bug: https://bugs.gentoo.org/595908

    Haelwenn (lanodan) Monnier (1):
    fcaps.eclass: Use UID 0 instead of root

    Ulrich Müller (8):
    cron.eclass: Use UID 0 instead of root
    qmail.eclass: Use UID 0 instead of root
    toolchain.eclass: Use UID 0 instead of root
    webapp.eclass: Use UID 0 instead of root
    fcaps.eclass: Use arithmetic test for UID
    user.eclass: Use arithmetic test for UID
    acct-user.eclass: Use arithmetic test for EUID
    acct-user.eclass: Refuse to lock out the superuser

    eclass/acct-user.eclass | 17 +++++++++++------
    eclass/cron.eclass | 12 ++++++------
    eclass/fcaps.eclass | 6 +++---
    eclass/qmail.eclass | 12 ++++++------
    eclass/toolchain.eclass | 2 +-
    eclass/user.eclass | 4 ++--
    eclass/webapp.eclass | 4 ++--
    7 files changed, 31 insertions(+), 26 deletions(-)

    --
    2.35.1

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?q?Ulrich=20M=C3=BCller?=@21:1/5 to All on Sun Mar 27 09:30:01 2022
    Bug: https://bugs.gentoo.org/595908
    Signed-off-by: Ulrich Müller <ulm@gentoo.org>
    ---
    eclass/toolchain.eclass | 2 +-
    1 file changed, 1 insertion(+), 1 deletion(-)

    diff --git a/eclass/toolchain.eclass b/eclass/toolchain.eclass
    index 495a305ed83e..8788e72efebb 100644
    --- a/eclass/toolchain.eclass
    +++ b/eclass/toolchain.eclass
    @@ -1780,7 +1780,7 @@ toolchain_src_install() {
    # Use gid of 0 because some stupid ports don't have
    # the group 'root' set to gid 0. Send to /dev/null
    # for people who are testing as non-root.
    - chown -R root:0 "${D}${LIBPATH}" 2>/dev/null
    + chown -R 0:0 "${D}${LIBPATH}" 2>/dev/null

    # Installing gdb pretty-printers into gdb-specific location.
    local py gdbdir=/usr/share/gdb/auto-load${LIBPATH}
    --
    2.35.1

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?q?Ulrich=20M=C3=BCller?=@21:1/5 to All on Sun Mar 27 09:30:01 2022
    Bug: https://bugs.gentoo.org/595908
    Signed-off-by: Ulrich Müller <ulm@gentoo.org>
    ---
    eclass/cron.eclass | 12 ++++++------
    1 file changed, 6 insertions(+), 6 deletions(-)

    diff --git a/eclass/cron.eclass b/eclass/cron.eclass
    index 81f963a4f722..3198c181f21b 100644
    --- a/eclass/cron.eclass
    +++ b/eclass/cron.eclass
    @@ -1,4 +1,4 @@
    -# Copyright 1999-2021 Gentoo Authors
    +# Copyright 1999-2022 Gentoo Authors
    # Distributed under the terms of the GNU General Public License v2

    # @ECLASS: cron.eclass
    @@ -44,12 +44,12 @@ done
    # Both arguments are optional. Everything after 'dir' is considered
    # the permissions (same format as insopts).
    #
    -# ex: docrondir /some/dir -m 0770 -o root -g cron
    +# ex: docrondir /some/dir -m 0770 -o 0 -g cron
    # docrondir /some/dir (uses default perms)
    # docrondir -m0700 (uses default dir)
    docrondir() {
    # defaults
    - local perms="-m0750 -o root -g cron" dir="/var/spool/cron/crontabs"
    + local perms="-m0750 -o 0 -g cron" dir="/var/spool/cron/crontabs"

    if [[ -n $1 ]] ; then
    case "$1" in
    @@ -78,10 +78,10 @@ docrondir() {
  • From =?UTF-8?q?Ulrich=20M=C3=BCller?=@21:1/5 to All on Sun Mar 27 09:30:01 2022
    Bug: https://bugs.gentoo.org/595908
    Signed-off-by: Ulrich Müller <ulm@gentoo.org>
    ---
    eclass/webapp.eclass | 4 ++--
    1 file changed, 2 insertions(+), 2 deletions(-)

    diff --git a/eclass/webapp.eclass b/eclass/webapp.eclass
    index 3c0dfc811ac6..1efe4e66b6a9 100644
    --- a/eclass/webapp.eclass
    +++ b/eclass/webapp.eclass
    @@ -1,4 +1,4 @@
    -# Copyright 1999-2021 Gentoo Authors
    +# Copyright 1999-2022 Gentoo Authors
    # Distributed under the terms of the GNU General Public License v2

    # @ECLASS: webapp.eclass
    @@ -457,7 +457,7 @@ webapp_src_install() {
    chmod -R g-s "${D}/"

    keepdir "${MY_PERSISTDIR}"
    - fowners "root:0" "${MY_PERSISTDIR}"
    + fowners "0:0" "${MY_PERSISTDIR}"
    fperms 755 "${MY_PERSISTDIR}"
    }

    --
    2.35.1

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?q?Ulrich=20M=C3=BCller?=@21:1/5 to All on Sun Mar 27 09:30:01 2022
    From: Haelwenn (lanodan) Monnier <contact@hacktivis.me>

    Bug: https://bugs.gentoo.org/595908
    Signed-off-by: Ulrich Müller <ulm@gentoo.org>
    ---
    eclass/fcaps.eclass | 4 ++--
    1 file changed, 2 insertions(+), 2 deletions(-)

    diff --git a/eclass/fcaps.eclass b/eclass/fcaps.eclass
    index 93aa7cd5928d..8ed27429c938 100644
    --- a/eclass/fcaps.eclass
    +++ b/eclass/fcaps.eclass
    @@ -83,7 +83,7 @@ esac
    #
    # If the system is unable to set capabilities, it will use the specified user,
    # group, and mode (presumably to make the binary set*id). The defaults there -# are root:0 and 4711. Otherwise, the ownership and permissions will be
    +# are 0:0 and 4711. Otherwise, the ownership and permissions will be
    # unchanged.
    fcaps() {
    debug-print-function ${FUNCNAME} "$@"
    @@ -94,7 +94,7 @@ fcaps() {
    fi

    # Process the user options first.
    - local owner='root'
    + local owner='0'
    local group='0'
    local mode='4711'
    local caps_mode='711'
    --
    2.35.1

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?q?Ulrich=20M=C3=BCller?=@21:1/5 to All on Sun Mar 27 09:40:01 2022
    Signed-off-by: Ulrich Müller <ulm@gentoo.org>
    ---
    eclass/acct-user.eclass | 12 ++++++------
    1 file changed, 6 insertions(+), 6 deletions(-)

    diff --git a/eclass/acct-user.eclass b/eclass/acct-user.eclass
    index 70ae2434b5df..2e2e1152f9ad 100644
    --- a/eclass/acct-user.eclass
    +++ b/eclass/acct-user.eclass
    @@ -1,4 +1,4 @@
    -# Copyright 2019-2021 Gentoo Authors
    +# Copyright 2019-2022 Gentoo Authors
    # Distributed under the terms of the GNU General Public License v2

    # @ECLASS: acct-user.eclass
    @@ -178,7 +178,7 @@ acct-user_add_deps() {
    eislocked() {
    [[ $# -eq 1 ]] || die "usage: ${FUNCNAME} <user>"

    - if [[ ${EUID} != 0 ]]; then
    + if [[ ${EUID} -ne 0 ]]; then
    einfo "Insufficient privileges to execute ${FUNCNAME[0]}"
    return 0
    fi
    @@ -215,7 +215,7 @@ eislocked() {
    elockuser() {
    [[ $# -eq 1 ]] || die "usage: ${FUNCNAME} <user>"

    - if [[ ${EUID} != 0 ]]; then
    + if [[ ${EUID} -ne 0 ]]; then
    einfo "Insufficient privileges to execute ${FUNCNAME[0]}"
    return 0
    fi
    @@ -258,7 +258,7 @@ elockuser() {
    eunlockuser() {
  • From =?UTF-8?q?Ulrich=20M=C3=BCller?=@21:1/5 to All on Sun Mar 27 09:40:02 2022
    Signed-off-by: Ulrich Müller <ulm@gentoo.org>
    ---
    eclass/user.eclass | 4 ++--
    1 file changed, 2 insertions(+), 2 deletions(-)

    diff --git a/eclass/user.eclass b/eclass/user.eclass
    index 581704eae815..ff69be81c1ec 100644
    --- a/eclass/user.eclass
    +++ b/eclass/user.eclass
    @@ -85,7 +85,7 @@ user_get_nologin() {
    # If -M is passed, enewuser does not create the home directory if it does not
    # exist.
    enewuser() {
    - if [[ ${EUID} != 0 ]] ; then
    + if [[ ${EUID} -ne 0 ]] ; then
    ewarn "Insufficient privileges to execute ${FUNCNAME[0]}"
    return 0
    fi
    @@ -240,7 +240,7 @@ enewuser() {
    # If -F is passed, enewgroup will always enforce specified GID and fail if it
    # can not be assigned.
    enewgroup() {
    - if [[ ${EUID} != 0 ]] ; then
    + if [[ ${EUID} -ne 0 ]] ; then
    ewarn "Insufficient privileges to execute ${FUNCNAME[0]}"
    return 0
    fi
    --
    2.35.1

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?q?Ulrich=20M=C3=BCller?=@21:1/5 to All on Sun Mar 27 09:40:01 2022
    Signed-off-by: Ulrich Müller <ulm@gentoo.org>
    ---
    eclass/acct-user.eclass | 5 +++++
    1 file changed, 5 insertions(+)

    diff --git a/eclass/acct-user.eclass b/eclass/acct-user.eclass
    index 2e2e1152f9ad..f2aaefc2ee39 100644
    --- a/eclass/acct-user.eclass
    +++ b/eclass/acct-user.eclass
    @@ -473,6 +473,11 @@ acct-user_pkg_prerm() {
    return 0
    fi

    + if [[ ${ACCT_USER_ID} -eq 0 ]]; then
    + elog "Refusing to lock out the superuser (UID 0)"
    + return 0
    + fi
    +
    if [[ -z ${REPLACED_BY_VERSION} ]]; then
    if [[ -z $(egetent passwd "${ACCT_USER_NAME}") ]]; then
    ewarn "User account not found: ${ACCT_USER_NAME}"
    --
    2.35.1

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Mike Gilbert@21:1/5 to ulm@gentoo.org on Sun Mar 27 21:50:01 2022
    On Sun, Mar 27, 2022 at 3:27 AM Ulrich Müller <ulm@gentoo.org> wrote:

    This series of patches addresses eclasses using the "root" user name
    to check for superuser privileges. Using UID or GID 0 will work in
    more situations (e.g. when the superuser isn't named root).

    The series looks ok to me.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)