Received: from vps892.directvps.nl (ikke.info [178.21.113.177]) by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 97609782BDA for <~alpine/aports@lists.alpinelinux.org>; Fri, 29 Jan 2021 17:20:16 +0000 (UTC) Received: by vps892.directvps.nl (Postfix, from userid 1008) id 26A1F440138; Fri, 29 Jan 2021 18:20:15 +0100 (CET) Date: Fri, 29 Jan 2021 18:20:15 +0100 From: Kevin Daudt To: Drew DeVault Cc: ~alpine/aports@lists.alpinelinux.org Subject: Re: [PATCH] main/doas: upgrade to 6.8.1 Message-ID: References: <20210128220833.7349-1-sir@cmpwn.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210128220833.7349-1-sir@cmpwn.com> On Thu, Jan 28, 2021 at 05:08:33PM -0500, Drew DeVault wrote: > --- > main/doas/APKBUILD | 12 ++++-------- > main/doas/reset-path.patch | 36 ------------------------------------ > 2 files changed, 4 insertions(+), 44 deletions(-) > delete mode 100644 main/doas/reset-path.patch > > diff --git a/main/doas/APKBUILD b/main/doas/APKBUILD > index 6e863e45d1..3abbc541e0 100644 > --- a/main/doas/APKBUILD > +++ b/main/doas/APKBUILD > @@ -1,17 +1,14 @@ > # Maintainer: Drew DeVault > pkgname=doas > -pkgver=6.8 > -pkgrel=1 > +pkgver=6.8.1 > +pkgrel=0 > pkgdesc="OpenBSD's temporary privilege escalation tool" > url="https://github.com/Duncaen/OpenDoas" > arch="all" > license="BSD" > makedepends="bison" > subpackages="$pkgname-doc" > -source=" > - $pkgname-$pkgver.tar.gz::https://github.com/Duncaen/OpenDoas/archive/v$pkgver.tar.gz > - reset-path.patch > -" > +source="$pkgname-$pkgver.tar.gz::https://github.com/Duncaen/OpenDoas/archive/v$pkgver.tar.gz" > builddir="$srcdir/OpenDoas-$pkgver" > options="$options suid" > > @@ -44,5 +41,4 @@ package() { > chmod 440 "$pkgdir"/etc/doas.conf > } > > -sha512sums="4a57079bba353247e645bc07a5d4e78fd01471d193e83751fd87b72cffa4e152c0f7ea172563f767a7193b14489f57bc066b4fee50842d30b5b7f7ce918434bb doas-6.8.tar.gz > -f261e954e7daf89bb7a8381a0be2942edebe4020b3b304ca1a71a5e5894482f1725e3dc75bc0da0603bde9cb729516010d1fdaeb7cd464b2ad03b131edc614a7 reset-path.patch" > +sha512sums="d96fe1cdd70e9211de9996ad05bcf7a127facd02af48f7ab2561869d9d16708f1b61722c6e6b9fe15a62e9ef501e09b1ba444b7b43a066f1895e543ebc9402e7 doas-6.8.1.tar.gz" > diff --git a/main/doas/reset-path.patch b/main/doas/reset-path.patch > deleted file mode 100644 > index 0cf85f1e13..0000000000 > --- a/main/doas/reset-path.patch > +++ /dev/null > @@ -1,36 +0,0 @@ > -From bf60b34f014432140b712395da9e792db3f55f06 Mon Sep 17 00:00:00 2001 > -From: Duncan Overbruck > -Date: Thu, 28 Jan 2021 17:58:34 +0100 > -Subject: [PATCH] correctly reset path for rules without specific command > - > -This is a fixup for commit 01c658f8c45cb92a343be5f32aa6da70b2032168 > -where the behaviour was changed to not inherit the PATH variable > -by default. > ---- > - doas.c | 3 +++ > - 1 file changed, 3 insertions(+) > - > -diff --git a/doas.c b/doas.c > -index a184650..d312b24 100644 > ---- a/doas.c > -+++ b/doas.c > -@@ -386,6 +386,7 @@ main(int argc, char **argv) > - > - #ifdef HAVE_LOGIN_CAP_H > - if (setusercontext(NULL, targpw, target, LOGIN_SETGROUP | > -+ LOGIN_SETPATH | > - LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK | > - LOGIN_SETUSER) != 0) > - errx(1, "failed to set user context for target"); > -@@ -396,6 +397,8 @@ main(int argc, char **argv) > - err(1, "initgroups"); > - if (setresuid(target, target, target) != 0) > - err(1, "setresuid"); > -+ if (setenv("PATH", safepath, 1) == -1) > -+ err(1, "failed to set PATH '%s'", safepath); > - #endif > - > - if (getcwd(cwdpath, sizeof(cwdpath)) == NULL) > --- > -2.30.0 > - > -- > 2.30.0 > Do we want to backport this to 3.13 as well?