From b8790364b2fabdd22352620d32c862a92c1cdbbe Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Sep 28 2004 21:27:20 +0000 Subject: add runuser as a su replacement for init scripts --- diff --git a/coreutils-5.2.1-runuser.patch b/coreutils-5.2.1-runuser.patch new file mode 100644 index 0000000..d38395a --- /dev/null +++ b/coreutils-5.2.1-runuser.patch @@ -0,0 +1,185 @@ +--- /dev/null 2004-09-27 09:59:52.239792360 -0400 ++++ coreutils-5.2.1/man/runuser.1 2004-09-28 16:15:57.819068795 -0400 +@@ -0,0 +1,58 @@ ++.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33. ++.TH SU "1" "September 2004" "su (coreutils) 5.2.1" "User Commands" ++.SH NAME ++runuser \- run a shell with substitute user and group IDs ++.SH SYNOPSIS ++.B runuser ++[\fIOPTION\fR]... [\fI-\fR] [\fIUSER \fR[\fIARG\fR]...] ++.SH DESCRIPTION ++.\" Add any additional description here ++.PP ++Change the effective user id and group id to that of USER. ++.TP ++-, \fB\-l\fR, \fB\-\-login\fR ++make the shell a login shell ++.TP ++\fB\-c\fR, \fB\-\-commmand\fR=\fICOMMAND\fR ++pass a single COMMAND to the shell with \fB\-c\fR ++.TP ++\fB\-f\fR, \fB\-\-fast\fR ++pass \fB\-f\fR to the shell (for csh or tcsh) ++.TP ++\fB\-m\fR, \fB\-\-preserve\-environment\fR ++do not reset environment variables ++.TP ++\fB\-p\fR ++same as \fB\-m\fR ++.TP ++\fB\-s\fR, \fB\-\-shell\fR=\fISHELL\fR ++run SHELL if /etc/shells allows it ++.TP ++\fB\-\-help\fR ++display this help and exit ++.TP ++\fB\-\-version\fR ++output version information and exit ++.PP ++A mere - implies \fB\-l\fR. If USER not given, assume root. ++.SH AUTHOR ++Written by David MacKenzie. ++.SH "REPORTING BUGS" ++Report bugs to . ++.SH COPYRIGHT ++Copyright \(co 2004 Free Software Foundation, Inc. ++.br ++This is free software; see the source for copying conditions. There is NO ++warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ++.SH "SEE ALSO" ++The full documentation for ++.B su ++is maintained as a Texinfo manual. If the ++.B info ++and ++.B su ++programs are properly installed at your site, the command ++.IP ++.B info coreutils runuser ++.PP ++should give you access to the complete manual. +--- coreutils-5.2.1/man/Makefile.am.runuser 2004-09-28 15:33:53.401051627 -0400 ++++ coreutils-5.2.1/man/Makefile.am 2004-09-28 16:15:37.500277206 -0400 +@@ -10,7 +10,7 @@ + rm.1 rmdir.1 seq.1 sha1sum.1 shred.1 sleep.1 sort.1 split.1 stat.1 stty.1 \ + su.1 sum.1 sync.1 tac.1 tail.1 tee.1 test.1 touch.1 tr.1 true.1 tsort.1 \ + tty.1 uname.1 unexpand.1 uniq.1 unlink.1 uptime.1 users.1 vdir.1 wc.1 \ +- who.1 whoami.1 yes.1 chcon.1 runcon.1 ++ who.1 whoami.1 yes.1 chcon.1 runcon.1 runuser.1 + + man_aux = $(dist_man_MANS:.1=.x) + +@@ -114,6 +114,7 @@ + yes.1: $(common_dep) $(srcdir)/yes.x ../src/yes.c + chcon.1: $(common_dep) $(srcdir)/chcon.x ../src/chcon.c + runcon.1: $(common_dep) $(srcdir)/runcon.x ../src/runcon.c ++runuser.1: $(common_dep) $(srcdir)/runuser.x ../src/runuser.c + + SUFFIXES = .x .1 + +--- /dev/null 2004-09-27 09:59:52.239792360 -0400 ++++ coreutils-5.2.1/man/runuser.x 2004-09-28 15:33:53.432048372 -0400 +@@ -0,0 +1,4 @@ ++[NAME] ++runuser \- run a shell with substitute user and group IDs ++[DESCRIPTION] ++.\" Add any additional description here +--- coreutils-5.2.1/README.runuser 2004-09-28 15:33:53.421049527 -0400 ++++ coreutils-5.2.1/README 2004-09-28 16:12:26.157032857 -0400 +@@ -11,7 +11,7 @@ + df dir dircolors dirname du echo env expand expr factor false fmt fold + ginstall groups head hostid hostname id join kill link ln logname ls + md5sum mkdir mkfifo mknod mv nice nl nohup od paste pathchk pinky pr +- printenv printf ptx pwd readlink rm rmdir runcon seq sha1sum shred sleep sort ++ printenv printf ptx pwd readlink rm rmdir runcon runuser seq sha1sum shred sleep sort + split stat stty su sum sync tac tail tee test touch tr true tsort tty + uname unexpand uniq unlink uptime users vdir wc who whoami yes + +--- coreutils-5.2.1/tests/help-version.runuser 2004-09-28 15:33:53.360055931 -0400 ++++ coreutils-5.2.1/tests/help-version 2004-09-28 16:13:35.863480264 -0400 +@@ -132,6 +132,7 @@ + seq_args=10 + sleep_args=0 + su_args=--version ++runuser_args=--version + test_args=foo + + # This is necessary in the unusual event that there is +--- coreutils-5.2.1/src/su.c.runuser 2004-09-28 15:33:53.109082284 -0400 ++++ coreutils-5.2.1/src/su.c 2004-09-28 15:33:53.437047847 -0400 +@@ -171,6 +171,10 @@ + #ifndef USE_PAM + char *crypt (); + #endif ++#ifndef CHECKPASSWD ++#define CHECKPASSWD 1 ++#endif ++ + char *getpass (); + char *getusershell (); + void endusershell (); +@@ -740,7 +744,7 @@ + pw->pw_dir = xstrdup (pw->pw_dir); + pw->pw_shell = xstrdup (pw->pw_shell); + +- if (!correct_password (pw)) ++ if (CHECKPASSWD && !correct_password (pw)) + { + #ifdef SYSLOG_FAILURE + log_su (pw, 0); +--- coreutils-5.2.1/src/Makefile.am.runuser 2004-09-28 15:33:53.377054147 -0400 ++++ coreutils-5.2.1/src/Makefile.am 2004-09-28 15:33:53.435048057 -0400 +@@ -9,7 +9,7 @@ + cat cksum comm csplit cut expand fmt fold head join md5sum \ + nl od paste pr ptx sha1sum sort split sum tac tail tr tsort unexpand uniq wc \ + basename date dirname echo env expr factor false \ +- hostname id kill logname pathchk printenv printf pwd runcon seq sleep tee \ ++ hostname id kill logname pathchk printenv printf pwd runcon runuser seq sleep tee \ + test true tty whoami yes \ + $(OPTIONAL_BIN_PROGS) $(DF_PROG) + +@@ -74,6 +74,7 @@ + uptime_LDADD = $(LDADD) $(GETLOADAVG_LIBS) + + su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@ ++runuser_LDADD = $(LDADD) $(LIB_CRYPT) + + $(PROGRAMS): ../lib/libfetish.a + +--- /dev/null 2004-09-27 09:59:52.239792360 -0400 ++++ coreutils-5.2.1/src/runuser.c 2004-09-28 15:33:53.434048162 -0400 +@@ -0,0 +1,33 @@ ++#define CHECKPASSWD 0 ++#define pam_start my_pam_start ++#define pam_end my_pam_end ++#define pam_setcred my_pam_setcred ++#define pam_open_session my_pam_open_session ++#define pam_close_session my_pam_close_session ++#define pam_strerror my_pam_strerror ++#define pam_getenvlist my_pam_getenvlist ++#include "su.c" ++int pam_start(const char *service_name, const char *user, ++ const struct pam_conv *pam_conversation, ++ pam_handle_t **pamh) { ++ return PAM_SUCCESS; ++} ++int pam_end(pam_handle_t *pamh, int pam_status) { ++ return PAM_SUCCESS; ++} ++int pam_setcred(pam_handle_t *pamh, int flags){ ++ return PAM_SUCCESS; ++} ++int pam_open_session(pam_handle_t *pamh, int flags){ ++ return PAM_SUCCESS; ++} ++int pam_close_session(pam_handle_t *pamh, int flags){ ++ return PAM_SUCCESS; ++} ++const char *pam_strerror(pam_handle_t *pamh, int err){ ++ return ""; ++} ++char **pam_getenvlist(pam_handle_t *pamh){ ++ return NULL; ++} ++ diff --git a/coreutils.spec b/coreutils.spec index b2257f8..f0685e9 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -4,7 +4,7 @@ Summary: The GNU core utilities: a set of tools commonly used in shell scripts Name: coreutils Version: 5.2.1 -Release: 25 +Release: 26 License: GPL Group: System Environment/Base Url: ftp://alpha.gnu.org/gnu/coreutils/ @@ -52,9 +52,8 @@ Patch922: coreutils-rmaccess.patch Patch923: coreutils-copy.patch #SELINUX Patch -%if %{WITH_SELINUX} Patch950: coreutils-selinux.patch -%endif +Patch951: coreutils-5.2.1-runuser.patch BuildRoot: %_tmppath/%{name}-root BuildRequires: gettext libtermcap-devel bison @@ -111,10 +110,9 @@ the old GNU fileutils, sh-utils, and textutils packages. %patch922 -p1 -b .rmaccess %patch923 -p1 -b .copy -%if %{WITH_SELINUX} #SELinux %patch950 -p1 -b .selinux -%endif +%patch951 -p1 -b .runuser # Don't run basic-1 test, since it breaks when run in the background @@ -246,6 +244,9 @@ fi %_sbindir/chroot %changelog +* Fri Sep 24 2004 Dan Walsh 5.2.1-26 +- Add runuser as similar to su, but only runable by root + * Fri Sep 24 2004 Tim Waugh 5.2.1-25 - chown(1) patch from Ulrich Drepper.