[Libreoffice-commits] online.git: loolwsd/LOOLSession.cpp loolwsd/LOOLWSD.cpp loolwsd/loolwsd-systemplate-setup loolwsd/Makefile.am

Mon, 06 Jul 2015 10:39:06 -0700 

 loolwsd/LOOLSession.cpp           |   23 +++++++++++++++++++++++
 loolwsd/LOOLWSD.cpp               |    1 +
 loolwsd/Makefile.am               |    2 +-
 loolwsd/loolwsd-systemplate-setup |    2 ++
 4 files changed, 27 insertions(+), 1 deletion(-)

New commits:
commit 767d6a0a32281ee1cdefce15728e4bb6089ac497
Author: Jan Holesovsky <ke...@collabora.com>
Date:   Mon Jul 6 19:35:50 2015 +0200

    Create /dev/*random in the chroot so that ssl works.
    
    Also add the missing library to the systemplate.

diff --git a/loolwsd/LOOLSession.cpp b/loolwsd/LOOLSession.cpp
index 14feb33..812d27f 100644
--- a/loolwsd/LOOLSession.cpp
+++ b/loolwsd/LOOLSession.cpp
@@ -414,6 +414,29 @@ void MasterProcessSession::preSpawn()
     linkOrCopy(LOOLWSD::sysTemplate, jail);
     linkOrCopy(LOOLWSD::loTemplate, jailLOInstallation);
 
+#ifdef __linux
+    // Create the urandom and random devices
+    File(Path(jail, "/dev")).createDirectory();
+    if (mknod((jail.toString() + "/dev/random").c_str(),
+                S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | 
S_IWOTH,
+                makedev(1, 8)) != 0)
+    {
+        Application::instance().logger().error(Util::logPrefix() +
+                "mknod(" + jail.toString() + "/dev/random) failed: " +
+                strerror(errno));
+
+    }
+    if (mknod((jail.toString() + "/dev/urandom").c_str(),
+                S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | 
S_IWOTH,
+                makedev(1, 9)) != 0)
+    {
+        Application::instance().logger().error(Util::logPrefix() +
+                "mknod(" + jail.toString() + "/dev/urandom) failed: " +
+                strerror(errno));
+
+    }
+#endif
+
     _pendingPreSpawnedChildren.insert(childId);
 
     Process::Args args;
diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp
index f654612..6856429 100644
--- a/loolwsd/LOOLWSD.cpp
+++ b/loolwsd/LOOLWSD.cpp
@@ -683,6 +683,7 @@ int LOOLWSD::childMain()
 
 #ifdef __linux
     dropCapability(CAP_FOWNER);
+    dropCapability(CAP_MKNOD);
 #endif
     // We use the same option set for both parent and child loolwsd,
     // so must check options required in the child (but not in the
diff --git a/loolwsd/Makefile.am b/loolwsd/Makefile.am
index c3c5011..352bd1a 100644
--- a/loolwsd/Makefile.am
+++ b/loolwsd/Makefile.am
@@ -27,7 +27,7 @@ clean-cache:
 all-local: loolwsd
        if test "$$BUILDING_FROM_RPMBUILD" != yes; then \
            if test `uname -s` = Linux; then \
-               sudo @SETCAP@ cap_fowner,cap_sys_chroot=ep loolwsd; \
+               sudo @SETCAP@ cap_fowner,cap_mknod,cap_sys_chroot=ep loolwsd; \
            else \
                sudo chown root loolwsd && sudo chmod u+s loolwsd; \
            fi; \
diff --git a/loolwsd/loolwsd-systemplate-setup 
b/loolwsd/loolwsd-systemplate-setup
index 7e310fb..6cd6fca 100755
--- a/loolwsd/loolwsd-systemplate-setup
+++ b/loolwsd/loolwsd-systemplate-setup
@@ -31,6 +31,8 @@ cd / || exit 1
             usr/share/liblangtag \
                 -type f
 
+       find lib/libnss_* lib64/libnss_* -type l
+
        # Go through the LO shared objects and check what system libraries
        # they link to.
        find $INSTDIR -name '*.so' -o -name '*.so.[0-9]*' |
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to