Makefile.am

Tor Lillqvist Tue, 01 Mar 2016 08:27:24 -0800

 loolwsd/LOOLKit.cpp             |   19 -------------------
 loolwsd/Makefile.am             |    4 ++--
 loolwsd/debian/loolwsd.postinst |    4 ++--
 loolwsd/loolwsd.spec.in         |    4 ++--
 4 files changed, 6 insertions(+), 25 deletions(-)


New commits:
commit d5292541bddfea8317d1996899f86bdab56b5eca
Author: Tor Lillqvist <t...@collabora.com>
Date:   Tue Mar 1 18:22:55 2016 +0200

    Revert "Also chown the random devices to root:root and chmod to 666"
    
    Not needed after all. It was a red herring. The device files work fine
    even if not owned by root:root and with mode 664. The actual problem
    was that I used a file system mounted with nodev when testing loolwsd.
    
    This reverts commit 509314d5598b68fa9a449a1a7348b10f25b7014a

diff --git a/loolwsd/LOOLKit.cpp b/loolwsd/LOOLKit.cpp
index 6ca626f..f89a324 100644
--- a/loolwsd/LOOLKit.cpp
+++ b/loolwsd/LOOLKit.cpp
@@ -864,30 +864,12 @@ void lokit_main(const std::string& childRoot,
             Log::error("Error: mknod(" + jailPath.toString() + "/dev/random) 
failed.");
 
         }
-        if (chmod((jailPath.toString() + "/dev/random").c_str(), 0666) != 0)
-        {
-            Log::error("Error: chmod(" + jailPath.toString() + "/dev/random, 
0666) failed.");
-
-        }
-        if (chown((jailPath.toString() + "/dev/random").c_str(), 0, 0) != 0)
-        {
-            Log::error("Error: chown(" + jailPath.toString() + "/dev/random, 
0, 0) failed.");
-
-        }
         if (mknod((jailPath.toString() + "/dev/urandom").c_str(),
                   S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | 
S_IWOTH,
                   makedev(1, 9)) != 0)
         {
             Log::error("Error: mknod(" + jailPath.toString() + "/dev/urandom) 
failed.");
         }
-        if (chmod((jailPath.toString() + "/dev/urandom").c_str(), 0666) != 0)
-        {
-            Log::error("Error: chmod(" + jailPath.toString() + "/dev/urandom, 
0666) failed.");
-        }
-        if (chown((jailPath.toString() + "/dev/urandom").c_str(), 0, 0) != 0)
-        {
-            Log::error("Error: chown(" + jailPath.toString() + "/dev/urandom, 
0, 0) failed.");
-        }
 
         Log::info("chroot(\"" + jailPath.toString() + "\")");
         if (chroot(jailPath.toString().c_str()) == -1)
@@ -904,7 +886,6 @@ void lokit_main(const std::string& childRoot,
 
         dropCapability(CAP_SYS_CHROOT);
         dropCapability(CAP_MKNOD);
-        dropCapability(CAP_CHOWN);
         dropCapability(CAP_FOWNER);
 
         loKit = lok_init_2(instdir_path.c_str(), "file:///user");
diff --git a/loolwsd/Makefile.am b/loolwsd/Makefile.am
index 802876a..b14f1fd 100644
--- a/loolwsd/Makefile.am
+++ b/loolwsd/Makefile.am
@@ -45,8 +45,8 @@ clean-cache:
 all-local: loolwsd loolbroker
        if test "$$BUILDING_FROM_RPMBUILD" != yes; then \
            if test `uname -s` = Linux; then \
-               sudo @SETCAP@ cap_fowner,cap_mknod,cap_chown,cap_sys_chroot=ep 
loolbroker; \
-               sudo @SETCAP@ cap_fowner,cap_mknod,cap_chown,cap_sys_chroot=ep 
loolkit; \
+               sudo @SETCAP@ cap_fowner,cap_mknod,cap_sys_chroot=ep 
loolbroker; \
+               sudo @SETCAP@ cap_fowner,cap_mknod,cap_sys_chroot=ep loolkit; \
            else \
                sudo chown root loolbroker && sudo chmod u+s loolbroker; \
                sudo chown root loolbroker && sudo chmod u+s loolkit; \
diff --git a/loolwsd/debian/loolwsd.postinst b/loolwsd/debian/loolwsd.postinst
index 909332a..bb4f6da 100755
--- a/loolwsd/debian/loolwsd.postinst
+++ b/loolwsd/debian/loolwsd.postinst
@@ -4,8 +4,8 @@ set -e
 
 case "$1" in
     configure)
-       setcap cap_fowner,cap_mknod,cap_chown,cap_sys_chroot=ep 
/usr/bin/loolkit || true
-       setcap cap_fowner,cap_mknod,cap_chown,cap_sys_chroot=ep 
/usr/bin/loolbroker || true
+       setcap cap_fowner,cap_mknod,cap_sys_chroot=ep /usr/bin/loolkit || true
+       setcap cap_fowner,cap_mknod,cap_sys_chroot=ep /usr/bin/loolbroker || 
true
 
        adduser --quiet --system --group --home /opt/lool lool
        mkdir -p /var/cache/loolwsd && chown lool: /var/cache/loolwsd
diff --git a/loolwsd/loolwsd.spec.in b/loolwsd/loolwsd.spec.in
index 54ddf17..c2d8f5d 100644
--- a/loolwsd/loolwsd.spec.in
+++ b/loolwsd/loolwsd.spec.in
@@ -69,8 +69,8 @@ echo "0 0 */1 * * root find /var/cache/loolwsd -name 
\"*.png\" -a -atime +10 -ex
 %service_add_pre loolwsd.service
 
 %post
-setcap cap_fowner,cap_mknod,cap_chown,cap_sys_chroot=ep /usr/bin/loolbroker
-setcap cap_fowner,cap_mknod,cap_chown,cap_sys_chroot=ep /usr/bin/loolkit
+setcap cap_fowner,cap_mknod,cap_sys_chroot=ep /usr/bin/loolbroker
+setcap cap_fowner,cap_mknod,cap_sys_chroot=ep /usr/bin/loolkit
 
 getent group %{group} >/dev/null || groupadd -r %{group}
 getent passwd %{owner} >/dev/null || useradd -g %{group} -r %{owner}
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] online.git: loolwsd/debian loolwsd/LOOLKit.cpp loolwsd/loolwsd.spec.in loolwsd/Makefile.am

Reply via email to