49cb564d14
* par is kept at -Np0
```sh
git grep -l '^patch_args=-Np0' "srcpkgs/$1*/template" |
while read template; do
for p in ${template%/template}/patches/*; do
sed -i '
\,^[+-][+-][+-] /dev/null,b
/^[*-]\+ [0-9]\+\(,[0-9]\+\)\? [*-]\+$/b
s,^[*][*][*] ,&a/,
/^--- /{
s,\(^--- \)\(./\)*,\1a/,
s,[.-][Oo][Rr][Ii][Gg]\([ /]\),\1,
s/[.-][Oo][Rr][Ii][Gg]$//
s/[.]patched[.]\([^.]\)/.\1/
h
}
/^+++ -/{
g
s/^--- a/+++ b/
b
}
s,\(^+++ \)\(./\)*,\1b/,
' "$p"
done
sed -i '/^patch_args=/d' $template
done
```
40 lines
1.1 KiB
Diff
40 lines
1.1 KiB
Diff
--- a/pam_rundir.c 2015-09-23 12:57:53.000000000 -0400
|
|
+++ b/pam_rundir2.c 2019-08-24 13:17:11.241470935 -0400
|
|
@@ -24,6 +24,8 @@
|
|
#include <sys/types.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/file.h>
|
|
+#include <sys/prctl.h>
|
|
+#include <linux/securebits.h>
|
|
#include <string.h>
|
|
#include <pwd.h>
|
|
#include <fcntl.h>
|
|
@@ -360,6 +362,7 @@
|
|
char file[sizeof (PARENT_DIR) + l + 2];
|
|
int fd;
|
|
int count = 0;
|
|
+ int secbits = -1;
|
|
|
|
print_filename (file, (int) pw->pw_uid, l);
|
|
fd = open_and_lock (file);
|
|
@@ -396,6 +399,11 @@
|
|
goto done;
|
|
}
|
|
|
|
+ /* to bypass permission checks for mkdir, in case it isn't group
|
|
+ * writable */
|
|
+ secbits = prctl (PR_GET_SECUREBITS);
|
|
+ if (secbits != -1)
|
|
+ prctl (PR_SET_SECUREBITS, (unsigned long) secbits | SECBIT_NO_SETUID_FIXUP);
|
|
/* set euid so if we do create the dir, it is own by the user */
|
|
if (seteuid (pw->pw_uid) < 0)
|
|
{
|
|
@@ -421,6 +429,8 @@
|
|
}
|
|
|
|
done:
|
|
+ if (secbits != -1)
|
|
+ prctl (PR_SET_SECUREBITS, (unsigned long) secbits);
|
|
close (fd); /* also unlocks */
|
|
}
|
|
|