diff options
| -rw-r--r-- | games/xbill/README | 11 | ||||
| -rw-r--r-- | games/xbill/doinst.sh | 4 | ||||
| -rw-r--r-- | games/xbill/xbill-wrapper.c | 4 | ||||
| -rw-r--r-- | games/xbill/xbill.SlackBuild | 24 | ||||
| -rw-r--r-- | games/xbill/xbill.info | 2 |
5 files changed, 30 insertions, 15 deletions
diff --git a/games/xbill/README b/games/xbill/README index c47fc79c2d..2012e4db6b 100644 --- a/games/xbill/README +++ b/games/xbill/README @@ -10,8 +10,11 @@ which obviously allows cheating ones hi-score :-( Probably this came about since GTK+ doesn't allow setgid? In the install-script we move xbill to xbill-bin and install -a wrapper thingy as xbill instead, with setuid and video group -executable filesystem perms. There we change groups to games. - -In the resulting package /var/xbill is group-writable only... +a wrapper thingy as xbill instead. In the resulting package +/var/games/xbill is group-writable for 'games' only... +Note on capabilities: FCAPS=true +This is the default now. It maybe disabled by feeding a 'false' +value to the build script and the wrapper will be installed with +setuid and video group executable filesystem perms. As before. +Just comment it out, if you don't care for any of this stuff :-) diff --git a/games/xbill/doinst.sh b/games/xbill/doinst.sh index ea4ae6fbe9..53cf51a704 100644 --- a/games/xbill/doinst.sh +++ b/games/xbill/doinst.sh @@ -18,7 +18,3 @@ config var/games/xbill/scores.new chgrp -R games var/games/xbill chmod -R g+w,o-w var/games/xbill -# Change privs on our little wrapper -chgrp video usr/bin/xbill -chmod 4750 usr/bin/xbill - diff --git a/games/xbill/xbill-wrapper.c b/games/xbill/xbill-wrapper.c index a98cc37aee..119e58c014 100644 --- a/games/xbill/xbill-wrapper.c +++ b/games/xbill/xbill-wrapper.c @@ -1,4 +1,4 @@ -/* Written by Menno E. Duursma for use with xbill */ +/* Written by Menno Duursma for use with xbill */ /* * This program is free software. It comes without any warranty. @@ -62,7 +62,7 @@ int main(int argc, char *argv[], char *envp[]) getuid(), strerror(errno)); exit(EXIT_FAILURE); - } + } /* tell the viewers wat is going to happen */ fprintf(stderr, "Starting %s with uid = %d, gid = %d\n", diff --git a/games/xbill/xbill.SlackBuild b/games/xbill/xbill.SlackBuild index bfab3c2913..3994de1e14 100644 --- a/games/xbill/xbill.SlackBuild +++ b/games/xbill/xbill.SlackBuild @@ -1,7 +1,8 @@ #!/bin/sh # Slackware build script for XBill -# Written by Menno E. Duursma <druiloor@zonnet.nl> + +# Written by Menno Duursma <druiloor@zonnet.nl> # This program is free software. It comes without any warranty. # Granted WTFPL, Version 2, as published by Sam Hocevar. See @@ -12,7 +13,7 @@ PRGNAM=xbill VERSION=${VERSION:-2.1} ARCH=${ARCH:-i486} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} TAG=${TAG:-_SBo} CWD=$(pwd) @@ -20,13 +21,19 @@ TMP=${TMP:-/tmp/SBo} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} +# On capability enabled filesystems this may be enabled, +# i'd guess if this box runs x-apps, it probably has... +FCAPS=${FCAPS:-true} + if [ "$ARCH" = "i486" ]; then SLKCFLAGS="-O2 -march=i486 -mtune=i686" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" fi -set -e +set -e # Exit on most errors rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT @@ -59,7 +66,7 @@ make install DESTDIR=$PKG mv $PKG/var/games/xbill/scores $PKG/var/games/xbill/scores.new # Do a little trick to disallow cheating, hopefully -# Note: we do the privs stuff in doinst.sh for target system +# Note: we do the privs stuff below at doinst.sh cp -a $PKG/usr/bin/xbill $PKG/usr/bin/xbill-bin gcc -Wall $SLKCFLAGS $CWD/xbill-wrapper.c -o $PKG/usr/bin/xbill @@ -87,5 +94,14 @@ mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc cat $CWD/doinst.sh > $PKG/install/doinst.sh +if [ "$FCAPS" != "false" ]; then + chmod 0751 $PKG/usr/bin/xbill + echo 'setcap "cap_setgid=ep" usr/bin/xbill' >> $PKG/install/doinst.sh +else + # Install setuid-root + chgrp video usr/bin/xbill + chmod 4750 $PKG/usr/bin/xbill +fi + cd $PKG /sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz diff --git a/games/xbill/xbill.info b/games/xbill/xbill.info index 2709681798..773bf57ef8 100644 --- a/games/xbill/xbill.info +++ b/games/xbill/xbill.info @@ -5,4 +5,4 @@ DOWNLOAD="http://www.xbill.org/download/xbill-2.1.tar.gz" MD5SUM="585e4866b15255a24203db9959407b2f" MAINTAINER="Menno E. Duursma" EMAIL="druiloor@zonnet.nl" -APPROVED="David Somero"
\ No newline at end of file +APPROVED="dsomero" |