• file
• revisions
• annotate
• diff
• comparison
• raw

lsof/lsof.patch@0ba300bdf30a (annotated)

lsof/lsof.patch

Mon, 20 Apr 2009 19:22:00 +0200

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Mon, 20 Apr 2009 19:22:00 +0200

changeset 178

0ba300bdf30a

parent 36

88242dc55a66

child 464

3e2a08d916c6

permissions

-rw-r--r--

Change unfortunate but partly useful overreaching security tradeoff.
The principle of allocating each running process an individual system
user and group can have security benefits, however maintining a plethora
of users, groups, processes, file modes, file permissions, and even
nonportable file ACLs on a host serving from a hundred processes has
some security disadvantages. This tradeoff is even worse for systems
like OpenPKG which benefit from administration transparency through the
use of minimal system intrusion and only three usage privilege levels.

michael@34	1	Index: Configure
michael@125	2	diff -Nau Configure.orig Configure
michael@125	3	--- Configure.orig 2009-03-25 20:24:01.000000000 +0100
michael@125	4	+++ Configure 2009-04-01 18:03:19.553379145 +0200
michael@36	5	@@ -417,7 +417,7 @@
michael@34	6	fi # }
michael@34	7	fi # }
michael@34	8	LSOF_TGT="aix"
michael@34	9	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	10	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	11	if test $? -eq 0 # {
michael@34	12	then
michael@34	13
michael@36	14	@@ -571,7 +571,7 @@
michael@34	15
michael@34	16	rm -f dialects/aix/aix5/j2/j2_snapshot.h
michael@34	17	fi # }
michael@34	18	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	19	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	20	if test $? -eq 0 # {
michael@34	21	then
michael@34	22
michael@36	23	@@ -609,7 +609,7 @@
michael@34	24	# This is AIX >= 5 on ia64.
michael@34	25
michael@34	26	LSOF_TSTK64=1
michael@34	27	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	28	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	29	if test $? -eq 0 # {
michael@34	30	then
michael@34	31
michael@36	32	@@ -686,7 +686,7 @@
michael@34	33	fi # }
michael@34	34	LSOF_TSTK64=1
michael@34	35	LSOF_TMP1=1
michael@34	36	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	37	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	38	if test $? -eq 0 # {
michael@34	39	then
michael@34	40	LSOF_CFGF="$LSOF_CFGF -maix64"
michael@36	41	@@ -733,7 +733,7 @@
michael@34	42	fi #}
michael@34	43	LSOF_CFGF="$LSOF_CFGF -DAIXV=$LSOF_VERS"
michael@34	44	LSOF_DIALECT_DIR=aix
michael@34	45	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	46	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	47	if test $? -eq 0 # {
michael@34	48	then
michael@34	49
michael@125	50	@@ -2193,7 +2193,7 @@
michael@34	51	fi # }
michael@34	52	fi # }
michael@34	53	fi # }
michael@34	54	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	55	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	56	if test $? -eq 0 # {
michael@34	57	then
michael@34	58	LSOF_CCV=`$LSOF_CC -v 2>&1 | sed -n 's/.*version \(.*\)/\1/p'`
michael@125	59	@@ -2247,7 +2247,7 @@
michael@34	60	then
michael@34	61	LSOF_CFGF="$LSOF_CFGF -Ae +DD32"
michael@34	62	else
michael@34	63	- echo $LSOF_CC | grep -q gcc
michael@34	64	+ $LSOF_CC --version | grep -q GCC
michael@34	65	if test $? -ne 0 # {
michael@34	66	then
michael@34	67	LSOF_CFGF="$LSOF_CFGF +DD32"
michael@125	68	@@ -2331,7 +2331,7 @@
michael@34	69	echo "* NOTICE! Configuring for 64 bit HP-UX *"
michael@34	70	echo "* *"
michael@34	71	echo "*****************************************"
michael@34	72	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	73	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	74	if test $? -eq 0 # {
michael@34	75	then
michael@34	76
michael@125	77	@@ -2400,7 +2400,7 @@
michael@34	78	else
michael@34	79	LSOF_CFGF="$LSOF_CFGF -D_FILE_OFFSET_BITS=64"
michael@34	80	LSOF_CINFO="${LSOF_CINFO}, 32 bit HP-UX"
michael@34	81	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	82	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	83	if test $? -ne 0 # {
michael@34	84	then
michael@34	85	LSOF_CFGF="$LSOF_CFGF +DAportable"
michael@125	86	@@ -3609,7 +3609,7 @@
michael@34	87	LSOF_CCV=`$LSOF_CC -v 2>&1 | sed -n 's/.*version \(.*\)/\1/p'`
michael@34	88	fi # }
michael@34	89	fi # }
michael@34	90	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	91	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	92	if test $? -eq 0 # {
michael@34	93	then
michael@34	94	LSOF_CFGL="-w"
michael@125	95	@@ -4246,6 +4246,17 @@
michael@34	96	LSOF_TSTBIGF=" "
michael@34	97	LSOF_TSTLFLG="-lsocket -lnsl"
michael@34	98	LSOF_VERS="100000"
michael@34	99	+ if [ ".`isainfo -k`" = .amd64 ]; then
michael@34	100	+ LSOF_CFGL="$LSOF_CFGL -lmp -lmd5 -lscf -ldoor -luutil"
michael@34	101	+ fi
michael@36	102	+ ;;
michael@36	103	+ 5.11*)
michael@36	104	+ LSOF_TSTBIGF=" "
michael@36	105	+ LSOF_TSTLFLG="-lsocket -lnsl"
michael@36	106	+ LSOF_VERS="110000"
michael@36	107	+ if [ ".`isainfo -k`" = .amd64 ]; then
michael@36	108	+ LSOF_CFGL="$LSOF_CFGL -lmp -lmd5 -lscf -ldoor -luutil"
michael@36	109	+ fi
michael@34	110	;;
michael@34	111	*)
michael@34	112	echo Unknown Solaris version: $LSOF_VSTR
michael@125	113	@@ -4323,7 +4334,7 @@
michael@36	114	;;
michael@36	115	20500|20501)
michael@36	116	;;
michael@36	117	- 20600|70000|80000|90000|100000)
michael@36	118	+ 20600|70000|80000|90000|100000|110000)
michael@36	119	if test "X$SOLARIS_26PR_GWINDOWS" = "X" # {
michael@36	120	then
michael@36	121	rm -f ${LSOF_TMPC}.*
michael@125	122	@@ -4332,7 +4343,7 @@
michael@34	123	echo "main(){" >> ${LSOF_TMPC}.c
michael@34	124	echo "enum prnodetype p=PR_GWINDOWS;}" >> ${LSOF_TMPC}.c
michael@34	125	echo "Testing prdata.h for PR_GWINDOWS, using $LSOF_CC"
michael@34	126	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	127	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	128	if test $? -eq 0 # {
michael@34	129	then
michael@34	130	$LSOF_CC ${LSOF_TMPC}.c -o ${LSOF_TMPC}.x > /dev/null 2>&1
michael@125	131	@@ -4357,7 +4368,7 @@
michael@34	132	echo "main(){" >> ${LSOF_TMPC}.c
michael@34	133	echo "enum prnodetype p=PR_LDT;}" >> ${LSOF_TMPC}.c
michael@34	134	echo "Testing prdata.h for PR_LDT, using $LSOF_CC"
michael@34	135	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	136	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	137	if test $? -eq 0 # {
michael@34	138	then
michael@34	139	$LSOF_CC ${LSOF_TMPC}.c -o ${LSOF_TMPC}.x > /dev/null 2>&1
michael@125	140	@@ -4391,7 +4402,7 @@
michael@34	141	echo $SOLARIS_KERNBITS | grep 64 > /dev/null
michael@34	142	if test $? -eq 0 # {
michael@34	143	then
michael@34	144	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	145	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	146	if test $? -eq 0 # {
michael@34	147	then
michael@34	148
michael@125	149	@@ -4597,7 +4608,7 @@
michael@34	150
michael@34	151	# Check for Solaris 10 or higher ZFS.
michael@34	152
michael@34	153	- if test -r ${LSOF_INCLUDE}/sys/fs/zfs.h # {
michael@34	154	+ if false # {
michael@34	155	then
michael@125	156
michael@125	157	# Check for required ZFS kernel header files.
michael@125	158	@@ -4712,7 +4723,7 @@
michael@34	159	echo "main(){" >> ${LSOF_TMPC}.c
michael@34	160	echo "enum vtype p=VSOCK;}" >> ${LSOF_TMPC}.c
michael@34	161	echo "Testing vnode.h for VSOCK, using $LSOF_CC"
michael@34	162	- echo $LSOF_CC | grep gcc > /dev/null
michael@34	163	+ $LSOF_CC --version | grep GCC > /dev/null
michael@34	164	if test $? -eq 0 # {
michael@34	165	then
michael@34	166	$LSOF_CC ${LSOF_TMPC}.c -o ${LSOF_TMPC}.x > /dev/null 2>&1
michael@125	167	@@ -5398,7 +5409,7 @@
michael@34	168	echo "$i" >> $LSOF_TSTCFLG
michael@34	169	done # }
michael@34	170	fi # }
michael@34	171	-echo $LSOF_CC | grep gcc > /dev/null 2>&1
michael@34	172	+$LSOF_CC --version | grep GCC > /dev/null 2>&1
michael@34	173	if test $? -eq 0 # {
michael@34	174	then
michael@34	175	echo "-DLT_GCC" >> $LSOF_TSTCFLG
michael@125	176	Index: dialects/freebsd/machine.h
michael@125	177	diff -Nau dialects/freebsd/machine.h.orig dialects/freebsd/machine.h
michael@125	178	--- dialects/freebsd/machine.h.orig 2008-10-21 18:16:15.000000000 +0200
michael@125	179	+++ dialects/freebsd/machine.h 2009-04-01 18:07:54.041381807 +0200
michael@125	180	@@ -441,6 +441,11 @@
michael@125	181	*/
michael@125	182
michael@125	183	/* #define HASSECURITY 1 */
michael@125	184	+#if FREEBSDV>=6000
michael@125	185	+#define HASSECURITY 1
michael@125	186	+#define HAS_SI_PRIV 1
michael@125	187	+#endif /* FREEBSDV>=6000 */
michael@125	188	+
michael@125	189
michael@125	190
michael@125	191	/*
michael@36	192	Index: dialects/sun/dnode.c
michael@125	193	diff -Nau dialects/sun/dnode.c.orig dialects/sun/dnode.c
michael@125	194	--- dialects/sun/dnode.c.orig 2009-03-25 20:22:21.000000000 +0100
michael@125	195	+++ dialects/sun/dnode.c 2009-04-01 18:07:54.041381807 +0200
michael@125	196	@@ -92,6 +92,8 @@
michael@36	197	#define LOOKDEV_ALL (LOOKDEV_TAB | LOOKDEV_CLONE | LOOKDEV_PSEUDO)
michael@36	198	/* look all places */
michael@36	199
michael@36	200	+#define NOOP ((void)0)
michael@36	201	+
michael@36	202
michael@36	203	/*
michael@36	204	* SAM-FS definitions
michael@125	205	@@ -2078,7 +2080,9 @@
michael@36	206	if (kvs && kv.vfs_data
michael@36	207	&& !kread((KA_T)kv.vfs_data, (char *)&pcfs, sizeof(pcfs))) {
michael@36	208
michael@36	209	-#if solaris>=70000
michael@36	210	+#if solaris>=110000 /* pcfs_entps doesn't exist any more */
michael@36	211	+ NOOP;
michael@36	212	+#elif solaris>=70000
michael@36	213	Lf->inode = (INODETYPE)pc_makenodeid(pc.pc_eblkno,
michael@36	214	pc.pc_eoffset,
michael@36	215	pc.pc_entry.pcd_attr,
michael@125	216	@@ -2092,7 +2096,7 @@
michael@36	217	pc.pc_eoffset,
michael@36	218	&pc.pc_entry,
michael@36	219	pcfs.pcfs_entps);
michael@36	220	-#endif /* solaris>=70000 */
michael@36	221	+#endif /* solaris>=110000 */
michael@36	222
michael@36	223	Lf->inp_ty = 1;
michael@36	224	}