Upgraded from inn-2.4.6 to inn-2.5.2 today. Built with options: % make showconfig ===> The following configuration options are available for inn-2.5.2_1: BERKELEYDB=on: Enable BerkeleyDB (for ovdb overview method) GNUPG=off: GnuPG support (for pgpverify control message) KERBEROS=off: Enable Kerberos v5 (for auth_krb5) KEYWORDS=on: Automatic keyword generation support LARGE_FILES=off: Support for files larger than 2GB OPENSSL=off: Enable OpenSSL (for NNTP over TLS/SSL support) PYTHON=off: Embedded Python module support SASL=off: Enable SASL (for imapfeed authentication) TAGGED_HASH=on: Use tagged hash table for history nnrpd fails upon connect with the following messages in /var/log/news/news.debug: Aug 27 20:14:00 hairball nnrpd[18237]: cant get semaphore using /var/news/spool/overview/OV1: Permission denied Aug 27 20:14:00 hairball nnrpd[18237]: failed to create semaphore for /var/news/spool/overview/OV1 Aug 27 20:14:00 hairball nnrpd[18237]: buffindexed: ovinitdisks: cant create shmem for /var/news/spool/overview/OV1 len 16384: Permission denied Aug 27 20:14:00 hairball nnrpd[18237]: can't open overview Permission denied Fix: The problem seems to be that unsupported permission bits are being given to semget(2) as in the following snippet (there are several such instances): storage/buffindexed/shmem.c: id = semget(kt, 2, IPC_CREAT|S_IRWXU|S_IRWXG|S_IRWXO); The semget(2) man page does not indicate that the usual file mode bits may be used. Instead, it allows: SEM_R Read access for user. SEM_A Alter access for user. (SEM_R>>3) Read access for group. (SEM_A>>3) Alter access for group. (SEM_R>>6) Read access for other. (SEM_A>>6) Alter access for other. The allowed bits correspond to read and write bits of the file mode constants. The execute bit is not among the defined bits for semget. The fix: do not set any permission bits except for the six allowed bits. Note that the documentation for linux semget differs, and seems to allow but ignore the execute bits. Patch follows. Patch attached with submission follows:
Responsible Changed From-To: freebsd-ports-bugs->fluffy Over to maintainer (via the GNATS Auto Assign Tool)
Author: fluffy Date: Sun Sep 2 13:53:16 2012 New Revision: 303548 URL: http://svn.freebsd.org/changeset/ports/303548 Log: - Fix innd/nnrpd semget failures Do not set any shmem permission bits except for the six allowed bits PR: 171134 Submitted by: G. Paul Ziemba Added: head/news/inn/files/patch-storage_buffindexed_shmem.c (contents, props changed) Modified: head/news/inn/Makefile (contents, props changed) Modified: head/news/inn/Makefile ============================================================================== --- head/news/inn/Makefile Sun Sep 2 13:08:58 2012 (r303547) +++ head/news/inn/Makefile Sun Sep 2 13:53:16 2012 (r303548) @@ -7,7 +7,7 @@ PORTNAME?= inn PORTVERSION?= 2.5.2 -PORTREVISION?= 2 +PORTREVISION?= 3 CATEGORIES= news ipv6 # Master distribution broken #MASTER_SITES?= ${MASTER_SITE_ISC} Added: head/news/inn/files/patch-storage_buffindexed_shmem.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/news/inn/files/patch-storage_buffindexed_shmem.c Sun Sep 2 13:53:16 2012 (r303548) @@ -0,0 +1,73 @@ +The problem seems to be that unsupported permission bits are being given to semget(2) as in the following snippet (there are several such instances): + +storage/buffindexed/shmem.c: + + id = semget(kt, 2, IPC_CREAT|S_IRWXU|S_IRWXG|S_IRWXO); + +The semget(2) man page does not indicate that the usual file mode bits may be used. Instead, it allows: + + SEM_R Read access for user. + + SEM_A Alter access for user. + + (SEM_R>>3) Read access for group. + + (SEM_A>>3) Alter access for group. + + (SEM_R>>6) Read access for other. + + (SEM_A>>6) Alter access for other. + +The allowed bits correspond to read and write bits of the file mode constants. The execute bit is not among the defined bits for semget. + +The fix: do not set any permission bits except for the six allowed bits. + +Note that the documentation for linux semget differs, and seems to allow but ignore the execute bits. + ++ +--- storage/buffindexed/shmem.c.orig 2012-08-27 23:39:42.000000000 -0700 ++++ storage/buffindexed/shmem.c 2012-08-27 23:37:50.000000000 -0700 +@@ -26,7 +26,9 @@ + static int smcGetSemaphore(const char *name) + { + key_t kt = ftok( (char *)name, 0 ); +- int id = semget(kt, 0, S_IRWXU|S_IRWXG|S_IRWXO); ++ int perm = SEM_R | SEM_A | (SEM_R>>3) | (SEM_A>>3) | ++ (SEM_R>>6) | (SEM_A>>6); ++ int id = semget(kt, 0, perm); + + if (id < 0) { + syswarn("semget failed to get semaphore for %s", name); +@@ -37,15 +39,17 @@ + static int smcCreateSemaphore(const char *name) + { + key_t kt = ftok( (char *)name, 0 ); +- int id = semget(kt, 2, IPC_CREAT|S_IRWXU|S_IRWXG|S_IRWXO); ++ int perm = SEM_R | SEM_A | (SEM_R>>3) | (SEM_A>>3) | ++ (SEM_R>>6) | (SEM_A>>6); ++ int id = semget(kt, 2, IPC_CREAT|perm); + + if (id < 0) { + if (errno == EACCES || errno == EINVAL) { + /* looks like a wrong semaphore exists. remove it. */ +- id = semget(kt, 0, S_IRWXU|S_IRWXG|S_IRWXO); ++ id = semget(kt, 0, perm); + if (id < 0) { + /* couldn't even retrieve it. */ +- syswarn("cant get semaphore using %s", name); ++ syswarn("cant get semaphore using %s (key=%d)", name, kt); + return id; + } + /* try to remove it */ +@@ -65,7 +69,7 @@ + } + #endif + /* and retry creating it */ +- id = semget(kt, 2, IPC_CREAT|S_IRWXU|S_IRWXG|S_IRWXO); ++ id = semget(kt, 2, IPC_CREAT|perm); + } + } + if (id < 0) + + _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!