Bug 281264 - www/gitea: `su -m` cause checking authorized_keys in wrong place
Summary: www/gitea: `su -m` cause checking authorized_keys in wrong place
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Li-Wen Hsu
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-09-04 11:31 UTC by Joshua Tseng
Modified: 2024-10-09 22:38 UTC (History)
3 users (show)

See Also:
lwhsu: maintainer-feedback? (stb)
vvd: merge-quarterly+

Attachments
with -m (483.67 KB, image/png)
2024-09-04 11:31 UTC, Joshua Tseng 		no flags Details
without -m (459.75 KB, image/png)
2024-09-04 11:36 UTC, Joshua Tseng 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Joshua Tseng 2024-09-04 11:31:57 UTC 
Created attachment 253324 [details]
with -m

/usr/local/etc/rc.d/gitea had a new parameter: gitea_configcheck_enable:="YES".

```
grep -A 10 gitea_prestart /usr/local/etc/rc.d/gitea
gitea_prestart() {
        if checkyesno gitea_configcheck_enable; then
                if su -m ${gitea_user} -c "/usr/local/sbin/${name} doctor check >/dev/null"; then
                else
                        echo "cannot start ${name} because of configuration errors. Run" >&2
                        echo "    su -m git -c '${name} doctor check'" >&2
                        echo "for further details"
                        return 1
                fi
        fi
}
```

I found some error message for `su -m`, message showed below
Comment 1 Joshua Tseng 2024-09-04 11:36:46 UTC 
Created attachment 253325 [details]
without -m

If I removed `-m` for su command, you can find the output message in png (name: without -m)

Please fix `su -m` to `su` for /usr/local/etc/rc.d/gitea.
thank you.
Comment 2 Stefan Bethke 2024-09-04 19:46:21 UTC 
Let me look into it, but I think you are correct.
Comment 3 Stefan Bethke 2024-10-09 07:21:53 UTC 
I've added the change to this PR: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281949
Comment 4 commit-hook freebsd_committer freebsd_triage 2024-10-09 22:30:58 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c1cc8c5f75f6e85e544498d7dc52e6fe5e2be8e0

commit c1cc8c5f75f6e85e544498d7dc52e6fe5e2be8e0
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2024-10-09 22:25:16 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-10-09 22:29:50 +0000

    www/gitea: Update 1.22.2 → 1.22.3 (fixes security vulnerability)

    Changelog:
    https://github.com/go-gitea/gitea/releases/tag/v1.22.3

    `su -m` cause checking authorized_keys in wrong place - replace it with `su`.

    PR:     281949 281264
    MFH:    2024Q4

 www/gitea/Makefile       | 2 +-
 www/gitea/distinfo       | 6 +++---
 www/gitea/files/gitea.in | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)
Comment 5 commit-hook freebsd_committer freebsd_triage 2024-10-09 22:37:02 UTC 
A commit in branch 2024Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=85650cc5aa90190d9bc5865d83921a0915abddda

commit 85650cc5aa90190d9bc5865d83921a0915abddda
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2024-10-09 22:25:16 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-10-09 22:35:44 +0000

    www/gitea: Update 1.22.2 → 1.22.3 (fixes security vulnerability)

    Changelog:
    https://github.com/go-gitea/gitea/releases/tag/v1.22.3

    `su -m` cause checking authorized_keys in wrong place - replace it with `su`.

    PR:     281949 281264
    MFH:    2024Q4
    (cherry picked from commit c1cc8c5f75f6e85e544498d7dc52e6fe5e2be8e0)

 www/gitea/Makefile       | 2 +-
 www/gitea/distinfo       | 6 +++---
 www/gitea/files/gitea.in | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)
Comment 6 Vladimir Druzenko freebsd_committer freebsd_triage 2024-10-09 22:38:55 UTC 
Committed, thanks.