FreeBSD Bugzilla – Attachment 98090 Details for
Bug 136928
[PATCH] www/apache20 - suexec resource limits patch
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 4.48 KB, created by
admin
on 2009-07-20 13:30:06 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
admin
Created:
2009-07-20 13:30:06 UTC
Size:
4.48 KB
patch
obsolete
>diff -Nru www/apache20.orig/apache20.suexec.login.conf.limits.diff www/apache20/apache20.suexec.login.conf.limits.diff >--- www/apache20.orig/apache20.suexec.login.conf.limits.diff 1970-01-01 03:00:00.000000000 +0300 >+++ www/apache20/apache20.suexec.login.conf.limits.diff 2009-07-08 10:34:30.000000000 +0400 >@@ -0,0 +1,50 @@ >+diff -Nru www/apache20.orig/work/httpd-2.0.63/support/Makefile.in www/apache20/work/httpd-2.0.63/support/Makefile.in >+--- www/apache20.orig/work/httpd-2.0.63/support/Makefile.in 2009-07-08 10:27:36.000000000 +0400 >++++ www/apache20/work/httpd-2.0.63/support/Makefile.in 2009-07-08 10:33:26.000000000 +0400 >+@@ -57,7 +57,7 @@ >+ >+ suexec_OBJECTS = suexec.lo >+ suexec: $(suexec_OBJECTS) >+- $(LINK) $(suexec_OBJECTS) >++ $(LINK) -lutil $(suexec_OBJECTS) >+ >+ httxt2dbm_OBJECTS = httxt2dbm.lo >+ httxt2dbm: $(httxt2dbm_OBJECTS) >+diff -Nru www/apache20.orig/work/httpd-2.0.63/support/suexec.c www/apache20/work/httpd-2.0.63/support/suexec.c >+--- www/apache20.orig/work/httpd-2.0.63/support/suexec.c 2006-07-12 11:40:55.000000000 +0400 >++++ www/apache20/work/httpd-2.0.63/support/suexec.c 2009-07-08 10:32:47.000000000 +0400 >+@@ -37,6 +37,7 @@ >+ #include <sys/param.h> >+ #include <sys/stat.h> >+ #include <sys/types.h> >++#include <login_cap.h> >+ #include <string.h> >+ #include <time.h> >+ #if APR_HAVE_UNISTD_H >+@@ -242,6 +243,7 @@ >+ char *cmd; /* command to be executed */ >+ char cwd[AP_MAXPATH]; /* current working directory */ >+ char dwd[AP_MAXPATH]; /* docroot working directory */ >++ login_cap_t *lc; /* user resource limits */ >+ struct passwd *pw; /* password entry holder */ >+ struct group *gr; /* group entry holder */ >+ struct stat dir_info; /* directory info holder */ >+@@ -448,6 +450,18 @@ >+ } >+ >+ /* >++ * Apply user resource limits based on login class. >++ */ >++ if ((lc = login_getclassbyname(pw->pw_class, pw)) == NULL) { >++ log_err("failed to login_getclassbyname()\n"); >++ exit(109); >++ } >++ if ((setusercontext(lc, pw, uid, LOGIN_SETRESOURCES)) != 0) { >++ log_err("failed to setusercontext()\n"); >++ exit(109); >++ } >++ >++ /* >+ * Change UID/GID here so that the following tests work over NFS. >+ * >+ * Initialize the group access list for the target user, >diff -Nru www/apache20.orig/files/patch-support:Makefile.in www/apache20/files/patch-support:Makefile.in >--- www/apache20.orig/files/patch-support:Makefile.in 2009-07-20 16:10:25.000000000 +0400 >+++ www/apache20/files/patch-support:Makefile.in 2009-07-20 16:19:14.000000000 +0400 >@@ -12,3 +12,13 @@ > fi > > htpasswd_OBJECTS = htpasswd.lo >+@@ -57,7 +57,7 @@ >+ >+ suexec_OBJECTS = suexec.lo >+ suexec: $(suexec_OBJECTS) >+- $(LINK) $(suexec_OBJECTS) >++ $(LINK) -lutil $(suexec_OBJECTS) >+ >+ httxt2dbm_OBJECTS = httxt2dbm.lo >+ httxt2dbm: $(httxt2dbm_OBJECTS) >+ >diff -Nru www/apache20.orig/files/patch-support:suexec.c www/apache20/files/patch-support:suexec.c >--- www/apache20.orig/files/patch-support:suexec.c 1970-01-01 03:00:00.000000000 +0300 >+++ www/apache20/files/patch-support:suexec.c 2009-07-20 16:16:12.000000000 +0400 >@@ -0,0 +1,37 @@ >+--- support/suexec.c 2006-07-12 11:40:55.000000000 +0400 >++++ support/suexec.c 2009-07-08 10:32:47.000000000 +0400 >+@@ -37,6 +37,7 @@ >+ #include <sys/param.h> >+ #include <sys/stat.h> >+ #include <sys/types.h> >++#include <login_cap.h> >+ #include <string.h> >+ #include <time.h> >+ #if APR_HAVE_UNISTD_H >+@@ -242,6 +243,7 @@ >+ char *cmd; /* command to be executed */ >+ char cwd[AP_MAXPATH]; /* current working directory */ >+ char dwd[AP_MAXPATH]; /* docroot working directory */ >++ login_cap_t *lc; /* user resource limits */ >+ struct passwd *pw; /* password entry holder */ >+ struct group *gr; /* group entry holder */ >+ struct stat dir_info; /* directory info holder */ >+@@ -448,6 +450,18 @@ >+ } >+ >+ /* >++ * Apply user resource limits based on login class. >++ */ >++ if ((lc = login_getclassbyname(pw->pw_class, pw)) == NULL) { >++ log_err("failed to login_getclassbyname()\n"); >++ exit(109); >++ } >++ if ((setusercontext(lc, pw, uid, LOGIN_SETRESOURCES)) != 0) { >++ log_err("failed to setusercontext()\n"); >++ exit(109); >++ } >++ >++ /* >+ * Change UID/GID here so that the following tests work over NFS. >+ * >+ * Initialize the group access list for the target user,
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=98090">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 136928
: 98090 |
98091
|
98092