I just installed the devel/rbenv port and discovered that it had reset the ownerships of all SUID and SGID files in /usr/local/libexec and included subdirectories. After the installation, all of those were changed to root:wheel. The periodic security script showed nine files changed in my case. I couldn't get the program to work, so the program needs other fixes and appears useless now. Fix: No fix known to me, other than restore those from backup. How-To-Repeat: I had just installed the devel/rbenv port (not package).
Maintainer of devel/rbenv, Please note that PR ports/180851 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/180851 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org
State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Carl confirmed that this fix I had sent to him worked. From Carl: Yes it does fix the ownership problem. I first found the files in a backup with: find . ! \( -user root -and -group wheel \) -ls and then changed the files manually since there were only 9 of them. I still haven't figured out how to get the program to work even though the corresponding package in Debian Linux works fine, but I consider that a separate issue. The ownership was what I considered the serious problem. Thanks for the quick response. Index: devel/rbenv/Makefile =================================================================== --- devel/rbenv/Makefile (revision 323665) +++ devel/rbenv/Makefile (working copy) @@ -31,7 +31,7 @@ do-install: @${INSTALL_SCRIPT} ${WRKSRC}/bin/ruby-local-exec ${PREFIX}/bin - @( cd ${WRKSRC}/libexec && ${COPYTREE_BIN} \* ${PREFIX}/libexec ) + @( ${INSTALL_SCRIPT} ${WRKSRC}/libexec/* ${PREFIX}/libexec/ ) @${LN} -sf ${PREFIX}/libexec/rbenv ${PREFIX}/bin/rbenv @${MKDIR} ${DATADIR}/completions @( cd ${WRKSRC}/completions && ${COPYTREE_BIN} \* ${DATADIR}/completions )
Responsible Changed From-To: freebsd-ports-bugs->jgh I'll take it.
Author: jgh Date: Sun Aug 11 22:00:09 2013 New Revision: 324606 URL: http://svnweb.freebsd.org/changeset/ports/324606 Log: - sanitize installation to not clobber suid/guid files - while here print installation Previous installations reset the ownerships of all SUID and SGID files in /usr/local/libexec and included subdirectories to root:wheel. PR: 180851 Reported by: Carl Johnson <carlj@peak.org> Submitted by: jgh@ Approved by: fmb@onibox.net (maintainer timeout, > 14days ) Modified: head/devel/rbenv/Makefile Modified: head/devel/rbenv/Makefile ============================================================================== --- head/devel/rbenv/Makefile Sun Aug 11 21:04:10 2013 (r324605) +++ head/devel/rbenv/Makefile Sun Aug 11 22:00:09 2013 (r324606) @@ -2,7 +2,7 @@ PORTNAME= rbenv PORTVERSION= 0.4.0 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= devel ruby MASTER_SITES= GH @@ -30,10 +30,10 @@ post-patch: @${REINPLACE_CMD} -e "s|\$$root/completions|${DATADIR}/completions|g" ${WRKSRC}/libexec/rbenv-init do-install: - @${INSTALL_SCRIPT} ${WRKSRC}/bin/ruby-local-exec ${PREFIX}/bin - @( cd ${WRKSRC}/libexec && ${COPYTREE_BIN} \* ${PREFIX}/libexec ) + ${INSTALL_SCRIPT} ${WRKSRC}/bin/ruby-local-exec ${PREFIX}/bin + ( ${INSTALL_SCRIPT} ${WRKSRC}/libexec/* ${PREFIX}/libexec/ ) @${LN} -sf ${PREFIX}/libexec/rbenv ${PREFIX}/bin/rbenv @${MKDIR} ${DATADIR}/completions - @( cd ${WRKSRC}/completions && ${COPYTREE_BIN} \* ${DATADIR}/completions ) + ( cd ${WRKSRC}/completions && ${COPYTREE_BIN} \* ${DATADIR}/completions ) .include <bsd.port.mk> _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
State Changed From-To: feedback->closed Committed. Thanks!