Bug 255981 - sysutils/zrepl: pidfile should be world-readable
Summary: sysutils/zrepl: pidfile should be world-readable
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Lewis Cook
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-05-18 19:23 UTC by Alan Somers
Modified: 2021-06-08 04:45 UTC (History)
3 users (show)

See Also:
asomers: maintainer-feedback? (lcook)
lcook: merge-quarterly+


Attachments
Change permissions on /var/run/zrepl to 755 (991 bytes, patch)
2021-05-18 19:23 UTC, Alan Somers
no flags Details | Diff
/var/run/zrepl.pid (1.40 KB, patch)
2021-06-08 04:45 UTC, Raúl
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alan Somers freebsd_committer 2021-05-18 19:23:34 UTC
Created attachment 225074 [details]
Change permissions on /var/run/zrepl to 755

zrepl writes /var/run/zrepl/daemon.pid .  But curiously, it creates the /var/run/zrepl directory with 700 permissions.  That prevents non-root users from doing "service zrepl status".  I don't see any sensitive files instead of that directory.  Is there any reason it can't be made 755?
Comment 1 Ben Woods freebsd_committer 2021-05-22 02:25:16 UTC
Sorry, due to a lack of time I have reset the maintainer of this port back to ports@FreeBSD.org. Hopefully someone else is able to step in to help.
Resetting the assignee of this bug accordingly.
Comment 2 Alan Somers freebsd_committer 2021-06-03 21:43:27 UTC
lcook, could you please review this patch?
Comment 3 Lewis Cook freebsd_committer freebsd_triage 2021-06-04 10:14:04 UTC
(In reply to Alan Somers from comment #2)
Sorry for the delay, been much busier than anticipated.

Seems a good idea to include this change and I have no objections, I'll commit this and MFH back into 2021Q2.  Thank you Alan!
Comment 4 commit-hook freebsd_committer 2021-06-04 10:22:54 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=2a866a1b4fd0e2ce6d07904c920f98e7d994bd59

commit 2a866a1b4fd0e2ce6d07904c920f98e7d994bd59
Author:     Alan Somers <asomers@FreeBSD.org>
AuthorDate: 2021-06-04 10:15:57 +0000
Commit:     Lewis Cook <lcook@FreeBSD.org>
CommitDate: 2021-06-04 10:21:49 +0000

    sysutils/zrepl: pidfile should be world-readable

    PR:     255981

 sysutils/zrepl/Makefile       | 1 +
 sysutils/zrepl/files/zrepl.in | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)
Comment 5 commit-hook freebsd_committer 2021-06-04 10:26:55 UTC
A commit in branch 2021Q2 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=073656063b7ce50ecfb7851bdc02966eb54d783b

commit 073656063b7ce50ecfb7851bdc02966eb54d783b
Author:     Alan Somers <asomers@FreeBSD.org>
AuthorDate: 2021-06-04 10:15:57 +0000
Commit:     Lewis Cook <lcook@FreeBSD.org>
CommitDate: 2021-06-04 10:24:14 +0000

    sysutils/zrepl: pidfile should be world-readable

    PR:     255981

    (cherry picked from commit 2a866a1b4fd0e2ce6d07904c920f98e7d994bd59)

 sysutils/zrepl/Makefile       | 1 +
 sysutils/zrepl/files/zrepl.in | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)
Comment 6 Lewis Cook freebsd_committer freebsd_triage 2021-06-04 10:27:22 UTC
Committed, thanks!
Comment 7 Alan Somers freebsd_committer 2021-06-04 13:00:39 UTC
Thanks, lcook!
Comment 8 Raúl 2021-06-08 04:45:01 UTC
Created attachment 225629 [details]
/var/run/zrepl.pid

Don't forget /var/run/zrepl ;)