diff options
Diffstat (limited to 'app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch')
| -rw-r--r-- | app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch b/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch new file mode 100644 index 00000000000..4d98c0a7cf5 --- /dev/null +++ b/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch @@ -0,0 +1,98 @@ +From c75c7553a88e387013e2b4310f4c4956adfd8a98 Mon Sep 17 00:00:00 2001 +From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Date: Mon, 8 Aug 2016 20:45:07 -0400 +Subject: [PATCH 1/2] avoid treating src/share/common as an executable + +having src/share/common treated as an executable (commit +ed10318d3760b56e57d5e1bef04ab57761ab8bd1) was actually a terrible +idea. + +In addition to causing "monkeysphere version" to print the version +number twice, it meant that any invocation of a monkeysphere command +that sourced src/share/common and had a first argument that happened +to be a function name would accidentally invoke that function. + +This commit reverts that idea. +--- + Makefile | 2 +- + src/share/common | 5 ----- + src/share/ma/add_certifier | 2 +- + src/share/ma/update_users | 2 +- + src/share/mh/add_revoker | 2 +- + 5 files changed, 4 insertions(+), 9 deletions(-) + mode change 100755 => 100644 src/share/common + +diff --git a/Makefile b/Makefile +index 608a317..768564a 100755 +--- a/Makefile ++++ b/Makefile +@@ -55,7 +55,7 @@ install: all installman + install src/monkeysphere-authentication $(DESTDIR)$(PREFIX)/sbin + sed -i 's:__SYSSHAREDIR_PREFIX__:$(PREFIX):' $(DESTDIR)$(PREFIX)/sbin/monkeysphere-authentication + install src/monkeysphere-authentication-keys-for-user $(DESTDIR)$(PREFIX)/share/monkeysphere +- install -m 0755 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere ++ install -m 0644 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere + install -m 0644 src/share/defaultenv $(DESTDIR)$(PREFIX)/share/monkeysphere + sed -i 's:__SYSCONFDIR_PREFIX__:$(ETCPREFIX):' $(DESTDIR)$(PREFIX)/share/monkeysphere/defaultenv + sed -i 's:__SYSDATADIR_PREFIX__:$(LOCALSTATEDIR):' $(DESTDIR)$(PREFIX)/share/monkeysphere/defaultenv +diff --git a/src/share/common b/src/share/common +old mode 100755 +new mode 100644 +index 66181a3..b10a040 +--- a/src/share/common ++++ b/src/share/common +@@ -1,4 +1,3 @@ +-#!/usr/bin/env bash + # -*-shell-script-*- + # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) + +@@ -1022,7 +1021,3 @@ report_cruft() { + printf "The directories above are backups left over from a monkeysphere transition.\nThey may contain copies of sensitive data (host keys, certifier lists), but\nthey are no longer needed by monkeysphere.\nYou may remove them at any time.\n\n" | log info + fi + } +- +-if [ -n "$1" ] && [ "$(type -t "$1" || true)" = "function" ]; then +- "$@" +-fi +diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier +index 1d450e7..5416aa9 100644 +--- a/src/share/ma/add_certifier ++++ b/src/share/ma/add_certifier +@@ -101,7 +101,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then + # check the key is ok as monkeysphere user before loading + log debug "checking keys in file..." + fingerprint=$(su_monkeysphere_user \ +- "${SYSSHAREDIR}/common" list_primary_fingerprints < "$keyID") ++ bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$keyID") + + if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then + failure "There was not exactly one gpg key in the file." +diff --git a/src/share/ma/update_users b/src/share/ma/update_users +index d23c125..4f83e0c 100644 +--- a/src/share/ma/update_users ++++ b/src/share/ma/update_users +@@ -79,7 +79,7 @@ for uname in $unames ; do + + # process authorized_user_ids file, as monkeysphere user + su_monkeysphere_user \ +- /usr/bin/env "STRICT_MODES=$STRICT_MODES" "${SYSSHAREDIR}/common" process_authorized_user_ids - \ ++ /usr/bin/env "STRICT_MODES=$STRICT_MODES" bash -c ". ${SYSSHAREDIR}/common && process_authorized_user_ids -" \ + < "$authorizedUserIDs" \ + > "$tmpAuthorizedKeys" + +diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker +index 28b11ac..e00ac4e 100644 +--- a/src/share/mh/add_revoker ++++ b/src/share/mh/add_revoker +@@ -52,7 +52,7 @@ if [ -f "$revokerKeyID" -o "$revokerKeyID" = '-' ] ; then + # check the key is ok as monkeysphere user before loading + log debug "checking keys in file..." + fingerprint=$(su_monkeysphere_user \ +- "${SYSSHAREDIR}/common" list_primary_fingerprints < "$revokerKeyID") ++ bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$revokerKeyID") + + if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then + failure "There was not exactly one gpg key in the file." +-- +2.7.3 + |