diff --git a/libcgroup-0.37-chmod.patch b/libcgroup-0.37-chmod.patch deleted file mode 100644 index 70afb69ed964712b4aff3b4d6700818685cccf32..0000000000000000000000000000000000000000 --- a/libcgroup-0.37-chmod.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff --git libcgroup-0.42.2/src/api.c libcgroup-0.42.2/src/api.c -index 24ae48d..54a6736 100644 ---- libcgroup-0.42.2/src/api.c -+++ libcgroup-0.42.2/src/api.c -@@ -159,6 +159,10 @@ static int cg_chown_file(FTS *fts, FTSENT *ent, uid_t owner, gid_t group) - return ret; - } - -+int cg_chmod_file(FTS *fts, FTSENT *ent, mode_t dir_mode, -+ int dirm_change, mode_t file_mode, int filem_change, -+ int owner_is_umask); -+ - /* - * TODO: Need to decide a better place to put this function. - */ -@@ -166,6 +170,8 @@ static int cg_chown_recursive(char **path, uid_t owner, gid_t group) - { - int ret = 0; - FTS *fts; -+ /* mode 664 */ -+ mode_t mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH; - - cgroup_dbg("chown: path is %s\n", *path); - fts = fts_open(path, FTS_PHYSICAL | FTS_NOCHDIR | -@@ -183,6 +189,7 @@ static int cg_chown_recursive(char **path, uid_t owner, gid_t group) - cgroup_warn("Warning: fts_read failed\n"); - break; - } -+ cg_chmod_file(fts, ent, mode, 0, mode, 1, 1); - ret = cg_chown_file(fts, ent, owner, group); - } - fts_close(fts); diff --git a/libcgroup-0.40.rc1-coverity.patch b/libcgroup-0.40.rc1-coverity.patch deleted file mode 100644 index 481358b8c7999fb7dd892773ccf5935e36b36cca..0000000000000000000000000000000000000000 --- a/libcgroup-0.40.rc1-coverity.patch +++ /dev/null @@ -1,79 +0,0 @@ -diff --git libcgroup-0.42.2/src/config.c libcgroup-0.42.2/src/config.c -index 3ffa263..b5d51b3 100644 ---- libcgroup-0.42.2/src/config.c -+++ libcgroup-0.42.2/src/config.c -@@ -326,7 +326,7 @@ int config_group_task_perm(char *perm_type, char *value, int flag) - long val = atoi(value); - char buffer[CGROUP_BUFFER_LEN]; - struct cgroup *config_cgroup; -- int table_index; -+ int table_index, ret; - - switch (flag) { - case CGROUP: -@@ -370,10 +370,10 @@ int config_group_task_perm(char *perm_type, char *value, int flag) - if (!group) - goto group_task_error; - -- getgrnam_r(value, group, buffer, -+ ret = getgrnam_r(value, group, buffer, - CGROUP_BUFFER_LEN, &group_buffer); - -- if (group_buffer == NULL) { -+ if (ret != 0 || group_buffer == NULL) { - free(group); - goto group_task_error; - } -@@ -439,7 +439,7 @@ int config_group_admin_perm(char *perm_type, char *value, int flag) - struct cgroup *config_cgroup; - long val = atoi(value); - char buffer[CGROUP_BUFFER_LEN]; -- int table_index; -+ int table_index, ret; - - switch (flag) { - case CGROUP: -@@ -482,10 +482,10 @@ int config_group_admin_perm(char *perm_type, char *value, int flag) - if (!group) - goto admin_error; - -- getgrnam_r(value, group, buffer, -+ ret = getgrnam_r(value, group, buffer, - CGROUP_BUFFER_LEN, &group_buffer); - -- if (group_buffer == NULL) { -+ if (ret != 0 || group_buffer == NULL) { - free(group); - goto admin_error; - } -diff --git libcgroup-0.42.2/src/daemon/cgrulesengd.c libcgroup-0.42.2/src/daemon/cgrulesengd.c -index 4cef53e..90920d1 100644 ---- libcgroup-0.42.2/src/daemon/cgrulesengd.c -+++ libcgroup-0.42.2/src/daemon/cgrulesengd.c -@@ -654,7 +654,7 @@ close: - - static int cgre_create_netlink_socket_process_msg(void) - { -- int sk_nl = 0, sk_unix = 0, sk_max; -+ int sk_nl = -1, sk_unix = -1, sk_max; - struct sockaddr_nl my_nla; - char buff[BUFF_SIZE]; - int rc = -1; -diff --git libcgroup-0.42.2/src/tools/lscgroup.c libcgroup-0.42.2/src/tools/lscgroup.c -index bfb1724..d15a0c2 100644 ---- libcgroup-0.42.2/src/tools/lscgroup.c -+++ libcgroup-0.42.2/src/tools/lscgroup.c -@@ -96,11 +96,11 @@ static int display_controller_data(char *input_path, char *controller, char *nam - if (ret != 0) - return ret; - -- strncpy(cgroup_dir_path, info.full_path, FILENAME_MAX); -+ strncpy(cgroup_dir_path, info.full_path, FILENAME_MAX - 1); - /* remove problematic '/' characters from cgroup directory path*/ - trim_filepath(cgroup_dir_path); - -- strncpy(input_dir_path, input_path, FILENAME_MAX); -+ strncpy(input_dir_path, input_path, FILENAME_MAX - 1); - - /* remove problematic '/' characters from input directory path*/ - trim_filepath(input_dir_path); diff --git a/libcgroup-0.40.rc1-fread.patch b/libcgroup-0.40.rc1-fread.patch deleted file mode 100644 index 8f1388e516f3c9893c02d7cc31f6a66b21b2b419..0000000000000000000000000000000000000000 --- a/libcgroup-0.40.rc1-fread.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff --git libcgroup-0.42.2/src/api.c libcgroup-0.42.2/src/api.c -index 54a6736..1557393 100644 ---- libcgroup-0.42.2/src/api.c -+++ libcgroup-0.42.2/src/api.c -@@ -2482,29 +2482,29 @@ static int cg_rd_ctrl_file(const char *subsys, const char *cgroup, - const char *file, char **value) - { - char path[FILENAME_MAX]; -- FILE *ctrl_file = NULL; -- int ret; -+ int ctrl_file = -1; -+ ssize_t ret; - - if (!cg_build_path_locked(cgroup, path, subsys)) - return ECGFAIL; - - strncat(path, file, sizeof(path) - strlen(path)); -- ctrl_file = fopen(path, "re"); -- if (!ctrl_file) -+ ctrl_file = open(path, O_RDONLY | O_CLOEXEC); -+ if (ctrl_file < 0) - return ECGROUPVALUENOTEXIST; - - *value = calloc(CG_CONTROL_VALUE_MAX, 1); - if (!*value) { -- fclose(ctrl_file); -+ close(ctrl_file); - last_errno = errno; - return ECGOTHER; - } - - /* -- * using %as crashes when we try to read from files like -+ * using %as or fread crashes when we try to read from files like - * memory.stat - */ -- ret = fread(*value, 1, CG_CONTROL_VALUE_MAX-1, ctrl_file); -+ ret = read(ctrl_file, *value, CG_CONTROL_VALUE_MAX-1); - if (ret < 0) { - free(*value); - *value = NULL; -@@ -2514,7 +2514,7 @@ static int cg_rd_ctrl_file(const char *subsys, const char *cgroup, - (*value)[ret-1] = '\0'; - } - -- fclose(ctrl_file); -+ close(ctrl_file); - - return 0; - } diff --git a/libcgroup-0.40.rc1-templates-fix.patch b/libcgroup-0.40.rc1-templates-fix.patch deleted file mode 100644 index 8bbfa43bc2a54cb979e8663e9f41ebf9651093a8..0000000000000000000000000000000000000000 --- a/libcgroup-0.40.rc1-templates-fix.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff --git libcgroup-0.42.2/src/api.c libcgroup-0.42.2/src/api.c -index 1557393..318a438 100644 ---- libcgroup-0.42.2/src/api.c -+++ libcgroup-0.42.2/src/api.c -@@ -3457,10 +3457,10 @@ int cgroup_change_cgroup_flags(uid_t uid, gid_t gid, - available, "%d", pid); - break; - case 'p': -- if(procname) { -+ if(procname && strlen(basename(procname))) { - written = snprintf(newdest + j, - available, "%s", -- procname); -+ basename(procname)); - } else { - written = snprintf(newdest + j, - available, "%d", pid); diff --git a/libcgroup-2.0.3.tar.gz b/libcgroup-2.0.3.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..44c0b86f4d0f9452d743ba964ee0e7bea0053b4f Binary files /dev/null and b/libcgroup-2.0.3.tar.gz differ diff --git a/libcgroup-v0.42.2.tar.gz b/libcgroup-v0.42.2.tar.gz deleted file mode 100644 index df41b1352ada730c4c1e247b153715ed958a792d..0000000000000000000000000000000000000000 Binary files a/libcgroup-v0.42.2.tar.gz and /dev/null differ diff --git a/libcgroup.spec b/libcgroup.spec index 7ff57c4f4452b634ceb851e4aed75d349a84e229..e1bbea5288bac07453d8969acf50679c70464cc0 100644 --- a/libcgroup.spec +++ b/libcgroup.spec @@ -4,20 +4,16 @@ Summary: Libcgroup is a library that abstracts the control group file system in Linux Name: libcgroup -Version: 0.42.2 -Release: 3 +Version: 2.0.3 +Release: 2 License: LGPLv2+ URL: http://libcg.sourceforge.net/ -Source0: https://github.com/%{name}/%{name}/archive/v%{version}/%{name}-v%{version}.tar.gz +Source0: https://github.com/%{name}/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz Source1: cgconfig.service Provides: libcgroup-pam libcgroup-tools Obsoletes: libcgroup-pam libcgroup-tools -Patch0: config.patch -Patch1: libcgroup-0.37-chmod.patch -Patch2: libcgroup-0.40.rc1-coverity.patch -Patch3: libcgroup-0.40.rc1-fread.patch -Patch4: libcgroup-0.40.rc1-templates-fix.patch +Patch0:config.patch BuildRequires: autoconf, automake, libtool BuildRequires: gcc,gcc-c++,byacc @@ -45,11 +41,6 @@ It provides helpful information for libcgroup-pam,libcgroup-devel,libcgroup-tool %prep %setup -q -n %{name}-%{version} -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 %build autoreconf -vif @@ -70,7 +61,7 @@ install -m 644 samples/cgconfig.conf $RPM_BUILD_ROOT%{_sysconfdir}/cgconfig.conf install -m 644 samples/cgsnapshot_blacklist.conf $RPM_BUILD_ROOT%{_sysconfdir}/cgsnapshot_blacklist.conf # Only one pam_cgroup.so is needed -mv -f $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.so.*.*.* $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.so +#mv -f $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.so $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.so rm -f $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.{,l}a $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.so.* rm -f $RPM_BUILD_ROOT%{_libdir}/*.{,l}a @@ -88,7 +79,7 @@ install -m 644 %SOURCE1 ${RPM_BUILD_ROOT}%{_unitdir}/ %pre getent group cgred >/dev/null || groupadd -r cgred -%post +%post %systemd_post cgconfig.service %preun @@ -119,7 +110,7 @@ getent group cgred >/dev/null || groupadd -r cgred /usr/sbin/cgconfigparser %attr(2755, root, cgred) /usr/bin/cgexec %attr(2755, root, cgred) /usr/bin/cgclassify -%attr(0755,root,root) %{_libdir}/security/pam_cgroup.so +%attr(0755, root, root) %{_libdir}/security/pam_cgroup.so %{_unitdir}/cgconfig.service %files devel @@ -138,6 +129,18 @@ getent group cgred >/dev/null || groupadd -r cgred %attr(0644, root, root) %{_mandir}/man8/* %changelog +* Mon Jun 12 2023 leizhongkai - 2.0.3-2 +- Type: upgrade +- Id:NA +- SUG:NA +- DESC:update release version to v2.0.3 for LTS SP2 branch + +* Thu Feb 9 2023 hanchao - 2.0.3-1 +- Type: upgrade +- Id:NA +- SUG:NA +- DESC:update release version to v2.0.3 + * Thu Nov 3 wuzx - 0.42.2-3 - Type:feature - CVE:NA