Mageia Bugzilla – Attachment 1659 Details for
Bug 3921
%post fails to add xguest to /etc/ssh/denyusers if this file does not exist yet
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
[patch]
Proposed work around to ensure we always end up with xguest in denyusers file when installed
xguest.diff (text/plain), 2.59 KB, created by
Remco Rijnders
on 2012-02-29 17:32:51 CET
(
hide
)
Description:
Proposed work around to ensure we always end up with xguest in denyusers file when installed
Filename:
MIME Type:
Creator:
Remco Rijnders
Created:
2012-02-29 17:32:51 CET
Size:
2.59 KB
patch
obsolete
>Index: SOURCES/xguest.script >=================================================================== >--- SOURCES/xguest.script (revision 0) >+++ SOURCES/xguest.script (revision 0) >@@ -0,0 +1,7 @@ >+#!/bin/sh >+if [ -e /etc/ssh/denyusers ]; then >+ if ! grep -q xguest /etc/ssh/denyusers; then >+ echo xguest >> /etc/ssh/denyusers >+ fi >+fi >+ >Index: SOURCES/xguest.filter >=================================================================== >--- SOURCES/xguest.filter (revision 0) >+++ SOURCES/xguest.filter (revision 0) >@@ -0,0 +1 @@ >+^\+/etc/ssh/denyusers >Index: SPECS/xguest.spec >=================================================================== >--- SPECS/xguest.spec (revision 216002) >+++ SPECS/xguest.spec (working copy) >@@ -1,12 +1,14 @@ > Summary: Creates xguest user as a locked down user > Name: xguest > Version: 1.0.10 >-Release: %mkrel 5 >+Release: %mkrel 6 > License: GPLv2+ > Group: System/Base > BuildArch: noarch > Source: http://people.fedoraproject.org/~dwalsh/xguest/%{name}-%{version}.tar.bz2 > Source10: mkxguesthome >+Source11: xguest.filter >+Source12: xguest.script > patch: xguest-namespace.patch > # (tv) prevent accessing other people accounts: > patch1: xguest-namespace2.patch >@@ -16,6 +18,7 @@ > Requires(post): python-sabayon > > %define grp_option -U >+#%_filetriggers_dir /var/lib/rpm/filetriggers > > # TODO: > # - check if /usr/sbin/gdm-safe-restart is needed in /etc/X11.gdm/PostSession/Default >@@ -41,10 +44,13 @@ > %install > %{__mkdir} -p %{buildroot}/%{_sysconfdir}/desktop-profiles > %{__mkdir} -p %{buildroot}/%{_sysconfdir}/security/namespace.d/ls >+%{__mkdir} -p %{buildroot}%{_filetriggers_dir} > install -m0644 xguest.zip %{buildroot}/%{_sysconfdir}/desktop-profiles/ > install -m0644 xguest.conf %{buildroot}/%{_sysconfdir}/security/namespace.d/ > > install -m0755 %SOURCE10 %{buildroot}%{_sysconfdir}/security/namespace.d/ >+install -m0644 %SOURCE11 %{buildroot}%_filetriggers_dir/ >+install -m0755 %SOURCE12 %{buildroot}%_filetriggers_dir/ > > # (tv) Using UID higher than UID_MAX=60000 from /etc/login.defs: > mkdir -p %{buildroot}%{_bindir} >@@ -77,8 +83,10 @@ > __eof > > # prevent remote login: >-if ! grep -q xguest /etc/ssh/denyusers; then >- echo xguest >> /etc/ssh/denyusers >+if [ -e /etc/ssh/denyusers ]; then >+ if ! grep -q xguest /etc/ssh/denyusers; then >+ echo xguest >> /etc/ssh/denyusers >+ fi > fi > > # prevent accessing most configuration tools (mcc still available with root password) >@@ -99,6 +107,7 @@ > %config(noreplace) %{_sysconfdir}/desktop-profiles/xguest.zip > %{_sysconfdir}/security/namespace.d/ > %doc README LICENSE >+%{_filetriggers_dir}/xguest.* > > %preun > if [ $1 -eq 0 ]; then
Index: SOURCES/xguest.script =================================================================== --- SOURCES/xguest.script (revision 0) +++ SOURCES/xguest.script (revision 0) @@ -0,0 +1,7 @@ +#!/bin/sh +if [ -e /etc/ssh/denyusers ]; then + if ! grep -q xguest /etc/ssh/denyusers; then + echo xguest >> /etc/ssh/denyusers + fi +fi + Index: SOURCES/xguest.filter =================================================================== --- SOURCES/xguest.filter (revision 0) +++ SOURCES/xguest.filter (revision 0) @@ -0,0 +1 @@ +^\+/etc/ssh/denyusers Index: SPECS/xguest.spec =================================================================== --- SPECS/xguest.spec (revision 216002) +++ SPECS/xguest.spec (working copy) @@ -1,12 +1,14 @@ Summary: Creates xguest user as a locked down user Name: xguest Version: 1.0.10 -Release: %mkrel 5 +Release: %mkrel 6 License: GPLv2+ Group: System/Base BuildArch: noarch Source: http://people.fedoraproject.org/~dwalsh/xguest/%{name}-%{version}.tar.bz2 Source10: mkxguesthome +Source11: xguest.filter +Source12: xguest.script patch: xguest-namespace.patch # (tv) prevent accessing other people accounts: patch1: xguest-namespace2.patch @@ -16,6 +18,7 @@ Requires(post): python-sabayon %define grp_option -U +#%_filetriggers_dir /var/lib/rpm/filetriggers # TODO: # - check if /usr/sbin/gdm-safe-restart is needed in /etc/X11.gdm/PostSession/Default @@ -41,10 +44,13 @@ %install %{__mkdir} -p %{buildroot}/%{_sysconfdir}/desktop-profiles %{__mkdir} -p %{buildroot}/%{_sysconfdir}/security/namespace.d/ls +%{__mkdir} -p %{buildroot}%{_filetriggers_dir} install -m0644 xguest.zip %{buildroot}/%{_sysconfdir}/desktop-profiles/ install -m0644 xguest.conf %{buildroot}/%{_sysconfdir}/security/namespace.d/ install -m0755 %SOURCE10 %{buildroot}%{_sysconfdir}/security/namespace.d/ +install -m0644 %SOURCE11 %{buildroot}%_filetriggers_dir/ +install -m0755 %SOURCE12 %{buildroot}%_filetriggers_dir/ # (tv) Using UID higher than UID_MAX=60000 from /etc/login.defs: mkdir -p %{buildroot}%{_bindir} @@ -77,8 +83,10 @@ __eof # prevent remote login: -if ! grep -q xguest /etc/ssh/denyusers; then - echo xguest >> /etc/ssh/denyusers +if [ -e /etc/ssh/denyusers ]; then + if ! grep -q xguest /etc/ssh/denyusers; then + echo xguest >> /etc/ssh/denyusers + fi fi # prevent accessing most configuration tools (mcc still available with root password) @@ -99,6 +107,7 @@ %config(noreplace) %{_sysconfdir}/desktop-profiles/xguest.zip %{_sysconfdir}/security/namespace.d/ %doc README LICENSE +%{_filetriggers_dir}/xguest.* %preun if [ $1 -eq 0 ]; then
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3921
: 1659