Hi Julien, XSF*,
here is the final NMUdiff fixing a typo in an initscript comment and
moving the Makefile.in patch to the diff.gz as discussed on IRC.
Thanks for maintaining X.
Kind regards
T.
diff -u xfs-1.0.8/Makefile.in xfs-1.0.8/Makefile.in
--- xfs-1.0.8/Makefile.in
+++ xfs-1.0.8/Makefile.in
@@ -234,7 +234,7 @@
top_srcdir = @top_srcdir@
configdir = $(sysconfdir)/X11/fs
FONT_FLAGS = -DFONT_PCF -DFONT_FS -DFONT_SPEEDO
-AM_CPPFLAGS = $(XFS_CFLAGS) -I$(top_srcdir)/include -DXFSPIDDIR=\"/var/run\" \
+AM_CPPFLAGS = $(XFS_CFLAGS) -I$(top_srcdir)/include
-DXFSPIDDIR=\"/var/run/xfs\" \
$(FONT_FLAGS) -D_BSD_SOURCE -DFONT_t -DTRANS_SERVER -DTRANS_REOPEN
LDADD = $(XFS_LIBS)
diff -u xfs-1.0.8/debian/changelog xfs-1.0.8/debian/changelog
--- xfs-1.0.8/debian/changelog
+++ xfs-1.0.8/debian/changelog
@@ -1,3 +1,19 @@
+xfs (1:1.0.8-2.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Fix fallout from switching to non-privileged user:
+ - Adjust config file to disable logging to file.
+ We log to syslog, but with this parameter, xfs tries to open
+ the logfile which fails because we run as nobody.
+ - postinst: create user debian-xfs for pidfile,
+ - init: create pidfile dir if necessary, change pifile location,
+ deal with two possible pidfile locations for stop et al,
+ - postrm: delete pid directory and user,
+ - add patch to change pid directory.
+ Closes: #498823.
+
+ -- Thomas Viehmann <[EMAIL PROTECTED]> Thu, 09 Oct 2008 22:32:45 +0200
+
xfs (1:1.0.8-2) unstable; urgency=low
* Add $syslog dependency to the xfs init.d script (closes: #489232).
diff -u xfs-1.0.8/debian/control xfs-1.0.8/debian/control
--- xfs-1.0.8/debian/control
+++ xfs-1.0.8/debian/control
@@ -10,7 +10,7 @@
Package: xfs
Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}, adduser
Suggests: xfonts-100dpi | xfonts-75dpi, xfonts-base, xfonts-scalable
Description: X font server
xfs is a daemon that listens on a network port and serves X fonts to X
diff -u xfs-1.0.8/debian/xfs.init xfs-1.0.8/debian/xfs.init
--- xfs-1.0.8/debian/xfs.init
+++ xfs-1.0.8/debian/xfs.init
@@ -36,7 +36,9 @@
PATH=/bin:/usr/bin:/sbin:/usr/sbin
DAEMON=/usr/bin/xfs
-PIDFILE=/var/run/xfs.pid
+PIDDIR=/var/run/xfs
+PIDFILE=$PIDDIR/xfs.pid
+OLDPIDFILE=/var/run/xfs.pid
UPGRADEFILE=/var/run/xfs.daemon-not-stopped
SOCKET_DIR=/tmp/.font-unix
@@ -61,6 +63,13 @@
echo "done."
}
+set_up_pid_dir () {
+ if [ ! -d "$PIDDIR" ] ; then
+ mkdir $PIDDIR
+ chown debian-xfs $PIDDIR
+ fi
+}
+
stillrunning () {
if expr "$(cat /proc/$DAEMONPID/cmdline 2>/dev/null)" : "$DAEMON" >/dev/null
\
2>&1; then
@@ -74,6 +83,14 @@
fi
}
+
+# If there is only an old pidfile, use that. note that restart calls the start
+# initscript, so that will use the new pidfile for the new xfs process
+if [ "$1" = "restart" ] || [ "$1" = "reload" ] || [ "$1" = "stop" ] && \
+ [ ! -e $PIDFILE ] && [ -e $OLDPIDFILE ] ; then
+ PIDFILE=$OLDPIDFILE
+fi
+
# If we have upgraded the daemon since we last started it, we can't use the
# --exec argument to start-stop-daemon, because the daemon's inode will have
# changed. The risk here is that in a situation where the daemon died, its
@@ -91,8 +108,9 @@
case "$1" in
start)
set_up_socket_dir
+ set_up_pid_dir
echo -n "Starting X font server: xfs"
- start-stop-daemon --start --quiet $SSD_START_ARGS -- -daemon -user nobody
-droppriv \
+ start-stop-daemon --start --quiet $SSD_START_ARGS -- -daemon -user
debian-xfs -droppriv \
|| echo -n " already running"
echo "."
;;
diff -u xfs-1.0.8/debian/xfs.postinst.in xfs-1.0.8/debian/xfs.postinst.in
--- xfs-1.0.8/debian/xfs.postinst.in
+++ xfs-1.0.8/debian/xfs.postinst.in
@@ -15,6 +15,12 @@
THIS_PACKAGE=xfs
THIS_SCRIPT=postinst
+if ! getent passwd debian-$THIS_PACKAGE > /dev/null ; then
+ adduser --quiet --system --disabled-password \
+ --home /nonexistant --no-create-home \
+ --shell /bin/false --group debian-$THIS_PACKAGE
+fi
+
#INCLUDE_SHELL_LIB#
# Registering the init scripts or starting the daemon may cause output to
diff -u xfs-1.0.8/debian/xfs.postrm.in xfs-1.0.8/debian/xfs.postrm.in
--- xfs-1.0.8/debian/xfs.postrm.in
+++ xfs-1.0.8/debian/xfs.postrm.in
@@ -25,6 +25,15 @@
if [ -d /etc/X11/fs ]; then
rm -r /etc/X11/fs
fi
+ if [ -d /var/run/xfs ]; then
+ rm -r /var/run/xfs
+ fi
+ # Remove the user if we are relatively certain that we created it
+ u_home=$(getent passwd debian-$THIS_PACKAGE | cut -d ":" -f 6)
+ u_shell=$(getent passwd debian-$THIS_PACKAGE | cut -d ":" -f 7)
+ if [ "$u_home" = "/nonexistant" ] && [ "$u_shell" = "/bin/false" ] && [ -x
/usr/sbin/deluser ] ; then
+ deluser --system --quiet debian-$THIS_PACKAGE
+ fi
fi
if [ "$1" = "abort-upgrade" ]; then
diff -u xfs-1.0.8/debian/patches/02_debian_setup.diff
xfs-1.0.8/debian/patches/02_debian_setup.diff
--- xfs-1.0.8/debian/patches/02_debian_setup.diff
+++ xfs-1.0.8/debian/patches/02_debian_setup.diff
@@ -8,7 +8,7 @@
===================================================================
--- a/config.cpp.orig 2006-03-07 22:09:01.000000000 -0500
+++ b/config.cpp 2006-03-07 22:13:53.000000000 -0500
-@@ -1,15 +1,19 @@
+@@ -1,15 +1,20 @@
XCOMM font server configuration file
XCOMM $Xorg: config.cpp,v 1.3 2000/08/17 19:54:19 cpqbld Exp $
@@ -18,8 +18,10 @@
clone-self = on
-use-syslog = off
-catalogue = DEFAULTFONTPATH
-+XCOMM log messages to FSERRORS (if syslog is not used)
- error-file = FSERRORS
++XCOMM log messages to FSERRORS
++XCOMM (Debian xfs uses syslog by default to run as nobody)
+-error-file = FSERRORS
++XCOMM error-file = FSERRORS
+XCOMM log errors using syslog
+use-syslog = on
+XCOMM turn off TCP port listening (Unix domain connections are still
permitted)
diff -u xfs-1.0.8/debian/patches/series xfs-1.0.8/debian/patches/series
--- xfs-1.0.8/debian/patches/series
+++ xfs-1.0.8/debian/patches/series
@@ -2,0 +3 @@
+03_debian_piddir.diff
only in patch2:
unchanged:
--- xfs-1.0.8.orig/debian/patches/03_debian_piddir.diff
+++ xfs-1.0.8/debian/patches/03_debian_piddir.diff
@@ -0,0 +1,13 @@
+diff -u xfs-1.0.8~/Makefile.am xfs-1.0.8/Makefile.am
+--- xfs-1.0.8~/Makefile.am 2008-05-16 20:23:17.000000000 +0200
++++ xfs-1.0.8/Makefile.am 2008-10-10 20:10:12.000000000 +0200
+@@ -25,7 +25,7 @@
+
+ FONT_FLAGS = -DFONT_PCF -DFONT_FS -DFONT_SPEEDO
+
+-AM_CPPFLAGS = $(XFS_CFLAGS) -I$(top_srcdir)/include -DXFSPIDDIR=\"/var/run\" \
++AM_CPPFLAGS = $(XFS_CFLAGS) -I$(top_srcdir)/include
-DXFSPIDDIR=\"/var/run/xfs\" \
+ $(FONT_FLAGS) -D_BSD_SOURCE -DFONT_t -DTRANS_SERVER -DTRANS_REOPEN
+
+ LDADD = $(XFS_LIBS)
+diff -u xfs-1.0.8~/Makefile.in xfs-1.0.8/Makefile.in
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
