diffstat for systemd-204 systemd-204 changelog | 6 ++++ patches/debian-changes | 42 +++++++++++++++++++++++++++++-- patches/pam-check-runtime-dir-user.patch | 42 +++++++++++++++++++++++++++++++ patches/series | 1 4 files changed, 89 insertions(+), 2 deletions(-) diff -Nru systemd-204/debian/changelog systemd-204/debian/changelog --- systemd-204/debian/changelog 2013-09-23 11:27:30.000000000 +0000 +++ systemd-204/debian/changelog 2014-02-26 15:29:21.000000000 +0000 @@ -1,3 +1,9 @@ +systemd (204-5linuxmint1) debian; urgency=low + + * Added pam-check-runtime-dir-user.patch https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1197395 https://bugzilla.redhat.com/show_bug.cgi?id=753882 + + -- Clement Lefebvre Wed, 26 Feb 2014 14:59:16 +0000 + systemd (204-5) unstable; urgency=high * Cherry-pick 72fd713 from upstream which fixes insecure calling of polkit diff -Nru systemd-204/debian/patches/debian-changes systemd-204/debian/patches/debian-changes --- systemd-204/debian/patches/debian-changes 2013-09-23 11:37:57.000000000 +0000 +++ systemd-204/debian/patches/debian-changes 2014-02-26 18:17:51.000000000 +0000 @@ -1949,7 +1949,15 @@ SystemdService=dbus-org.freedesktop.login1.service --- systemd-204.orig/src/login/pam-module.c +++ systemd-204/src/login/pam-module.c -@@ -336,10 +336,6 @@ _public_ PAM_EXTERN int pam_sm_open_sess +@@ -329,6 +329,7 @@ _public_ PAM_EXTERN int pam_sm_open_sess + dbus_bool_t remote, existing; + int r; + uint32_t vtnr = 0; ++ struct stat st; + + assert(handle); + +@@ -336,10 +337,6 @@ _public_ PAM_EXTERN int pam_sm_open_sess /* pam_syslog(handle, LOG_INFO, "pam-systemd initializing"); */ @@ -1960,7 +1968,7 @@ if (parse_argv(handle, argc, argv, &controllers, &reset_controllers, -@@ -400,7 +396,8 @@ _public_ PAM_EXTERN int pam_sm_open_sess +@@ -400,7 +397,8 @@ _public_ PAM_EXTERN int pam_sm_open_sess bus = dbus_bus_get_private(DBUS_BUS_SYSTEM, &error); if (!bus) { @@ -1970,6 +1978,36 @@ r = PAM_SESSION_ERR; goto finish; } +@@ -568,12 +566,25 @@ _public_ PAM_EXTERN int pam_sm_open_sess + goto finish; + } + +- r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", runtime_path, 0); +- if (r != PAM_SUCCESS) { +- pam_syslog(handle, LOG_ERR, "Failed to set runtime dir."); ++ /* only set $XDG_RUNTIME_DIR if it is owned by the target user, as per ++ * XDG basedir-spec; this avoids su sessions to scribble over a runtime ++ * dir of a different user */ ++ r = lstat(runtime_path, &st); ++ if (r != 0) { ++ pam_syslog(handle, LOG_ERR, "Failed to stat runtime dir: %s", strerror(errno)); ++ r = PAM_SYSTEM_ERR; + goto finish; + } +- ++ if (st.st_uid == uid) { ++ r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", runtime_path, 0); ++ if (r != PAM_SUCCESS) { ++ pam_syslog(handle, LOG_ERR, "Failed to set runtime dir."); ++ goto finish; ++ } ++ } else if (debug) { ++ pam_syslog(handle, LOG_DEBUG, "Runtime dir %s is not owned by the target uid %u, ignoring.", ++ runtime_path, uid); ++ } + if (!isempty(seat)) { + r = pam_misc_setenv(handle, "XDG_SEAT", seat, 0); + if (r != PAM_SUCCESS) { --- /dev/null +++ systemd-204/src/python-systemd/docs/conf.py @@ -0,0 +1,279 @@ diff -Nru systemd-204/debian/patches/pam-check-runtime-dir-user.patch systemd-204/debian/patches/pam-check-runtime-dir-user.patch --- systemd-204/debian/patches/pam-check-runtime-dir-user.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-204/debian/patches/pam-check-runtime-dir-user.patch 2014-02-26 15:29:21.000000000 +0000 @@ -0,0 +1,42 @@ +Index: systemd-204/src/login/pam-module.c +=================================================================== +--- systemd-204.orig/src/login/pam-module.c 2014-02-26 14:47:55.000000000 +0000 ++++ systemd-204/src/login/pam-module.c 2014-02-26 14:57:07.066098040 +0000 +@@ -329,6 +329,7 @@ + dbus_bool_t remote, existing; + int r; + uint32_t vtnr = 0; ++ struct stat st; + + assert(handle); + +@@ -565,12 +566,25 @@ + goto finish; + } + +- r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", runtime_path, 0); +- if (r != PAM_SUCCESS) { +- pam_syslog(handle, LOG_ERR, "Failed to set runtime dir."); ++ /* only set $XDG_RUNTIME_DIR if it is owned by the target user, as per ++ * XDG basedir-spec; this avoids su sessions to scribble over a runtime ++ * dir of a different user */ ++ r = lstat(runtime_path, &st); ++ if (r != 0) { ++ pam_syslog(handle, LOG_ERR, "Failed to stat runtime dir: %s", strerror(errno)); ++ r = PAM_SYSTEM_ERR; + goto finish; + } +- ++ if (st.st_uid == uid) { ++ r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", runtime_path, 0); ++ if (r != PAM_SUCCESS) { ++ pam_syslog(handle, LOG_ERR, "Failed to set runtime dir."); ++ goto finish; ++ } ++ } else if (debug) { ++ pam_syslog(handle, LOG_DEBUG, "Runtime dir %s is not owned by the target uid %u, ignoring.", ++ runtime_path, uid); ++ } + if (!isempty(seat)) { + r = pam_misc_setenv(handle, "XDG_SEAT", seat, 0); + if (r != PAM_SUCCESS) { diff -Nru systemd-204/debian/patches/series systemd-204/debian/patches/series --- systemd-204/debian/patches/series 2013-09-23 11:28:40.000000000 +0000 +++ systemd-204/debian/patches/series 2014-02-26 15:29:21.000000000 +0000 @@ -1,3 +1,4 @@ # debian/source/git-patches exported from git by export-hook v204..upstream-fixes_204-5 debian-changes +pam-check-runtime-dir-user.patch