- Use %%{?_smp_mflags}

- Use the four-parameter version of %%defattr
- Be more paranoid about dropping privileges
- Set PAM_TTY

.cvsignore

@@ -1 +1 @@
-usermode-1.98.1.tar.bz2
+usermode-1.102.tar.bz2

Makefile

@@ -1,10 +1,10 @@
 # Makefile for source rpm: usermode
-# $Id: Makefile,v 1.1 2004/09/09 13:52:40 cvsdist Exp $
+# $Id: Makefile,v 1.2 2007/10/15 19:29:38 notting Exp $
 NAME := usermode
 SPECFILE = $(firstword $(wildcard *.spec))
 
 define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
 endef
 
 MAKEFILE_COMMON := $(shell $(find-makefile-common))

sources

@@ -1 +1 @@
-82fe0d58b5af5f9ba043a6ae58a7ca91  usermode-1.98.1.tar.bz2
+0a8437ef146b8eabbd733959c5cac851  usermode-1.102.tar.bz2

usermode-1.102-PAM_TTY.patch

@@ -0,0 +1,100 @@
+# HG changeset patch
+# User Miloslav Trmač <mitr@redhat.com>
+# Date 1265372688 -3600
+# Node ID 9a7b1e69d0a8213092caf45beb52c07a8d334ea3
+# Parent  8a897830e2d8745a72eb4236f02a981cfdc95528
+Set PAM_TTY if known.
+
+2010-02-05  Miloslav Trmač  <mitr@redhat.com>
+
+	* userhelper.c (set_pam_items): New function.
+	(passwd, chfn, wrap): Use pam_set_items.
+
+diff -r 8a897830e2d8 -r 9a7b1e69d0a8 ChangeLog
+--- a/ChangeLog	Thu Feb 04 23:00:17 2010 +0100
++++ b/ChangeLog	Fri Feb 05 13:24:48 2010 +0100
+@@ -1,3 +1,8 @@
++2010-02-05  Miloslav Trmač  <mitr@redhat.com>
++
++	* userhelper.c (set_pam_items): New function.
++	(passwd, chfn, wrap): Use pam_set_items.
++
+ 2010-02-04  Miloslav Trmač  <mitr@redhat.com>
+ 
+ 	* userhelper.c (become_super): Check for failures of the system
+diff -r 8a897830e2d8 -r 9a7b1e69d0a8 userhelper.c
+--- a/userhelper.c	Thu Feb 04 23:00:17 2010 +0100
++++ b/userhelper.c	Fri Feb 05 13:24:48 2010 +0100
+@@ -1102,6 +1102,31 @@
+ 	return NULL;
+ }
+ 
++/* Set various attributes of DATA, including the requesting user USER. */
++static void
++set_pam_items(struct app_data *data, const char *user)
++{
++	int retval;
++	char *tty;
++
++	retval = pam_set_item(data->pamh, PAM_RUSER, user);
++	if (retval != PAM_SUCCESS) {
++		debug_msg("userhelper: pam_set_item(PAM_RUSER) failed\n");
++		fail_exit(data, retval);
++	}
++
++	tty = ttyname(STDIN_FILENO);
++	if (tty != NULL) {
++		if (strncmp(tty, "/dev/", 5) == 0)
++			tty += 5;
++		retval = pam_set_item(data->pamh, PAM_TTY, tty);
++		if (retval != PAM_SUCCESS) {
++			debug_msg("userhelper: pam_set_item(PAM_TTY) failed\n");
++			fail_exit(data, retval);
++		}
++	}
++}
++
+ /* Change the user's password using the indicated conversation function and
+  * application data (which includes the ability to cancel if the user requests
+  * it.  For this task, we don't retry on failure. */
+@@ -1118,11 +1143,7 @@
+ 		fail_exit(conv->appdata_ptr, retval);
+ 	}
+ 
+-	retval = pam_set_item(data->pamh, PAM_RUSER, user);
+-	if (retval != PAM_SUCCESS) {
+-		debug_msg("userhelper: pam_set_item(PAM_RUSER) failed\n");
+-		fail_exit(conv->appdata_ptr, retval);
+-	}
++	set_pam_items(data, user);
+ 
+ 	debug_msg("userhelper: changing password for \"%s\"\n", user);
+ 	retval = pam_chauthtok(data->pamh, 0);
+@@ -1195,12 +1216,7 @@
+ 		fail_exit(conv->appdata_ptr, retval);
+ 	}
+ 
+-	/* Set the requesting user. */
+-	retval = pam_set_item(data->pamh, PAM_RUSER, user);
+-	if (retval != PAM_SUCCESS) {
+-		debug_msg("userhelper: pam_set_item(PAM_RUSER) failed\n");
+-		fail_exit(conv->appdata_ptr, retval);
+-	}
++	set_pam_items(data, user);
+ 
+ 	/* Try to authenticate the user. */
+ 	do {
+@@ -1742,12 +1758,7 @@
+ 		fail_exit(conv->appdata_ptr, retval);
+ 	}
+ 
+-	/* Set the requesting user. */
+-	retval = pam_set_item(data->pamh, PAM_RUSER, user);
+-	if (retval != PAM_SUCCESS) {
+-		debug_msg("userhelper: pam_set_item(PAM_RUSER) failed\n");
+-		fail_exit(conv->appdata_ptr, retval);
+-	}
++	set_pam_items(data, user);
+ 
+ 	/* Try to authenticate the user. */
+ 	do {

usermode-1.102-paranoia.patch

@@ -0,0 +1,94 @@
+# HG changeset patch
+# User Miloslav Trmač <mitr@redhat.com>
+# Date 1265320817 -3600
+# Node ID 8a897830e2d8745a72eb4236f02a981cfdc95528
+# Parent  0dcd3edc6d56d65d8f02b31a9c807b1c152232c5
+Be more paranoid about manipulating user/group IDs.
+
+2010-02-04  Miloslav Trmač  <mitr@redhat.com>
+
+	* userhelper.c (become_super): Check for failures of the system
+	calls in addition to verifying the expected results.
+	(become_normal): Check for failures of the system
+	calls in addition to verifying the expected results.  Call setregid()
+	as well.  Verify the real gid/uid values.
+
+diff -r 0dcd3edc6d56 -r 8a897830e2d8 ChangeLog
+--- a/ChangeLog	Sun Dec 06 17:02:50 2009 +0000
++++ b/ChangeLog	Thu Feb 04 23:00:17 2010 +0100
+@@ -1,3 +1,11 @@
++2010-02-04  Miloslav Trmač  <mitr@redhat.com>
++
++	* userhelper.c (become_super): Check for failures of the system
++	calls in addition to verifying the expected results.
++	(become_normal): Check for failures of the system
++	calls in addition to verifying the expected results.  Call setregid()
++	as well.  Verify the real gid/uid values.
++
+ 2009-10-05  Miloslav Trmač  <mitr@redhat.com>
+ 
+ 	* configure.ac: Release 1.102.
+diff -r 0dcd3edc6d56 -r 8a897830e2d8 userhelper.c
+--- a/userhelper.c	Sun Dec 06 17:02:50 2009 +0000
++++ b/userhelper.c	Thu Feb 04 23:00:17 2010 +0100
+@@ -985,17 +985,20 @@
+ static void
+ become_super(void)
+ {
+-	/* Become the superuser. */
+-	setgroups(0, NULL);
+-	setregid(0, 0);
+-	setreuid(0, 0);
+-	/* Yes, setuid() and friends can fail, even for superusers. */
++	/* Become the superuser.
++	   Yes, setuid() and friends can fail, even for superusers. */
++	if (setgroups(0, NULL) != 0 ||
++	    setregid(0, 0) != 0 ||
++	    setreuid(0, 0) != 0) {
++		debug_msg("userhelper: set*id() failure: %s\n",
++			  strerror(errno));
++		exit(ERR_EXEC_FAILED);
++	}
+ 	if ((geteuid() != 0) ||
+ 	    (getuid() != 0) ||
+ 	    (getegid() != 0) ||
+ 	    (getgid() != 0)) {
+-		debug_msg("userhelper: set*id() failure: %s\n",
+-			  strerror(errno));
++		debug_msg("userhelper: set*id() didn't work\n");
+ 		exit(ERR_EXEC_FAILED);
+ 	}
+ }
+@@ -1003,17 +1006,26 @@
+ static void
+ become_normal(const char *user)
+ {
+-	/* Join the groups of the user who invoked us. */
+-	initgroups(user, getgid());
++	gid_t gid;
++	uid_t uid;
++
++	gid = getgid();
++	uid = getuid();
++	/* Become the user who invoked us. */
++	if (initgroups(user, gid) != 0 ||
++	    setregid(gid, gid) != 0 ||
++	    setreuid(uid, uid) != 0) {
++		debug_msg("userhelper: set*id() failure: %s\n",
++			  strerror(errno));
++		exit(ERR_EXEC_FAILED);
++	}
+ 	/* Verify that we're back to normal. */
+-	if (getegid() != getgid()) {
++	if (getegid() != gid || getgid() != gid) {
+ 		debug_msg("userhelper: still setgid()\n");
+ 		exit(ERR_EXEC_FAILED);
+ 	}
+-	/* Become the user who invoked us. */
+-	setreuid(getuid(), getuid());
+ 	/* Yes, setuid() can fail. */
+-	if (geteuid() != getuid()) {
++	if (geteuid() != uid || getuid() != uid) {
+ 		debug_msg("userhelper: still setuid()\n");
+ 		exit(ERR_EXEC_FAILED);
+ 	}

usermode.spec

@@ -1,18 +1,21 @@
 Summary: Tools for certain user account management tasks
 Name: usermode
-Version: 1.98.1
-Release: 2
+Version: 1.102
+Release: 2%{?dist}
 License: GPLv2+
 Group: Applications/System
 URL: https://fedorahosted.org/usermode/
 Source: https://fedorahosted.org/releases/u/s/usermode/usermode-%{version}.tar.bz2
-Requires: util-linux, pam >= 0.75-37, /etc/pam.d/system-auth, passwd
-Conflicts: SysVinit < 2.74-14
-BuildRequires: desktop-file-utils, e2fsprogs-devel, glib2-devel, gtk2-devel
-BuildRequires: libglade2-devel, libuser-devel, pam-devel, util-linux
-BuildRequires: perl-XML-Parser, libSM-devel, startup-notification-devel, gettext
-BuildRequires: libselinux-devel >= 1.17.13-2
-BuildRoot: %{_tmppath}/%{name}-root
+# Committed upstream
+Patch0: usermode-1.102-paranoia.patch
+# Committed upstream
+Patch1: usermode-1.102-PAM_TTY.patch
+Requires: pam, passwd, util-linux
+BuildRequires: desktop-file-utils, gettext, glib2-devel, gtk2-devel, intltool
+BuildRequires: libblkid-devel, libSM-devel, libselinux-devel, libuser-devel
+BuildRequires: pam-devel, perl-XML-Parser, startup-notification-devel
+BuildRequires: util-linux
+BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 %package gtk
 Summary: Graphical tools for certain user account management tasks
@@ -36,11 +39,13 @@ graphical tools for certain account management tasks.
 
 %prep
 %setup -q
+%patch0 -p1 -b .paranoia
+%patch1 -p1 -b .PAM_TTY
 
 %build
 %configure --with-selinux
 
-make
+make %{?_smp_mflags}
 
 %install
 rm -rf $RPM_BUILD_ROOT
@@ -48,6 +53,7 @@ make install DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p'
 
 # make userformat symlink to usermount
 ln -sf usermount $RPM_BUILD_ROOT%{_bindir}/userformat
+ln -s usermount.1 $RPM_BUILD_ROOT%{_mandir}/man1/userformat.1
 
 # We set up the shutdown programs to be wrapped in this package.  Other
 # packages are on their own....
@@ -74,7 +80,7 @@ done
 rm -rf $RPM_BUILD_ROOT
 
 %files -f %{name}.lang
-%defattr(-,root,root)
+%defattr(-,root,root,-)
 %doc COPYING ChangeLog NEWS README
 %attr(4711,root,root) /usr/sbin/userhelper
 %{_bindir}/consolehelper
@@ -89,26 +95,67 @@ rm -rf $RPM_BUILD_ROOT
 %config(noreplace) /etc/pam.d/reboot
 %config(noreplace) /etc/pam.d/poweroff
 %config(noreplace) /etc/security/console.apps/config-util
-%config /etc/security/console.apps/halt
-%config /etc/security/console.apps/reboot
-%config /etc/security/console.apps/poweroff
+%config(noreplace) /etc/security/console.apps/halt
+%config(noreplace) /etc/security/console.apps/reboot
+%config(noreplace) /etc/security/console.apps/poweroff
 
 %files gtk
-%defattr(-,root,root)
+%defattr(-,root,root,-)
 %{_bindir}/usermount
-%{_bindir}/userformat
 %{_mandir}/man1/usermount.1*
+%{_bindir}/userformat
+%{_mandir}/man1/userformat.1*
 %{_bindir}/userinfo
 %{_mandir}/man1/userinfo.1*
 %{_bindir}/userpasswd
 %{_mandir}/man1/userpasswd.1*
 %{_bindir}/consolehelper-gtk
+%{_mandir}/man8/consolehelper-gtk.8*
 %{_bindir}/pam-panel-icon
+%{_mandir}/man1/pam-panel-icon.1*
 %{_datadir}/%{name}
 %{_datadir}/pixmaps/*
 %{_datadir}/applications/*
 
 %changelog
+* Fri Feb  5 2010 Miloslav Trmač <mitr@redhat.com> - 1.102-2
+- Use %%{?_smp_mflags}
+- Use the four-parameter version of %%defattr
+- Be more paranoid about dropping privileges
+- Set PAM_TTY
+
+* Mon Oct  5 2009 Miloslav Trmač <mitr@redhat.com> - 1.102-1
+- Update to usermode-1.102
+
+* Tue Sep 15 2009 Miloslav Trmač <mitr@redhat.com> - 1.101-1
+- Update to usermode-1.101
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.100-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Mon Jun 29 2009 Miloslav Trmač <mitr@redhat.com> - 1.100-3
+- Require libblkid-devel instead of e2fsprogs-devel
+
+* Tue Apr 14 2009 Miloslav Trmač <mitr@redhat.com> - 1.100-2
+- Add BuildRequires: intltool
+
+* Tue Apr 14 2009 Miloslav Trmač <mitr@redhat.com> - 1.100-1
+- Update to usermode-1.100
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.99-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Wed Jan 14 2009 Miloslav Trmač <mitr@redhat.com> - 1.99-2
+- Fix problems pointed out in merge review:
+  - Drop Conflicts: SysVinit < very-old
+  - Remove very old version requirements from Requires and BuildRequires
+  - Make /etc/security/console.apps/* %%config(noreplace)
+  - Update BuildRoot
+
+* Tue Nov 11 2008 Miloslav Trmač <mitr@redhat.com> - 1.99-1
+- Update to usermode-1.99
+  Resolves: #470834
+
 * Thu Nov  6 2008 Miloslav Trmač <mitr@redhat.com> - 1.98.1-2
 - Hide usermount from GNOME and KDE menus
   Resolves: #440029