diff --git a/ppp-2.4.5-var_run_ppp.patch b/ppp-2.4.5-var_run_ppp.patch index 2c49927..bd01883 100644 --- a/ppp-2.4.5-var_run_ppp.patch +++ b/ppp-2.4.5-var_run_ppp.patch @@ -1,30 +1,30 @@ diff -up ppp-2.4.5/pppd/pathnames.h.var_run_ppp ppp-2.4.5/pppd/pathnames.h ---- ppp-2.4.5/pppd/pathnames.h.var_run_ppp 2010-02-12 16:36:14.479362718 +0100 -+++ ppp-2.4.5/pppd/pathnames.h 2010-02-12 16:38:24.995330994 +0100 -@@ -7,9 +7,13 @@ +--- ppp-2.4.5/pppd/pathnames.h.var_run_ppp 2010-11-23 10:14:24.557427000 +0100 ++++ ppp-2.4.5/pppd/pathnames.h 2010-11-23 10:24:07.432426793 +0100 +@@ -6,8 +6,9 @@ + #ifdef HAVE_PATHS_H #include - -+#define _SUBPATH_PPP "ppp/" +- ++#define _PPP_SUBDIR "ppp/" #else /* HAVE_PATHS_H */ ++#define _PPP_SUBDIR #ifndef _PATH_VARRUN #define _PATH_VARRUN "/etc/ppp/" -+#define _SUBPATH_PPP -+#else -+#define _SUBPATH_PPP "ppp/" #endif - #define _PATH_DEVNULL "/dev/null" - #endif /* HAVE_PATHS_H */ -@@ -46,10 +50,10 @@ +@@ -46,13 +54,9 @@ #endif /* IPX_CHANGE */ #ifdef __STDC__ -#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN "pppd2.tdb" -+#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN _SUBPATH_PPP "pppd2.tdb" ++#define _PATH_PPPDB _ROOT_PATH _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb" #else /* __STDC__ */ - #ifdef HAVE_PATHS_H +-#ifdef HAVE_PATHS_H -#define _PATH_PPPDB "/var/run/pppd2.tdb" -+#define _PATH_PPPDB "/var/run/ppp/pppd2.tdb" - #else - #define _PATH_PPPDB "/etc/ppp/pppd2.tdb" - #endif +-#else +-#define _PATH_PPPDB "/etc/ppp/pppd2.tdb" +-#endif ++#define _PATH_PPPDB _PATH_VARRUN _PPP_SUBDIR "pppd2.tdb" + #endif /* __STDC__ */ + + #ifdef PLUGIN diff --git a/ppp-tmpfs.conf b/ppp-tmpfs.conf new file mode 100644 index 0000000..e5a283a --- /dev/null +++ b/ppp-tmpfs.conf @@ -0,0 +1,2 @@ +d /var/run/ppp 0755 root root +d /var/log/ppp 0700 root root diff --git a/ppp.spec b/ppp.spec index 85a905a..659ad70 100644 --- a/ppp.spec +++ b/ppp.spec @@ -1,13 +1,14 @@ Summary: The Point-to-Point Protocol daemon Name: ppp Version: 2.4.5 -Release: 13%{?dist} +Release: 14%{?dist} License: BSD and LGPLv2+ and GPLv2+ and Public Domain Group: System Environment/Daemons URL: http://www.samba.org/ppp Source0: ftp://ftp.samba.org/pub/ppp/ppp-%{version}.tar.gz Source1: ppp-2.3.5-pamd.conf Source2: ppp.logrotate +Source3: ppp-tmpfs.conf Patch0: ppp-2.4.3-make.patch Patch1: ppp-2.3.6-sample.patch Patch2: ppp-2.4.2-libutil.patch @@ -32,6 +33,7 @@ Patch28: ppp-2.4.5-ppp_resolv.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: pam-devel, libpcap-devel, openssl-devel Requires: glibc >= 2.0.6, /etc/pam.d/system-auth, logrotate, libpcap >= 14:0.8.3-6 +Requires: systemd-units %description The ppp package contains the PPP (Point-to-Point Protocol) daemon and @@ -95,15 +97,18 @@ chmod -R a+rX scripts find scripts -type f | xargs chmod a-x chmod 0755 $RPM_BUILD_ROOT/%{_libdir}/pppd/%{version}/*.so mkdir -p $RPM_BUILD_ROOT/etc/pam.d -install -m 644 %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/ppp +install -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/ppp # Provide pointers for people who expect stuff in old places -mkdir -p $RPM_BUILD_ROOT/var/log/ppp -mkdir -p $RPM_BUILD_ROOT/var/run/ppp +mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/ppp +mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/ppp + +install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d +install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d/ppp.conf # Logrotate script -mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d -install -m 644 %{SOURCE2} $RPM_BUILD_ROOT/etc/logrotate.d/ppp +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d +install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/ppp %clean rm -rf $RPM_BUILD_ROOT @@ -124,15 +129,16 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man8/pppoe-discovery.8* %{_libdir}/pppd %dir /etc/ppp -%dir /var/run/ppp -%attr(700, root, root) %dir /var/log/ppp -%config(noreplace) /etc/ppp/eaptls-client -%config(noreplace) /etc/ppp/eaptls-server -%config(noreplace) /etc/ppp/chap-secrets -%config(noreplace) /etc/ppp/options -%config(noreplace) /etc/ppp/pap-secrets -%config(noreplace) /etc/pam.d/ppp -%config(noreplace) /etc/logrotate.d/ppp +%dir %{_localstatedir}/run/ppp +%attr(700, root, root) %dir %{_localstatedir}/log/ppp +%config %{_sysconfdir}/tmpfiles.d/ppp.conf +%config(noreplace) %{_sysconfdir}/ppp/eaptls-client +%config(noreplace) %{_sysconfdir}/ppp/eaptls-server +%config(noreplace) %{_sysconfdir}/ppp/chap-secrets +%config(noreplace) %{_sysconfdir}/ppp/options +%config(noreplace) %{_sysconfdir}/ppp/pap-secrets +%config(noreplace) %{_sysconfdir}/pam.d/ppp +%config(noreplace) %{_sysconfdir}/logrotate.d/ppp %doc FAQ README README.cbcp README.linux README.MPPE README.MSCHAP80 README.MSCHAP81 README.pwfd README.pppoe scripts sample README.eap-tls %files devel @@ -141,6 +147,10 @@ rm -rf $RPM_BUILD_ROOT %doc PLUGINS %changelog +* Tue Nov 30 2010 Jiri Skala - 2.4.5-14 +- fixes #656671 - /var/run and /var/lock on tmpfs +- replaced paths /var /etc by macros + * Tue Nov 16 2010 Jiri Skala - 2.4.5-13 - fixes #565294 - SELinux is preventing /sbin/consoletype access to a leaked packet_socket fd