head 1.2; access; symbols pkgsrc-2019Q4:1.1.0.4 pkgsrc-2019Q4-base:1.1; locks; strict; comment @# @; 1.2 date 2020.01.01.01.30.19; author ng0; state dead; branches; next 1.1; commitid GecxPers0hnztVQB; 1.1 date 2019.12.14.11.19.54; author ng0; state Exp; branches; next ; commitid ygNqZMQNcdGqkFOB; desc @@ 1.2 log @security/doas: update to version 6.2p4 Changelog picked from https://github.com/slicer69/doas/releases: 6.2p4: * Keeping environment variables with keepenv On some platforms (seemingly Linux and macOS) it is possible for repeated calls to getpwuid() can over-write the original struct passwd structure. (This behaviour may vary depending on which C library is used. This can lead to the original user's environment data being overwritten by the target user's, even when "keepenv" is specified in the doas.conf file. We now do a deep copy of the original and target users' struct passwd information to avoid over-writing the original on platforms where libc uses a static area for all calls. @ text @$NetBSD: patch-a,v 1.1 2019/12/14 11:19:54 ng0 Exp $ manpages: patch in the correct installed location of the config file. This resolves PR pkg/54717 Upstream commited as dad0c102327a69cd629bb8035f171929864bd5b0 --- /dev/null +++ .gitignore @@@@ -0,0 +1,4 @@@@ +*.o +*.final +y.tab.c +doas --- Makefile +++ Makefile @@@@ -1,3 +1,4 @@@@ +AWK?=awk CC?=clang YACC?=yacc BIN=doas @@@@ -39,7 +40,7 @@@@ ifeq ($(UNAME_S),Darwin) MANDIR=$(DESTDIR)$(PREFIX)/share/man endif -all: $(OBJECTS) +all: $(OBJECTS) doas.1.final doas.conf.5.final $(CC) -o $(BIN) $(OBJECTS) $(LDFLAGS) env.o: doas.h env.c @@@@ -59,10 +60,18 @@@@ install: $(BIN) cp $(BIN) $(DESTDIR)$(PREFIX)/bin/ chmod 4755 $(DESTDIR)$(PREFIX)/bin/$(BIN) mkdir -p $(MANDIR)/man1 - cp doas.1 $(MANDIR)/man1/ + cp doas.1.final $(MANDIR)/man1/doas.1 mkdir -p $(MANDIR)/man5 - cp doas.conf.5 $(MANDIR)/man5/ + cp doas.conf.5.final $(MANDIR)/man5/doas.conf.5 clean: rm -f $(BIN) $(OBJECTS) y.tab.c + rm -f *.final +# Doing it this way allows to change the original files +# only partially instead of renaming them. +doas.1.final: + $(AWK) -v pfx="$(SYSCONFDIR)" '{gsub("@@SUBSTSYSCONFDIR@@",pfx); print $$0}' < doas.1 > doas.1.final + +doas.conf.5.final: + $(AWK) -v pfx="$(SYSCONFDIR)" '{gsub("@@SUBSTSYSCONFDIR@@",pfx); print $$0}' < doas.conf.5 > doas.conf.5.final --- doas.1 +++ doas.1 @@@@ -91,7 +91,7 @@@@ It may fail for one of the following reasons: .Bl -bullet -compact .It The config file -.Pa /usr/local/etc/doas.conf +.Pa @@SUBSTSYSCONFDIR@@/doas.conf could not be parsed. .It The user attempted to run a command which is not permitted. --- doas.conf.5 +++ doas.conf.5 @@@@ -20,7 +20,7 @@@@ .Nm doas.conf .Nd doas configuration file .Sh SYNOPSIS -.Nm /usr/local/etc/doas.conf +.Nm @@SUBSTSYSCONFDIR@@/doas.conf .Sh DESCRIPTION The .Xr doas 1 @ 1.1 log @security/doas: resolve PR pkg/54717. patch in the correct installed location of the config file in the manpages. @ text @d1 1 a1 1 $NetBSD$ @