Date: Thu, 5 Feb 2015 22:23:01 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r378496 - in head/net-mgmt/xymon-client: . files Message-ID: <201502052223.t15MN1Tw086752@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Thu Feb 5 22:23:00 2015 New Revision: 378496 URL: https://svnweb.freebsd.org/changeset/ports/378496 QAT: https://qat.redports.org/buildarchive/r378496/ Log: Xymon-client was not completely dropping privileges at startup. While xymon-client knows internally what UID it should run as, a design flaw in the rc script was still launching its master process as root. As a result the following two processes were always running as root instead of the xymon user: /usr/local/www/xymon/client/bin/xymonlaunch ... sh -c vmstat 300 2 ... The rest of the processes the xymon-client runs such as df, netstat, top, custom scripts, etc were correctly executing as non-root. Modified: head/net-mgmt/xymon-client/Makefile head/net-mgmt/xymon-client/files/xymon-client.in Modified: head/net-mgmt/xymon-client/Makefile ============================================================================== --- head/net-mgmt/xymon-client/Makefile Thu Feb 5 22:19:58 2015 (r378495) +++ head/net-mgmt/xymon-client/Makefile Thu Feb 5 22:23:00 2015 (r378496) @@ -2,7 +2,7 @@ PORTNAME= xymon PORTVERSION= 4.3.18 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= net-mgmt www MASTER_SITES= SF/xymon/Xymon/${PORTVERSION} PKGNAMESUFFIX= -client${PKGNAMESUFFIX2} @@ -16,6 +16,8 @@ LICENSE= GPLv2 USERS= xymon GROUPS= xymon +SUB_LIST+= USERS="${USERS}" + # Options XYMONUSER?= xymon XYMONHOSTIP?= 127.0.0.1 Modified: head/net-mgmt/xymon-client/files/xymon-client.in ============================================================================== --- head/net-mgmt/xymon-client/files/xymon-client.in Thu Feb 5 22:19:58 2015 (r378495) +++ head/net-mgmt/xymon-client/files/xymon-client.in Thu Feb 5 22:23:00 2015 (r378496) @@ -14,12 +14,11 @@ rcvar=xymon_client_enable load_rc_config "$name" : ${xymon_client_enable:=NO} +: ${xymon_client_user:=%%USERS%%} -command="%%PREFIX%%/www/xymon/client/runclient.sh" -start_cmd="%%PREFIX%%/www/xymon/client/runclient.sh ${xymon_client_flags} start" -stop_cmd="%%PREFIX%%/www/xymon/client/runclient.sh ${xymon_client_flags} stop" -status_cmd="%%PREFIX%%/www/xymon/client/runclient.sh ${xymon_client_flags} status" -reload_cmd="%%PREFIX%%/www/xymon/client/runclient.sh ${xymon_client_flags} restart" -pidfile="%%PREFIX%%/www/xymon/client/logs/clientlaunch.`hostname`.pid" +command=/usr/local/www/xymon/client/runclient.sh +command_args="${xymon_client_flags} ${1}" +procname=/usr/local/www/xymon/client/bin/xymonlaunch +pidfile="/usr/local/www/xymon/client/logs/clientlaunch.`hostname`.pid" run_rc_command "$1"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201502052223.t15MN1Tw086752>