From owner-freebsd-ports-bugs@FreeBSD.ORG  Tue May 17 21:20:08 2011
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C456E106566C
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Tue, 17 May 2011 21:20:08 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 9B5E78FC14
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Tue, 17 May 2011 21:20:08 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p4HLK8Vp084136
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Tue, 17 May 2011 21:20:08 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p4HLK8Aq084135;
	Tue, 17 May 2011 21:20:08 GMT (envelope-from gnats)
Resent-Date: Tue, 17 May 2011 21:20:08 GMT
Resent-Message-Id: <201105172120.p4HLK8Aq084135@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Klaus Aehlig <aehlig@linta.de>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7E7211065679
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue, 17 May 2011 21:13:12 +0000 (UTC) (envelope-from aehlig@linta.de)
Received: from linta.de (isilmar-3.linta.de [188.40.101.200])
	by mx1.freebsd.org (Postfix) with ESMTP id E51BA8FC24
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue, 17 May 2011 21:13:11 +0000 (UTC)
Received: (qmail 26603 invoked by uid 10); 17 May 2011 21:13:10 -0000
Received: from kta1c10 by isilmar.linta.de with BSMTP;
	17 May 2011 21:13:10 -0000
Received: by kta1c10.sesnet.soton.ac.uk (Postfix, from userid 1001)
	id B4D2639834; Tue, 17 May 2011 22:13:02 +0100 (BST)
Message-Id: <20110517211302.B4D2639834@kta1c10.sesnet.soton.ac.uk>
Date: Tue, 17 May 2011 22:13:02 +0100 (BST)
From: Klaus Aehlig <aehlig@linta.de>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: 
Subject: ports/157129: [maintainer] misc/findutils fix usage of su(1) in
	gupdatedb
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Klaus Aehlig <aehlig@linta.de>
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 17 May 2011 21:20:08 -0000


>Number:         157129
>Category:       ports
>Synopsis:       [maintainer] misc/findutils fix usage of su(1) in gupdatedb
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue May 17 21:20:08 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Klaus Aehlig
>Release:        FreeBSD 8.2-STABLE amd64
>Organization:
>Environment:
System: FreeBSD kta1c10.sesnet.soton.ac.uk 8.2-STABLE FreeBSD 8.2-STABLE #1: Tue Apr 19 17:22:20 BST 2011 root@kta1c10.sesnet.soton.ac.uk:/usr/obj/usr/src/sys/KTA1C10 amd64

>Description:
	misc/findutils brings a script gupdatedb to update the database for glocate.
        To support restricting the database to only contain readable by a specific
        user (in order to avoid leaking sensitive information from the file structure)
        su(1) is used to call gfind(1). However, the assumption about how to call su(1)
        differs from su(1) as provided by FreeBSD. This has the effect that su(1) fails
        (resulting in an empty database) when a user with nologin as login shell
        is used, like the nobody user.

>How-To-Repeat:
	/usr/local/bin/gupdatedb --localuser=nobody
>Fix:

	add the following patch to the files subdirectory of the port
        and bump PORTREVISION.

--- patch-locate__updatedb.sh begins here ---
--- locate/updatedb.sh.orig	2011-04-03 23:53:12.000000000 +0100
+++ locate/updatedb.sh	2011-05-17 18:20:29.000000000 +0100
@@ -250,7 +250,7 @@
 if test -n "$SEARCHPATHS"; then
   if [ "$LOCALUSER" != "" ]; then
     # : A1
-    su $LOCALUSER `select_shell $LOCALUSER` -c \
+    su -m $LOCALUSER -c \
     "$find $SEARCHPATHS $FINDOPTIONS \
      \\( $prunefs_exp \
      -type d -regex '$PRUNEREGEX' \\) -prune -o $print_option"
@@ -266,7 +266,7 @@
 myuid=`getuid`
 if [ "$myuid" = 0 ]; then
     # : A3
-    su $NETUSER `select_shell $NETUSER` -c \
+    su -m $NETUSER -c \
      "$find $NETPATHS $FINDOPTIONS \\( -type d -regex '$PRUNEREGEX' -prune \\) -o $print_option" ||
     exit $?
   else
@@ -319,7 +319,7 @@
 if test -n "$SEARCHPATHS"; then
   if [ "$LOCALUSER" != "" ]; then
     # : A5
-    su $LOCALUSER `select_shell $LOCALUSER` -c \
+    su -m $LOCALUSER -c \
     "$find $SEARCHPATHS $FINDOPTIONS \
      \( $prunefs_exp \
      -type d -regex '$PRUNEREGEX' \) -prune -o $print_option" || exit $?
@@ -335,7 +335,7 @@
   myuid=`getuid`
   if [ "$myuid" = 0 ]; then
     # : A7
-    su $NETUSER `select_shell $NETUSER` -c \
+    su -m $NETUSER -c \
      "$find $NETPATHS $FINDOPTIONS \\( -type d -regex '$PRUNEREGEX' -prune \\) -o $print_option" ||
     exit $?
   else
--- patch-locate__updatedb.sh ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted: