From owner-freebsd-bugs@FreeBSD.ORG Fri Oct 6 09:40:32 2006 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 018BB16A403 for ; Fri, 6 Oct 2006 09:40:32 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 69EE843D7C for ; Fri, 6 Oct 2006 09:40:23 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k969eIsH087398 for ; Fri, 6 Oct 2006 09:40:18 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k969eIum087393; Fri, 6 Oct 2006 09:40:18 GMT (envelope-from gnats) Resent-Date: Fri, 6 Oct 2006 09:40:18 GMT Resent-Message-Id: <200610060940.k969eIum087393@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Andrey Simonenko Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB5C016A403 for ; Fri, 6 Oct 2006 09:34:21 +0000 (UTC) (envelope-from simon@comsys.ntu-kpi.kiev.ua) Received: from comsys.ntu-kpi.kiev.ua (comsys.ntu-kpi.kiev.ua [195.245.194.142]) by mx1.FreeBSD.org (Postfix) with ESMTP id B710543D53 for ; Fri, 6 Oct 2006 09:34:00 +0000 (GMT) (envelope-from simon@comsys.ntu-kpi.kiev.ua) Received: from pm513-1.comsys.ntu-kpi.kiev.ua (pm513-1.comsys.ntu-kpi.kiev.ua [10.18.52.101]) (authenticated bits=0) by comsys.ntu-kpi.kiev.ua (8.13.7/8.13.7) with ESMTP id k96CbuEE073568 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 6 Oct 2006 12:37:56 GMT Received: by pm513-1.comsys.ntu-kpi.kiev.ua (Postfix, from userid 1001) id E5F905C040; Fri, 6 Oct 2006 12:37:30 +0300 (EEST) Message-Id: <20061006093730.GA924@pm513-1.comsys.ntu-kpi.kiev.ua> Date: Fri, 6 Oct 2006 12:37:30 +0300 From: Andrey Simonenko To: FreeBSD-gnats-submit@FreeBSD.org Cc: Subject: bin/104044: [patch] rc.d/cleartmp works incorrectly X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Oct 2006 09:40:32 -0000 >Number: 104044 >Category: bin >Synopsis: [patch] rc.d/cleartmp works incorrectly >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Oct 06 09:40:18 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Andrey Simonenko >Release: FreeBSD 6.2-PRERELEASE i386 >Organization: >Environment: >Description: The rc.d/cleartmp script does not remove lost+found, quota.user and quota.group files in the /tmp directory. Anyone who has permissions to write to the /tmp directory can create files or directories with names lost+found, quota.user or quota.group and cleartmp will not remove them. >How-To-Repeat: Set clear_tmp_enable="YES" in /tmp % dd if=/dev/zero of=/tmp/quota.user count=10 # /etc/rc.d/cleartmp start # cd /tmp ; ls -l >Fix: What the modified version of cleartmp does: If clear_tmp_enable="YES", then 1. Remove as much as possible of files and directories in /tmp using rm (in the original version shell patterns are incomplete). 2. Remove the rest of files in /tmp using find. Check that lost+found is a directory with the owner root. Check that quota.user and quota.group are regular files with the owner root. 3. If clear_tmp_X="YES", then create X related directories in /tmp (in the original version steps 2 and 3 are run in reverse order, as the result expressions for find are more complex). If clear_tmp_enable="NO" and clear_tmp_X="YES", then 1. Remove X related files and directories. 2. Create X related directories. --- cleartmp.orig Mon Apr 10 16:10:30 2006 +++ cleartmp Fri Oct 6 11:55:35 2006 @@ -14,43 +14,50 @@ start_cmd="${name}_start" -cleartmp_prestart() -{ - checkyesno clear_tmp_X || return - - local x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix \ - /tmp/.XIM-unix" +x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/.XIM-unix" - # Remove X lock files, since they will prevent you from restarting X. - rm -f /tmp/.X[0-9]-lock - - # Create socket directories with correct permissions to avoid - # security problem. - # - rm -fr ${x11_socket_dirs} +createtmp_X() +{ + # Create X socket directories with correct permissions. mkdir -m 1777 ${x11_socket_dirs} } +cleartmp_X() +{ + # Remove X lock files, since they will prevent you from restarting X, + # and remove other X related directories. + rm -fr /tmp/.X[0-9]-lock ${x11_socket_dirs} +} + cleartmp_start() { echo "Clearing /tmp." - # - # Prune quickly with one rm, then use find to clean up - # /tmp/[lq]* (this is not needed with mfs /tmp, but - # doesn't hurt anything). - # - (cd /tmp && rm -rf [a-km-pr-zA-Z]* && - find -x . ! -name . ! -name lost+found ! -name quota.user \ - ! -name quota.group ! -name .X11-unix ! -name .ICE-unix \ - ! -name .font-unix ! -name .XIM-unix \ + + # Try to remove files with rm, then use find to clean up the rest + # of files, including those, which do not fit in command line + # (this is not needed with mfs /tmp, but doesn't hurt anything). + (cd /tmp && rm -rf .[!.] .??* [!lq]* && + find -x . ! -name . \ + ! \( -name lost+found -type d -user root \) \ + ! \( \( -name quota.user -or -name quota.group \) \ + -type f -user root \) \ -exec rm -rf -- {} \; -type d -prune) + if checkyesno clear_tmp_X; then + createtmp_X + fi } load_rc_config $name # The clear_tmp_X variable should be tested even if clear_tmp_enable is NO case "$1" in -*start) cleartmp_prestart ;; +*start) + if ! checkyesno ${rcvar} && checkyesno clear_tmp_X; then + echo "Clearing /tmp (X related)." + cleartmp_X + createtmp_X + fi + ;; esac run_rc_command "$1" >Release-Note: >Audit-Trail: >Unformatted: