mirror of
https://abf.rosa.ru/djam/calamares.git
synced 2025-02-23 15:42:49 +00:00
Add patch from github to avoid setting default (users) group on home dirs
This commit is contained in:
Andrey Bondrov
parent
e30fb2bb37
commit
8dcb58a371
3 changed files with 134 additions and 2 deletions
132
0003-do-not-set-default-users-group-on-home.patch
Normal file
132
0003-do-not-set-default-users-group-on-home.patch
Normal file
|
|
@ -0,0 +1,132 @@
|
|||
From a95be0ca5aae5fa08348b95e631671257effd457 Mon Sep 17 00:00:00 2001
|
||||
From: codeworkx <codeworkx@cyanogenmod.org>
|
||||
Date: Tue, 17 Nov 2015 21:55:50 +0100
|
||||
Subject: [PATCH] don't set default "users" group on home dirs
|
||||
|
||||
Fixes CAL-345.
|
||||
|
||||
Changing group of home dir to the default "users" group might be a security risk
|
||||
because every user which belongs to the default "users" group
|
||||
might be able to access private data on home dirs of other users.
|
||||
---
|
||||
src/modules/users/CreateUserJob.cpp | 4 +---
|
||||
src/modules/users/CreateUserJob.h | 2 --
|
||||
src/modules/users/UsersPage.cpp | 3 +--
|
||||
src/modules/users/UsersViewStep.cpp | 10 +---------
|
||||
src/modules/users/UsersViewStep.h | 1 -
|
||||
src/modules/users/users.conf | 2 +-
|
||||
6 files changed, 4 insertions(+), 18 deletions(-)
|
||||
|
||||
diff -urN calamares-1.1.4.2/src/modules/users/CreateUserJob.cpp calamares-1.1.4.2-patched/src/modules/users/CreateUserJob.cpp
|
||||
--- calamares-1.1.4.2/src/modules/users/CreateUserJob.cpp 2015-11-28 01:58:05.524593939 +1000
|
||||
+++ calamares-1.1.4.2-patched/src/modules/users/CreateUserJob.cpp 2015-11-28 01:58:31.115595103 +1000
|
||||
@@ -33,13 +33,11 @@
|
||||
CreateUserJob::CreateUserJob( const QString& userName,
|
||||
const QString& fullName,
|
||||
bool autologin,
|
||||
- const QString& userGroup,
|
||||
const QStringList& defaultGroups )
|
||||
: Calamares::Job()
|
||||
, m_userName( userName )
|
||||
, m_fullName( fullName )
|
||||
, m_autologin( autologin )
|
||||
- , m_userGroup( userGroup )
|
||||
, m_defaultGroups( defaultGroups )
|
||||
{
|
||||
}
|
||||
@@ -148,7 +146,7 @@
|
||||
ec = CalamaresUtils::chrootCall( { "chown",
|
||||
"-R",
|
||||
QString( "%1:%2" ).arg( m_userName )
|
||||
- .arg( m_userGroup ),
|
||||
+ .arg( m_userName ),
|
||||
QString( "/home/%1" ).arg( m_userName ) } );
|
||||
if ( ec )
|
||||
return Calamares::JobResult::error( tr( "Cannot set home directory ownership for user %1." )
|
||||
diff -urN calamares-1.1.4.2/src/modules/users/CreateUserJob.h calamares-1.1.4.2-patched/src/modules/users/CreateUserJob.h
|
||||
--- calamares-1.1.4.2/src/modules/users/CreateUserJob.h 2015-08-06 19:58:32.000000000 +1000
|
||||
+++ calamares-1.1.4.2-patched/src/modules/users/CreateUserJob.h 2015-11-28 01:58:31.116595103 +1000
|
||||
@@ -30,7 +30,6 @@
|
||||
CreateUserJob( const QString& userName,
|
||||
const QString& fullName,
|
||||
bool autologin,
|
||||
- const QString& userGroup,
|
||||
const QStringList& defaultGroups );
|
||||
QString prettyName() const override;
|
||||
QString prettyDescription() const override;
|
||||
@@ -41,7 +40,6 @@
|
||||
QString m_userName;
|
||||
QString m_fullName;
|
||||
bool m_autologin;
|
||||
- QString m_userGroup;
|
||||
QStringList m_defaultGroups;
|
||||
};
|
||||
|
||||
diff -urN calamares-1.1.4.2/src/modules/users/users.conf calamares-1.1.4.2-patched/src/modules/users/users.conf
|
||||
--- calamares-1.1.4.2/src/modules/users/users.conf 2015-08-19 20:52:13.000000000 +1000
|
||||
+++ calamares-1.1.4.2-patched/src/modules/users/users.conf 2015-11-28 01:58:31.116595103 +1000
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
-userGroup: users
|
||||
defaultGroups:
|
||||
+ - users
|
||||
- lp
|
||||
- video
|
||||
- network
|
||||
diff -urN calamares-1.1.4.2/src/modules/users/UsersPage.cpp calamares-1.1.4.2-patched/src/modules/users/UsersPage.cpp
|
||||
--- calamares-1.1.4.2/src/modules/users/UsersPage.cpp 2015-11-28 01:58:05.523593939 +1000
|
||||
+++ calamares-1.1.4.2-patched/src/modules/users/UsersPage.cpp 2015-11-28 01:58:31.116595103 +1000
|
||||
@@ -94,7 +94,7 @@
|
||||
|
||||
|
||||
QList< Calamares::job_ptr >
|
||||
-UsersPage::createJobs( const QString& defaultUserGroup, const QStringList& defaultGroupsList )
|
||||
+UsersPage::createJobs( const QStringList& defaultGroupsList )
|
||||
{
|
||||
QList< Calamares::job_ptr > list;
|
||||
if ( !isReady() )
|
||||
@@ -106,7 +106,6 @@
|
||||
ui->textBoxUsername->text() :
|
||||
ui->textBoxFullName->text(),
|
||||
ui->checkBoxLoginAuto->isChecked(),
|
||||
- defaultUserGroup,
|
||||
defaultGroupsList );
|
||||
list.append( Calamares::job_ptr( j ) );
|
||||
|
||||
diff -urN calamares-1.1.4.2/src/modules/users/UsersViewStep.cpp calamares-1.1.4.2-patched/src/modules/users/UsersViewStep.cpp
|
||||
--- calamares-1.1.4.2/src/modules/users/UsersViewStep.cpp 2015-10-01 01:24:47.000000000 +1000
|
||||
+++ calamares-1.1.4.2-patched/src/modules/users/UsersViewStep.cpp 2015-11-28 01:58:31.117595103 +1000
|
||||
@@ -113,21 +113,13 @@
|
||||
{
|
||||
m_jobs.clear();
|
||||
|
||||
- m_jobs.append( m_widget->createJobs( m_userGroup, m_defaultGroups ) );
|
||||
+ m_jobs.append( m_widget->createJobs( m_defaultGroups ) );
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
UsersViewStep::setConfigurationMap( const QVariantMap& configurationMap )
|
||||
{
|
||||
- if ( configurationMap.contains( "userGroup" ) &&
|
||||
- configurationMap.value( "userGroup" ).type() == QVariant::String )
|
||||
- {
|
||||
- m_userGroup = configurationMap.value( "userGroup" ).toString();
|
||||
- }
|
||||
- if ( m_userGroup.isEmpty() )
|
||||
- m_userGroup = QStringLiteral( "users" );
|
||||
-
|
||||
if ( configurationMap.contains( "defaultGroups" ) &&
|
||||
configurationMap.value( "defaultGroups" ).type() == QVariant::List )
|
||||
{
|
||||
diff -urN calamares-1.1.4.2/src/modules/users/UsersViewStep.h calamares-1.1.4.2-patched/src/modules/users/UsersViewStep.h
|
||||
--- calamares-1.1.4.2/src/modules/users/UsersViewStep.h 2015-10-01 01:24:47.000000000 +1000
|
||||
+++ calamares-1.1.4.2-patched/src/modules/users/UsersViewStep.h 2015-11-28 01:58:31.117595103 +1000
|
||||
@@ -63,7 +63,6 @@
|
||||
UsersPage* m_widget;
|
||||
QList< Calamares::job_ptr > m_jobs;
|
||||
|
||||
- QString m_userGroup;
|
||||
QStringList m_defaultGroups;
|
||||
};
|
||||
|
||||
|
|
@ -6,7 +6,7 @@
|
|||
Summary: Distribution-independent installer framework
|
||||
Name: calamares
|
||||
Version: 1.1.4.2
|
||||
Release: 8
|
||||
Release: 9
|
||||
License: GPLv3+
|
||||
Group: System/Configuration/Other
|
||||
Url: http://calamares.io/
|
||||
|
|
@ -41,6 +41,7 @@ Patch1: calamares-1.1.4.2-desktop-file.patch
|
|||
Patch2: calamares-libparted-detection.patch
|
||||
Patch3: 0001-Make-sure-the-FullName-is-not-empty.patch
|
||||
Patch4: 0002-do-not-use-users-group.patch
|
||||
Patch5: 0003-do-not-set-default-users-group-on-home.patch
|
||||
BuildRequires: cmake
|
||||
BuildRequires: extra-cmake-modules
|
||||
BuildRequires: imagemagick
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
---
|
||||
userGroup: users
|
||||
defaultGroups:
|
||||
- lp
|
||||
- video
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue