netbsd-bugs: pkg/10355: errors in NetBSD patches to GLUnix pkg

Subject: pkg/10355: errors in NetBSD patches to GLUnix pkg
To: None <gnats-bugs@gnats.netbsd.org>
From: g r <gr@sirius.eclipsed.net>
List: netbsd-bugs
Date: 06/13/2000 12:23:22
>Number:         10355
>Category:       pkg
>Synopsis:       errors in NetBSD patches to GLUnix pkg
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jun 13 12:24:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     gabriel rosenkoetter
>Release:        current CVS checkout of pkgsrc
>Organization:
Swarthmore College Computer Science Program
>Environment:
	
System: NetBSD sirius 1.4.2 NetBSD 1.4.2 (GENERIC) #0: Wed Mar 15 21:53:17 PST 2000 toddpw@leia.toddpw.net:/usr/src/sys/arch/macppc/compile/GENERIC macppc


>Description:

After building GLUnix from pkgsrc, several errors in the
pkgsrc patches make it impossible to use.

1) An incorrect pathname is included in
parallel/glunix/patches/patch-bo, which results in this:

sirius:now/bin# ./glupart install
Error - could not execute script "/usr/pkg/now/now/bin/glupart_script"

(The error is the extra now... the patch contains this:

-#define progPath     "/usr/now/bin/glupart_script"
+#define progPath     "%%%NOW_ROOT%%%/now/bin/glupart_script"

... the second line of which should be:

+#define progPath     "%%%NOW_ROOT%%%/bin/glupart_script")

2) The GLUnix authors made a mistake in
parallel/glunix/work/glupart/glupart_script.pl when testing for
natural (as opposed to effective) uid == 0, but it was incorrectly
repaired in parallel/glunix/patches/patch-bg. The result of the NetBSD
patch is that is absolutely impossible to ever do "glupart install" -
we require one's uid == 0 and one's euid != 0, which just can't happen.
(The point is that the Perl script is called from a suid binary, but
there install should only be possible as the real root, so we only
want to execute when natural uid == 0; the original mistake was
testing for euid == 0 instead of uid == 0.)

>How-To-Repeat:

  % su
  # umask 022 ; cd /usr/pkgsrc/parallel/glunix ; make install
  # cd /usr/pkg/now/bin
  # id
  uid=0(root) gid=0(wheel) groups=0(wheel),2(kmem),3(sys),4(tty),5(operator),20(staff),31(guest)
  # ./glupart install
  Error - could not execute script "/usr/pkg/now/now/bin/glupart_script"
  # ./glupart_script install
  You must be root to do "glupart install"

>Fix:

Replace patch-bg and patch-bo with the below (recreated) copies. 

patch-bg:
--- CUT HERE ---
$NetBSD$

--- progs/glupart/glupart_script.pl.orig	Wed Nov  5 17:30:11 1997
+++ progs/glupart/glupart_script.pl	Tue Jun 13 13:13:12 2000
@@ -75,3 +75,3 @@
 my $gl_tmpFile = "$gl_dataDir/.__glupart$$-tmp";
-my $gl_emailAdmin = "glunix-admin\@now.CS.Berkeley.EDU";
+my $gl_emailAdmin = "root";
 my $gl_datePath = "/bin/date";
@@ -136,3 +136,3 @@
     &unlock();
-    open(USAGE, "|/usr/sww/bin/less") || open(USAGE, "|/bin/less") ||
+    open(USAGE, "|/usr/bin/less") || open(USAGE, "|/bin/less") ||
 	open(USAGE, "|/bin/more") || open(USAGE, ">&STDOUT");
@@ -1491,3 +1491,4 @@
 		print "Creating directory $tmp\n";
-		mkdir($tmp, 0755);
+                mkdir $tmp, 0755 || die("$!");
+		system("/usr/sbin/chown glunix:glunix $tmp");
 	    }
@@ -1501,3 +1502,3 @@
 
-    umask 0755;
+    umask 0022;
     foreach $f (@files) {
@@ -1507,2 +1508,3 @@
 	    print "Created file $f\n";
+	    system("/usr/sbin/chown glunix:glunix $f");
 	}
@@ -1995,3 +1997,3 @@
 if ($command eq "install") {
-    if ($> != 0) {
+    if ($< != 0) {
 	print STDERR "You must be root to do \"glupart install\"\n";
--- CUT HERE ---

patch-bo:
--- CUT HERE ---
$NetBSD$

--- progs/glupart/glupart.c.orig	Thu Sep 18 17:01:35 1997
+++ progs/glupart/glupart.c	Tue Jun 13 14:44:12 2000
@@ -1,18 +1,40 @@
 #include <stdio.h>
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <sys/param.h>
 #include <netdb.h>
 #include <netinet/in.h>
 #include <unistd.h>
 #include <stdlib.h>
 
+#if (defined(BSD) && BSD >= 199306)
+#include <pwd.h>
+#include <grp.h>
+
+#define userId	pwp->pw_uid
+#define groupId	grp->gr_gid
+#else
 #define userId  GLUNIX_ACCOUNT       /* This is the glunix account */
 #define groupId GLUNIX_GROUP         /* The glunix group */
+#endif
 
-#define progPath     "/usr/now/bin/glupart_script"
+#define progPath     "%%%NOW_ROOT%%%/bin/glupart_script"
 
 int
 main(int argc, char **argv) {
+#if (defined(BSD) && BSD >= 199306)
+	struct passwd	*pwp;
+	struct group	*grp;
+
+	if ((pwp = getpwnam("glunix")) == (struct passwd *) NULL) {
+		(void) fprintf(stderr, "Error: can't get uid for `%s'\n", "glunix");
+		exit(1);
+	}
+	if ((grp = getgrnam("glunix")) == (struct group *) NULL) {
+		(void) fprintf(stderr, "Error: can't get gid for `%s'\n", "glunix");
+		exit(1);
+	}
+#endif
     setegid(groupId);
 /*    setgid(groupId); */
     seteuid(userId);
--- CUT HERE ---
>Release-Note:
>Audit-Trail:
>Unformatted: