31 lines
1.1 KiB
Markdown
31 lines
1.1 KiB
Markdown
The ikiwiki-mass-rebuild utility fails to drop privileges and fails to execute ikiwiki on FreeBSD.
|
|
|
|
The solution is to set the effective UID after setting the real UID, and to set $PATH in the environment before calling exec().
|
|
|
|
> Why does the PATH need to be reset? --[[Joey]]
|
|
|
|
> > It doesn't - it needs to be set. The line with `%ENV=();` clears the environment, thus no `$PATH` is set. --[[HenrikBrixAndersen]]
|
|
|
|
> > > I guess it shouldn't clear it then. Both [[done]] --[[Joey]]
|
|
|
|
Proposed patch:
|
|
|
|
--- ikiwiki-mass-rebuild.orig 2007-08-15 22:21:59.000000000 +0200
|
|
+++ ikiwiki-mass-rebuild 2007-10-25 13:04:10.000000000 +0200
|
|
@@ -22,13 +22,14 @@ sub processline {
|
|
my ($uuid, $ugid) = (getpwnam($user))[2, 3];
|
|
$)="$ugid $ugid";
|
|
$(=$ugid;
|
|
- $>=$uuid;
|
|
$<=$uuid;
|
|
+ $>=$uuid;
|
|
if ($< != $uuid || $> != $uuid || $( != $ugid || $) ne "$ugid $ugid") {
|
|
die "failed to drop permissions to $user";
|
|
}
|
|
%ENV=();
|
|
$ENV{HOME}=(getpwnam($user))[7];
|
|
+ $ENV{PATH}="/usr/bin:/usr/local/bin";
|
|
exec("ikiwiki", "-setup", $setup, @ARGV);
|
|
die "failed to run ikiwiki: $!";
|
|
}
|