[arch-commits] Commit in webfs/repos (10 files)
Felix Yan
fyan at archlinux.org
Wed Mar 2 18:15:04 UTC 2016
Date: Wednesday, March 2, 2016 @ 19:15:04
Author: fyan
Revision: 164177
archrelease: copy trunk to community-staging-i686, community-staging-x86_64
Added:
webfs/repos/community-staging-i686/
webfs/repos/community-staging-i686/PKGBUILD
(from rev 164174, webfs/trunk/PKGBUILD)
webfs/repos/community-staging-i686/webfs.patch
(from rev 164174, webfs/trunk/webfs.patch)
webfs/repos/community-staging-i686/webfsd.conf
(from rev 164175, webfs/trunk/webfsd.conf)
webfs/repos/community-staging-i686/webfsd.service
(from rev 164175, webfs/trunk/webfsd.service)
webfs/repos/community-staging-x86_64/
webfs/repos/community-staging-x86_64/PKGBUILD
(from rev 164176, webfs/trunk/PKGBUILD)
webfs/repos/community-staging-x86_64/webfs.patch
(from rev 164176, webfs/trunk/webfs.patch)
webfs/repos/community-staging-x86_64/webfsd.conf
(from rev 164176, webfs/trunk/webfsd.conf)
webfs/repos/community-staging-x86_64/webfsd.service
(from rev 164176, webfs/trunk/webfsd.service)
-----------------------------------------+
community-staging-i686/PKGBUILD | 39 ++++
community-staging-i686/webfs.patch | 250 ++++++++++++++++++++++++++++++
community-staging-i686/webfsd.conf | 5
community-staging-i686/webfsd.service | 11 +
community-staging-x86_64/PKGBUILD | 39 ++++
community-staging-x86_64/webfs.patch | 250 ++++++++++++++++++++++++++++++
community-staging-x86_64/webfsd.conf | 5
community-staging-x86_64/webfsd.service | 11 +
8 files changed, 610 insertions(+)
Copied: webfs/repos/community-staging-i686/PKGBUILD (from rev 164174, webfs/trunk/PKGBUILD)
===================================================================
--- community-staging-i686/PKGBUILD (rev 0)
+++ community-staging-i686/PKGBUILD 2016-03-02 18:15:04 UTC (rev 164177)
@@ -0,0 +1,39 @@
+# $Id$
+# Maintainer: Kyle Keen <keenerd at gmail.com>
+# Contributor: Roman Kyrylych <Roman.Kyrylych at gmail.com>
+# Contributor: Mark Rosenstand <mark at archlinux.org>
+# Contributor: Daniel J Griffiths <ghost1227 at archlinux.us>
+# Contributor: Chris Brannon <chris at the-brannons.com>
+
+pkgname=webfs
+pkgver=1.21
+pkgrel=12
+pkgdesc="Simple and instant http server for mostly static content."
+arch=(i686 x86_64)
+url="http://linux.bytesex.org/misc/webfs.html"
+license=("GPL")
+depends=('mime-types' 'openssl')
+backup=('etc/conf.d/webfsd')
+source=(http://dl.bytesex.org/releases/webfs/webfs-${pkgver}.tar.gz
+ webfsd.conf
+ webfs.patch
+ webfsd.service)
+md5sums=('6dc125fe160479404147e7bbfc781dbc'
+ 'b2c1ab041a82acd8391b06dc38d986be'
+ '7294edcec2589df04bb775270d56536e'
+ 'e1202dd915cba1a02e0016aa3a516b4a')
+
+build() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ patch -i "$srcdir/webfs.patch"
+ make
+}
+
+package() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ make prefix=/usr DESTDIR="$pkgdir" install
+ install -Dm644 "$srcdir/webfsd.conf" "$pkgdir/etc/conf.d/webfsd"
+ install -Dm644 "$srcdir/webfsd.service" "$pkgdir/usr/lib/systemd/system/webfsd.service"
+}
Copied: webfs/repos/community-staging-i686/webfs.patch (from rev 164174, webfs/trunk/webfs.patch)
===================================================================
--- community-staging-i686/webfs.patch (rev 0)
+++ community-staging-i686/webfs.patch 2016-03-02 18:15:04 UTC (rev 164177)
@@ -0,0 +1,250 @@
+# This patch performs the following:
+#
+# 1) user/group names my now be set to the system maximum using
+# sysconf(_SC_LOGIN_NAME_MAX). They were previously hardcoded to 16 chars.
+#
+# 2) supplementary groups are now set according to the user webfs is running as.
+# previously they were left as the calling user, which could be dangerous
+# ex: sudo webfsd -u nobody, would leave webfsd with all of root's groups!
+#
+# 3) the supplementary group list is no longer made empty when using -g
+#
+# 4) supplementary groups are now checked for read access when generating
+# directory listings
+#
+# 5) in ls.c/ls() changed type of uid and gid to uid_t and gid_t
+#
+# 6) in ls.c/ls() fixed a problem where the uid of the file was being compared
+# to the gid of the user to check for readability
+#
+# 7) added a -G option to ignore/remove all supplementary groups
+#
+# 8) updated man page to reflect -G option
+#
+# 9) when the uid is 0, all files are now displayed as readable.
+#
+
+diff -urp webfs-1.21-orig/httpd.h webfs-1.21/httpd.h
+--- webfs-1.21-orig/httpd.h 2004-06-10 05:45:50.000000000 -0400
++++ webfs-1.21/httpd.h 2010-03-27 14:57:07.631540000 -0400
+@@ -169,6 +169,8 @@ extern int lifespan;
+ extern int no_listing;
+ extern time_t now;
+ extern int have_tty;
++extern gid_t *grp_list;
++extern int grp_num;
+
+ #ifdef USE_SSL
+ extern int with_ssl;
+diff -urp webfs-1.21-orig/ls.c webfs-1.21/ls.c
+--- webfs-1.21-orig/ls.c 2004-06-10 05:45:50.000000000 -0400
++++ webfs-1.21/ls.c 2010-03-28 10:52:09.449259926 -0400
+@@ -194,7 +194,9 @@ ls(time_t now, char *hostname, char *fil
+ struct myfile **files = NULL;
+ struct myfile **re1;
+ char *h1,*h2,*re2,*buf = NULL;
+- int count,len,size,i,uid,gid;
++ int count,len,size,i;
++ uid_t uid;
++ gid_t gid;
+ char line[1024];
+ char *pw = NULL, *gr = NULL;
+
+@@ -241,14 +243,23 @@ ls(time_t now, char *hostname, char *fil
+ files[count]->r = 0;
+ if (S_ISDIR(files[count]->s.st_mode) ||
+ S_ISREG(files[count]->s.st_mode)) {
+- if (files[count]->s.st_uid == uid &&
++ if (uid == 0)
++ files[count]->r = 1;
++ else if (files[count]->s.st_uid == uid &&
+ files[count]->s.st_mode & 0400)
+ files[count]->r = 1;
+- else if (files[count]->s.st_uid == gid &&
++ else if (files[count]->s.st_gid == gid &&
+ files[count]->s.st_mode & 0040)
+- files[count]->r = 1; /* FIXME: check additional groups */
++ files[count]->r = 1;
+ else if (files[count]->s.st_mode & 0004)
+ files[count]->r = 1;
++ else {
++ for (i = 0; i < grp_num; i++) {
++ if (files[count]->s.st_gid == grp_list[i] &&
++ files[count]->s.st_mode & 0400)
++ files[count]->r = 1;
++ }
++ }
+ }
+ }
+ closedir(dir);
+diff -urp webfs-1.21-orig/webfsd.c webfs-1.21/webfsd.c
+--- webfs-1.21-orig/webfsd.c 2004-06-10 05:45:50.000000000 -0400
++++ webfs-1.21/webfsd.c 2010-03-28 10:36:33.992517000 -0400
+@@ -42,8 +42,8 @@ char *listen_port = "8000";
+ int virtualhosts = 0;
+ int canonicalhost = 0;
+ char server_host[256];
+-char user[17];
+-char group[17];
++char *user;
++char *group;
+ char *mimetypes = MIMEFILE;
+ char *pidfile = NULL;
+ char *logfile = NULL;
+@@ -57,6 +57,9 @@ int have_tty = 1;
+ int max_conn = 32;
+ int lifespan = -1;
+ int no_listing = 0;
++int setsupgroups = 1;
++gid_t *grp_list = NULL;
++int grp_num = 0;
+
+ time_t now;
+ int slisten;
+@@ -167,6 +170,7 @@ usage(char *name)
+ gr = getgrgid(getgid());
+ fprintf(stderr,
+ " -u user run as user >user< [%s]\n"
++ " -G set supplementary group list to empty\n"
+ " -g group run as group >group< [%s]\n",
+ pw ? pw->pw_name : "???",
+ gr ? gr->gr_name : "???");
+@@ -189,6 +193,7 @@ fix_ug(void)
+ {
+ struct passwd *pw = NULL;
+ struct group *gr = NULL;
++ int numgroupsmax, i;
+
+ /* root is allowed to use any uid/gid,
+ * others will get their real uid/gid */
+@@ -214,6 +219,20 @@ fix_ug(void)
+ exit(1);
+ }
+
++ /* get supplementary groups */
++ if (setsupgroups) {
++ numgroupsmax = sysconf(_SC_NGROUPS_MAX) + 1;
++ grp_list = (gid_t*) malloc(numgroupsmax * sizeof(gid_t));
++
++ if (grp_list != NULL) {
++ grp_num = getgrouplist(pw->pw_name, pw->pw_gid,
++ grp_list, &numgroupsmax);
++ } else {
++ xerror(LOG_ERR, "failed to get group list - "
++ "removing all sup groups", NULL);
++ }
++ }
++
+ /* chroot to $DOCUMENT_ROOT (must be done here as getpwuid needs
+ /etc and chroot works as root only) */
+ if (do_chroot) {
+@@ -227,14 +246,22 @@ fix_ug(void)
+ /* set group */
+ if (getegid() != gr->gr_gid || getgid() != gr->gr_gid) {
+ setgid(gr->gr_gid);
+- setgroups(0, NULL);
+ }
+ if (getegid() != gr->gr_gid || getgid() != gr->gr_gid) {
+ xerror(LOG_ERR,"setgid failed",NULL);
+ exit(1);
+ }
+- strncpy(group,gr->gr_name,16);
++
++ if (strlen(gr->gr_name) < sysconf(_SC_LOGIN_NAME_MAX))
++ strcpy(group,gr->gr_name);
++ else
++ xerror(LOG_ERR,"groupname too long",NULL);
+
++ /* set supplementary groups */
++ if (geteuid() == 0)
++ if (setgroups(grp_num, grp_list) != 0)
++ xerror(LOG_ERR, "failed to set supplementary groups", NULL);
++
+ /* set user */
+ if (geteuid() != pw->pw_uid || getuid() != pw->pw_uid)
+ setuid(pw->pw_uid);
+@@ -242,11 +269,23 @@ fix_ug(void)
+ xerror(LOG_ERR,"setuid failed",NULL);
+ exit(1);
+ }
+- strncpy(user,pw->pw_name,16);
+-
+- if (debug)
+- fprintf(stderr,"fix_ug: uid=%d euid=%d / gid=%d egid=%d\n",
++
++ if (strlen(pw->pw_name) < sysconf(_SC_LOGIN_NAME_MAX))
++ strcpy(user,pw->pw_name);
++ else
++ xerror(LOG_ERR,"username too long",NULL);
++
++ if (debug) {
++ fprintf(stderr,"fix_ug: uid=%d euid=%d / gid=%d egid=%d / gids: ",
+ getuid(),geteuid(),getgid(),getegid());
++
++ for (i = 0; i < grp_num; i++) {
++ fprintf(stderr, "%d ", grp_list[i]);
++ }
++
++ fprintf(stderr, "\n");
++ }
++
+ }
+
+ /* ---------------------------------------------------------------------- */
+@@ -687,6 +726,10 @@ main(int argc, char *argv[])
+ char serv[16];
+ char mypid[12];
+
++ /* allocate space for user/group names. _SC_LOGIN_NAME_MAX includes \0 */
++ user = (char *)malloc(sizeof(char) * sysconf(_SC_LOGIN_NAME_MAX));
++ group = (char *)malloc(sizeof(char) * sysconf(_SC_LOGIN_NAME_MAX));
++
+ uid = getuid();
+ euid = geteuid();
+ if (uid != euid)
+@@ -702,7 +745,7 @@ main(int argc, char *argv[])
+ /* parse options */
+ for (;;) {
+ if (-1 == (c = getopt(argc,argv,"hvsdF46jS"
+- "r:R:f:p:n:N:i:t:c:a:u:g:l:L:m:y:b:k:e:x:C:P:~:")))
++ "r:R:f:p:n:N:i:t:c:a:u:Gg:l:L:m:y:b:k:e:x:C:P:~:")))
+ break;
+ switch (c) {
+ case 'h':
+@@ -759,10 +802,19 @@ main(int argc, char *argv[])
+ max_dircache = atoi(optarg);
+ break;
+ case 'u':
+- strncpy(user,optarg,16);
++ if (strlen(optarg) < sysconf(_SC_LOGIN_NAME_MAX))
++ strcpy(user,optarg);
++ else
++ xerror(LOG_ERR,"username too long",NULL);
++ break;
++ case 'G':
++ setsupgroups = 0;
+ break;
+ case 'g':
+- strncpy(group,optarg,16);
++ if (strlen(optarg) < sysconf(_SC_LOGIN_NAME_MAX))
++ strcpy(group,optarg);
++ else
++ xerror(LOG_ERR,"groupname too long",NULL);
+ break;
+ case 'L':
+ flushlog = 1;
+diff -urp webfs-1.21-orig/webfsd.man webfs-1.21/webfsd.man
+--- webfs-1.21-orig/webfsd.man 2004-06-08 08:52:02.000000000 -0400
++++ webfs-1.21/webfsd.man 2010-03-28 10:37:09.495798000 -0400
+@@ -95,6 +95,9 @@ Use >file< as pidfile.
+ Set \fBu\fPid to >user< (after binding to the tcp port). This
+ option is allowed for root only.
+ .TP
++.B -G
++Set the supplementary group list to empty.
++.TP
+ .B -g group
+ Set \fBg\fPid to >group< (after binding to the tcp port). This
+ option is allowed for root only.
+
+
Copied: webfs/repos/community-staging-i686/webfsd.conf (from rev 164175, webfs/trunk/webfsd.conf)
===================================================================
--- community-staging-i686/webfsd.conf (rev 0)
+++ community-staging-i686/webfsd.conf 2016-03-02 18:15:04 UTC (rev 164177)
@@ -0,0 +1,5 @@
+#
+# Parameters passed to webfsd(1)
+#
+
+WEBFSD_ARGS="-p 8080 -u nobody -R /var/www/htdocs -f index.html"
Copied: webfs/repos/community-staging-i686/webfsd.service (from rev 164175, webfs/trunk/webfsd.service)
===================================================================
--- community-staging-i686/webfsd.service (rev 0)
+++ community-staging-i686/webfsd.service 2016-03-02 18:15:04 UTC (rev 164177)
@@ -0,0 +1,11 @@
+[Unit]
+Description=Simple and instant http server.
+Documentation=man:webfsd(1)
+After=network.target
+
+[Service]
+EnvironmentFile=/etc/conf.d/webfsd
+ExecStart=/usr/bin/webfsd $WEBFSD_ARGS -F
+
+[Install]
+WantedBy=multi-user.target
Copied: webfs/repos/community-staging-x86_64/PKGBUILD (from rev 164176, webfs/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD (rev 0)
+++ community-staging-x86_64/PKGBUILD 2016-03-02 18:15:04 UTC (rev 164177)
@@ -0,0 +1,39 @@
+# $Id$
+# Maintainer: Kyle Keen <keenerd at gmail.com>
+# Contributor: Roman Kyrylych <Roman.Kyrylych at gmail.com>
+# Contributor: Mark Rosenstand <mark at archlinux.org>
+# Contributor: Daniel J Griffiths <ghost1227 at archlinux.us>
+# Contributor: Chris Brannon <chris at the-brannons.com>
+
+pkgname=webfs
+pkgver=1.21
+pkgrel=12
+pkgdesc="Simple and instant http server for mostly static content."
+arch=(i686 x86_64)
+url="http://linux.bytesex.org/misc/webfs.html"
+license=("GPL")
+depends=('mime-types' 'openssl')
+backup=('etc/conf.d/webfsd')
+source=(http://dl.bytesex.org/releases/webfs/webfs-${pkgver}.tar.gz
+ webfsd.conf
+ webfs.patch
+ webfsd.service)
+md5sums=('6dc125fe160479404147e7bbfc781dbc'
+ 'b2c1ab041a82acd8391b06dc38d986be'
+ '7294edcec2589df04bb775270d56536e'
+ 'e1202dd915cba1a02e0016aa3a516b4a')
+
+build() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ patch -i "$srcdir/webfs.patch"
+ make
+}
+
+package() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ make prefix=/usr DESTDIR="$pkgdir" install
+ install -Dm644 "$srcdir/webfsd.conf" "$pkgdir/etc/conf.d/webfsd"
+ install -Dm644 "$srcdir/webfsd.service" "$pkgdir/usr/lib/systemd/system/webfsd.service"
+}
Copied: webfs/repos/community-staging-x86_64/webfs.patch (from rev 164176, webfs/trunk/webfs.patch)
===================================================================
--- community-staging-x86_64/webfs.patch (rev 0)
+++ community-staging-x86_64/webfs.patch 2016-03-02 18:15:04 UTC (rev 164177)
@@ -0,0 +1,250 @@
+# This patch performs the following:
+#
+# 1) user/group names my now be set to the system maximum using
+# sysconf(_SC_LOGIN_NAME_MAX). They were previously hardcoded to 16 chars.
+#
+# 2) supplementary groups are now set according to the user webfs is running as.
+# previously they were left as the calling user, which could be dangerous
+# ex: sudo webfsd -u nobody, would leave webfsd with all of root's groups!
+#
+# 3) the supplementary group list is no longer made empty when using -g
+#
+# 4) supplementary groups are now checked for read access when generating
+# directory listings
+#
+# 5) in ls.c/ls() changed type of uid and gid to uid_t and gid_t
+#
+# 6) in ls.c/ls() fixed a problem where the uid of the file was being compared
+# to the gid of the user to check for readability
+#
+# 7) added a -G option to ignore/remove all supplementary groups
+#
+# 8) updated man page to reflect -G option
+#
+# 9) when the uid is 0, all files are now displayed as readable.
+#
+
+diff -urp webfs-1.21-orig/httpd.h webfs-1.21/httpd.h
+--- webfs-1.21-orig/httpd.h 2004-06-10 05:45:50.000000000 -0400
++++ webfs-1.21/httpd.h 2010-03-27 14:57:07.631540000 -0400
+@@ -169,6 +169,8 @@ extern int lifespan;
+ extern int no_listing;
+ extern time_t now;
+ extern int have_tty;
++extern gid_t *grp_list;
++extern int grp_num;
+
+ #ifdef USE_SSL
+ extern int with_ssl;
+diff -urp webfs-1.21-orig/ls.c webfs-1.21/ls.c
+--- webfs-1.21-orig/ls.c 2004-06-10 05:45:50.000000000 -0400
++++ webfs-1.21/ls.c 2010-03-28 10:52:09.449259926 -0400
+@@ -194,7 +194,9 @@ ls(time_t now, char *hostname, char *fil
+ struct myfile **files = NULL;
+ struct myfile **re1;
+ char *h1,*h2,*re2,*buf = NULL;
+- int count,len,size,i,uid,gid;
++ int count,len,size,i;
++ uid_t uid;
++ gid_t gid;
+ char line[1024];
+ char *pw = NULL, *gr = NULL;
+
+@@ -241,14 +243,23 @@ ls(time_t now, char *hostname, char *fil
+ files[count]->r = 0;
+ if (S_ISDIR(files[count]->s.st_mode) ||
+ S_ISREG(files[count]->s.st_mode)) {
+- if (files[count]->s.st_uid == uid &&
++ if (uid == 0)
++ files[count]->r = 1;
++ else if (files[count]->s.st_uid == uid &&
+ files[count]->s.st_mode & 0400)
+ files[count]->r = 1;
+- else if (files[count]->s.st_uid == gid &&
++ else if (files[count]->s.st_gid == gid &&
+ files[count]->s.st_mode & 0040)
+- files[count]->r = 1; /* FIXME: check additional groups */
++ files[count]->r = 1;
+ else if (files[count]->s.st_mode & 0004)
+ files[count]->r = 1;
++ else {
++ for (i = 0; i < grp_num; i++) {
++ if (files[count]->s.st_gid == grp_list[i] &&
++ files[count]->s.st_mode & 0400)
++ files[count]->r = 1;
++ }
++ }
+ }
+ }
+ closedir(dir);
+diff -urp webfs-1.21-orig/webfsd.c webfs-1.21/webfsd.c
+--- webfs-1.21-orig/webfsd.c 2004-06-10 05:45:50.000000000 -0400
++++ webfs-1.21/webfsd.c 2010-03-28 10:36:33.992517000 -0400
+@@ -42,8 +42,8 @@ char *listen_port = "8000";
+ int virtualhosts = 0;
+ int canonicalhost = 0;
+ char server_host[256];
+-char user[17];
+-char group[17];
++char *user;
++char *group;
+ char *mimetypes = MIMEFILE;
+ char *pidfile = NULL;
+ char *logfile = NULL;
+@@ -57,6 +57,9 @@ int have_tty = 1;
+ int max_conn = 32;
+ int lifespan = -1;
+ int no_listing = 0;
++int setsupgroups = 1;
++gid_t *grp_list = NULL;
++int grp_num = 0;
+
+ time_t now;
+ int slisten;
+@@ -167,6 +170,7 @@ usage(char *name)
+ gr = getgrgid(getgid());
+ fprintf(stderr,
+ " -u user run as user >user< [%s]\n"
++ " -G set supplementary group list to empty\n"
+ " -g group run as group >group< [%s]\n",
+ pw ? pw->pw_name : "???",
+ gr ? gr->gr_name : "???");
+@@ -189,6 +193,7 @@ fix_ug(void)
+ {
+ struct passwd *pw = NULL;
+ struct group *gr = NULL;
++ int numgroupsmax, i;
+
+ /* root is allowed to use any uid/gid,
+ * others will get their real uid/gid */
+@@ -214,6 +219,20 @@ fix_ug(void)
+ exit(1);
+ }
+
++ /* get supplementary groups */
++ if (setsupgroups) {
++ numgroupsmax = sysconf(_SC_NGROUPS_MAX) + 1;
++ grp_list = (gid_t*) malloc(numgroupsmax * sizeof(gid_t));
++
++ if (grp_list != NULL) {
++ grp_num = getgrouplist(pw->pw_name, pw->pw_gid,
++ grp_list, &numgroupsmax);
++ } else {
++ xerror(LOG_ERR, "failed to get group list - "
++ "removing all sup groups", NULL);
++ }
++ }
++
+ /* chroot to $DOCUMENT_ROOT (must be done here as getpwuid needs
+ /etc and chroot works as root only) */
+ if (do_chroot) {
+@@ -227,14 +246,22 @@ fix_ug(void)
+ /* set group */
+ if (getegid() != gr->gr_gid || getgid() != gr->gr_gid) {
+ setgid(gr->gr_gid);
+- setgroups(0, NULL);
+ }
+ if (getegid() != gr->gr_gid || getgid() != gr->gr_gid) {
+ xerror(LOG_ERR,"setgid failed",NULL);
+ exit(1);
+ }
+- strncpy(group,gr->gr_name,16);
++
++ if (strlen(gr->gr_name) < sysconf(_SC_LOGIN_NAME_MAX))
++ strcpy(group,gr->gr_name);
++ else
++ xerror(LOG_ERR,"groupname too long",NULL);
+
++ /* set supplementary groups */
++ if (geteuid() == 0)
++ if (setgroups(grp_num, grp_list) != 0)
++ xerror(LOG_ERR, "failed to set supplementary groups", NULL);
++
+ /* set user */
+ if (geteuid() != pw->pw_uid || getuid() != pw->pw_uid)
+ setuid(pw->pw_uid);
+@@ -242,11 +269,23 @@ fix_ug(void)
+ xerror(LOG_ERR,"setuid failed",NULL);
+ exit(1);
+ }
+- strncpy(user,pw->pw_name,16);
+-
+- if (debug)
+- fprintf(stderr,"fix_ug: uid=%d euid=%d / gid=%d egid=%d\n",
++
++ if (strlen(pw->pw_name) < sysconf(_SC_LOGIN_NAME_MAX))
++ strcpy(user,pw->pw_name);
++ else
++ xerror(LOG_ERR,"username too long",NULL);
++
++ if (debug) {
++ fprintf(stderr,"fix_ug: uid=%d euid=%d / gid=%d egid=%d / gids: ",
+ getuid(),geteuid(),getgid(),getegid());
++
++ for (i = 0; i < grp_num; i++) {
++ fprintf(stderr, "%d ", grp_list[i]);
++ }
++
++ fprintf(stderr, "\n");
++ }
++
+ }
+
+ /* ---------------------------------------------------------------------- */
+@@ -687,6 +726,10 @@ main(int argc, char *argv[])
+ char serv[16];
+ char mypid[12];
+
++ /* allocate space for user/group names. _SC_LOGIN_NAME_MAX includes \0 */
++ user = (char *)malloc(sizeof(char) * sysconf(_SC_LOGIN_NAME_MAX));
++ group = (char *)malloc(sizeof(char) * sysconf(_SC_LOGIN_NAME_MAX));
++
+ uid = getuid();
+ euid = geteuid();
+ if (uid != euid)
+@@ -702,7 +745,7 @@ main(int argc, char *argv[])
+ /* parse options */
+ for (;;) {
+ if (-1 == (c = getopt(argc,argv,"hvsdF46jS"
+- "r:R:f:p:n:N:i:t:c:a:u:g:l:L:m:y:b:k:e:x:C:P:~:")))
++ "r:R:f:p:n:N:i:t:c:a:u:Gg:l:L:m:y:b:k:e:x:C:P:~:")))
+ break;
+ switch (c) {
+ case 'h':
+@@ -759,10 +802,19 @@ main(int argc, char *argv[])
+ max_dircache = atoi(optarg);
+ break;
+ case 'u':
+- strncpy(user,optarg,16);
++ if (strlen(optarg) < sysconf(_SC_LOGIN_NAME_MAX))
++ strcpy(user,optarg);
++ else
++ xerror(LOG_ERR,"username too long",NULL);
++ break;
++ case 'G':
++ setsupgroups = 0;
+ break;
+ case 'g':
+- strncpy(group,optarg,16);
++ if (strlen(optarg) < sysconf(_SC_LOGIN_NAME_MAX))
++ strcpy(group,optarg);
++ else
++ xerror(LOG_ERR,"groupname too long",NULL);
+ break;
+ case 'L':
+ flushlog = 1;
+diff -urp webfs-1.21-orig/webfsd.man webfs-1.21/webfsd.man
+--- webfs-1.21-orig/webfsd.man 2004-06-08 08:52:02.000000000 -0400
++++ webfs-1.21/webfsd.man 2010-03-28 10:37:09.495798000 -0400
+@@ -95,6 +95,9 @@ Use >file< as pidfile.
+ Set \fBu\fPid to >user< (after binding to the tcp port). This
+ option is allowed for root only.
+ .TP
++.B -G
++Set the supplementary group list to empty.
++.TP
+ .B -g group
+ Set \fBg\fPid to >group< (after binding to the tcp port). This
+ option is allowed for root only.
+
+
Copied: webfs/repos/community-staging-x86_64/webfsd.conf (from rev 164176, webfs/trunk/webfsd.conf)
===================================================================
--- community-staging-x86_64/webfsd.conf (rev 0)
+++ community-staging-x86_64/webfsd.conf 2016-03-02 18:15:04 UTC (rev 164177)
@@ -0,0 +1,5 @@
+#
+# Parameters passed to webfsd(1)
+#
+
+WEBFSD_ARGS="-p 8080 -u nobody -R /var/www/htdocs -f index.html"
Copied: webfs/repos/community-staging-x86_64/webfsd.service (from rev 164176, webfs/trunk/webfsd.service)
===================================================================
--- community-staging-x86_64/webfsd.service (rev 0)
+++ community-staging-x86_64/webfsd.service 2016-03-02 18:15:04 UTC (rev 164177)
@@ -0,0 +1,11 @@
+[Unit]
+Description=Simple and instant http server.
+Documentation=man:webfsd(1)
+After=network.target
+
+[Service]
+EnvironmentFile=/etc/conf.d/webfsd
+ExecStart=/usr/bin/webfsd $WEBFSD_ARGS -F
+
+[Install]
+WantedBy=multi-user.target
More information about the arch-commits
mailing list