diff options
Diffstat (limited to 'closefrom.patch')
-rw-r--r-- | closefrom.patch | 57 |
1 files changed, 0 insertions, 57 deletions
diff --git a/closefrom.patch b/closefrom.patch deleted file mode 100644 index 760e2cd..0000000 --- a/closefrom.patch +++ /dev/null @@ -1,57 +0,0 @@ -commit 10b899a15c88eb40eb5f73cd0fa84ef0966f79c9 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Nov 10 12:34:25 2021 +1100 - - Don't trust closefrom() on Linux. - - glibc's closefrom implementation does not work in a chroot when the kernel - does not have close_range. It tries to read from /proc/self/fd and when - that fails dies with an assertion of sorts. Instead, call close_range - ourselves from our compat code and fall back if that fails. bz#3349, - with william.wilson at canonical.com and fweimer at redhat.com. - -diff --git a/configure.ac b/configure.ac -index 165b391f..cd4cadec 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -839,6 +839,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) - dnl Target SUSv3/POSIX.1-2001 plus BSD specifics. - dnl _DEFAULT_SOURCE is the new name for _BSD_SOURCE - CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE" -+ AC_DEFINE([BROKEN_CLOSEFROM], [1], [broken in chroots on older kernels]) - AC_DEFINE([PAM_TTY_KLUDGE], [1], - [Work around problematic Linux PAM modules handling of PAM_TTY]) - AC_DEFINE([LOCKED_PASSWD_PREFIX], ["!"], -@@ -1820,6 +1821,7 @@ AC_CHECK_FUNCS([ \ - cap_rights_limit \ - clock \ - closefrom \ -+ close_range \ - dirfd \ - endgrent \ - err \ -diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c -index 8fadca2d..08b7da69 100644 ---- a/openbsd-compat/bsd-closefrom.c -+++ b/openbsd-compat/bsd-closefrom.c -@@ -16,7 +16,7 @@ - - #include "includes.h" - --#ifndef HAVE_CLOSEFROM -+#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_CLOSEFROM) - - #include <sys/types.h> - #include <sys/param.h> -@@ -130,6 +130,11 @@ closefrom(int lowfd) - DIR *dirp; - int len; - -+#ifdef HAVE_CLOSE_RANGE -+ if (close_range(lowfd, INT_MAX, 0) == 0) -+ return; -+#endif -+ - /* Check for a /proc/$$/fd directory. */ - len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid()); - if (len > 0 && (size_t)len < sizeof(fdpath) && (dirp = opendir(fdpath))) { |