From 169b082ff376ba3906844b0d2e8dada43d72c8fb Mon Sep 17 00:00:00 2001 From: Henrik Riomar <henrik.riomar@gmail.com> Date: Mon, 1 Nov 2021 09:27:37 +0100 Subject: [PATCH 1/2] main/doas: fix perms of /etc/doas.d Fix perms of /etc/doas.d to match the perms of /etc/sudoers.d --- main/doas/APKBUILD | 2 +- main/doas/doas.post-install | 4 ++-- main/doas/doas.post-upgrade | 9 +++++++-- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/main/doas/APKBUILD b/main/doas/APKBUILD index 9b5f49fc77b4..73b8a9948e77 100644 --- a/main/doas/APKBUILD +++ b/main/doas/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Drew DeVault <sir@cmpwn.com> pkgname=doas pkgver=6.8.1 -pkgrel=6 +pkgrel=7 pkgdesc="OpenBSD's temporary privilege escalation tool" url="https://github.com/Duncaen/OpenDoas" arch="all" diff --git a/main/doas/doas.post-install b/main/doas/doas.post-install index 46518437c2ef..e27cf4ad38f2 100755 --- a/main/doas/doas.post-install +++ b/main/doas/doas.post-install @@ -1,6 +1,6 @@ #!/bin/sh -[ -d /etc/doas.d ] || mkdir /etc/doas.d +[ -d /etc/doas.d ] || install -d -m 0750 /etc/doas.d [ -e /etc/doas.d/doas.conf ] && exit 0 cat << _EOF_ >/etc/doas.d/doas.conf @@ -27,4 +27,4 @@ cat << _EOF_ >&2 * /etc/doas.d/doas.conf and a symlink was installed in its * place. For more information about the new doas configuration * directory, consult doas.d(5). -_EOF_ \ No newline at end of file +_EOF_ diff --git a/main/doas/doas.post-upgrade b/main/doas/doas.post-upgrade index 46518437c2ef..362ac4ae2cbe 100755 --- a/main/doas/doas.post-upgrade +++ b/main/doas/doas.post-upgrade @@ -1,6 +1,11 @@ #!/bin/sh -[ -d /etc/doas.d ] || mkdir /etc/doas.d +[ -d /etc/doas.d ] || install -d -m 0750 /etc/doas.d +# fix perms when upgrading from 6.8.1-r6 +if [ -d /etc/doas.d ] && [ "$(stat -c "%a" /etc/doas.d)" = "755" ]; then + chmod 0750 /etc/doas.d +fi + [ -e /etc/doas.d/doas.conf ] && exit 0 cat << _EOF_ >/etc/doas.d/doas.conf @@ -27,4 +32,4 @@ cat << _EOF_ >&2 * /etc/doas.d/doas.conf and a symlink was installed in its * place. For more information about the new doas configuration * directory, consult doas.d(5). -_EOF_ \ No newline at end of file +_EOF_ -- GitLab From 6e08ade3f8cabdf6bece0e8456307060c164acce Mon Sep 17 00:00:00 2001 From: Henrik Riomar <henrik.riomar@gmail.com> Date: Mon, 1 Nov 2021 10:29:38 +0100 Subject: [PATCH 2/2] main/doas: fix a migration bug from /etc/doas.conf to /etc/doas.d/doas.conf If /etc/doas.conf is a symlink from an older install we should not run the migration code again --- main/doas/doas.post-install | 6 ++++-- main/doas/doas.post-upgrade | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/main/doas/doas.post-install b/main/doas/doas.post-install index e27cf4ad38f2..26a63aa22506 100755 --- a/main/doas/doas.post-install +++ b/main/doas/doas.post-install @@ -9,11 +9,13 @@ cat << _EOF_ >/etc/doas.d/doas.conf # previous location, /etc/doas.conf, automatically. _EOF_ -[ -e /etc/doas.conf ] && cat /etc/doas.conf >> /etc/doas.d/doas.conf -[ -e /etc/doas.conf ] || cat << _EOF_ >> /etc/doas.d/doas.conf +if [ -f /etc/doas.conf ]; then + cat /etc/doas.conf >> /etc/doas.d/doas.conf + cat << _EOF_ >> /etc/doas.d/doas.conf # Please see /usr/share/doc/doas/doas.conf.example in the doas-doc # package for configuration examples. _EOF_ +fi # install compatibility symlink rm -f /etc/doas.conf diff --git a/main/doas/doas.post-upgrade b/main/doas/doas.post-upgrade index 362ac4ae2cbe..731b3511cada 100755 --- a/main/doas/doas.post-upgrade +++ b/main/doas/doas.post-upgrade @@ -14,11 +14,13 @@ cat << _EOF_ >/etc/doas.d/doas.conf # previous location, /etc/doas.conf, automatically. _EOF_ -[ -e /etc/doas.conf ] && cat /etc/doas.conf >> /etc/doas.d/doas.conf -[ -e /etc/doas.conf ] || cat << _EOF_ >> /etc/doas.d/doas.conf +if [ -f /etc/doas.conf ]; then + cat /etc/doas.conf >> /etc/doas.d/doas.conf + cat << _EOF_ >> /etc/doas.d/doas.conf # Please see /usr/share/doc/doas/doas.conf.example in the doas-doc # package for configuration examples. _EOF_ +fi # install compatibility symlink rm -f /etc/doas.conf -- GitLab