Sophie

Sophie

distrib > Mageia > 6 > armv7hl > media > core-updates-src > by-pkgid > f7d7b63d0ca2d4ab340a4ab16377d67e > files > 6

nagios-4.3.1-2.2.mga6.src.rpm

From ef690014b2944b87ab078a71b2e57d2179a6ae66 Mon Sep 17 00:00:00 2001
From: Bryan Heden <bheden@nagios.com>
Date: Sun, 2 Jul 2017 10:29:05 -0500
Subject: [PATCH] Applying patch from David Walser via
 bugs.mageia.org/show_bug.cgi?id=20050 in regards to CVE-2016-10089

---
 daemon-init.in | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/daemon-init.in b/daemon-init.in
index af1498c5..0ea477bc 100644
--- a/daemon-init.in
+++ b/daemon-init.in
@@ -91,6 +91,10 @@ check_config ()
 		echo "ERROR: Could not delete '$NagiosCfgtestFile'"
 		exit 8
 	fi
+	if ! su $NagiosUser -c "touch $NagiosCfgtestFile"; then
+		echo "ERROR: Could not create or update '$NagiosCfgtestFile'"
+		exit 8
+	fi
 
 	TMPFILE=$(mktemp /tmp/.configtest.XXXXXXXX)
 	$NagiosBin -vp $NagiosCfgFile > "$TMPFILE"
@@ -99,24 +103,18 @@ check_config ()
 
 	if test "$WARN" = "0" && test "${ERR}" = "0"; then
 		echo "OK - Configuration check verified" > $NagiosCfgtestFile
-		chmod 0644 $NagiosCfgtestFile
-		chown -h $NagiosUser:$NagiosGroup $NagiosCfgtestFile
 		/bin/rm "$TMPFILE"
 		return 0
 	elif test "${ERR}" = "0"; then
 		# Write the errors to a file we can have a script watching for.
 		echo "WARNING: Warnings in config files - see log for details: $NagiosCfgtestFile" > $NagiosCfgtestFile
 		egrep -i "(^warning|^error)" "$TMPFILE" >> $NagiosCfgtestFile
-		chmod 0644 $NagiosCfgtestFile
-		chown -h $NagiosUser:$NagiosGroup $NagiosCfgtestFile
 		/bin/rm "$TMPFILE"
 		return 0
 	else
 		# Write the errors to a file we can have a script watching for.
 		echo "ERROR: Errors in config files - see log for details: $NagiosCfgtestFile" > $NagiosCfgtestFile
 		egrep -i "(^warning|^error)" "$TMPFILE" >> $NagiosCfgtestFile
-		chmod 0644 $NagiosCfgtestFile
-		chown -h $NagiosUser:$NagiosGroup $NagiosCfgtestFile
 		cat "$TMPFILE"
 		exit 8
 	fi
@@ -209,10 +207,9 @@ case "$1" in
 			fi
 		fi
 
-		touch $NagiosVarDir/nagios.log $NagiosRetentionFile
+		su $NagiosUser -c "touch $NagiosVarDir/nagios.log $NagiosRetentionFile"
 		rm -f $NagiosCommandFile
-		touch $NagiosRunFile
-		chown -h $NagiosUser:$NagiosGroup $NagiosRunFile $NagiosVarDir/nagios.log $NagiosRetentionFile
+		su $NagiosUser -c "touch $NagiosRunFile"
 		$NagiosBin -d $NagiosCfgFile
 		if [ -d $NagiosLockDir ]; then touch $NagiosLockDir/$NagiosLockFile; fi

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional