diff options
author | Peter Simons <simons@cryp.to> | 2013-09-11 17:24:22 +0200 |
---|---|---|
committer | Peter Simons <simons@cryp.to> | 2013-09-11 17:24:32 +0200 |
commit | c749c24076e13ceb61efeba992bf78d741cf8597 (patch) | |
tree | 7d7cdf1c2715ebc4d7ce14b04a8f1e813de3c2c5 /pkgs/tools/security | |
parent | e761405c50e03ab1d101a67170fbf805a9d3332b (diff) | |
download | nixlib-c749c24076e13ceb61efeba992bf78d741cf8597.tar nixlib-c749c24076e13ceb61efeba992bf78d741cf8597.tar.gz nixlib-c749c24076e13ceb61efeba992bf78d741cf8597.tar.bz2 nixlib-c749c24076e13ceb61efeba992bf78d741cf8597.tar.lz nixlib-c749c24076e13ceb61efeba992bf78d741cf8597.tar.xz nixlib-c749c24076e13ceb61efeba992bf78d741cf8597.tar.zst nixlib-c749c24076e13ceb61efeba992bf78d741cf8597.zip |
tcpcrypt: patch tcpcryptd to run under uid 93 instead of 666
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/tcpcrypt/0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch | 25 | ||||
-rw-r--r-- | pkgs/tools/security/tcpcrypt/default.nix | 10 |
2 files changed, 32 insertions, 3 deletions
diff --git a/pkgs/tools/security/tcpcrypt/0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch b/pkgs/tools/security/tcpcrypt/0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch new file mode 100644 index 000000000000..addf00796a8a --- /dev/null +++ b/pkgs/tools/security/tcpcrypt/0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch @@ -0,0 +1,25 @@ +From 4ef50d76a2da61be60fea448690e24f35bc37299 Mon Sep 17 00:00:00 2001 +From: Peter Simons <simons@cryp.to> +Date: Wed, 11 Sep 2013 17:19:29 +0200 +Subject: [PATCH] Run tcpcryptd under uid 93 instead of 666. + +--- + user/src/linux.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/user/src/linux.c b/user/src/linux.c +index b51e6b2..8199193 100644 +--- a/user/src/linux.c ++++ b/user/src/linux.c +@@ -198,7 +198,7 @@ void linux_drop_privs(void) + + cap_free(caps); + +- if (setuid(666) == -1) ++ if (setuid(93) == -1) + err(1, "setuid()"); + + caps = cap_init(); +-- +1.8.3.4 + diff --git a/pkgs/tools/security/tcpcrypt/default.nix b/pkgs/tools/security/tcpcrypt/default.nix index 3026ed66d72f..17c6993826d8 100644 --- a/pkgs/tools/security/tcpcrypt/default.nix +++ b/pkgs/tools/security/tcpcrypt/default.nix @@ -1,4 +1,4 @@ -{ fetchurl, stdenv +{ fetchurl, stdenv, autoconf, automake, libtool , openssl, libcap, libnfnetlink, libnetfilter_queue }: @@ -14,9 +14,13 @@ stdenv.mkDerivation rec { name = "${name}.tar.gz"; }; - buildInputs = [ openssl libcap libnfnetlink libnetfilter_queue ]; + dontStrip = true; - preConfigure = "cd user"; + buildInputs = [ autoconf automake libtool openssl libcap libnfnetlink libnetfilter_queue ]; + + patches = [ ./0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch ]; + + preConfigure = "cd user; autoreconf -i"; meta = { homepage = "http://tcpcrypt.org/"; |