Strona główna Odkrywaj Pomoc
Zaloguj się
openpkg
/
openpkg-packages
Obserwuj 2
Polub 0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0
Przeglądaj źródła

Disable adminserver by default, fix rc script, and bring back specfile post section with our own admin user to close a potential security hole

Michael Schloh von Bennewitz 23 lat temu
rodzic
4600da7878
commit
103ea202ef
2 zmienionych plików z 42 dodań i 30 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 11 5
      dss/dss.spec
  2. 31 25
      dss/rc.dss

+ 11 - 5
dss/dss.spec
Wyświetl plik 

@@ -37,7 +37,7 @@ Distribution: OpenPKG [EVAL]
 
 Group:        Video
 
 License:      APSL
 
 Version:      %{V_opkg}
 
-Release:      20030606
 
+Release:      20030610
 
 
 #   list of sources
 
 Source0:      http://www.opensource.apple.com/projects/streaming/source/DSS-%{V_dss}.src.tar.gz
 
@@ -93,8 +93,6 @@ AutoReqProv:  no
 
     %{l_shtool} subst \
 
         -e 's;[ \t]$;;g' \
 
         -e 's;\t;    ;g' \
 
-        qtusers \
 
-        qtgroups \
 
         streamingserver.xml \
 
         relayconfig.xml-Sample \
 
         streamingadminserver.conf
 
@@ -253,8 +251,6 @@ AutoReqProv:  no
 
 
     #   install configuration files
 
     %{l_shtool} install -c -m 644 \
 
-        qtusers \
 
-        qtgroups \
 
         streamingserver.xml \
 
         relayconfig.xml-Sample \
 
         WebAdmin/streamingadminserver.conf \
 
@@ -263,6 +259,8 @@ AutoReqProv:  no
 
         cd $RPM_BUILD_ROOT%{l_prefix}/etc/dss/
 
         mv -f relayconfig.xml-Sample relayconfig.xml
 
         mv -f streamingadminserver.conf streamingadmin.conf
 
+        touch qtusers
 
+        touch qtgroups
 
     )
 
 
     #   install run commands
 
@@ -292,3 +290,11 @@ AutoReqProv:  no
 
 %clean
 
     rm -rf $RPM_BUILD_ROOT
 
 
+%post
 
+    #   write a default admin username and password to qtusers
 
+        username='ghandi'; password='india'
 
+        $RPM_INSTALL_PREFIX/bin/qtpasswd -p $password $username
 
+
 
+    #   add the new admin username to {l_prefix}/etc/dss/qtgroupsusers
 
+        echo admin: $username >$RPM_INSTALL_PREFIX/etc/dss/qtgroups
 
+

+ 31 - 25
dss/rc.dss
Wyświetl plik 

@@ -4,40 +4,46 @@
 
 ##
 
 
 %config
 
-    dssadmin_enable="yes"
 
+    dssadmin_enable="no"
 
     dssdaemon_enable="yes"
 
 
 %start -p 220 -u @l_susr@
 
-    opServiceEnabled dssadmin || exit 0
 
-    @l_prefix@/sbin/streamingadminserver.pl -c @l_prefix@/etc/dss/streamingadmin.conf >/dev/null 2>&1 &
 
-    opServiceEnabled dssdaemon || exit 0
 
-    @l_prefix@/sbin/DarwinStreamingServer -d >/dev/null 2>&1 &
 
-    echo $! >@l_prefix@/var/dss/dssdaemon.pid
 
+    if opServiceEnabled dssadmin; then
 
+        @l_prefix@/sbin/streamingadminserver.pl -c @l_prefix@/etc/dss/streamingadmin.conf
 
+    fi
 
+    if opServiceEnabled dssdaemon; then
 
+        @l_prefix@/sbin/DarwinStreamingServer -d >/dev/null 2>&1 &
 
+        echo $! >@l_prefix@/var/dss/dssdaemon.pid
 
+    fi
 
 
 %stop -p 200 -u @l_susr@
 
-    opServiceEnabled dssadmin || exit 0
 
-    if [ -f @l_prefix@/var/dss/dssadmin.pid ]; then
 
-        kill -TERM `cat @l_prefix@/var/dss/dssadmin.pid`
 
-        rm @l_prefix@/var/dss/dssadmin.pid
 
+    if opServiceEnabled dssadmin; then
 
+        if [ -f @l_prefix@/var/dss/dssadmin.pid ]; then
 
+            kill -TERM `cat @l_prefix@/var/dss/dssadmin.pid`
 
+            rm @l_prefix@/var/dss/dssadmin.pid
 
+        fi
 
     fi
 
-    opServiceEnabled dssdaemon || exit 0
 
-    if [ -f @l_prefix@/var/dss/dssdaemon.pid ]; then
 
-        kill -TERM `cat @l_prefix@/var/dss/dssdaemon.pid`
 
-        rm @l_prefix@/var/dss/dssdaemon.pid
 
+    if opServiceEnabled dssdaemon; then
 
+        if [ -f @l_prefix@/var/dss/dssdaemon.pid ]; then
 
+            kill -TERM `cat @l_prefix@/var/dss/dssdaemon.pid`
 
+            rm @l_prefix@/var/dss/dssdaemon.pid
 
+        fi
 
     fi
 
 
 %restart -p 200 -u @l_susr@
 
-    opServiceEnabled dssadmin || exit 0
 
-    if [ -f @l_prefix@/var/dss/dssadmin.pid ]; then
 
-        kill -TERM `cat @l_prefix@/var/dss/dssadmin.pid`
 
-        rm @l_prefix@/var/dss/dssadmin.pid
 
+    if opServiceEnabled dssadmin; then
 
+        if [ -f @l_prefix@/var/dss/dssadmin.pid ]; then
 
+            kill -TERM `cat @l_prefix@/var/dss/dssadmin.pid`
 
+            rm @l_prefix@/var/dss/dssadmin.pid
 
+        fi
 
+        @l_prefix@/sbin/streamingadminserver.pl -c @l_prefix@/etc/dss/streamingadmin.conf
 
     fi
 
-    @l_prefix@/sbin/streamingadminserver.pl -c @l_prefix@/etc/dss/streamingadmin.conf >/dev/null 2>&1 &
 
-    opServiceEnabled dssdaemon || exit 0
 
-    if [ -f @l_prefix@/var/dss/dssdaemon.pid ]; then
 
-        kill -TERM `cat @l_prefix@/var/dss/dssdaemon.pid`
 
-        rm @l_prefix@/var/dss/dssdaemon.pid
 
+    if opServiceEnabled dssdaemon; then
 
+        if [ -f @l_prefix@/var/dss/dssdaemon.pid ]; then
 
+            kill -TERM `cat @l_prefix@/var/dss/dssdaemon.pid`
 
+            rm @l_prefix@/var/dss/dssdaemon.pid
 
+        fi
 
+        @l_prefix@/sbin/DarwinStreamingServer -d >/dev/null 2>&1 &
 
+        echo $! >@l_prefix@/var/dss/dssdaemon.pid
 
     fi
 
-    @l_prefix@/sbin/DarwinStreamingServer -d >/dev/null 2>&1 &
 
-    echo $! >@l_prefix@/var/dss/dssdaemon.pid