From 5f790929a91074be8e6fc8dbd3e15a01c0907a6a Mon Sep 17 00:00:00 2001
From: "Ralf S. Engelschall" <rse@openpkg.org>
Date: Tue, 31 Oct 2017 13:55:55 +0100
Subject: [PATCH] make helper script setuid root

---
 consul/consul-openpkg-service.c | 30 ++++++++++++++++++++++++++++++
 consul/consul.spec              | 29 +++++++++++++++++++++--------
 2 files changed, 51 insertions(+), 8 deletions(-)
 create mode 100644 consul/consul-openpkg-service.c

diff --git a/consul/consul-openpkg-service.c b/consul/consul-openpkg-service.c
new file mode 100644
index 0000000000..e945b7d916
--- /dev/null
+++ b/consul/consul-openpkg-service.c
@@ -0,0 +1,30 @@
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#define COS_BINDIR  "@l_prefix@/bin"
+#define COS_SBINDIR "@l_prefix@/bin"
+#define COS_BIN     "@l_prefix@/sbin/consul-openpkg-service.sh"
+
+int main(int argn, char **argv)
+{
+    static char *env[] = {
+        "PATH=/bin:/usr/bin:/sbin:/usr/sbin:" COS_BINDIR ":" COS_SBINDIR,
+        NULL
+    };
+    if (setuid(geteuid()) == -1) {
+        perror("setuid");
+        exit(1);
+    }
+    if (setgid(getegid()) == -1) {
+        perror("setgid");
+        exit(1);
+    }
+    argv[0] = COS_BIN;
+    if (execve(argv[0], argv, env) == -1)
+        abort();
+    return 0;
+}
+
diff --git a/consul/consul.spec b/consul/consul.spec
index d7a99f3df0..d04d19f276 100644
--- a/consul/consul.spec
+++ b/consul/consul.spec
@@ -37,13 +37,14 @@ Class:        EVAL
 Group:        Networking
 License:      MPL
 Version:      %{V_consul_opkg}.%{V_consul_snap}
-Release:      20171029
+Release:      20171031
 
 #   list of sources
 Source0:      http://download.openpkg.org/components/versioned/consul/consul-%{V_consul_snap}.tar.xz
 Source1:      rc.consul
 Source2:      consul.hcl
 Source3:      consul-openpkg-service.sh
+Source4:      consul-openpkg-service.c
 
 #   build information
 BuildPreReq:  OpenPKG, openpkg >= 20160101, go
@@ -75,12 +76,20 @@ PreReq:       OpenPKG, openpkg >= 20160101
 %build
     #   build program
     export GOPATH=`pwd`
-    cd src/github.com/hashicorp/consul
-    go build \
-        -x \
-        -tags="consul" \
-        -ldflags "-X github.com/hashicorp/consul/version.GitCommit='%{V_consul_snap}'" \
-        -o bin/consul
+    (   cd src/github.com/hashicorp/consul
+        go build \
+            -x \
+            -tags="consul" \
+            -ldflags "-X github.com/hashicorp/consul/version.GitCommit='%{V_consul_snap}'" \
+            -o bin/consul
+    ) || exit $?
+
+    #   build helper program
+    %{l_shtool} install -c %{l_value -s -a} \
+        %{SOURCE consul-openpkg-service.c} .
+    %{l_cc} %{l_cflags -O} %{l_ldflags} \
+        -o consul-openpkg-service \
+        consul-openpkg-service.c
 
 %install
     #   create directory hierarchy
@@ -105,9 +114,12 @@ PreReq:       OpenPKG, openpkg >= 20160101
         $RPM_BUILD_ROOT%{l_prefix}/etc/consul/
 
     #   install utility script
+    %{l_shtool} install -c -m 755 \
+        consul-openpkg-service \
+        $RPM_BUILD_ROOT%{l_prefix}/sbin/
     %{l_shtool} install -c -m 755 %{l_value -s -a} \
         %{SOURCE consul-openpkg-service.sh} \
-        $RPM_BUILD_ROOT%{l_prefix}/sbin/consul-openpkg-service
+        $RPM_BUILD_ROOT%{l_prefix}/sbin/
 
     #   install run-command script
     %{l_shtool} install -c -m 755 %{l_value -s -a} \
@@ -117,6 +129,7 @@ PreReq:       OpenPKG, openpkg >= 20160101
     %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
         %{l_files_std} \
         '%config %{l_prefix}/etc/consul/*' \
+        '%attr(4755,%{l_susr},%{l_mgrp}) %{l_prefix}/sbin/consul-openpkg-service' \
         '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/consul/*'
 
 %files -f files