openpkg-packages/soapbox/soapbox.patch

Index: Makefile
--- Makefile.orig	2003-04-29 06:16:07.000000000 +0200
+++ Makefile	2012-04-06 14:21:32.000000000 +0200
@@ -6,21 +6,21 @@
 #CFLAGS=-g -Werror -fPIC
 LD=ld
 LDFLAGS=-g
+LIBS=-ldl -lm
 
 libdir=/lib
 sysconfdir=/etc
 bindir=/usr/bin
 
 SRC=libsoapbox.c
-LIB=libsoapbox.so
+LIB=soapbox.so
 BIN=soapbox.sh
 SPEC=soapbox.spec
 
 all: $(LIB) $(BIN) $(SPEC)
 
 $(LIB): $(SRC)
-#	$(CC) $(CFLAGS) $(SRC) -nostartfiles -shared -Wl,-soname,$(LIB) -o $(LIB) -ldl -lm -lc
-	$(CC) $(CFLAGS) $(SRC) -nostartfiles -shared -rdynamic -Wl,-soname,$(LIB) -o $(LIB) -ldl -lm
+	$(CC) $(CFLAGS) $(SRC) -nostartfiles -shared -rdynamic -Wl,-soname,$(LIB) -o $(LIB) $(LIBS)
 
 $(BIN):
 	cat $(BIN).in | sed -e 's|@@VERSION@@|$(VERSION)|' > $(BIN)
Index: libsoapbox.c
--- libsoapbox.c.orig	2003-06-05 18:49:26.000000000 +0200
+++ libsoapbox.c	2012-04-06 14:21:51.000000000 +0200
@@ -31,6 +31,12 @@
 
 #define _GNU_SOURCE
 
+#ifdef __FreeBSD__
+#define dirname freebsd_dirname
+#include <libgen.h>
+#undef dirname
+#endif
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdarg.h>
@@ -124,7 +130,7 @@
 
 // Check of dlsym worked
 static void dlcheck(const char *err) {
-//	sb_log(0,"TEST: --%s--\n", err);
+//	sb_log(1,"TEST: --%s--\n", err);
 	if (err!=NULL) sb_die(stdlog, "%s", err);
 }
 
@@ -136,7 +142,7 @@
 	setvbuf(stderr, (char *) NULL, _IONBF, 0);
 
 	// Handle and unset logging environment variable
-	soapboxlog=getenv("SOAPBOXLOG"); // unsetenv("SOAPBOXLOG");
+	soapboxlog=getenv("SOAPBOXLOG"); unsetenv("SOAPBOXLOG");
 	if (!soapboxlog || *soapboxlog=='\0') {
 		stdlog=stderr;
 	} else {
@@ -149,12 +155,12 @@
 	}
 
 	// Handle and unset debugging environment variable
-	soapboxdbg=getenv("SOAPBOXDEBUG"); // unsetenv("SOAPBOXDEBUG");
+	soapboxdbg=getenv("SOAPBOXDEBUG"); unsetenv("SOAPBOXDEBUG");
 	if (soapboxdbg) soapboxdebug=atoi(soapboxdbg);
 	sb_log(8, "Variable SOAPBOXDEBUG is set to %i.", soapboxdebug);
 
 	// Handle and unset path environment variable
-	soapboxpath=getenv("SOAPBOXPATH"); // unsetenv("SOAPBOXPATH");
+	soapboxpath=getenv("SOAPBOXPATH"); unsetenv("SOAPBOXPATH");
 	if (!soapboxpath) soapboxpath="";
 	if (!soapboxpath || *soapboxpath=='\0')
 		sb_log(8, "Variable SOAPBOXPATH is not set. Not allowed to write anywhere.");
@@ -162,7 +168,7 @@
 		sb_log(8, "Variable SOAPBOXPATH is set to \"%s\".", soapboxpath);
 
 	// Handle and unset action environment variable
-	soapboxaction=getenv("SOAPBOXACTION"); // unsetenv("SOAPBOXACTION");
+	soapboxaction=getenv("SOAPBOXACTION"); unsetenv("SOAPBOXACTION");
 	if (!soapboxaction || *soapboxaction=='\0') {
 	       	soapboxaction=DEFAULT_ACTION;
 		sb_log(8, "Variable SOAPBOXACTION is not set. Using \"%s\" by default.", DEFAULT_ACTION);
@@ -191,12 +197,18 @@
 	_real_mkfifo=dlsym(RTLD_NEXT, "mkfifo"); dlcheck(dlerror());
 
 	_real_mknod=dlsym(RTLD_NEXT, "mknod"); dlcheck(dlerror());
+#ifdef __linux__
 	_real___xmknod=dlsym(RTLD_NEXT, "__xmknod"); dlcheck(dlerror());
+#endif
 
 	_real_open=dlsym(RTLD_NEXT, "open"); dlcheck(dlerror());
+#ifdef __linux__
 	_real_open64=dlsym(RTLD_NEXT, "open64"); dlcheck(dlerror());
+#endif
 	_real_creat=dlsym(RTLD_NEXT, "creat"); dlcheck(dlerror());
+#ifdef __linux__
 	_real_creat64=dlsym(RTLD_NEXT, "creat64"); dlcheck(dlerror());
+#endif
 
 //	_real_fopen=dlsym(RTLD_NEXT, "fopen"); dlcheck(dlerror());
 
@@ -212,6 +224,7 @@
 	devnull=_real_open("/dev/zero", O_RDWR);
 	if (devnull==-1) sb_die(stdlog, "/dev/null: %s", strerror(errno));
 
+#if 0
 	// Print each process execution
 	if (soapboxdebug & 1) {
 		int i;
@@ -219,6 +232,7 @@
 		for(i=0; i<argc; i++) fprintf(stdlog, "%s ",argv[i]);
 		fprintf(stdlog, "\"\n");
 	}
+#endif
 }
 
 void _fini(void) {
@@ -263,9 +277,14 @@
 static char *rewrite(const char *path, const int flag) {
 	char *linkdir, *out;
 	struct stat *buf;
-	char temp[PATH_MAX+1], safe[PATH_MAX+1];
+#if 0
+	char temp[PATH_MAX+1];
+#endif
+    char safe[PATH_MAX+1];
 
+#if 0
 	temp[0]='\0'; temp[PATH_MAX]='\0'; // Terminate string for safety :)
+#endif
 	safe[0]='\0'; safe[PATH_MAX]='\0'; // Terminate string for safety :)
 
 	// To make sure path is not empty and defined. Return empty string
@@ -300,6 +319,7 @@
 	} else {
 		sb_log(8, "File \"%s\" does not exist.", path);
 		realpath(path, safe);	// TODO: Problem with non-existing files !!
+#if 0
 /*		realpath(path, temp);
 
 		// If the file doesn't exist, realpath() doesn't return its basename, so we need to add it ourselves
@@ -309,6 +329,7 @@
 		else
 			snprintf(safe, PATH_MAX, "%s", temp);
 */
+#endif
 	}
 	free(buf);
 
@@ -366,7 +387,9 @@
 	if (flags & O_NOFOLLOW) str_cmode(str, "O_NOFOLLOW");
 	if (flags & O_DIRECT) str_cmode(str, "O_DIRECT");
 	if (flags & O_ASYNC) str_cmode(str, "O_ASYNC");
+#ifdef O_LARGEFILE
 	if (flags & O_LARGEFILE) str_cmode(str, "O_LARGEFILE");
+#endif
 	if (flags & O_DIRECTORY) str_cmode(str, "O_DIRECTORY");
 
 	return strndup(str, strlen(str));
@@ -406,7 +429,7 @@
 		return _real_chmod(path, mode);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to chmod(\"%s\", %04o).", rpath, mode);
+	sb_log(1, "Attempt to chmod(\"%s\", %04o).", rpath, mode);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -422,7 +445,7 @@
 		return _real_chown(path, owner, group);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to chown(\"%s\", %i, %i).", rpath, owner, group);
+	sb_log(1, "Attempt to chown(\"%s\", %i, %i).", rpath, owner, group);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -438,7 +461,7 @@
 		return _real_lchown(path, owner, group);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to lchown(\"%s\", %i, %i).", rpath, owner, group);
+	sb_log(1, "Attempt to lchown(\"%s\", %i, %i).", rpath, owner, group);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -455,7 +478,7 @@
 		return _real_link(oldpath, newpath);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to link(\"%s\", \"%s\").", oldrpath, newrpath);
+	sb_log(1, "Attempt to link(\"%s\", \"%s\").", oldrpath, newrpath);
 	free(oldrpath); free(newrpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -471,7 +494,7 @@
 		return _real_mkdir(path, mode);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to mkdir(\"%s\", %04o).", rpath, mode);
+	sb_log(1, "Attempt to mkdir(\"%s\", %04o).", rpath, mode);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -487,7 +510,7 @@
 		return _real_mkfifo(path, mode);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to mkfifo(\"%s\", %04o).", rpath, mode);
+	sb_log(1, "Attempt to mkfifo(\"%s\", %04o).", rpath, mode);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -503,7 +526,7 @@
 		return _real_mknod(path, mode, dev);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to mknod(\"%s\", %04o).", rpath, mode);
+	sb_log(1, "Attempt to mknod(\"%s\", %04o).", rpath, mode);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -519,7 +542,7 @@
 		return _real___xmknod(ver, path, mode, dev);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to __xmknod(%i, \"%s\", %04o).", ver, rpath, mode);
+	sb_log(1, "Attempt to __xmknod(%i, \"%s\", %04o).", ver, rpath, mode);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -535,7 +558,7 @@
 	// If O_CREAT then mode is not set.
 	if (flags & O_CREAT) {
 		va_start(argptr, flags);
-		mode=va_arg(argptr, mode_t);
+		mode=(mode_t)va_arg(argptr, int);
 		va_end(argptr);
 	} else {
 		mode=0;
@@ -553,7 +576,7 @@
 		return _real_open(path, flags, mode);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to open(\"%s\", %s, %04o).", rpath, strflags, mode);
+	sb_log(1, "Attempt to open(\"%s\", %s, %04o).", rpath, strflags, mode);
 	free(rpath); free(strflags);
 	if (action==A_WARN) return devnull;
 	errno=EACCES;
@@ -569,7 +592,7 @@
 	// If O_CREAT then mode is not set.
 	if (flags & O_CREAT) {
 		va_start(argptr, flags);
-		mode=va_arg(argptr, mode_t);
+		mode=(mode_t)va_arg(argptr, int);
 		va_end(argptr);
 	} else {
 		mode=0;
@@ -587,7 +610,7 @@
 		return _real_open64(path, flags, mode);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to open64(\"%s\", %s, %04o).", rpath, strflags, mode);
+	sb_log(1, "Attempt to open64(\"%s\", %s, %04o).", rpath, strflags, mode);
 	free(rpath); free(strflags);
 	if (action==A_WARN) return devnull;
 	errno=EACCES;
@@ -603,7 +626,7 @@
 		return _real_creat(path, mode);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to creat(\"%s\", %04o).", rpath, mode);
+	sb_log(1, "Attempt to creat(\"%s\", %04o).", rpath, mode);
 	free(rpath);
 	if (action==A_WARN) return devnull;
 	errno=EACCES;
@@ -619,7 +642,7 @@
 		return _real_creat64(path, mode);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to creat64(\"%s\", %04o).", rpath, mode);
+	sb_log(1, "Attempt to creat64(\"%s\", %04o).", rpath, mode);
 	free(rpath);
 	if (action==A_WARN) return devnull;
 	errno=EACCES;
@@ -637,7 +660,7 @@
 		return (FILE *) _real_fopen(path, mode);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to fopen(\"%s\", \"%s\").", rpath, mode);
+	sb_log(1, "Attempt to fopen(\"%s\", \"%s\").", rpath, mode);
 	free(rpath);
 	if (action==A_WARN) return devnull;
 	errno=EACCES;
@@ -654,7 +677,7 @@
 		return _real_remove(path);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to remove(\"%s\").", rpath);
+	sb_log(1, "Attempt to remove(\"%s\").", rpath);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -671,7 +694,7 @@
 		return _real_rename(oldpath, newpath);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to rename(\"%s\", \"%s\").", oldrpath, newrpath);
+	sb_log(1, "Attempt to rename(\"%s\", \"%s\").", oldrpath, newrpath);
 	free(oldrpath); free(newrpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -687,7 +710,7 @@
 		return _real_rmdir(path);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to rmdir(\"%s\").", rpath);
+	sb_log(1, "Attempt to rmdir(\"%s\").", rpath);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -705,7 +728,7 @@
 		return _real_symlink(oldpath, newpath);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to symlink(\"%s\", \"%s\").", oldpath, newrpath);
+	sb_log(1, "Attempt to symlink(\"%s\", \"%s\").", oldpath, newrpath);
 	free(newrpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -721,7 +744,7 @@
 		return _real_unlink(path);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to unlink(\"%s\").", rpath);
+	sb_log(1, "Attempt to unlink(\"%s\").", rpath);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -737,7 +760,7 @@
 		return _real_utime(path, buf);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to utime(\"%s\", %s).", rpath, str_utimbuf(buf));
+	sb_log(1, "Attempt to utime(\"%s\", %s).", rpath, str_utimbuf(buf));
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
@@ -753,7 +776,7 @@
 		return _real_utimes(path, tvp);
 	}
 	if (action==A_HALT) exit(0);
-	sb_log(0, "Attempt to utimes(\"%s\", NULL).", rpath);
+	sb_log(1, "Attempt to utimes(\"%s\", NULL).", rpath);
 	free(rpath);
 	if (action==A_WARN) return 0;
 	errno=EACCES;
Index: soapbox.sh
--- soapbox.sh.orig	2003-04-29 06:10:15.000000000 +0200
+++ soapbox.sh	2012-04-06 14:21:32.000000000 +0200
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!@l_prefix@/bin/bash
 
 ### This is the wrapper script for the Soapbox library
 ### Soapbox - A way to deny processes to write files outside some directories
@@ -90,6 +90,6 @@
 export SOAPBOXACTION SOAPBOXDEBUG SOAPBOXLOG SOAPBOXPATH
 
 ### Preload Soapbox
-export LD_PRELOAD="/lib/libsoapbox.so:$LD_PRELOAD"
+export LD_PRELOAD="@l_prefix@/libexec/soapbox/soapbox.so:$LD_PRELOAD"
 
-exec $@
+exec "$@"