Bug#287899: vdr: run as non-root user
Darren Salt
pkg-vdr-dvb-devel@lists.alioth.debian.org
Thu, 30 Dec 2004 19:45:37 +0000
This message is in MIME format which your mailer apparently does not support.
You either require a newer version of your software which supports MIME, or
a separate MIME decoding utility. Alternatively, ask the sender of this
message to resend it in a different format.
--53954486--1713177131--579965269
Content-Type: text/plain; charset=us-ascii
Package: vdr
Version: 1.2.6-5
Priority: wishlist
Patch and postinst/postrm scripts are attached for making vdr run as
non-root. (These are from my vdr 1.3.17 package. My runvdr is significantly
different, so I'm not attaching the init.d script.)
If more is needed, see my apt archive, or go directly to the directory
containing the vdr source and diffs:
<URL:http://zap.tartarus.org/~ds/debian/dists/sarge/main/source/misc/>
--
| Darren Salt | nr. Ashington, | RISC OS,
| ds@youmustbejoking.demon.co.uk | Northumberland | Linux
| ds@zap.tartarus.org | *Toon Army* | Say NO to UK ID cards
| http://www.no2id.net/
2+2=4. 2*2=4. 2^2=4. Therefore, +, *, and ^ are the same operation.
--53954486--1713177131--579965269
Content-Type: text/plain; charset=iso-8859-1; name="05_not_as_root.dpatch"
Content-Disposition: attachment; filename="05_not_as_root.dpatch"
Content-Transfer-Encoding: quoted-printable
#!/bin/sh /usr/share/dpatch/dpatch-run
## 02_not_as_root.dpatch by Darren Salt <linux@youmustbejoking.demon.co.u=
k>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Refuse to run as root.
@DPATCH@
diff -urNad vdr-1.3.17/vdr.c /tmp/dpep.r9beBp/vdr-1.3.17/vdr.c
--- vdr-1.3.17/vdr.c 2004-11-21 16:04:59.000000000 +0000
+++ /tmp/dpep.r9beBp/vdr-1.3.17/vdr.c 2004-11-21 16:05:00.000000000 +0000=
@@ -31,6 +31,7 @@
#include <stdlib.h>
#include <termios.h>
#include <unistd.h>
+#include <sys/types.h>
#include "audio.h"
#include "channels.h"
#include "config.h"
@@ -108,6 +109,9 @@
// Save terminal settings:
=20
struct termios savedTm;
+
+ bool isroot =3D !getuid () || !getgid () || !geteuid () || !getegid ()=
;
+ =20
bool HasStdin =3D (tcgetpgrp(STDIN_FILENO) =3D=3D getpid() || getppid(=
) !=3D (pid_t)1) && tcgetattr(STDIN_FILENO, &savedTm) =3D=3D 0;
=20
// Initiate locale:
@@ -158,7 +162,17 @@
};
=20
int c;
- while ((c =3D getopt_long(argc, argv, "a:c:dD:E:hl:L:mp:P:r:s:t:v:Vw:"=
, long_options, NULL)) !=3D -1) {
+ if (isroot)
+ while ((c =3D getopt_long(argc, argv, "a:c:dD:E:hl:L:mp:P:r:s:t:v:Vw=
:", long_options, NULL)) !=3D -1) {
+ switch (c) {
+ case 'h': DisplayHelp =3D true;
+ break;
+ case 'V': DisplayVersion =3D true;
+ break;
+ }
+ }
+ else
+ while ((c =3D getopt_long(argc, argv, "a:c:dD:E:hl:L:mp:P:r:s:t:v:Vw=
:", long_options, NULL)) !=3D -1) {
switch (c) {
case 'a': AudioCommand =3D optarg;
break;
@@ -255,9 +269,11 @@
// Help and version info:
=20
if (DisplayHelp || DisplayVersion) {
+ if (!isroot) {
if (!PluginManager.HasPlugins())
PluginManager.AddPlugin("*"); // adds all available plugins
PluginManager.LoadPlugins();
+ }
if (DisplayHelp) {
printf("Usage: vdr [OPTIONS]\n\n" // for easier orienta=
tion, this is column 80|
" -a CMD, --audio=3DCMD send Dolby Digital audio to=
stdin of command CMD\n"
@@ -300,7 +316,7 @@
}
if (DisplayVersion)
printf("vdr (%s) - The Video Disk Recorder\n", VDRVERSION);
- if (PluginManager.HasPlugins()) {
+ if (!isroot && PluginManager.HasPlugins()) {
if (DisplayHelp)
printf("Plugins: vdr -P\"name [OPTIONS]\"\n\n");
for (int i =3D 0; ; i++) {
@@ -320,6 +336,11 @@
return 0;
}
=20
+ if (isroot) {
+ fprintf (stderr, "%s: sorry, I refuse to run with root privileges\n=
", argv[0]);
+ return 0;
+ }
+
// Log file:
=20
if (SysLogLevel > 0)
--53954486--1713177131--579965269
Content-Type: text/plain; charset=iso-8859-1; name="vdr.postinst"
Content-Disposition: attachment; filename="vdr.postinst"
Content-Transfer-Encoding: quoted-printable
#! /bin/sh
# postinst script for vdr
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
#
# quoting from the policy:
# Any necessary prompting should almost always be confined to the
# post-installation script, and should be protected with a conditiona=
l
# so that unnecessary prompting doesn't happen if a package's
# installation fails and the `postinst' is called with `abort-upgrade=
',
# `abort-remove' or `abort-deconfigure'.
# source debconf lib
. /usr/share/debconf/confmodule
case "$1" in
configure)
# install channels.conf
db_get vdr/select_dvb_card
# move cfg files from /etc/vdr to /var/lib/vdr
for FILE in remote.conf setup.conf timers.conf; do
if [ -e /etc/vdr/$FILE -a ! -e /var/lib/vdr/$FILE ]; then
echo "Note: Moving /etc/vdr/$FILE to /var/lib/vdr/$FILE"
mv /etc/vdr/$FILE /var/lib/vdr/$FILE
fi
done
# install/move channels.conf
if [ ! -e /var/lib/vdr/channels.conf ]; then
if [ -e /etc/vdr/channels.conf ]; then
echo "Note: Moving /etc/vdr/channels.conf to /var/lib/vdr/channels.c=
onf"
mv /etc/vdr/channels.conf /var/lib/vdr/channels.conf
else
db_get vdr/select_dvb_card
case "$RET" in
Sattelite|Satellite)
gzip -dc /usr/share/doc/vdr/examples/channels.conf.gz > /var/lib/vdr/ch=
annels.conf
chmod 644 /var/lib/vdr/channels.conf
;;
Terrestrial)
gzip -dc /usr/share/doc/vdr/examples/channels.conf.terr.gz > /var/lib/v=
dr/channels.conf
chmod 644 /var/lib/vdr/channels.conf
;;
Cable)
gzip -dc /usr/share/doc/vdr/examples/channels.conf.cable.gz > /var/lib/=
vdr/channels.conf
chmod 644 /var/lib/vdr/channels.conf
;;
esac
fi
fi
# create needed devices nodes
if [ ! -e /dev/dvb ]; then
db_get vdr/create_devices
if $RET; then
# Create device nodes if they're not already
# present. Currently (at least, as of kernel
# 2.6.4), there's no sysfs support for this. I'm
# assuming that there's devfs support (memory says
# so).
if [ \! -e /dev/dvb ] && [ \! -f /dev/.devfsd ]; then
(cd /dev && ./MAKEDEV dvb)
fi
fi
fi
# check if /var/lib/video should be created
if [ ! -e /var/lib/video ]; then
db_get vdr/create_video_dir
if $RET; then
mkdir /var/lib/video
fi
fi
# move any erroneously-placed files from /var/lib/vdr/plugins
if [ -d /var/lib/vdr/plugins ] && [ ! -L /var/lib/vdr/plugins ]; then
find /var/lib/vdr/plugins ! -type d -maxdepth 1 -print0 |
xargs -0 -i mv -f {} /etc/vdr/plugins
rmdir /var/lib/vdr/plugins
ln -s /etc/vdr/plugins /var/lib/vdr/plugins
fi
# ensure that user and group 'vdr' exist
adduser --system --home /video --shell /bin/false --no-create-home \
--disabled-login --group vdr
# put vdr in group video so that it can access the DVB device nodes
adduser vdr video
# ensure that vdr's config and recording files are correctly owned
[ ! -e /var/lib/video ] || chown -R vdr:vdr /var/lib/video/
[ ! -e /var/lib/vdr ] || chown -R vdr:vdr /var/lib/vdr/
update-alternatives --install /usr/bin/vdr vdr /usr/bin/vdr-daemon 120
update-alternatives --install /usr/bin/vdr vdr /usr/bin/vdr-kbd 100
update-alternatives --install /usr/bin/vdr vdr /usr/bin/vdr-lirc 110
update-alternatives --install /usr/bin/vdr vdr /usr/bin/vdr-rcu 105
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0
--53954486--1713177131--579965269
Content-Type: text/plain; charset=iso-8859-1; name="vdr.postrm"
Content-Disposition: attachment; filename="vdr.postrm"
Content-Transfer-Encoding: quoted-printable
#! /bin/sh -e
#DEBHELPER#
exit 0
--53954486--1713177131--579965269--