Sophie

Sophie

distrib > Fedora > 14 > x86_64 > by-pkgid > 41a3fcccc31d84bf24e49697031749c9 > files > 4

mod_auth_shadow-2.2-8.fc14.src.rpm

Name:		mod_auth_shadow
Version:	2.2
Release:	8%{?dist}
Source:		http://downloads.sourceforge.net/mod-auth-shadow/%{name}-%{version}.tar.gz
Source1:	mod_auth_shadow.conf
Patch0:		mod_auth_shadow-2.2-CVE-2010-1151.patch
URL:		http://mod-auth-shadow.sourceforge.net
License:	GPLv2+
Group:		System Environment/Daemons
Summary:	An Apache module for authentication using /etc/shadow
BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires:	httpd-devel
%description

When performing this task one encounters one fundamental
difficulty: The /etc/shadow file is supposed to be
read/writeable only by root.  However, the webserver is
supposed to run under a non-root user, such as "nobody".

mod_auth_shadow addresses this difficulty by opening a pipe
to an suid root program, validate, which does the actual
validation.  When there is a failure, validate writes an
error message to the system log, and waits three seconds
before exiting.

%prep
%setup -q

sed -i 's#/usr/local#/usr#' makefile
sed -i 's/chown/#chown/' makefile
sed -i 's/chmod/#chmod/' makefile

%patch0 -p1 -b .CVE-2010-1151

%build
gcc -o validate validate.c -lcrypt
make %{?_smp_mflags} all

%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/%{_sbindir}
mkdir -p $RPM_BUILD_ROOT/%{_libdir}/httpd/modules
mkdir -p $RPM_BUILD_ROOT/etc/httpd/conf.d
install validate $RPM_BUILD_ROOT/%{_sbindir}
install .libs/mod_auth_shadow.so $RPM_BUILD_ROOT/%{_libdir}/httpd/modules
install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/httpd/conf.d/

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root)
%attr(4755,root,root) %{_sbindir}/validate
%{_libdir}/httpd/modules/*
%attr(0644,root,root) %config(noreplace) /etc/httpd/conf.d/%{name}.conf
%doc CHANGES INSTALL README COPYING

%changelog
* Fri Apr 09 2010 Jaroslav Reznik <jreznik@redhat.com> - 2.2-8
- CVE-2010-1151: bad wait(2) call causes randomized authorization (#578168)

* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Wed May 21 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 2.2-5
- fix license tag

* Mon Feb 18 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 2.2-4
- Autorebuild for GCC 4.3

* Tue Apr 03 2007 David Anderson <fedora-packaging@dw-perspective.org.uk> 2.2-3
- Removed chmod/chown from makefile (sometimes caused root builds to fail)

* Mon Apr 02 2007 David Anderson <fedora-packaging@dw-perspective.org.uk> 2.2-1
- Upstream new release (includes license file)

* Sat Mar 24 2007 David Anderson <fedora-packaging@dw-perspective.org.uk> 2.1-3
- First packaging for Fedora Extras (modified from upstream spec file)

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional