Added zypp-checkpatches and a suid-root zypp-checkpatches-wrapper.

diff --git a/VERSION b/VERSION
index 74c2d28..886a8c1 100644 (file)
--- a/VERSION
+++ b/VERSION
@@ -46,8 +46,8 @@ dnl
 dnl ==================================================
 m4_define([LIBZYPP_MAJOR],      [2])
 dnl ==================================================
-m4_define([LIBZYPP_MINOR],      [2])
+m4_define([LIBZYPP_MINOR],      [3])
 m4_define([LIBZYPP_COMPATMINOR], [2])
 dnl ==================================================
-m4_define([LIBZYPP_PATCH],      [3])
+m4_define([LIBZYPP_PATCH],      [0])
 dnl ==================================================

diff --git a/libzypp.spec.in b/libzypp.spec.in
index e9cb3cf..cbdcdd5 100644 (file)
--- a/libzypp.spec.in
+++ b/libzypp.spec.in
@@ -16,6 +16,7 @@ License:        GPL
 Group:          System/Packages
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Autoreqprov:    on
+PreReq:         permissions
 Summary:        Package, Patch, Pattern, and Product Management
 Version:        @VERSION@
 Release:        0
@@ -82,6 +83,10 @@ make install DESTDIR=$RPM_BUILD_ROOT
 
 %post
 %run_ldconfig
+%run_permissions
+
+%verifyscript
+%verify_permissions -e %{_sbindir}/zypp-checkpatches-wrapper
 
 %postun
 %run_ldconfig
@@ -91,6 +96,8 @@ make install DESTDIR=$RPM_BUILD_ROOT
 %files -f zypp.lang
 %defattr(-,root,root)
 %{_bindir}/zypper
+%{_sbindir}/zypp-checkpatches
+%verify(not mode) %attr (4750,root,root) %{_sbindir}/zypp-checkpatches-wrapper
 %dir %{_libdir}/libzypp*so.*
 %dir %{prefix}/share/zypp
 %{prefix}/share/zypp/*

diff --git a/package/libzypp.changes b/package/libzypp.changes
index 2a5f027..70b02c0 100644 (file)
--- a/package/libzypp.changes
+++ b/package/libzypp.changes
@@ -1,4 +1,9 @@
 -------------------------------------------------------------------
+Mon Oct  9 15:11:16 CEST 2006 - mvidner@suse.cz
+
+- Added zypp-checkpatches and a suid-root zypp-checkpatches-wrapper.
+
+-------------------------------------------------------------------
 Fri Oct  6 13:23:32 CEST 2006 - schubi@suse.de
 
 - select the best solution: prefering the total amount of install/update

diff --git a/tools/zmart/Makefile.am b/tools/zmart/Makefile.am
index 129e431..e702046 100644 (file)
--- a/tools/zmart/Makefile.am
+++ b/tools/zmart/Makefile.am
@@ -2,7 +2,8 @@
 ## ##################################################
 
 bin_PROGRAMS = zypper
-noinst_PROGRAMS = zmart zypp-checkpatches
+sbin_PROGRAMS = zypp-checkpatches zypp-checkpatches-wrapper
+noinst_PROGRAMS = zmart
 
 ## ##################################################
 
@@ -48,6 +49,11 @@ zypp_checkpatches_SOURCES =  zypp-checkpatches.cc zmart-sources.cc \
        zmart-updates.cc \
        zmart-updates.h \
        checkpatches-keyring-callbacks.h
+
+zypp_checkpatches_wrapper_SOURCES = zypp-checkpatches-wrapper.c
+# empty:
+zypp_checkpatches_wrapper_LDADD =
+
 #zmart_LDFLAGS =       -static
 
 .PHONY:        always

diff --git a/tools/zmart/zypp-checkpatches-wrapper.c b/tools/zmart/zypp-checkpatches-wrapper.c
new file mode 100644 (file)
index 0000000..4b0318e
--- /dev/null
+++ b/tools/zmart/zypp-checkpatches-wrapper.c
@@ -0,0 +1,33 @@
+/* A setuid-root wrapper for zypp-checkpatches */
+
+/* clearenv */
+#include <stdlib.h>
+/* chdir, execl */
+#include <unistd.h>
+/* perror */
+#include <stdio.h>
+
+#define WRAPPER_ERROR 101
+
+const char *app = "/usr/sbin/zypp-checkpatches";
+
+int main (void) {
+    /* cd / to avoid NFS problems */
+    if (chdir ("/")) {
+       perror ("chdir");
+       return WRAPPER_ERROR;
+    }
+    /* do not look at argv... done */
+    /* clear environment */
+    if (clearenv ()) {
+       fprintf (stderr, "clearenv failed\n");
+       return WRAPPER_ERROR;
+    }
+    /* set minimal environment... done */
+    /* execute the real application */
+    execl (app, app, (char *) NULL);
+
+    /* if we are still here, it has failed */
+    perror ("exec");
+    return WRAPPER_ERROR;
+}