packages/targetcli
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!19 [sync] PR-18: Fix changing savedir directory mode

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @wk333 
Signed-off-by: @wk333
This commit is contained in:
openeuler-ci-bot 2024-04-08 07:37:28 +00:00 committed by Gitee
commit 0c09206658
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 54 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
Fix-changing-savedir-directory-mode.patch Normal file
View File

@ -0,0 +1,48 @@
From b8eb1933d4fdcbe806edead8cfa94879d0fc2015 Mon Sep 17 00:00:00 2001
From: Lee Duncan <lduncan@suse.com>
Date: Mon, 24 Apr 2023 10:34:39 -0700
Subject: [PATCH] Fix changing savedir directory mode
Commit 9f5764dac39b ("saveconfig: set right perms on /etc/target/ dir")
fixed CVE-2020-13867 by ensuring that the mode of the target
meta-data directory (/etc/target) was always mode 0600. But users
can specify a different directory, such as "/tmp", and we don't
want targetcli changing the mode of such directories to 0600. So
only change the mode of the directory, when saving a config file,
if the directory is /etc/target.
---
targetcli/ui_root.py | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/targetcli/ui_root.py b/targetcli/ui_root.py
index 39e5ee9..79ee985 100644
--- a/targetcli/ui_root.py
+++ b/targetcli/ui_root.py
@@ -34,8 +34,9 @@ from .ui_backstore import complete_path, UIBackstores
from .ui_node import UINode
from .ui_target import UIFabricModule
-default_save_file = "/etc/target/saveconfig.json"
-universal_prefs_file = "/etc/target/targetcli.conf"
+default_target_dir = "/etc/target"
+default_save_file = os.path.join(default_target_dir, "saveconfig.json")
+universal_prefs_file = os.path.join(default_target_dir, "targetcli.conf")
class UIRoot(UINode):
'''
@@ -112,8 +113,9 @@ class UIRoot(UINode):
finally:
os.umask(umask_original)
else:
- if (os.stat(dirname).st_mode & 0o777) != mode:
- os.chmod(dirname, mode)
+ if dirname == default_target_dir:
+ if (os.stat(dirname).st_mode & 0o777) != mode:
+ os.chmod(dirname, mode)
def _save_backups(self, savefile):
'''
--
2.23.0

8
targetcli.spec
View File

@ -2,9 +2,10 @@ Name: targetcli
License: ASL 2.0
Summary: Generic SCSI target CLI shell
Version: 2.1.54
Release: 1
Release: 2
URL: https://github.com/open-iscsi/targetcli-fb
Source: https://github.com/open-iscsi/targetcli-fb/archive/v%{version}/targetcli-fb-%{version}.tar.gz
Patch01: Fix-changing-savedir-directory-mode.patch
BuildArch: noarch
BuildRequires: python3-devel python3-setuptools systemd
Requires: python3-rtslib target-restore python3-configshell python3-six python3-dbus python3-gobject-base
@ -20,7 +21,7 @@ Summary: Help document for the %{name} package
Help document for the %{name} package.
%prep
%setup -q -n targetcli-fb-%{version}
%autosetup -n targetcli-fb-%{version} -p1
%build
%py3_build
@ -47,6 +48,9 @@ install -m 644 systemd/* %{buildroot}%{_unitdir}/
%{_mandir}/man8/targetcli*.8*
%changelog
* Sun Apr 7 2024 yanshuai <yanshuai@kylinos.cn> - 2.1.54-2
- Fix changing savedir directory mode
* Wed Dec 29 2021 wulei <wulei80@huawei.com> - 2.1.54-1
- Package update