floppy:x:19:
tape:x:20:
utmp:x:22:
-squid:x:23:
+squid:x:23:nobody
ntp:x:38:
dip:x:40:
mysql:x:41:
usr/local/bin/timectrl
#usr/local/bin/tripwirectrl
usr/local/bin/updxlratorctrl
-usr/local/bin/updxsetperms
usr/local/bin/upnpctrl
usr/local/bin/urlfilterctrl
usr/local/bin/wirelessctrl
add_to_backup etc/sysconfig/lm_sensors
add_to_backup etc/sysconfig/rc.local
add_to_backup usr/local/bin/vpn-watch
+add_to_backup usr/local/bin/updxsetperms
add_to_backup usr/libexec/ipsec
# Backup the files
exit 2
fi
+# Add user nobody to group squid.
+usermod -a -G squid nobody
+
echo
echo Update Kernel to $KVER ...
#
rm -f /usr/libexec/ipsec/{pluto,_pluto_adns,whack}
rm -f /usr/local/bin/vpn-watch
+# Remove update accelerator permissions script.
+rm -f /usr/local/bin/updxsetperms
+
#
#Extract files
tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
unless (-d "$repository/download/$vendorid")
{
system("mkdir -p $repository/download/$vendorid");
- #system("chmod 775 $repository/download/$vendorid");
+ chmod 0775, "$repository/download/$vendorid";
}
if($restartdl == 0)
unless (-d "$repository/$vendorid")
{
system("mkdir -p $repository/$vendorid");
- #system("chmod 775 $repository/$vendorid");
+ chmod 0775, "$repository/$vendorid";
}
unless (-d "$repository/$vendorid/$uuid")
{
system("mkdir -p $repository/$vendorid/$uuid");
- #system("chmod 775 $repository/$vendorid/$uuid");
+ chmod 0775, "$repository/$vendorid/$uuid";
}
&writelog("Moving file to the cache directory: $vendorid/$uuid");
&UPDXLT::setcachestatus("$repository/$vendorid/$uuid/checkup.log",time);
&UPDXLT::setcachestatus("$repository/$vendorid/$uuid/access.log",time);
- system("/usr/local/bin/updxsetperms");
- #system("chmod 775 $repository/$vendorid/$uuid/*");
+ # Update permissions of all files in the download directory.
+ my @files = (
+ "$repository/$vendorid/$uuid/source.url",
+ "$repository/$vendorid/$uuid/status",
+ "$repository/$vendorid/$uuid/checkup.log",
+ "$repository/$vendorid/$uuid/access.log",
+ "$repository/$vendorid/$uuid/$updatefile"
+ );
+ chmod 0664, @files;
unlink ("$repository/download/$vendorid/$updatefile.info");
smartctrl clamavctrl addonctrl pakfire mpfirectrl wlanapctrl \
setaliases urlfilterctrl updxlratorctrl fireinfoctrl rebuildroutes \
getconntracktable
-SUID_UPDX = updxsetperms
install : all
install -m 755 $(PROGS) /usr/local/bin
install -m 4750 -g nobody $(SUID_PROGS) /usr/local/bin
- install -m 4750 -g squid $(SUID_UPDX) /usr/local/bin
-all : $(PROGS) $(SUID_PROGS) $(SUID_UPDX)
+all : $(PROGS) $(SUID_PROGS)
clean :
- -rm -f $(PROGS) $(SUID_PROGS) $(SUID_UPDX) *.o core
+ -rm -f $(PROGS) $(SUID_PROGS) *.o core
######
$(PROGS): setuid.o
-$(SUID_UPDX): setuid.o
-
logwatch: logwatch.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ logwatch.c setuid.o ../install+setup/libsmooth/varval.o -o $@
setaliases: setaliases.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ setaliases.c setuid.o ../install+setup/libsmooth/varval.o -o $@
-updxsetperms: updxsetperms.c setuid.o ../install+setup/libsmooth/varval.o
- $(COMPILE) -I../install+setup/libsmooth/ updxsetperms.c setuid.o ../install+setup/libsmooth/varval.o -o $@
-
fireinfoctrl: fireinfoctrl.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ fireinfoctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@