diff options
| -rw-r--r-- | bus/Makefile.am | 4 | ||||
| -rw-r--r-- | bus/selinux.c | 8 | ||||
| -rw-r--r-- | configure.in | 26 | ||||
| -rw-r--r-- | dbus/Makefile.am | 4 | ||||
| -rw-r--r-- | dbus/dbus-internals.h | 2 | ||||
| -rw-r--r-- | dbus/dbus-sysdeps-util-unix.c | 5 | ||||
| -rw-r--r-- | dbus/dbus-sysdeps.c | 14 | ||||
| -rw-r--r-- | tools/dbus-launch.c | 7 |
8 files changed, 48 insertions, 22 deletions
diff --git a/bus/Makefile.am b/bus/Makefile.am index d521fa7b..4648a31d 100644 --- a/bus/Makefile.am +++ b/bus/Makefile.am @@ -1,7 +1,7 @@ configdir=$(sysconfdir)/dbus-1 -INCLUDES=-I$(top_srcdir) $(DBUS_BUS_CFLAGS) \ +INCLUDES=-I$(top_srcdir) $(DBUS_BUS_CFLAGS) @PIE_CFLAGS@ \ -DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\" \ -DDAEMON_NAME=\"dbus-daemon\" -DDBUS_COMPILATION @@ -77,7 +77,7 @@ dbus_daemon_LDADD= \ $(DBUS_BUS_LIBS) \ $(top_builddir)/dbus/libdbus-convenience.la -dbus_daemon_LDFLAGS=@R_DYNAMIC_LDFLAG@ @SECTION_LDFLAGS@ +dbus_daemon_LDFLAGS=@R_DYNAMIC_LDFLAG@ @SECTION_LDFLAGS@ @PIE_LDFLAGS@ LAUNCH_HELPER_SOURCES= \ $(XML_SOURCES) \ diff --git a/bus/selinux.c b/bus/selinux.c index 7fedba6f..8c7a6f83 100644 --- a/bus/selinux.c +++ b/bus/selinux.c @@ -113,7 +113,7 @@ static const struct avc_lock_callback lock_cb = static int audit_fd = -1; #endif -static void +void audit_init(void) { #ifdef HAVE_LIBAUDIT @@ -350,12 +350,8 @@ bus_selinux_full_init (void) freecon (bus_context); - audit_init (); - - return TRUE; -#else - return TRUE; #endif /* HAVE_SELINUX */ + return TRUE; } /** diff --git a/configure.in b/configure.in index 3dcd8bc6..4ed2e1c0 100644 --- a/configure.in +++ b/configure.in @@ -211,7 +211,17 @@ if test "x$GCC" = "xyes"; then case " $CFLAGS " in *[\ \ ]-fPIC[\ \ ]*) ;; *) if cc_supports_flag -fPIC; then - CFLAGS="$CFLAGS -fPIC" + PIC_CFLAGS="-fPIC" + PIC_LDFLAGS="-Wl,-z,relro" + fi + ;; + esac + + case " $CFLAGS " in + *[\ \ ]-fPIE[\ \ ]*) ;; + *) if cc_supports_flag -fPIE; then + PIE_CFLAGS="-fPIE" + PIE_LDFLAGS="-pie -Wl,-z,relro" fi ;; esac @@ -257,6 +267,11 @@ else fi fi +AC_SUBST(PIC_CFLAGS) +AC_SUBST(PIC_LDFLAGS) +AC_SUBST(PIE_CFLAGS) +AC_SUBST(PIE_LDFLAGS) + # Check for -Wl,--gc-sections AC_MSG_CHECKING([for ld that supports "-Wl,--gc-sections"]) AC_TRY_LINK([ @@ -268,8 +283,11 @@ if test "$ac_gcsections" = "yes"; then rm -f conftest.c touch conftest.c if $CC -c conftest.c; then - if $LD --gc-sections -o conftest conftest.o 2>&1 | \ - grep "Warning: gc-sections option ignored" > /dev/null; then + ld_out=`$LD --gc-sections -o conftest conftest.o 2>&1` + ld_ret=$? + if test $ld_ret -ne 0 ; then + ac_gcsections=no + elif echo "$ld_out" | egrep 'option ignored|^usage:|illegal option' >/dev/null ; then ac_gcsections=no fi fi @@ -571,7 +589,7 @@ fi AC_CHECK_LIB(socket,socket) AC_CHECK_FUNC(gethostbyname,,[AC_CHECK_LIB(nsl,gethostbyname)]) -AC_CHECK_FUNCS(vsnprintf vasprintf nanosleep usleep poll setenv unsetenv socketpair getgrouplist fpathconf setrlimit) +AC_CHECK_FUNCS(vsnprintf vasprintf nanosleep usleep poll setenv clearenv unsetenv socketpair getgrouplist fpathconf setrlimit) AC_MSG_CHECKING(for dirfd) AC_TRY_LINK([ diff --git a/dbus/Makefile.am b/dbus/Makefile.am index 81f90b9b..e966a438 100644 --- a/dbus/Makefile.am +++ b/dbus/Makefile.am @@ -1,7 +1,7 @@ configdir=$(sysconfdir)/dbus-1 -INCLUDES=-I$(top_builddir) -I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) -DDBUS_COMPILATION \ +INCLUDES=-I$(top_builddir) -I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) @PIC_CFLAGS@ -DDBUS_COMPILATION \ -DDBUS_MACHINE_UUID_FILE=\""$(localstatedir)/lib/dbus/machine-id"\" \ -DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\" \ -DDBUS_SESSION_CONFIG_FILE=\""$(configdir)/session.conf"\" @@ -173,7 +173,7 @@ noinst_LTLIBRARIES=libdbus-convenience.la libdbus_1_la_LIBADD= $(DBUS_CLIENT_LIBS) ## don't export symbols that start with "_" (we use this ## convention for internal symbols) -libdbus_1_la_LDFLAGS= -export-symbols-regex "^[^_].*" -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -no-undefined @R_DYNAMIC_LDFLAG@ +libdbus_1_la_LDFLAGS= -export-symbols-regex "^[^_].*" -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -no-undefined @R_DYNAMIC_LDFLAG@ @PIC_LDFLAGS@ libdbus_convenience_la_LDFLAGS=@R_DYNAMIC_LDFLAG@ diff --git a/dbus/dbus-internals.h b/dbus/dbus-internals.h index 43a46b83..3e5f989d 100644 --- a/dbus/dbus-internals.h +++ b/dbus/dbus-internals.h @@ -97,7 +97,7 @@ dbus_bool_t _dbus_is_verbose_real (void); # elif defined (HAVE_GNUC_VARARGS) # define _dbus_verbose(format...) # else -# error "This compiler does not support varargs macros and thus verbose mode can't be disabled meaningfully" +static void _dbus_verbose(const char * x,...) {;} # endif # define _dbus_verbose_reset() # define _dbus_is_verbose() FALSE diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index df967a38..e03e0b76 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -338,7 +338,7 @@ _dbus_change_to_daemon_user (const char *user, * run as ... doesn't really help. But keeps people happy. */ - if (!we_were_root) + if (we_were_root) { cap_value_t new_cap_list[] = { CAP_AUDIT_WRITE }; cap_value_t tmp_cap_list[] = { CAP_AUDIT_WRITE, CAP_SETUID, CAP_SETGID }; @@ -414,7 +414,7 @@ _dbus_change_to_daemon_user (const char *user, } #ifdef HAVE_LIBAUDIT - if (!we_were_root) + if (we_were_root) { if (cap_set_proc (new_caps)) { @@ -433,6 +433,7 @@ _dbus_change_to_daemon_user (const char *user, _dbus_strerror (errno)); return FALSE; } + audit_init(); } #endif diff --git a/dbus/dbus-sysdeps.c b/dbus/dbus-sysdeps.c index c76603a8..1a736e42 100644 --- a/dbus/dbus-sysdeps.c +++ b/dbus/dbus-sysdeps.c @@ -185,7 +185,19 @@ _dbus_getenv (const char *varname) dbus_bool_t _dbus_clearenv (void) { - return (clearenv () == 0); + dbus_bool_t rc = TRUE; + +#ifdef HAVE_CLEARENV + if (clearenv () != 0) + rc = FALSE; +#else + extern char **environ; + + if (environ != NULL) + environ[0] = NULL; +#endif + + return rc; } /* diff --git a/tools/dbus-launch.c b/tools/dbus-launch.c index 11b6e6a4..80d885f4 100644 --- a/tools/dbus-launch.c +++ b/tools/dbus-launch.c @@ -324,17 +324,16 @@ print_variables (const char *bus_address, pid_t bus_pid, long bus_wid, printf ("setenv DBUS_SESSION_BUS_ADDRESS '%s';\n", bus_address); printf ("set DBUS_SESSION_BUS_PID=%ld;\n", (long) bus_pid); if (bus_wid) - printf ("set DBUS_SESSION_BUS_WINDOWID=%ld;\n", (long) bus_wid); + printf ("set DBUS_SESSION_BUS_WINDOWID=%ld;\n", (long) bus_wid); fflush (stdout); } else if (bourne_shell_syntax) { printf ("DBUS_SESSION_BUS_ADDRESS='%s';\n", bus_address); - if (bourne_shell_syntax) - printf ("export DBUS_SESSION_BUS_ADDRESS;\n"); + printf ("export DBUS_SESSION_BUS_ADDRESS;\n"); printf ("DBUS_SESSION_BUS_PID=%ld;\n", (long) bus_pid); if (bus_wid) - printf ("DBUS_SESSION_BUS_WINDOWID=%ld;\n", (long) bus_wid); + printf ("DBUS_SESSION_BUS_WINDOWID=%ld;\n", (long) bus_wid); fflush (stdout); } else |