From 8a92100bbed2ba5cb16a1ede36214fa7d2f43e43 Mon Sep 17 00:00:00 2001
From: "John (J5) Palmieri" <johnp@redhat.com>
Date: Wed, 3 Oct 2007 15:21:57 -0400
Subject: Correctly implement -fPIC and -fPIE

* For security reasons we want possition independent code for libraries
  and possition independent executable for executables
* before we were just enabling -fPIC
* now we correctly enable -fPIC and -PIE for libdbus and the bus respectively
* propper LD_FLAGS are set for each also
---
 dbus/Makefile.am | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'dbus')

diff --git a/dbus/Makefile.am b/dbus/Makefile.am
index 81f90b9b..e966a438 100644
--- a/dbus/Makefile.am
+++ b/dbus/Makefile.am
@@ -1,7 +1,7 @@
 
 configdir=$(sysconfdir)/dbus-1
 
-INCLUDES=-I$(top_builddir) -I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) -DDBUS_COMPILATION	\
+INCLUDES=-I$(top_builddir) -I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) @PIC_CFLAGS@ -DDBUS_COMPILATION	\
 	-DDBUS_MACHINE_UUID_FILE=\""$(localstatedir)/lib/dbus/machine-id"\"		\
 	-DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\"			\
 	-DDBUS_SESSION_CONFIG_FILE=\""$(configdir)/session.conf"\"
@@ -173,7 +173,7 @@ noinst_LTLIBRARIES=libdbus-convenience.la
 libdbus_1_la_LIBADD= $(DBUS_CLIENT_LIBS)
 ## don't export symbols that start with "_" (we use this 
 ## convention for internal symbols)
-libdbus_1_la_LDFLAGS= -export-symbols-regex "^[^_].*" -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -no-undefined @R_DYNAMIC_LDFLAG@
+libdbus_1_la_LDFLAGS= -export-symbols-regex "^[^_].*" -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -no-undefined @R_DYNAMIC_LDFLAG@ @PIC_LDFLAGS@
 
 libdbus_convenience_la_LDFLAGS=@R_DYNAMIC_LDFLAG@
 
-- 
cgit 


From adb0270edf6ffae2f2d9d319aed7737f85fa6ec2 Mon Sep 17 00:00:00 2001
From: "John (J5) Palmieri" <johnp@redhat.com>
Date: Wed, 3 Oct 2007 17:02:23 -0400
Subject: fd.o bug #11872 fix clearenv for systems that do not have it

* patch from Brian Cameron <brian.cameron at sun.com>
---
 dbus/dbus-sysdeps.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'dbus')

diff --git a/dbus/dbus-sysdeps.c b/dbus/dbus-sysdeps.c
index c76603a8..1a736e42 100644
--- a/dbus/dbus-sysdeps.c
+++ b/dbus/dbus-sysdeps.c
@@ -185,7 +185,19 @@ _dbus_getenv (const char *varname)
 dbus_bool_t
 _dbus_clearenv (void)
 {
-  return (clearenv () == 0);
+  dbus_bool_t rc = TRUE;
+
+#ifdef HAVE_CLEARENV
+  if (clearenv () != 0)
+     rc = FALSE;
+#else
+  extern char **environ;
+
+  if (environ != NULL)
+    environ[0] = NULL;
+#endif
+
+  return rc;
 }
 
 /*
-- 
cgit 


From 09aa69e0153e66326c6746ec7e4841567d44ccdb Mon Sep 17 00:00:00 2001
From: "John (J5) Palmieri" <johnp@redhat.com>
Date: Wed, 3 Oct 2007 17:29:45 -0400
Subject: fd.o bug #12429 Reverse check to setpcap and only init audit if we
 were root

* patch by Dan Walsh <dwalsh@redhat.com>
* https://bugs.freedesktop.org/show_bug.cgi?id=12429
* Reverse we_were_root check to setpcap if we were root.  Also only init
  audit if we were root.  So error dbus message will not show up when policy
  reload happens.  dbus -session will no longer try to send audit message,
  only system will.
---
 dbus/dbus-sysdeps-util-unix.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'dbus')

diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c
index df967a38..e03e0b76 100644
--- a/dbus/dbus-sysdeps-util-unix.c
+++ b/dbus/dbus-sysdeps-util-unix.c
@@ -338,7 +338,7 @@ _dbus_change_to_daemon_user  (const char    *user,
    * run as ... doesn't really help. But keeps people happy.
    */
     
-  if (!we_were_root)
+  if (we_were_root)
     {
       cap_value_t new_cap_list[] = { CAP_AUDIT_WRITE };
       cap_value_t tmp_cap_list[] = { CAP_AUDIT_WRITE, CAP_SETUID, CAP_SETGID };
@@ -414,7 +414,7 @@ _dbus_change_to_daemon_user  (const char    *user,
     }
   
 #ifdef HAVE_LIBAUDIT
-  if (!we_were_root)
+  if (we_were_root)
     {
       if (cap_set_proc (new_caps))
         {
@@ -433,6 +433,7 @@ _dbus_change_to_daemon_user  (const char    *user,
                           _dbus_strerror (errno));
           return FALSE;
         }
+      audit_init();
     }
 #endif
 
-- 
cgit 


From 79aafc193176253454dd455a4cfc45a1a2e36c00 Mon Sep 17 00:00:00 2001
From: "John (J5) Palmieri" <johnp@redhat.com>
Date: Wed, 3 Oct 2007 17:54:09 -0400
Subject: fd.o bug #11678 Don't error out if compiler does not support vararg
 macros

* _dbus_verbose is the only function that does this so make it a noop if
  vararg macros are not supported
* https://bugs.freedesktop.org/show_bug.cgi?id=11678
---
 dbus/dbus-internals.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'dbus')

diff --git a/dbus/dbus-internals.h b/dbus/dbus-internals.h
index 43a46b83..3e5f989d 100644
--- a/dbus/dbus-internals.h
+++ b/dbus/dbus-internals.h
@@ -97,7 +97,7 @@ dbus_bool_t _dbus_is_verbose_real (void);
 #  elif defined (HAVE_GNUC_VARARGS)
 #    define _dbus_verbose(format...)
 #  else
-#    error "This compiler does not support varargs macros and thus verbose mode can't be disabled meaningfully"
+static void _dbus_verbose(const char * x,...) {;}
 #  endif
 #  define _dbus_verbose_reset()
 #  define _dbus_is_verbose() FALSE 
-- 
cgit