From carlj@peak.org  Thu Jul 25 18:03:50 2013
Return-Path: <carlj@peak.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hub.freebsd.org (Postfix) with ESMTP id D7797E35
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 25 Jul 2013 18:03:50 +0000 (UTC)
	(envelope-from carlj@peak.org)
Received: from mail-pa0-f46.google.com (mail-pa0-f46.google.com [209.85.220.46])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by mx1.freebsd.org (Postfix) with ESMTPS id AE1542745
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 25 Jul 2013 18:03:50 +0000 (UTC)
Received: by mail-pa0-f46.google.com with SMTP id fa1so2306458pad.33
        for <FreeBSD-gnats-submit@freebsd.org>; Thu, 25 Jul 2013 11:03:44 -0700 (PDT)
Received: from elm.localnet ([207.55.103.135])
        by mx.google.com with ESMTPSA id lo1sm11040330pab.19.2013.07.25.11.03.42
        for <FreeBSD-gnats-submit@freebsd.org>
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Thu, 25 Jul 2013 11:03:43 -0700 (PDT)
Received: from elm.localnet (localhost.localnet [127.0.0.1])
	by elm.localnet (Postfix) with ESMTP id EA9AF7613
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 25 Jul 2013 11:03:39 -0700 (PDT)
Received: (from carlj@localhost)
	by elm.localnet (8.14.5/8.14.5/Submit) id r6PI3duM069337;
	Thu, 25 Jul 2013 11:03:39 -0700 (PDT)
	(envelope-from carlj)
Message-Id: <201307251803.r6PI3duM069337@elm.localnet>
Date: Thu, 25 Jul 2013 11:03:39 -0700 (PDT)
From: Carl Johnson <carlj@peak.org>
Reply-To: Carl Johnson <carlj@peak.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: The devel/rbenv port changes ownership of /usr/local/libexec files.
X-Send-Pr-Version: 3.113
X-GNATS-Notify: fmb@onibox.net

>Number:         180851
>Category:       ports
>Synopsis:       The devel/rbenv port changes ownership of /usr/local/libexec files.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    jgh
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jul 25 18:10:00 UTC 2013
>Closed-Date:    Sun Aug 11 22:00:34 UTC 2013
>Last-Modified:  Sun Aug 11 22:10:00 UTC 2013
>Originator:     Carl Johnson
>Release:        FreeBSD 9.1-RELEASE amd64
>Organization:
>Environment:
System: FreeBSD elm.localnet 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 root@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
        rbenv-0.4.0_1
        The ports tree is from a portsnap on 2013-06-29.
        The base system is an otherwise unmodified 9.1-RELEASE.

	
>Description:
	
        I just installed the devel/rbenv port and discovered that it had
        reset the ownerships of all SUID and SGID files in
        /usr/local/libexec and included subdirectories.  After the
        installation, all of those were changed to root:wheel.  The
        periodic security script showed nine files changed in my case.
        I couldn't get the program to work, so the program needs other
        fixes and appears useless now.
>How-To-Repeat:
	
        I had just installed the devel/rbenv port (not package).
>Fix:
	
        No fix known to me, other than restore those from backup.


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Thu Jul 25 18:10:19 UTC 2013 
State-Changed-Why:  
Awaiting maintainers feedback (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=180851 

From: Edwin Groothuis <edwin@FreeBSD.org>
To: fmb@onibox.net
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/180851: The devel/rbenv port changes ownership of /usr/local/libexec files.
Date: Thu, 25 Jul 2013 18:10:18 UT

 Maintainer of devel/rbenv,
 
 Please note that PR ports/180851 has just been submitted.
 
 If it contains a patch for an upgrade, an enhancement or a bug fix
 you agree on, reply to this email stating that you approve the patch
 and a committer will take care of it.
 
 The full text of the PR can be found at:
     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/180851
 
 -- 
 Edwin Groothuis via the GNATS Auto Assign Tool
 edwin@FreeBSD.org
Responsible-Changed-From-To: freebsd-ports-bugs->jgh 
Responsible-Changed-By: jgh 
Responsible-Changed-When: Thu Jul 25 23:07:23 UTC 2013 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=180851 

From: Jason Helfman <jgh@FreeBSD.org>
To: Carl Johnson <carlj@peak.org>
Cc: bug-followup <bug-followup@freebsd.org>
Subject: Re: ports/180851: The devel/rbenv port changes ownership of
 /usr/local/libexec files.
Date: Thu, 25 Jul 2013 16:06:59 -0700

 --047d7b41bb0e5c1b5c04e25e151f
 Content-Type: text/plain; charset=ISO-8859-1
 
 Carl confirmed that this fix I had sent to him worked.
 From Carl:
 Yes it does fix the ownership problem.  I first found the files in a
 backup with:
     find . ! \( -user root -and -group wheel \) -ls
 and then changed the files manually since there were only 9 of them.  I
 still haven't figured out how to get the program to work even though the
 corresponding package in Debian Linux works fine, but I consider that a
 separate issue.  The ownership was what I considered the serious
 problem.  Thanks for the quick response.
 
 Index: devel/rbenv/Makefile
 ===================================================================
 --- devel/rbenv/Makefile    (revision 323665)
 +++ devel/rbenv/Makefile    (working copy)
 @@ -31,7 +31,7 @@
 
  do-install:
      @${INSTALL_SCRIPT} ${WRKSRC}/bin/ruby-local-exec ${PREFIX}/bin
 -    @( cd ${WRKSRC}/libexec && ${COPYTREE_BIN} \* ${PREFIX}/libexec )
 +    @( ${INSTALL_SCRIPT} ${WRKSRC}/libexec/* ${PREFIX}/libexec/ )
      @${LN} -sf ${PREFIX}/libexec/rbenv ${PREFIX}/bin/rbenv
      @${MKDIR} ${DATADIR}/completions
      @( cd ${WRKSRC}/completions && ${COPYTREE_BIN} \*
 ${DATADIR}/completions )
 
 --047d7b41bb0e5c1b5c04e25e151f
 Content-Type: text/html; charset=ISO-8859-1
 Content-Transfer-Encoding: quoted-printable
 
 <div dir=3D"ltr"><div>Carl confirmed that this fix I had sent to him worked=
 .<br>From Carl:<br>Yes it does fix the ownership problem. =A0I first found =
 the files in a<br>
 backup with:<br>
 =A0 =A0 find . ! \( -user root -and -group wheel \) -ls<br>
 and then changed the files manually since there were only 9 of them. =A0I<b=
 r>
 still haven&#39;t figured out how to get the program to work even though th=
 e<br>
 corresponding package in Debian Linux works fine, but I consider that a<br>
 separate issue. =A0The ownership was what I considered the serious<br>
 problem. =A0Thanks for the quick response.<br><br>Index: devel/rbenv/Makefi=
 le<br>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>--- devel/rben=
 v/Makefile=A0=A0=A0 (revision 323665)<br>+++ devel/rbenv/Makefile=A0=A0=A0 =
 (working copy)<br>
 @@ -31,7 +31,7 @@<br>=A0<br>=A0do-install:<br>=A0=A0=A0=A0 @${INSTALL_SCRIP=
 T} ${WRKSRC}/bin/ruby-local-exec ${PREFIX}/bin<br>-=A0=A0=A0 @( cd ${WRKSRC=
 }/libexec &amp;&amp; ${COPYTREE_BIN} \* ${PREFIX}/libexec )<br>+=A0=A0=A0 @=
 ( ${INSTALL_SCRIPT} ${WRKSRC}/libexec/* ${PREFIX}/libexec/ )<br>
 =A0=A0=A0=A0 @${LN} -sf ${PREFIX}/libexec/rbenv ${PREFIX}/bin/rbenv<br>=A0=
 =A0=A0=A0 @${MKDIR} ${DATADIR}/completions<br>=A0=A0=A0=A0 @( cd ${WRKSRC}/=
 completions &amp;&amp; ${COPYTREE_BIN} \* ${DATADIR}/completions )<br><br><=
 /div></div>
 
 --047d7b41bb0e5c1b5c04e25e151f--
State-Changed-From-To: feedback->closed 
State-Changed-By: jgh 
State-Changed-When: Sun Aug 11 22:00:33 UTC 2013 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=180851 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/180851: commit references a PR
Date: Sun, 11 Aug 2013 22:00:21 +0000 (UTC)

 Author: jgh
 Date: Sun Aug 11 22:00:09 2013
 New Revision: 324606
 URL: http://svnweb.freebsd.org/changeset/ports/324606
 
 Log:
   - sanitize installation to not clobber suid/guid files
   - while here print installation
   
   Previous installations reset the ownerships of all
   SUID and SGID files in /usr/local/libexec and
   included subdirectories to root:wheel.
   PR:		180851
   Reported by:	Carl Johnson <carlj@peak.org>
   Submitted by:	jgh@
   Approved by:	fmb@onibox.net (maintainer timeout, > 14days )
 
 Modified:
   head/devel/rbenv/Makefile
 
 Modified: head/devel/rbenv/Makefile
 ==============================================================================
 --- head/devel/rbenv/Makefile	Sun Aug 11 21:04:10 2013	(r324605)
 +++ head/devel/rbenv/Makefile	Sun Aug 11 22:00:09 2013	(r324606)
 @@ -2,7 +2,7 @@
  
  PORTNAME=	rbenv
  PORTVERSION=	0.4.0
 -PORTREVISION=	1
 +PORTREVISION=	2
  CATEGORIES=	devel ruby
  MASTER_SITES=	GH
  
 @@ -30,10 +30,10 @@ post-patch:
  	@${REINPLACE_CMD} -e "s|\$$root/completions|${DATADIR}/completions|g" ${WRKSRC}/libexec/rbenv-init
  
  do-install:
 -	@${INSTALL_SCRIPT} ${WRKSRC}/bin/ruby-local-exec ${PREFIX}/bin
 -	@( cd ${WRKSRC}/libexec && ${COPYTREE_BIN} \* ${PREFIX}/libexec )
 +	${INSTALL_SCRIPT} ${WRKSRC}/bin/ruby-local-exec ${PREFIX}/bin
 +	( ${INSTALL_SCRIPT} ${WRKSRC}/libexec/* ${PREFIX}/libexec/ )
  	@${LN} -sf ${PREFIX}/libexec/rbenv ${PREFIX}/bin/rbenv
  	@${MKDIR} ${DATADIR}/completions
 -	@( cd ${WRKSRC}/completions && ${COPYTREE_BIN} \* ${DATADIR}/completions )
 +	( cd ${WRKSRC}/completions && ${COPYTREE_BIN} \* ${DATADIR}/completions )
  
  .include <bsd.port.mk>
 _______________________________________________
 svn-ports-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-ports-all
 To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
 
>Unformatted:
