[bug#48889] [PATCH 2/4] Ceph: patch rbd to use $PATH lookups for modprobe

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: Ryan Sundberg via Guix-patches via <guix-patches@gnu.org>
To: 48889@debbugs.gnu.org
Cc: Ryan Sundberg <ryan@arctype.co>
Subject: [bug#48889] [PATCH 2/4] Ceph: patch rbd to use $PATH lookups for modprobe
Date: Sun,  6 Jun 2021 11:52:02 -0700	[thread overview]
Message-ID: <20210606185204.17617-2-ryan@arctype.co> (raw)
In-Reply-To: <20210606185204.17617-1-ryan@arctype.co>

Removes hardcoded paths assumed in /sbin and /bin compiled into the
`rbd` tool.

Patch originally discussed at https://github.com/ceph/ceph/pull/20938
and rejected by upstream for ambiguous security concerns related to
relative paths.
---
 .../patches/ceph-relative-paths.patch         | 22 +++++++++++++++++++
 gnu/packages/storage.scm                      |  2 +-
 2 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/ceph-relative-paths.patch

diff --git a/gnu/packages/patches/ceph-relative-paths.patch b/gnu/packages/patches/ceph-relative-paths.patch
new file mode 100644
index 0000000000..e1b1d3599f
--- /dev/null
+++ b/gnu/packages/patches/ceph-relative-paths.patch
@@ -0,0 +1,22 @@
+diff --git a/src/common/module.c b/src/common/module.c
+index f19f74324c..53355b8185 100644
+--- a/src/common/module.c
++++ b/src/common/module.c
+@@ -66,7 +66,7 @@ int module_has_param(const char *module, const char *param)
+ 	char command[128];
+ 
+ 	snprintf(command, sizeof(command),
+-		 "/sbin/modinfo -F parm %s | /bin/grep -q ^%s:",
++		 "modinfo -F parm %s | grep -q ^%s:",
+ 		 module, param);
+ 
+ 	return run_command(command) == 0;
+@@ -76,7 +76,7 @@ int module_load(const char *module, const char *options)
+ {
+ 	char command[128];
+ 
+-	snprintf(command, sizeof(command), "/sbin/modprobe %s %s",
++	snprintf(command, sizeof(command), "modprobe %s %s",
+ 		 module, (options ? options : ""));
+ 
+ 	return run_command(command);
diff --git a/gnu/packages/storage.scm b/gnu/packages/storage.scm
index d53327df75..b4f7d5e301 100644
--- a/gnu/packages/storage.scm
+++ b/gnu/packages/storage.scm
@@ -64,7 +64,7 @@
                (base32
                 "0lmdri415hqczc9565s5m5568pnj97ipqxgnw6085kps0flwq5zh"))
               (patches
-               (search-patches "ceph-disable-cpu-optimizations.patch"))
+               (search-patches "ceph-disable-cpu-optimizations.patch" "ceph-relative-paths.patch"))
               (modules '((guix build utils)))
               (snippet
                '(begin
-- 
2.31.1

next prev parent reply	other threads:[~2021-06-06 22:13 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-06 18:52 [bug#48889] [PATCH 1/4] New package: bird bgp daemon, versions 1 and 2 Ryan Sundberg via Guix-patches via
2021-06-06 18:52 ` Ryan Sundberg via Guix-patches via [this message]
2021-06-07  9:40   ` [bug#48889] [PATCH 2/4] Ceph: patch rbd to use $PATH lookups for modprobe Maxime Devos
2021-06-06 18:52 ` [bug#48889] [PATCH 3/4] Ceph: upgrade minor version to latest stable release (14.2.21) Ryan Sundberg via Guix-patches via
2021-06-06 18:52 ` [bug#48889] [PATCH 4/4] bpftool: new package Ryan Sundberg via Guix-patches via
2021-06-07  9:50   ` Maxime Devos
2021-06-09  7:06     ` Ryan Sundberg via Guix-patches via
2021-06-07  9:35 ` [bug#48889] [PATCH 1/4] New package: bird bgp daemon, versions 1 and 2 Maxime Devos
2021-06-09  6:50   ` Ryan Sundberg via Guix-patches via
2021-06-18 15:40     ` Ryan Sundberg via Guix-patches via

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:d53327df7 dfblob:e1b1d3599 dfblob:b4f7d5e30
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210606185204.17617-2-ryan@arctype.co \
    --to=guix-patches@gnu.org \
    --cc=48889@debbugs.gnu.org \
    --cc=ryan@arctype.co \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.