From: Ryan Sundberg via Guix-patches via <guix-patches@gnu.org>
To: 48889@debbugs.gnu.org
Cc: Ryan Sundberg <ryan@arctype.co>
Subject: [bug#48889] [PATCH 2/4] Ceph: patch rbd to use $PATH lookups for modprobe
Date: Sun, 6 Jun 2021 11:52:02 -0700 [thread overview]
Message-ID: <20210606185204.17617-2-ryan@arctype.co> (raw)
In-Reply-To: <20210606185204.17617-1-ryan@arctype.co>
Removes hardcoded paths assumed in /sbin and /bin compiled into the
`rbd` tool.
Patch originally discussed at https://github.com/ceph/ceph/pull/20938
and rejected by upstream for ambiguous security concerns related to
relative paths.
---
.../patches/ceph-relative-paths.patch | 22 +++++++++++++++++++
gnu/packages/storage.scm | 2 +-
2 files changed, 23 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/ceph-relative-paths.patch
diff --git a/gnu/packages/patches/ceph-relative-paths.patch b/gnu/packages/patches/ceph-relative-paths.patch
new file mode 100644
index 0000000000..e1b1d3599f
--- /dev/null
+++ b/gnu/packages/patches/ceph-relative-paths.patch
@@ -0,0 +1,22 @@
+diff --git a/src/common/module.c b/src/common/module.c
+index f19f74324c..53355b8185 100644
+--- a/src/common/module.c
++++ b/src/common/module.c
+@@ -66,7 +66,7 @@ int module_has_param(const char *module, const char *param)
+ char command[128];
+
+ snprintf(command, sizeof(command),
+- "/sbin/modinfo -F parm %s | /bin/grep -q ^%s:",
++ "modinfo -F parm %s | grep -q ^%s:",
+ module, param);
+
+ return run_command(command) == 0;
+@@ -76,7 +76,7 @@ int module_load(const char *module, const char *options)
+ {
+ char command[128];
+
+- snprintf(command, sizeof(command), "/sbin/modprobe %s %s",
++ snprintf(command, sizeof(command), "modprobe %s %s",
+ module, (options ? options : ""));
+
+ return run_command(command);
diff --git a/gnu/packages/storage.scm b/gnu/packages/storage.scm
index d53327df75..b4f7d5e301 100644
--- a/gnu/packages/storage.scm
+++ b/gnu/packages/storage.scm
@@ -64,7 +64,7 @@
(base32
"0lmdri415hqczc9565s5m5568pnj97ipqxgnw6085kps0flwq5zh"))
(patches
- (search-patches "ceph-disable-cpu-optimizations.patch"))
+ (search-patches "ceph-disable-cpu-optimizations.patch" "ceph-relative-paths.patch"))
(modules '((guix build utils)))
(snippet
'(begin
--
2.31.1
next prev parent reply other threads:[~2021-06-06 22:13 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-06 18:52 [bug#48889] [PATCH 1/4] New package: bird bgp daemon, versions 1 and 2 Ryan Sundberg via Guix-patches via
2021-06-06 18:52 ` Ryan Sundberg via Guix-patches via [this message]
2021-06-07 9:40 ` [bug#48889] [PATCH 2/4] Ceph: patch rbd to use $PATH lookups for modprobe Maxime Devos
2021-06-06 18:52 ` [bug#48889] [PATCH 3/4] Ceph: upgrade minor version to latest stable release (14.2.21) Ryan Sundberg via Guix-patches via
2021-06-06 18:52 ` [bug#48889] [PATCH 4/4] bpftool: new package Ryan Sundberg via Guix-patches via
2021-06-07 9:50 ` Maxime Devos
2021-06-09 7:06 ` Ryan Sundberg via Guix-patches via
2021-06-07 9:35 ` [bug#48889] [PATCH 1/4] New package: bird bgp daemon, versions 1 and 2 Maxime Devos
2021-06-09 6:50 ` Ryan Sundberg via Guix-patches via
2021-06-18 15:40 ` Ryan Sundberg via Guix-patches via
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210606185204.17617-2-ryan@arctype.co \
--to=guix-patches@gnu.org \
--cc=48889@debbugs.gnu.org \
--cc=ryan@arctype.co \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.