Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Verified by Ryan Lortie
http://lists.freedesktop.org/archives/hal/2007-June/008771.html
|
|
|
|
This was initially reported as a RHEL5 bug #241032, but after analysis
it was determine there is no security issue
Steve Grubb <sgrubb@redhat.com>:
> I was working on an IDS script and found this file:
>
> ls -l /media/.hal-mtab-lock
> --ws--Sr-x 1 root root 0 Nov 15 2006 /media/.hal-mtab-lock
>
> Looking at open 3p man page, if you pass the O_CREAT flag to open, it
> will look for arg 3 to get the mode. In this case it turns out to be
> the stack contents. I wonder how dangerous this could be if by random
> chance its setuid root and world writable?
David Zeuthen <davidz@redhat.com>:
> Steve, thanks for catching that. Using mode 0600 is the right
> approach; the lock file is private to HAL components all running as
> uid 0. Also, on HAL startup we need to delete the lock file otherwise
> it won't get recreated with the appropriate mode.
David Zeuthen <davidz@redhat.com>:
> Hmm, playing around with passing various modes in; when I pass 04777 I
> get this
>
> $ ls -l /media/.hal-mtab-lock
> -rwsr-xr-x 1 root root 0 2007-05-23 17:31 /media/.hal-mtab-lock
>
> which makes sense as hald calls umask(022) when it daemonizes and this is
> inherited by the process that creates the lock file. Hence, we will never ever
> write files in this situation that are world writable. Since the the lock file
> is always zero bytes we're good. There is no risk of attack here.
|
|
Trivial patch attached, required because the new thinkpads have a
vendor DMI string of LENOVO rather than IBM.
|
|
It appears that if the connection to D-Bus is lost or some such is
lost, HAL doesn't check the result of DBusPendingCall from
dbus_connection_send_with_reply() [1] to see if the result is not NULL
and as such an invalid case is being hit within the D-Bus API and
we're hitting a D-Bus assert and causing a crash.
Provided is a patch to see if it's NULL and handle it properly.
|
|
The spec say about SetPowerSave() on the
org.freedesktop.Hal.Device.SystemPowerManagement interface the return
type should be integer, but in
fdi/policy/10osvendor/10-power-mgmt-policy.fdi the return value type
get specified as boolean.
This patch change the type to Integer as the spec say and the code
allow since it forward the retun value of the called tool to set the
mode.
|
|
since the brightness-up event for IBM (Thinkpads) also get emitted via the
input layer and hotkey-setup HAL now (on actual kernel/systems) emit two
signals. One from the input device and one from ACPI. This patch removes the
ACPI event handling for this event.
|
|
Even if ext2 is quite old, there is no reason to not allow acl and
user_xattr on this kind of file system.
|
|
Since latest kernel have now "flush" support for vfat, it is a good idea
to allow this option for removable media mounting.
|
|
Attached patch fixes 0.5.9 branch french translation (I know it is dead
for main branch, but it is still better to keep it somewhere)..
|
|
This appends a value to a strlist if, and only if, it doesn't exist already.
|
|
Currently, the hal build will bomb if python isn't present on the
host system. Since python is only needed for the device-manager,
just warn if python isn't found.
|
|
|
|
|
|
|
|
Matthew recently fixed the FDIs to support newer MacBook Pro models.
Patch applies cleanly to 0.5.9 and git head.
(changed by davidz: s/smbios.system.product/system.hardware.product)
|
|
this tiny patch allows NTFS users to supply the 'utf8' mount option.
Yay unicode! :) It applies to 0.5.9 stable and git head.
|
|
Fix problems with the case where vid->label[0] is '\0'. Don't call
strdup_valid_utf8 in this case, simply ignore the label in this case.
Cleaned up the code to prevent code duplication.
This fix fd.o bug #10362.
|
|
Fix possible segfaults in probe-volume and libhal if vid->type ==
NULL. Adde d checks for vid->type != NULL to probe-volume.c and new
checks for parameter (LIBHAL_CHECK_PARAM_VALID) of
libhal_changeset_set_property_string().
This fix also fd.o bug #10429.
|
|
05_freebsd_partutil_make_fix.patch corrects the syntax in the
Makefile.am (don't forget to autoreconf) and I just inverted the logic
in it since we only want that code to compile on Linux so it'll fix it
for Solaris as well.
|
|
Fix issues with the FreeBSD backend using functions that were removed from
HAL prior to the 0.5.9 release. This patch wouldn't be available without the
help of Roy Marples.
Submitted by: Doug Goldstein <cardoe@gentoo.org>
|
|
Do not re-probe devices that are managed by hald-addon-storage since that
will result in a double-probe and data corruption. In particular, this
fixes a problem with CD unmounting when ATAPICAM is enabled.
|
|
There's a logic error in the check of the return from fdi cache regen.
Basically if exit_type wasn't HALD_RUN_SUCCESS (which is defined as 0)
or return_code isn't 0 or 2, then an error occurred. Based on the
order users would have the following in their logs.
12:54:13.827 [I] mmap_cache.c:137: In regen_cache_cb exit_type=0, return_code=0
12:54:13.827 [E] mmap_cache.c:190: fdi cache regeneration failed!
The following patch corrects the issue and should be applied to 0.5.9
branch as well.
|
|
this patch fixes the problem that one device can have get started the
same hald-addon-keyboard addon multiple times. This work only together
with my patch for the contains_not FDI-file directive.
(similar to commit 5745da44f3bb43dafd9b53cbfcfc1218619a5263 on master)
|
|
This patch fixes the contains_not FDI file directive/rule to return true (let
the match not fail) if the property is not set on the device. This allow to
have this rule:
<match key="info.addons" contains_not="hald-addon-input">
<append key="info.addons" type="strlist">hald-addon-input</append>
</match>
Without this patch this fails if info.addons is not already set. With the
change it would match if:
* info.addons is not available
or
* info.addons contains no string 'hald-addon-input'
|
|
|
|
> On Mittwoch, 4. April 2007, Richard Hughes wrote:
> > With git I'm getting the following when I remove AC:
> >
> > 15:56:02.865: acpi_ACAD property ac_adapter.present = false
> > 15:56:03.041: acpi_ACAD property ac_adapter.present = false
> > 15:56:03.048: acpi_BAT1 property battery.charge_level.percentage = 96
> > (0x60) 15:56:03.051: acpi_BAT1 property battery.charge_level.percentage =
> > 96 (0x60)
> >
> > acpi_listen seems to think that there is one event from either device,
> > so I'm unsure what the problem is here.
>
> I can confirm this, I take a look at the problem. It is IMO something in
> the acpi code, could not see this atm for other devices.
This is a general problem. The signal for device_property_changed is listed
twice in hald.c in function hald_get_gdl().
|
|
|
|
Reported here
http://lists.freedesktop.org/archives/hal/2007-April/007936.html
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also add missing id's to Docbook sections
|
|
|
|
Michael Biebl <mbiebl@gmail.com>:
$docdir was introduced in 2.59c (2006-04-12).
|
|
|
|
* Bump autoconf dependency to 2.59 so we have $(docdir)
* Remove custom $(DOCDIR) from configure.in and use $(docdir) in
doc/spec/Makefile.am instead
* Generate man pages during make time using sed as recommended [1].
* Use $(docdir), $(sbindir) and $(sysconfdir) instead of fixed paths.
* Generate man_MANS list automatically from MAN_IN_FILES
[1] http://tinyurl.com/yueld5
|
|
Updated German translation file, added new/missing strings, fixed
fuzzy marked strings and reactivated outcommented strings.
|
|
Added Swedish translation file (from fd.o bug # 10496).
|
|
Updated .gitignore entries.
|
|
Credit goes to Richard Hughes for figuring this out.
|
|
2007/4/1, David Zeuthen <david@fubar.dk>:
> On Sun, 2007-04-01 at 22:11 +0200, Michael Biebl wrote:
> > hald is a system daemon (installed in /usr/sbin). The correct section
> > for the man page is 8 in that case (current one is 1)
> > The attached patch fixes that.
>
> OK, I'm fine with this, but
>
> - need to patch configure.in
> - need to change all the references from hald(1) to hald(8)
> in the other man pages
>
> Is it possible you can attach a new patch that does this? Thanks.
Sure, updated patch attached.
|
|
Also add a note to the TODO list that we should have a
hal-fdi-file-validate tool much like desktop-file-validate
|
|
|
|
|