From patchwork Thu Apr 11 04:33:31 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alexander Koch <ipfire@starkstromkonsument.de>
X-Patchwork-Id: 2194
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256
	bits)) (Client CN "mail01.ipfire.org",
	Issuer "Let's Encrypt Authority X3" (verified OK))
	by web07.i.ipfire.org (Postfix) with ESMTPS id 80C5188AE0E
	for <patchwork@web07.i.ipfire.org>;
	Wed, 10 Apr 2019 19:33:47 +0100 (BST)
Received: from mail01.i.ipfire.org (localhost [IPv6:::1])
	by mail01.ipfire.org (Postfix) with ESMTP id 44fXqG2l2dz54tFS;
	Wed, 10 Apr 2019 19:33:46 +0100 (BST)
Received: from nx115.node02.secure-mailgate.com
	(nx115.node02.secure-mailgate.com [192.162.87.115])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (Client did not present a certificate)
	by mail01.ipfire.org (Postfix) with ESMTPS id 44fXqB6M6hz5Jltk
	for <development@lists.ipfire.org>;
	Wed, 10 Apr 2019 19:33:42 +0100 (BST)
Received: from dehamd003.servertools24.de ([31.47.254.18])
	by node02.secure-mailgate.com with esmtps
	(TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89)
	(envelope-from <ipfire@starkstromkonsument.de>) id 1hEI2Q-0004Sc-Oh
	for development@lists.ipfire.org; Wed, 10 Apr 2019 20:33:36 +0200
Received: from balthasar.starkstromlahn.spdns.org
	(dslb-084-058-233-099.084.058.pools.vodafone-ip.de [84.58.233.99])
	by dehamd003.servertools24.de (Postfix) with ESMTPSA id A031C829BD
	for <development@lists.ipfire.org>;
	Wed, 10 Apr 2019 20:33:30 +0200 (CEST)
From: Alexander Koch <ipfire@starkstromkonsument.de>
To: development@lists.ipfire.org
Subject: [PATCH 2/2] zabbix_agentd: Bugfix for /etc/sudoers.d/zabbix.user
Date: Wed, 10 Apr 2019 20:33:31 +0200
Message-Id: <1554921211-25082-2-git-send-email-ipfire@starkstromkonsument.de>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1554921211-25082-1-git-send-email-ipfire@starkstromkonsument.de>
References: <1554921211-25082-1-git-send-email-ipfire@starkstromkonsument.de>
X-Originating-IP: 31.47.254.18
X-SecureMailgate-Domain: dehamd003.servertools24.de
X-SecureMailgate-Username: 31.47.254.18
X-SecureMailgate-Outgoing-Class: ham
X-SecureMailgate-Outgoing-Evidence: SB/global_tokens (0.0029369495734)
X-Recommended-Action: accept
X-Filter-ID: 
 EX5BVjFpneJeBchSMxfU5hUNFsgUvrXKkjfuRszIlqR602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx
	q3u0UDjvO234slfrnEdiMqZNFIl3KV30wqEzzsz0qey7Lab92ZzcVTGbEWWnE2yTxqfzAQugcWkN
	xBO+TDBBTqESYGCa7fZIeZjZv1oz6oWKgngYgisMFP/fMVP0svmpWqdKA4I3N3DrsgLoQIlol112
	md4PmZ3JlwazEuJ5FLeAveAcO7l0w+pJdu/U5y6mAHsHsNznwP0sNOmRi6cQXeybw4h5I237Nx2K
	MWdgPAi++APAaUY2H/cuh5evaj1lUzaVjWgVraO5TPqzGal/PlyCuaPMa+bGc8PaqZZ/FzEG53Yo
	1Az82WYSex+Yt07uCbJsusiJ1enFl6U7B/q9vr26RhU4BBUKCWSUTFNQr/0+3Wrn3z4mZAHYStty
	JwNs842uSNa4g6nbUYC9vZnf4fImcGFWryFPdc1K732g9EPi7xo8Wp9kTj0vnzQjAfNrZP7n1LeG
	eKK/C81gOoBU6ImGA/jDxKHQHolQlVdf0A32Xtl5FAWD8PcNYjhf2jycpxDLnRQvahqZR3KVQgqF
	/fPYYAfEfsh8vxtiRg33QXGSIphMiXWCC9FNRPY+Qjtcw1Tac9RQfg8eoaFjEvxngj78E42ZRzRC
	eDH9N3eB9BCr6zOddR5JuNDWqJ6KrFwecMAdOl3qpbZNvhN3LQlcXUm7c+4sJSRnh3aBD/tcmet3
	Zo4q+SSEqmbxg8STUgC4l+e4A8RtcYolsVTQEvU0nWWkZ/ia0cfr7GBATpdNVurBzMBimKPtksoR
	cDbg12Tv4VmpR7oQilFfEoXm0/FPF8PR0w363lkp7CRvD0zVmMXBFJIO/P2EzM60voqUUzJmvILA
	kkfgIBTmPslPtdlVYjsJfUxq2BWGZPpEB5bBEGtcMe6NsBDXJ1BIeoH3OtGQlPz7rcJpxnT/6SRH
	ce0kbuowBkJn2HmzOVXCPWfYkC8dRIZCBp73c41iJg52m+VTJo4VLpieMaCzFPhUe2owRQVmBcsi
	ls6Wyfkf/bOJ2E0tsW8g1CuUMS+4ayUpOtEhdxekWDmK9g==
X-Report-Abuse-To: spam@node01.secure-mailgate.com
Authentication-Results: mail01.ipfire.org; dkim=none; dmarc=none;
	spf=pass (mail01.ipfire.org: domain of ipfire@starkstromkonsument.de
	designates 192.162.87.115 as permitted sender)
	smtp.mailfrom=ipfire@starkstromkonsument.de
X-Rspamd-Queue-Id: 44fXqB6M6hz5Jltk
X-Spamd-Result: default: False [-2.82 / 11.00]; ARC_NA(0.00)[];
	RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_XOIP(0.00)[];
	FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:192.162.87.0/24];
	TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain];
	PREVIOUSLY_DELIVERED(0.00)[development@lists.ipfire.org];
	TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1];
	RCVD_COUNT_THREE(0.00)[3];
	DMARC_NA(0.00)[starkstromkonsument.de];
	MX_GOOD(-0.01)[cached: mail.starkstromkonsument.de];
	MID_CONTAINS_FROM(1.00)[];
	RCVD_IN_DNSWL_NONE(0.00)[115.87.162.192.list.dnswl.org : 127.0.5.0];
	IP_SCORE(-0.51)[asn: 45031(-2.48), country: DE(-0.09)];
	FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[];
	MIME_TRACE(0.00)[0:+];
	ASN(0.00)[asn:45031, ipnet:192.162.84.0/22, country:DE];
	RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%];
	RECEIVED_SPAMHAUS_PBL(0.00)[99.233.58.84.zen.spamhaus.org :
	127.0.0.10]
X-Rspamd-Server: mail01.i.ipfire.org
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
	<mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <https://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
	<mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

Files containing an '~' or '.' are ignored by sudo when placed in the includedir /etc/sudoers.d This makes the file useless. The file is renamed to "zabbix" instead of "zabbix.user" to fix this.

See: https://www.sudo.ws/man/1.8.13/sudoers.man.html#Including_other_files_from_within_sudoers

Signed-off-by: Alexander Koch <ipfire@starkstromkonsument.de>
---
 config/backup/includes/zabbix_agentd    | 2 +-
 config/rootfiles/packages/zabbix_agentd | 2 +-
 lfs/zabbix_agentd                       | 2 +-
 src/paks/zabbix_agentd/update.sh        | 5 +++++
 4 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/config/backup/includes/zabbix_agentd b/config/backup/includes/zabbix_agentd
index b410dbe..cba18d7 100644
--- a/config/backup/includes/zabbix_agentd
+++ b/config/backup/includes/zabbix_agentd
@@ -1,2 +1,2 @@
-/etc/sudoers.d/zabbix.user
+/etc/sudoers.d/zabbix
 /etc/zabbix_agentd/*
diff --git a/config/rootfiles/packages/zabbix_agentd b/config/rootfiles/packages/zabbix_agentd
index db85238..eaecf26 100644
--- a/config/rootfiles/packages/zabbix_agentd
+++ b/config/rootfiles/packages/zabbix_agentd
@@ -1,6 +1,6 @@
 etc/logrotate.d/zabbix_agentd
 etc/rc.d/init.d/zabbix_agentd
-etc/sudoers.d/zabbix.user
+etc/sudoers.d/zabbix
 etc/zabbix_agentd
 etc/zabbix_agentd/scripts
 etc/zabbix_agentd/zabbix_agentd.conf
diff --git a/lfs/zabbix_agentd b/lfs/zabbix_agentd
index d7f7fc3..5e50235 100644
--- a/lfs/zabbix_agentd
+++ b/lfs/zabbix_agentd
@@ -108,7 +108,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 
 	# Install sudoers include file
 	install -v -m 644 $(DIR_SRC)/config/zabbix_agentd/sudoers \
-		/etc/sudoers.d/zabbix.user
+		/etc/sudoers.d/zabbix
 
 	# Install include file for backup
 	install -v -m 644 $(DIR_SRC)/config/backup/includes/zabbix_agentd \
diff --git a/src/paks/zabbix_agentd/update.sh b/src/paks/zabbix_agentd/update.sh
index 89c40d0..7fc1c96 100644
--- a/src/paks/zabbix_agentd/update.sh
+++ b/src/paks/zabbix_agentd/update.sh
@@ -24,3 +24,8 @@
 . /opt/pakfire/lib/functions.sh
 ./uninstall.sh
 ./install.sh
+
+# Ensure /etc/sudoers.d/zabbix.user is renamed to /etc/sudoers.d/zabbix
+if [ -e /etc/sudoers.d/zabbix.user ]; then
+	mv -v /etc/sudoers.d/zabbix.user /etc/sudoers.d/zabbix
+fi