1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
--- rpm2targz.orig 2005-06-15 10:19:12.000000000 -0400
+++ rpm2targz 2005-06-15 12:55:10.000000000 -0400
@@ -2,6 +2,7 @@
# Copyright 1997, 1998 Patrick Volkerding, Moorhead, MN USA
# Copyright 2002 Slackware Linux, Inc., Concord, CA USA
# All rights reserved.
+# $Header: /var/cvsroot/gentoo-x86/app-arch/rpm2targz/files/rpm2targz-9.0-secure_temp_handling.patch,v 1.1 2005/06/25 12:40:21 liquidx Exp $
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
@@ -23,20 +24,24 @@
# debug switch to allow to bypass use of rpm2cpio provided by the rpm package
USERPM2CPIO=true
-if [ "$TMPDIR" = "" ]; then
- TMPDIR=/tmp
+[ "$TMPDIR" == "" ] && TMPDIR=/tmp
+if [ ! -d "$TMPDIR" ]; then
+ echo "TMPDIR=$TMPDIR is not a dir" > /dev/stderr
+ exit 1
fi
-# If mcookie is available, use it for better /tmp security.
-if [ -x `which mcookie` ]; then
- COOKIE=`mcookie`
-else
- COOKIE=$$
+WORKDIR=`mktemp -d $TMPDIR/$$XXXXXX`
+if [ $? != 0 ]; then
+ echo "Failed to make tmp workdir for file i/o conversion" > /dev/stderr
+ exit 1
fi
+
if [ "$1" = "" ]; then
echo "$0: Converts RPM format to standard GNU tar + GNU zip format."
- echo " (view converted packages with \"less\", install and remove"
- echo " with \"installpkg\", \"removepkg\", \"pkgtool\", or manually"
- echo " with \"tar\")"
+ if [ -e /etc/slackware-version ]; then
+ echo " (view converted packages with \"less\", install and remove"
+ echo " with \"installpkg\", \"removepkg\", \"pkgtool\", or manually"
+ echo " with \"tar\")"
+ fi
echo
echo "Usage: $0 <file.rpm>"
if [ "`basename $0`" = "rpm2tgz" ]; then
@@ -50,12 +55,11 @@
if [ ! "$1" = "$*" ]; then
echo "Processing file: $i"
fi
- rm -rf $TMPDIR/rpm2targz$COOKIE # clear the way, just in case of mischief
- mkdir $TMPDIR/rpm2targz$COOKIE
+ rm -rf ${WORKDIR}/* || exit 1 ; # clear the way, just in case of mischief
# Determine if this is a source or binary RPM.
# If we have getrpmtype, use that. Otherwise, try "file".
- if which getrpmtype 1> /dev/null 2> /dev/null; then
+ if type -p getrpmtype 1> /dev/null 2> /dev/null; then
if getrpmtype -n $i | grep source 1> /dev/null 2> /dev/null ; then
isSource=1
else
@@ -69,12 +73,12 @@
fi
fi
- ofn=$TMPDIR/rpm2targz$COOKIE/`basename $i .rpm`.cpio
+ ofn=${WORKDIR}/`basename $i .rpm`.cpio
if $USERPM2CPIO && which rpm2cpio 1> /dev/null 2> /dev/null ; then
rpm2cpio $i > $ofn 2> /dev/null
if [ ! $? = 0 ]; then
echo "... rpm2cpio failed. (maybe $i is not an RPM?)"
- ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE )
+ ( rm -rf "${WORKDIR}/*" )
continue
fi
else # less reliable than rpm2cpio...
@@ -90,7 +94,7 @@
decomp="bzip2"
else
echo " $i - no magic compression identifier found - skipping file"
- ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE )
+ ( rm -rf "${WORKDIR}/*" )
continue
fi
echo -n " trying to decompress with ${decomp}..."
@@ -100,11 +104,11 @@
else
echo " FAILED"
echo " $i failed to decompress - skipping file"
- ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE )
+ ( rm -rf "${WORKDIR}/*" )
continue
fi
fi
- DEST=$TMPDIR/rpm2targz$COOKIE
+ DEST=${WORKDIR}
#if [ "$isSource" = "1" ]; then
# DEST=$DEST/$(basename $(basename $i .rpm) .src)
#fi
@@ -113,11 +117,12 @@
cpio --extract --preserve-modification-time --make-directories < $ofn 1> /dev/null 2> /dev/null
rm -f $ofn
find . -type d -perm 700 -exec chmod 755 {} \; )
- ( cd $TMPDIR/rpm2targz$COOKIE ; tar cf - . ) > `basename $i .rpm`.tar
+ ( cd ${WORKDIR} ; tar cf - . ) > `basename $i .rpm`.tar
gzip -9 `basename $i .rpm`.tar
if [ "`basename $0`" = "rpm2tgz" ]; then
mv `basename $i .rpm`.tar.gz `basename $i .rpm`.tgz
fi
- ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE )
+ ( rm -rf "${WORKDIR}/*" )
echo
done
+rm -rf ${WORKDIR}
|
GitWeb