Logcheck devel - Jul 2004 - [patch] logtail recheck permissions of offset files

hi

before checking in that chown fix,
i wanted you to take a look.
tested on my workstation.

basicaly the patch takes care that logtail saves the
offset file with the correct permissions.
when playing around lately with file tampering
and those invoking logcheck as root.
i got similar output to #253998

Alfie may point out that i should not invoke logcheck
as root, but i better fix that before users complain.
patch shameless copied from perlfunc(1)

a++ maks

ps if you know a better solution of dropping root
privileges right from the start like
if [ $UID = 0 ]; then become logcheck.
i'd like to hear it.


Index: src/logtail
==================================================================RCS file:
/cvsroot/logcheck/logcheck/src/logtail,v
retrieving revision 1.7
diff -u -r1.7 logtail
--- src/logtail	10 Jun 2004 09:34:05 -0000	1.7
+++ src/logtail	10 Jul 2004 14:48:23 -0000
@@ -24,6 +24,7 @@
 my ($size);
 use Getopt::Std;
 my %opts = ();
+my $user = 'logcheck';
 
 # process args and switches
 
@@ -100,5 +101,11 @@
     }
     print OFFSET "$ino\n$size\n";
     close OFFSET;
+
+    # make shure if invoked as root that file remains readable for cronjob
+    my ($login,$pass,$uid,$gid) = getpwnam($user)
+    or print "$user not in passwd file" and exit 73;
+    chown $uid, $gid, $offsetfile;
+
 }
 exit 0;


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :
http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040712/64b21a4d/attachment.pgp