freebsd/ports
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
01ae4b554bf6ddb7ad03637842da170efa06da35
ports/net/rtg/files/patch-etc_createdb.in
Rodrigo Osorio 4a551ab449 Patch createdb script to avoid race condition / file tampering 
During the initialization net/rtg uses the /tmp/mysql.sql
and /tmp/rtg.sql to store the SQL commands executed in the
database with special user privileges.

Using well known files can lead to a race condition between
two process who uses the same file names and allow file
tampering by a malicious user.

This fix uses mktemp command to create temporary files
in a safe way

PR:		238262
Submitted by:	rodrigo
Approved by:	freebsd-ports@dan.me.uk (maintainer timeout)
MFH:	2019Q3
2019-07-23 14:47:15 +00:00

161 lines
4.9 KiB
Plaintext
Raw Blame History

--- etc/createdb.in.orig 2003-01-22 19:07:02 UTC
+++ etc/createdb.in
@@ -15,6 +15,8 @@
RTGPASS="rtgdefault"
DATABASE="rtg"
USER="snmp"
+MYSQL_FILE=`mktemp -q /tmp/mysql.XXXXXX`
+RTG_FILE=`mktemp -q /tmp/rtg.XXXXXX`
echo ""
echo "$0 setting up MySQL database for RTG."
@@ -22,103 +24,98 @@
echo ""
# Create the necessary SQL in two /tmp files
-cat <<EOT >/tmp/mysql.sql
-INSERT INTO user (Host, User, Password) VALUES ('$HOST','$USER',PASSWORD("$RTGPASS"));
-INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv,
-Create_priv, Drop_priv, Grant_priv, References_priv, Index_priv, Alter_priv)
-VALUES ('$HOST','$DATABASE','$USER','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y');
-FLUSH PRIVILEGES;
+cat <<EOT >$MYSQL_FILE
+CREATE USER '$USER'@'$HOST' IDENTIFIED BY '$RTG_PASS';
+GRANT ALL ON '$DATABASE'.* TO '$USER'@'$HOST';
EOT
-cat <<EOT >/tmp/rtg.sql
+cat <<EOT >$RTG_FILE
#
# Table structure for table 'router'
#
-CREATE TABLE router (
- rid int(11) unsigned NOT NULL auto_increment,
- name char(120) NOT NULL default '',
- pop char(10) NOT NULL default '',
- popid tinyint(3) unsigned NOT NULL default '0',
- PRIMARY KEY (rid)
+CREATE TABLE `router` (
+ `rid` int(11) unsigned NOT NULL auto_increment,
+ `name` char(120) NOT NULL default '',
+ `pop` char(10) NOT NULL default '',
+ `popid` tinyint(3) unsigned NOT NULL default '0',
+ PRIMARY KEY (`rid`)
);
#
# Table structure for table 'interface'
#
-CREATE TABLE interface (
- id int(11) unsigned NOT NULL auto_increment,
- name char(255) NOT NULL default '',
- rid int(11) NOT NULL default '0',
- speed bigint(11) default NULL,
- description char(255) default NULL,
- status enum('active','inactive') default 'active',
- PRIMARY KEY (id)
+CREATE TABLE `interface` (
+ `id` int(11) unsigned NOT NULL auto_increment,
+ `name` char(255) NOT NULL default '',
+ `rid` int(11) NOT NULL default '0',
+ `speed` bigint(11) default NULL,
+ `description` char(255) default NULL,
+ `status` enum('active','inactive') default 'active',
+ PRIMARY KEY (`id`)
);
#
# Table structure for table 'ifInOctets'
#
-CREATE TABLE ifInOctets (
- id int(11) NOT NULL default '0',
- dtime datetime NOT NULL default '0000-00-00 00:00:00',
- counter bigint(20) NOT NULL default '0',
- KEY ifInOctets_idx (dtime)
+CREATE TABLE `ifInOctets` (
+ `id` int(11) NOT NULL default '0',
+ `dtime` datetime NOT NULL default '0000-00-00 00:00:00',
+ `counter` bigint(20) NOT NULL default '0',
+ KEY `ifInOctets_idx` (`dtime`)
);
#
# Table structure for table 'ifOutOctets'
#
-CREATE TABLE ifOutOctets (
- id int(11) NOT NULL default '0',
- dtime datetime NOT NULL default '0000-00-00 00:00:00',
- counter bigint(20) NOT NULL default '0',
- KEY ifOutOctets_idx (dtime)
+CREATE TABLE `ifOutOctets` (
+ `id` int(11) NOT NULL default '0',
+ `dtime` datetime NOT NULL default '0000-00-00 00:00:00',
+ `counter` bigint(20) NOT NULL default '0',
+ KEY `ifOutOctets_idx` (`dtime`)
);
#
# Table structure for table 'ifInUcastPkts'
#
-CREATE TABLE ifInUcastPkts (
- id int(11) NOT NULL default '0',
- dtime datetime NOT NULL default '0000-00-00 00:00:00',
- counter bigint(20) NOT NULL default '0',
- KEY ifInUcastPkts_idx (dtime)
+CREATE TABLE `ifInUcastPkts` (
+ `id` int(11) NOT NULL default '0',
+ `dtime` datetime NOT NULL default '0000-00-00 00:00:00',
+ `counter` bigint(20) NOT NULL default '0',
+ KEY `ifInUcastPkts_idx` (`dtime`)
);
#
# Table structure for table 'ifOutUcastPkts'
#
-CREATE TABLE ifOutUcastPkts (
- id int(11) NOT NULL default '0',
- dtime datetime NOT NULL default '0000-00-00 00:00:00',
- counter bigint(20) NOT NULL default '0',
- KEY ifOutUcastPkts_idx (dtime)
+CREATE TABLE `ifOutUcastPkts` (
+ `id` int(11) NOT NULL default '0',
+ `dtime` datetime NOT NULL default '0000-00-00 00:00:00',
+ `counter` bigint(20) NOT NULL default '0',
+ KEY `ifOutUcastPkts_idx` (`dtime`)
);
#
# Table structure for table 'ifInErrors'
#
-CREATE TABLE ifInErrors (
- id int(11) NOT NULL default '0',
- dtime datetime NOT NULL default '0000-00-00 00:00:00',
- counter bigint(20) NOT NULL default '0',
- KEY ifInErrors_idx (dtime)
+CREATE TABLE `ifInErrors` (
+ `id` int(11) NOT NULL default '0',
+ `dtime` datetime NOT NULL default '0000-00-00 00:00:00',
+ `counter` bigint(20) NOT NULL default '0',
+ KEY `ifInErrors_idx` (`dtime`)
);
EOT
echo "Adding user \"$USER\" to MySQL database..."
-cat /tmp/mysql.sql | $MYSQLBIN/mysql -u root -p$ROOTPASS mysql
+cat $MYSQL_FILE | $MYSQLBIN/mysql -u root -p$ROOTPASS mysql
echo "Creating RTG database \"$DATABASE\"..."
$MYSQLBIN/mysqladmin -u root -p$ROOTPASS create $DATABASE
-echo "Reloading MySQL privileges..."
-$MYSQLBIN/mysqladmin -u root -p$ROOTPASS flush-privileges
echo "Creating RTG tables..."
-cat /tmp/rtg.sql | $MYSQLBIN/mysql -u $USER -p$RTGPASS $DATABASE
+cat $RTG_FILE | $MYSQLBIN/mysql -u $USER -p$RTGPASS $DATABASE
echo "Done."
Reference in New Issue View Git Blame Copy Permalink