aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeremy Saklad <jeremy@saklad5.com>2023-03-18 08:53:41 -0500
committerJeremy Saklad <jeremy@saklad5.com>2023-03-18 19:01:02 -0500
commitec394ccfa21386f9f09f3a55df4e52e76777c677 (patch)
tree2a59edee9de2fe78e885e69e7fc878bd9cb34f60
parent035a6921061ab3f366e240ba7c609bcb3f016909 (diff)
downloadaports-ec394ccfa21386f9f09f3a55df4e52e76777c677.tar.gz
aports-ec394ccfa21386f9f09f3a55df4e52e76777c677.tar.bz2
aports-ec394ccfa21386f9f09f3a55df4e52e76777c677.tar.xz
main/knot: loosen /run directory permission
Knot DNS 3.2.5 changed socket permissions to allow any user to communicate with the DNS server. For this to be usable, any user must be able to access a socket in the runtime directory. Search permission should be sufficient for this purpose, as anything trying to connect to a socket should already know the path it is looking for.
-rw-r--r--main/knot/APKBUILD4
-rw-r--r--main/knot/knotd.initd3
2 files changed, 4 insertions, 3 deletions
diff --git a/main/knot/APKBUILD b/main/knot/APKBUILD
index 0f005cd2443..4b5618e7f12 100644
--- a/main/knot/APKBUILD
+++ b/main/knot/APKBUILD
@@ -5,7 +5,7 @@
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
pkgname=knot
pkgver=3.2.5
-pkgrel=0
+pkgrel=1
pkgdesc="An high-performance authoritative-only DNS server"
url="https://www.knot-dns.cz/"
# testsuite fails on 32 bit arches with musl 1.2
@@ -128,5 +128,5 @@ gpgfingerprints="good:742F A4E9 5829 B6C5 EAC6 B857 10BB 7AF6 FEBB D6AB"
sha512sums="
c73874b60970b4b1d14f141fa40d47d6620e475b1fb3a5f803956e3b6d8b670d7250b049b26679e1488bfba5bfcfa65ef75c68a494c94f36b60d697fa95048f7 knot-3.2.5.tar.xz
471d3c639a8235ba09491c99d36c0a4f1074d6055ccfd3807be02a30d3ed5bbe69a84f0414ea7810db6bbc1e38f5837108e5744fc59f949ed78a262a7de4597e knotd.confd
-979f06a83dd4326920a682f8190319577faf904e0e379b3c55e0420eb43dcb55d86c6727015634fa0c2dff1dddac43bbd5a216ff04f217ad91d670eb899dbefa knotd.initd
+352f9f85344743670e1ed2be3a4b9e6ddffa47fcc1958c3b903713a7437da02a1ec0521d73289a826e1d6bd5ad24553116757a5763e3c2b3dba74b3220937dbb knotd.initd
"
diff --git a/main/knot/knotd.initd b/main/knot/knotd.initd
index 781346216ca..6ae461267e1 100644
--- a/main/knot/knotd.initd
+++ b/main/knot/knotd.initd
@@ -16,7 +16,8 @@ depend() {
}
start_pre() {
- checkpath -d -m 0750 -o knot:knot /run/knot/ /var/lib/knot/
+ checkpath -d -m 0751 -o knot:knot /run/knot/
+ checkpath -d -m 0750 -o knot:knot /var/lib/knot/
}
stop() {