| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
| |
* init/systemd/man-db.conf: Change mode to 0755 and group to man.
|
| |
|
|
|
| |
* man/man8/mandb.man8 (DATABASE CACHES): Set a width of 20em for the
"Type" column.
|
| |
|
|
|
|
|
|
| |
gdbm 1.6 was released in 1993; it's no longer necessary to document
mandb's behaviour with older versions.
* man/man8/mandb.man8 (DATABASE CACHES): Remove "GNU gdbm v < 1.6" row.
Simplify "GNU gdbm v >= 1.6" to "GNU gdbm". Update all translations.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* man/po4a/Locale/Po4a/Manext.pm (initialize): Drop unused assignment.
(shiftline, pushline): Pass through to superclass if po4a version >=
0.47.
(translate): With po4a >= 0.47, don't process text blocks since po4a now
does that, but handle @-separation of columns and remove trailing
newlines from translatable strings.
* man/po4a/po/man-db-manpages.pot, man/po4a/po/*.po: Update (line
numbers only).
* NEWS: Document this.
|
| |
|
|
|
|
|
|
| |
We previously ignored chown failures on "make install", but that's not
really correct. Instead, configure with --disable-setuid during
distcheck.
* Makefile.am (AM_DISTCHECK_CONFIGURE_FLAGS): Add --disable-setuid.
|
| |
|
|
|
| |
* po/man-db.pot, po/*.po: Update.
* man/po4a/po/man-db-manpages.pot, man/po4a/po/*.po: Update.
|
| | |
|
| |
|
|
|
|
| |
Reduces disk reads/writes made by 'make check -C src'.
Fall back to ./tmp-* if 'mktemp -d' fails.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
man-db has created its cache directories as setgid root for nearly 20
years. This seems to have originated in https://bugs.debian.org/26002.
However, this has some dangerous consequences, such as:
http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/
It seems best to arrange for cache files and directories to be man:man
rather than man:root. To do this reliably, as well as adjusting various
chown and chmod calls, we make man and mandb be setgid man as well as
setuid man (except in the --disable-setuid case). This is a much
simpler and safer solution to the original problem, and doesn't
introduce any interesting new privilege since the man group's only real
purpose is to be the man user's primary group and nothing in cache
directories is group-writeable.
* configure.ac (AC_CHECK_FUNCS): Add lchown.
* lib/security.c (init_security): Record initial real and effective
group IDs as well as user IDs.
(drop_effective_privs, regain_effective_privs): Update gid.
* lib/xchown.c (xlchown) [HAVE_LCHOWN]: New function.
* lib/xchown.c (xlchown) [HAVE_LCHOWN]: Add prototype.
* m4/man-arg-setuid.m4: Set man_mode to 6755 rather than 4755 in the
--enable-setuid case.
* src/Makefile.am (install-exec-hook): Check for man_mode being 6755
rather than 4755. Set the group of man and mandb as well as their
owner.
* src/check_mandirs.c (chown_if_possible): New function. This is
somewhat more careful than previous implementations, changes the group
as well as the user if possible, and prefers lchown if it is available.
(mkcatdirs): Drop S_ISGID from cat directories. Use chown_if_possible.
(fix_permissions, fix_permissions_tree): New functions to remove setgid
bit from existing cat directories.
(testmandirs): Call fix_permissions_tree.
* src/check_mandirs.h (chown_if_possible): Add prototype.
* src/man.c (commit_tmp_cat): Set cat file group as well as owner.
* src/mandb.c (check_chown): Remove.
(do_chown): Stop taking a uid parameter. Use chown_if_possible.
(mandb): Use chown_if_possible for CACHEDIR.TAG. Set ownership and
permissions of CACHEDIR.TAG even if it already exists.
(process_manpath): Set ownership of database files even if they have not
been changed.
|
| |
|
|
|
| |
* m4/man-arg-setuid.m4: Set man_mode="755" if --disable-cache-owner was
given and neither --enable-setuid nor --disable-setuid was given.
|
| |
|
|
|
|
|
|
|
|
| |
* manual/intro.me (Arguments to configure): Add --enable-cache-owner and
--disable-cache-owner. Remove --enable-setuid[=ARG]. Adjust
description of --disable-setuid.
* manual/misc.me (Modes of operation): Add --disable-cache-owner to the
non-setuid modes. Mention --enable-setuid rather than
--enable-setuid=USER.
* README (Non-generic arguments to configure): Update.
|
| |
|
|
|
|
|
|
| |
process_manpath's stack may have gone out of scope by the time cleanup
functions are called.
* src/mandb.c (cleanup): Free dbpaths.
(process_manpath): Allocate dbpaths on the heap.
|
| |
|
|
|
|
|
|
|
|
|
| |
If push_cleanup was called unexpectedly between a
push_cleanup/pop_cleanup pair, then the pop_cleanup would remove the
wrong cleanup function and chaos could ensue. Avoid this by being more
precise about which cleanup function should be popped.
* lib/cleanup.c (pop_cleanup): Take "fun" and "arg" arguments. Pop the
topmost matching function from the stack, rather than just the topmost
function. Update all callers and prototypes.
|
| |
|
|
|
| |
* build-aux/config.guess: Upgrade to 2016-10-02.
* build-aux/config.sub: Upgrade to 2016-11-04.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's useful to have a notion of the cache owner even when man is not
installed setuid. --enable-setuid no longer takes an argument, and the
owner is now set by the --enable-cache-owner option instead.
* m4/man-arg-cache-owner.m4: New file.
* m4/man-arg-setuid.m4: Stop accepting an argument. Only set man_mode,
not man_owner.
* configure.ac: Call MAN_ARG_CACHE_OWNER.
* src/Makefile.am (install-exec-hook): Only chown man and mandb if
man_mode is 4755 (as well as the existing test for man_owner being
non-empty).
|
| |
|
|
|
| |
* Makefile.in (am__DIST_COMMON): Regenerate to add build-aux/ylwrap back
again, since it mysteriously went missing in the last regeneration.
|
| |
|
|
| |
* po/man-db.pot, po/*.po: Update.
|
| | |
|
| |
|
|
|
| |
* build-aux/config.guess: Upgrade to 2016-04-02.
* build-aux/config.sub: Upgrade to 2016-03-30.
|
| |
|
|
| |
* src/tests/man-9: Set MANPATH.
|
| |
|
|
|
|
|
|
|
| |
* lib/xchown.c: New file.
* lib/xchown.h: New file.
* lib/Makefile.am (libman_la_SOURCES): Add xchown.c and xchown.h.
* po/POTFILES.in: Add lib/xchown.c.
* src/check_mandirs.c (mkcatdirs): Call xchown instead of chown.
* src/man.c (format_display): Ignore errors from chdir ("/").
|
| |
|
|
|
|
| |
* src/man.c (split_page_name): Allocate *ret_name and *ret_section here.
Simplify using xstrdup and xstrndup.
(man): Remove allocation of page_name and page_section.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
`man chmod.2` is now the same as `man 2 chmod`
* src/man.c (split_page_name): New function.
(locate_page_in_manpath): New function.
(man): Factor out common locate_page loop into locate_page_in_manpath.
Add name/section splitting logic.
* src/tests/man-11: New file.
* src/tests/Makefile.am (ALL_TESTS): Add man-11.
* man/man1/man.man1 (SYNOPSIS): Document <page>.<section> form.
(EXAMPLES): Likewise.
|
| |
|
|
| |
* man/po4a/po/sv.po: Translate "\\(rq" as itself rather than as "\\(".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The usual (though not universal) pattern in gnulib is for xfoo to mean
"foo or exit". Rename x* to check_* so that they don't conflict with
this.
* src/mandb.c (xremove): Rename to ...
(check_remove): ... this.
(xrename): Rename to ...
(check_rename): ... this.
(xchmod): Rename to ...
(check_chmod): ... this.
(xchown): Rename to ...
(check_chown): ... this.
|
| |
|
|
|
|
|
| |
* man/man1/man.man1 (SYNOPSIS): Make "--regex" bold. Thanks to Paul
Townsend.
* man/po4a/po/man-db-manpages.pot, man/po4a/po/*.po: Update; unfuzzy all
translations.
|
| | |
|
| |
|
|
|
| |
* man/man1/man.man1 (Main modes of operation): Note that -K searches
page source. Fixes Debian bug #813665.
|
| | |
|
| |
|
|
|
| |
* man/po4a/Locale/Po4a/Manext.pm (shiftline, translate): Escape braces
in regular expressions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* man/po4a/po/sv.po: New from Translation Project (thanks, Sebastian
Rasmussen).
* configure.ac (AC_CONFIG_FILES): Add man/sv/Makefile.
* man/LINGUAS.po4a: Add sv.
* man/Makefile.am (DIST_SUBDIRS): Add sv.
* man/sv/Makefile.am, man/sv/translator.add: New files.
* man/po4a/Makefile.am (POFILES): Add po/sv.po.
* man/po4a/po4a.cfg (po4a_langs): Add sv.
* man/THANKS: Add translator credit.
* .gitignore: Add man/sv/man1, man/sv/man5, and man/sv/man8.
|
| | |
|
| |
|
|
|
| |
* po/sv.po: Update from Translation Project.
* man/THANKS: Add translator credit.
|
| |
|
|
|
|
|
|
|
|
| |
* src/mandb.c (struct dbpaths): Unconstify xtmpfile.
(finish_up): Free dbpaths->xtmpfile.
(cleanup): Update header comment. Remove unnecessary checks before
frees. Free all database paths for all database types, not just
GDBM. Free dbpaths->xtmpfile.
(mandb): Copy content of database to dbpaths->xtmpfile rather than
just copying the pointer.
|
| |
|
|
|
|
|
|
| |
* src/mandb.c (struct dbpaths): New structure.
(finish_up, do_chown, cleanup_sigsafe, cleanup, mandb): Take dbpaths
argument.
(process_manpath): Allocate dbpaths on the stack, zero it, and pass
it to functions that need it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's 2015. The compiler almost certainly knows better than we do.
* lib/security.c (gripe_set_euid): Remove inline qualifier.
* libdb/db_btree.c (btree_findkey): Likewise.
* libdb/mydbm.h (gdbm_exists): Likewise.
* src/catman.c (catman): Remove obsolete comment.
(add_arg, check_access): Remove inline qualifier.
* src/check_mandirs.c (add_dir_entries): Likewise.
* src/man.c (gripe_system, gripe_no_man, manopt_to_env, escape_less,
is_section, do_prompt, gripe_converting_name): Likewise.
* src/mandb.c (xremove, xrename, xchmod, finish_up, xchown,
do_chown, update_db_wrapper): Likewise.
* src/manp.c (gripe_reading_mp_config, gripe_stat_file,
gripe_not_directory, has_mandir, fsstnd): Likewise.
* src/whatis.c (do_whatis_section): Likewise.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
nroff's UTF-8 output is a bit wonky in this case, but ASCII will do
fine.
* manual/Makefile.am (.pp.cat): Set LC_ALL=C.
|
| |
|
|
|
|
|
| |
Reported by Bjarni Ingi Gislason. Fixes Debian bug #751795.
* src/man.c (display): Don't insert roff input for --no-hyphenation,
--no-justification, or locale macros when the --recode option is used.
|
| |
|
|
|
|
|
|
|
| |
Reported by Bjarni Ingi Gislason. Fixes Debian bug #789219.
* src/man.c (heirloom_line_length, disable_hyphenation,
disable_justification, locale_macros): Emit ".lf 1" after inserted roff
input.
* src/zsoelim.l: Accept .lf without a file name argument.
|
| |
|
|
| |
* src/mandb.c (xcopy): Say which file name we failed to fopen.
|
| |
|
|
| |
* po/ca.po (Plural-Forms): Add missing semicolon.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* src/man.c (get_roff_line_length): Also consider line_length if
ditroff is set.
(make_roff_command): Try add_roff_line_length regardless of troff.
The line length is passed to the macro package, not to the output
device, although get_roff_line_length will still sometimes not use
it (e.g. if using the "ps" device). Fixes Debian bug #801241.
* NEWS: Document this.
|
| |
|
|
|
|
|
| |
* src/man.c (format_display): Keep track of exit statuses from both
format_cmd and disp_cmd, and exit CHILD_FAIL if either is non-zero
and non-SIGPIPE. Fixes Debian bug #801261.
* NEWS: Document this.
|
| |
|
|
|
|
|
|
|
| |
Suffix rules may not have prerequisites. Thanks to Nikola Forró; fixes
Fedora bug #1263930.
* man/Rules.man: Declare dependency of $(MANS) on replace.sed
separately rather than trying to do so in suffix rules.
* NEWS: Document this.
|
| |
|
|
|
|
| |
* src/manp.c (create_pathlist): Handle NULL return from
canonicalize_file_name.
* NEWS: Document this.
|
