Drop the use of -set-cookie since it is unsafe.

Also, configure the ejabberdctl script to set INSTALLUSER so it
uses su to be ejabberd (#1163812).

3 files changed, 44 insertions, 52 deletions

diff --git a/ejabberd-0005-Use-set-cookie-when-running-erl-in-ejabberdctl.templ.patch b/ejabberd-0005-Use-set-cookie-when-running-erl-in-ejabberdctl.templ.patch
deleted file mode 100644
index e6ef8e9..0000000
--- a/ejabberd-0005-Use-set-cookie-when-running-erl-in-ejabberdctl.templ.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 42ed5993d433a2aa12239d9ea8004016ca3df6c5 Mon Sep 17 00:00:00 2001
-From: Randy Barlow <randy@electronsweatshop.com>
-Date: Sun, 27 Nov 2016 11:49:19 -0500
-Subject: [PATCH] Use -set-cookie when running erl in ejabberdctl.template.
-
-This patch converts the ejabberdctl.template to use erl's
--set-cookie option when an .erlang.cookie file is found in
-$SPOOL_DIR. This will help for installations where ejabberd might
-be started by one user, but ejabberdctl might be used by a
-different user to manage it. For example, in Fedora ejabberd is
-launched by systemd as the ejabberd user, but users might want to
-use "sudo ejabberdctl" to manage the node.
----
- ejabberdctl.template | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/ejabberdctl.template b/ejabberdctl.template
-index 5b34ebe..7d1ab00 100755
---- a/ejabberdctl.template
-+++ b/ejabberdctl.template
-@@ -96,6 +96,13 @@ ERL_INETRC=$ETC_DIR/inetrc
- MNESIA_OPTS="-mnesia dir \"\\\"$SPOOL_DIR\\\"\" $MNESIA_OPTIONS"
- # define erl parameters
- ERLANG_OPTS="+K $POLL -smp $SMP +P $ERL_PROCESSES $ERL_OPTIONS"
-+
-+# Determine if the .erlang.cookie file is present or not, and use -setcookie if it is
-+if [ -f "$SPOOL_DIR/.erlang.cookie" ] ; then
-+    ERLANG_COOKIE=$(cat "$SPOOL_DIR/.erlang.cookie")
-+    ERLANG_OPTS+=" -setcookie $ERLANG_COOKIE"
-+fi
-+
- KERNEL_OPTS=""
- if [ "$FIREWALL_WINDOW" != "" ] ; then
-     KERNEL_OPTS="${KERNEL_OPTS} -kernel inet_dist_listen_min ${FIREWALL_WINDOW%-*} inet_dist_listen_max ${FIREWALL_WINDOW#*-}"
-@@ -360,7 +367,7 @@ ctl()
- {
-     NID=$(uid ctl)
-     CMD="`shell_escape \"$ERL\" \"$NAME\" \"$NID\"` \
--         -noinput -hidden $KERNEL_OPTS -s ejabberd_ctl \
-+         -noinput -hidden $KERNEL_OPTS $ERLANG_OPTS -s ejabberd_ctl \
-          -extra `shell_escape \"$ERLANG_NODE\"` $EJABBERD_NO_TIMEOUT \
-          `shell_escape \"$@\"`"
-     $EXEC_CMD "$CMD"
--- 
-2.10.2
-
diff --git a/ejabberd-0005-ejabberdctl-should-not-try-to-create-the-ejabberd-us.patch b/ejabberd-0005-ejabberdctl-should-not-try-to-create-the-ejabberd-us.patch
new file mode 100644
index 0000000..70cf833
--- /dev/null
+++ b/ejabberd-0005-ejabberdctl-should-not-try-to-create-the-ejabberd-us.patch
@@ -0,0 +1,33 @@
+From ce75f79ee70af1b43beb1a00e5501dbdc5532cc3 Mon Sep 17 00:00:00 2001
+From: Randy Barlow <randy@electronsweatshop.com>
+Date: Thu, 1 Dec 2016 10:58:59 -0500
+Subject: [PATCH] ejabberdctl should not try to create the ejabberd user's
+ home.
+
+Also, explicitly use bash as the shell when using su to be the
+ejabberd user.
+---
+ ejabberdctl.template | 7 +------
+ 1 file changed, 1 insertion(+), 6 deletions(-)
+
+diff --git a/ejabberdctl.template b/ejabberdctl.template
+index 5b34ebe..00e4113 100755
+--- a/ejabberdctl.template
++++ b/ejabberdctl.template
+@@ -22,12 +22,7 @@ if [ "$INSTALLUSER" != "" ] ; then
+     EXEC_CMD="false"
+     for GID in `id -G`; do
+         if [ $GID -eq 0 ] ; then
+-            INSTALLUSER_HOME=$(getent passwd "$INSTALLUSER" | cut -d: -f6)
+-            if [ -n "$INSTALLUSER_HOME" ] && [ ! -d "$INSTALLUSER_HOME" ] ; then
+-                mkdir -p "$INSTALLUSER_HOME"
+-                chown "$INSTALLUSER" "$INSTALLUSER_HOME"
+-            fi
+-            EXEC_CMD="su $INSTALLUSER -c"
++            EXEC_CMD="su $INSTALLUSER -s /usr/bin/bash -c"
+         fi
+     done
+     if [ `id -g` -eq `id -g $INSTALLUSER` ] ; then
+-- 
+2.10.2
+
diff --git a/ejabberd.spec b/ejabberd.spec
index 2d30c57..69111b8 100644
--- a/ejabberd.spec
+++ b/ejabberd.spec
@@ -5,7 +5,7 @@
 
 Name:           ejabberd
 Version:        16.09
-Release:        3%{?dist}
+Release:        4%{?dist}
 
 Summary:        A distributed, fault-tolerant Jabber/XMPP server
 License:        GPLv2+
@@ -35,9 +35,10 @@ Patch2: ejabberd-0002-Enable-polkit-support.patch
 Patch3: ejabberd-0003-Install-into-BINDIR-instead-of-SBINDIR.patch
 # Fedora-specific
 Patch4: ejabberd-0004-Enable-systemd-notification-if-available.patch
-# Use -set-cookie to allow non-ejabberd users (such as root) to also run ejabberdctl.
-# This patch was submitted upstream at https://github.com/processone/ejabberd/pull/1395
-Patch5: ejabberd-0005-Use-set-cookie-when-running-erl-in-ejabberdctl.templ.patch
+# Patch the ejabberdctl script to su with bash when run as root. Also patch out
+# code that tries to create the ejabberd user's home folder since that's the
+# RPM's job.
+Patch5: ejabberd-0005-ejabberdctl-should-not-try-to-create-the-ejabberd-us.patch
 
 BuildRequires:  elixir >= 1.2.6
 BuildRequires:  erlang-cache_tab >= 1.0.4
@@ -106,7 +107,7 @@ Windows NT/2000/XP).
 %patch2 -p1 -b .use_polkit
 %patch3 -p1 -b .use_bindir
 %patch4 -p1 -b .enable_sd_notify
-%patch5 -p1 -b .set_cookie
+%patch5 -p1 -b .su_with_bash
 
 
 %build
@@ -123,7 +124,7 @@ autoreconf -ivf
 %{erlang_install}
 
 sed -e "s*{{rootdir}}*%{_prefix}*" \
-    -e "s*{{installuser}}**" \
+    -e "s*{{installuser}}*%{name}*" \
     -e "s*{{bindir}}*%{_bindir}*" \
     -e "s*{{libdir}}*%{_erllibdir}*" \
     -e "s*{{sysconfdir}}*%{_sysconfdir}*" \
@@ -286,6 +287,10 @@ fi)
 
 
 %changelog
+* Thu Dec 01 2016 Randy Barlow <bowlofeggs@fedoraproject.org> - 16.09-4
+- Drop the use of -set-cookie since it is unsafe.
+- Configure the ejabberdctl script to set INSTALLUSER so it uses su to be ejabberd (#1163812).
+
 * Sun Nov 27 2016 Randy Barlow <bowlofeggs@fedoraproject.org> - 16.09-3
 - Use -set-cookie in ejabberdctl so root can attach to the node (#1163812).
 - Mark ejabberdctl as executable.