[dptfxtract] Fix error allowing access to / by dptfxtract

commit 6e489a4770aad1240762b2ed7e0d5249490991f5 Author: Benjamin Berg <bberg(a)redhat.com&gt; Date: Tue Feb 11 11:30:45 2020 +0100 Fix error allowing access to / by dptfxtract Work aound dtpfxtract trying to write to the current working directory dptfxtract.service | 3 ++- dptfxtract.spec | 6 +++++- 2 files changed, 7 insertions(+), 2 deletions(-) --- diff --git a/dptfxtract.service b/dptfxtract.service index 766d554..2bf6af1 100644 --- a/dptfxtract.service +++ b/dptfxtract.service @@ -12,6 +12,7 @@ ConditionPathExists=!/etc/thermald/thermal-conf.xml.auto [Service] Type=oneshot ExecStart=/usr/libexec/dptfxtract -o /var/run/thermald/ +WorkingDirectory=/tmp Restart=no NoNewPrivileges=yes @@ -20,7 +21,7 @@ LimitDATA=50M LimitNPROC=1 ProtectHome=yes -ProtectSystem=full +ProtectSystem=strict ReadWritePaths=/var/run/thermald/ PrivateTmp=yes PrivateDevices=yes diff --git a/dptfxtract.spec b/dptfxtract.spec index 68fedbb..d7b27c6 100644 --- a/dptfxtract.spec +++ b/dptfxtract.spec @@ -1,6 +1,6 @@ Name: dptfxtract Version: 1.4.2 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Utility to generate a thermald configuration from DPTF License: Redistributable, no modification permitted @@ -60,6 +60,10 @@ ln -s ../dptfxtract.service %{buildroot}%{_unitdir}/thermald.service.wants/dptfx %changelog +* Tue Feb 11 2020 Benjamin Berg <bberg(a)redhat.com&gt; - 1.4.2-3 +- Fix error allowing access to / by dptfxtract +- Work aound dtpfxtract trying to write to the current working directory + * Wed Feb 05 2020 RPM Fusion Release Engineering <leigh123linux(a)gmail.com&gt; - 1.4.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild