From: alberand <albershteyn.andrey@gmail.com>
Date: Wed, 31 Mar 2021 20:51:58 +0000 (+0200)
Subject: Create tftpd.pid in default location
X-Git-Tag: 20211022~6^2~3
X-Git-Url: http://rtime.felk.cvut.cz/gitweb/novaboot.git/commitdiff_plain/bd6e5917a4b675537fba613b914d4cdd2a79c7a1

Create tftpd.pid in default location

This way we restrict the user in commands which he can run under sudo.
It's better to use * wildcard in the pkill command as it doesn't write
anything to the filesystem.
---

diff --git a/novaboot b/novaboot
index 0c5d539..2e70e79 100755
--- a/novaboot
+++ b/novaboot
@@ -1185,14 +1185,14 @@ r     \\.efi.*   \\.efi";
     close($fh);
     # Unfortunately, tftpd requires root privileges even with
     # non-privileged (>1023) port due to initgroups().
-    system_verbose("sudo in.tftpd --listen --secure -v -v -v --pidfile $builddir/tftpd.pid -m mapfile --address :$tftp_port $tftp_root");
+    system_verbose("sudo in.tftpd --listen --secure -v -v -v --pidfile tftpd.pid -m mapfile --address :$tftp_port $tftp_root");
 
     # Kill server when we die
     $SIG{__DIE__} = sub { system_verbose('sudo pkill --pidfile=dhcpd.pid') if (defined $dhcp_tftp);
-			  system_verbose('sudo pkill --pidfile=tftpd.pid'); };
+			  system_verbose("sudo pkill --pidfile=$tftp_root/tftpd.pid"); };
 
     # We have to kill tftpd explicitely, because it is not in our process group
-    $SIG{INT} = sub { system_verbose('sudo pkill --pidfile=tftpd.pid'); exit(0); };
+    $SIG{INT} = sub { system_verbose("sudo pkill --pidfile=$tftp_root/tftpd.pid"); exit(0); };
 }
 
 ### AMT IDE-R
diff --git a/sudoers.novaboot b/sudoers.novaboot
index dd38f23..75d223c 100644
--- a/sudoers.novaboot
+++ b/sudoers.novaboot
@@ -5,5 +5,5 @@
 # your_login ALL=NOPASSWD: NOVABOOT_DHCP
 
 # Uncomment the following lines to enable --dhcp-tftp and --tftp options
-# Cmnd_Alias NOVABOOT_TFTP = /usr/sbin/in.tftpd --listen --secure -v -v -v --pidfile */tftpd.pid *, /usr/bin/pkill --pidfile=tftpd.pid
+# Cmnd_Alias NOVABOOT_TFTP = /usr/sbin/in.tftpd --listen --secure -v -v -v --pidfile tftpd.pid *, /usr/bin/pkill --pidfile=*/tftpd.pid
 # your_login ALL=NOPASSWD: NOVABOOT_TFTP