diff options
author | Aaron Bauman <bman@gentoo.org> | 2019-03-28 16:40:20 -0400 |
---|---|---|
committer | Aaron Bauman <bman@gentoo.org> | 2019-03-28 16:43:19 -0400 |
commit | 7ad0e566365b914c27b06a36e7a26209c957511c (patch) | |
tree | 056da61d8c788b1e16bfffd645506ec960d8036e | |
parent | net-dns/dnsdist: new maintainer, bump, remove old, new useflags (diff) | |
download | gentoo-7ad0e566365b914c27b06a36e7a26209c957511c.tar.gz gentoo-7ad0e566365b914c27b06a36e7a26209c957511c.tar.bz2 gentoo-7ad0e566365b914c27b06a36e7a26209c957511c.zip |
sys-cluster/glusterfs: bup to fix outstanding security issues
* This bump addresses multiple CVEs that have been fixed upstream
Bug: https://bugs.gentoo.org/658606
Bug: https://bugs.gentoo.org/664336
Bug: https://bugs.gentoo.org/670088
Signed-off-by: Aaron Bauman <bman@gentoo.org>
-rw-r--r-- | sys-cluster/glusterfs/Manifest | 1 | ||||
-rw-r--r-- | sys-cluster/glusterfs/glusterfs-4.1.8.ebuild | 226 |
2 files changed, 227 insertions, 0 deletions
diff --git a/sys-cluster/glusterfs/Manifest b/sys-cluster/glusterfs/Manifest index e701839bbc89..032b3034627b 100644 --- a/sys-cluster/glusterfs/Manifest +++ b/sys-cluster/glusterfs/Manifest @@ -1,3 +1,4 @@ DIST glusterfs-4.0.0.tar.gz 7632629 BLAKE2B 9367d2c99452d261d889cf564f3a055e1459ee54377cbf8cf6cc46c8d7f153bb258892fb73fc492d1dc6c5bea156d204971256fefc96f9f4825583d9c1086563 SHA512 acd3c462a8e15fb31f4b30d2e217928488e32d66ae7d1061df3e166354a4ddcdeb0ba0bcc994b7563f83376c882800fad07e190e0086fda987915c195266421f DIST glusterfs-4.0.2.tar.gz 7643713 BLAKE2B 6314f81fe1474bcf8c577aa68a32c46a6d1e586b32c698a9e30850080408958c0541c1afe72520574fcabebb0884cf3bf315b22582d932876bbb5a4393e167f0 SHA512 33afed4fb4f6d63f1d2b7caedae1ce41e7f6aa4299fb4a7ee2f5e4bc14c97d66f68097171fded6d1f2141dd7127eb408596cce4f5f7287038a14e387ad5ec5e6 DIST glusterfs-4.1.5.tar.gz 7783999 BLAKE2B ac1e7732430fe25eec34a8b85b9cd5ce4f43076befec2d91c0156959887d8a0589adb8afb1ee9290e436ce40ab7e5567c3c4ec90017b4398919637e2047f18b9 SHA512 ae557472b6a263e815b8c4d630b606f8e1334b6604799e499e6f53ea6ff60c2a696160fa427943cc3d01ffee91a57787c91f93a1b914179679038e63d291401f +DIST glusterfs-4.1.8.tar.gz 7835272 BLAKE2B 2546b9c0fe38989df71b8f72b193ce42c499621dcaaa4c5e3deeacfba68179f2280fc699cebeb87486171442152fa8b56b42a0d17465b739769eb227c82307d7 SHA512 950cd2fd774e3eb00f1ec06d54566736b6fbe8d1aed54477a19d9b2727eff8a70ef7ac32815cc7e01d45b5d357fc01af786e16c451f6ad314d472e61ba04ce85 diff --git a/sys-cluster/glusterfs/glusterfs-4.1.8.ebuild b/sys-cluster/glusterfs/glusterfs-4.1.8.ebuild new file mode 100644 index 000000000000..5137f1ba4fb2 --- /dev/null +++ b/sys-cluster/glusterfs/glusterfs-4.1.8.ebuild @@ -0,0 +1,226 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python2_7 ) + +inherit autotools elisp-common python-single-r1 systemd user + +if [[ ${PV#9999} != ${PV} ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/gluster/glusterfs.git" +else + SRC_URI="https://download.gluster.org/pub/gluster/${PN}/$(ver_cut '1-2')/${PV}/${P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86" +fi + +DESCRIPTION="GlusterFS is a powerful network/cluster filesystem" +HOMEPAGE="https://www.gluster.org/" + +LICENSE="|| ( GPL-2 LGPL-3+ )" +SLOT="0" +IUSE="bd-xlator crypt-xlator debug emacs +fuse +georeplication glupy infiniband ipv6 libressl +libtirpc qemu-block rsyslog static-libs +syslog systemtap test +tiering vim-syntax +xml" + +REQUIRED_USE="georeplication? ( ${PYTHON_REQUIRED_USE} ) + glupy? ( ${PYTHON_REQUIRED_USE} ) + ipv6? ( libtirpc )" + +# the tests must be run as root +RESTRICT="test" + +# sys-apps/util-linux is required for libuuid +RDEPEND="bd-xlator? ( sys-fs/lvm2 ) + !elibc_glibc? ( sys-libs/argp-standalone ) + emacs? ( virtual/emacs ) + fuse? ( >=sys-fs/fuse-2.7.0:0 ) + georeplication? ( ${PYTHON_DEPS} ) + infiniband? ( sys-fabric/libibverbs:* sys-fabric/librdmacm:* ) + libtirpc? ( net-libs/libtirpc:= ) + !libtirpc? ( elibc_glibc? ( sys-libs/glibc[rpc(-)] ) ) + qemu-block? ( dev-libs/glib:2 ) + systemtap? ( dev-util/systemtap ) + tiering? ( dev-db/sqlite:3 ) + xml? ( dev-libs/libxml2 ) + sys-libs/readline:= + dev-libs/libaio + !libressl? ( dev-libs/openssl:=[-bindist] ) + libressl? ( dev-libs/libressl:= ) + dev-libs/userspace-rcu:= + net-libs/rpcsvc-proto + sys-apps/util-linux" +DEPEND="${RDEPEND} + virtual/acl + virtual/pkgconfig + sys-devel/bison + sys-devel/flex + test? ( >=dev-util/cmocka-1.0.1 + app-benchmarks/dbench + dev-vcs/git + net-fs/nfs-utils + virtual/perl-Test-Harness + dev-libs/yajl + sys-fs/xfsprogs + sys-apps/attr )" + +SITEFILE="50${PN}-mode-gentoo.el" + +PATCHES=( + "${FILESDIR}/${PN}-3.12.2-poisoned-sysmacros.patch" + "${FILESDIR}/${PN}-4.1.0-silent_rules.patch" +) + +DOCS=( AUTHORS ChangeLog NEWS README.md THANKS ) + +# Maintainer notes: +# * The build system will always configure & build argp-standalone but it'll never use it +# if the argp.h header is found in the system. Which should be the case with +# glibc or if argp-standalone is installed. + +pkg_setup() { + python_setup "python2*" + python-single-r1_pkg_setup + + # Needed for statedumps + # https://github.com/gluster/glusterfs/commit/0e50c4b3ea734456c14e2d7a578463999bd332c3 + enewgroup gluster + enewuser gluster -1 -1 "${EPREFIX}"/var/run/gluster gluster +} + +src_prepare() { + default + + # build rpc-transport and xlators only once as shared libs + find rpc/rpc-transport xlators -name Makefile.am | + xargs sed -i 's|.*$(top_srcdir).*\.sym|\0 -shared|' || die + + # fix execution permissions + chmod +x libglusterfs/src/gen-defaults.py || die + + eautoreconf +} + +src_configure() { + econf \ + --disable-dependency-tracking \ + --disable-silent-rules \ + --disable-fusermount \ + $(use_enable debug) \ + $(use_enable bd-xlator) \ + $(use_enable crypt-xlator) \ + $(use_enable fuse fuse-client) \ + $(use_enable georeplication) \ + $(use_enable glupy) \ + $(use_enable infiniband ibverbs) \ + $(use_enable qemu-block) \ + $(use_enable static-libs static) \ + $(use_enable syslog) \ + $(use_enable systemtap) \ + $(use_enable test cmocka) \ + $(use_enable tiering) \ + $(use_enable xml xml-output) \ + $(use libtirpc || echo --without-libtirpc) \ + $(use ipv6 && echo --with-ipv6-default) \ + --with-tmpfilesdir="${EPREFIX}"/etc/tmpfiles.d \ + --docdir="${EPREFIX}"/usr/share/doc/${PF} \ + --localstatedir="${EPREFIX}"/var +} + +src_compile() { + default + use emacs && elisp-compile extras/glusterfs-mode.el +} + +src_install() { + default + + rm \ + "${ED}"/etc/glusterfs/glusterfs-{georep-,}logrotate \ + "${ED}"/etc/glusterfs/gluster-rsyslog-*.conf \ + "${ED}"/usr/share/doc/${PF}/glusterfs{-mode.el,.vim} || die "removing false files failed" + + insinto /etc/logrotate.d + newins "${FILESDIR}"/glusterfs.logrotate glusterfs + + if use rsyslog ; then + insinto /etc/rsyslog.d + newins extras/gluster-rsyslog-7.2.conf 60-gluster.conf + fi + + if use emacs ; then + elisp-install ${PN} extras/glusterfs-mode.el* + elisp-site-file-install "${FILESDIR}/${SITEFILE}" + fi + + if use vim-syntax ; then + insinto /usr/share/vim/vimfiles/ftdetect; doins "${FILESDIR}"/${PN}.vim + insinto /usr/share/vim/vimfiles/syntax; doins extras/${PN}.vim + fi + + # insert some other tools which might be useful + insinto /usr/share/glusterfs/scripts + doins \ + extras/backend-{cleanup,xattr-sanitize}.sh \ + extras/clear_xattrs.sh \ + extras/migrate-unify-to-distribute.sh + + # correct permissions on installed scripts + # fperms 0755 /usr/share/glusterfs/scripts/*.sh + chmod 0755 "${ED}"/usr/share/glusterfs/scripts/*.sh || die + + if use georeplication ; then + # move the gsync-sync-gfid tool to a binary path + # and set a symlink to be compliant with all other distros + mv "${ED}"/usr/{share/glusterfs/scripts/gsync-sync-gfid,libexec/glusterfs/} || die + dosym ../../../libexec/glusterfs/gsync-sync-gfid /usr/share/glusterfs/scripts/gsync-sync-gfid + fi + + newinitd "${FILESDIR}/${PN}-r1.initd" glusterfsd + newinitd "${FILESDIR}/glusterd-r3.initd" glusterd + newconfd "${FILESDIR}/${PN}.confd" glusterfsd + + keepdir /var/log/${PN} + keepdir /var/lib/glusterd/{events,glusterfind/.keys} + + # QA + rm -r "${ED}/var/run/" || die + if ! use static-libs; then + find "${D}" -type f -name '*.la' -delete || die + fi + + # fix all shebang for python2 #560750 + python_fix_shebang "${ED}" +} + +src_test() { + ./run-tests.sh || die +} + +pkg_postinst() { + elog "Starting with ${PN}-3.1.0, you can use the glusterd daemon to configure your" + elog "volumes dynamically. To do so, simply use the gluster CLI after running:" + elog " /etc/init.d/glusterd start" + echo + elog "For static configurations, the glusterfsd startup script can be multiplexed." + elog "The default startup script uses /etc/conf.d/glusterfsd to configure the" + elog "separate service. To create additional instances of the glusterfsd service" + elog "simply create a symlink to the glusterfsd startup script." + echo + elog "Example:" + elog " # ln -s glusterfsd /etc/init.d/glusterfsd2" + elog " # ${EDITOR} /etc/glusterfs/glusterfsd2.vol" + elog "You can now treat glusterfsd2 like any other service" + echo + ewarn "You need to use a ntp client to keep the clocks synchronized across all" + ewarn "of your servers. Setup a NTP synchronizing service before attempting to" + ewarn "run GlusterFS." + echo + elog "If you are upgrading from a previous version of ${PN}, please read:" + elog " http://docs.gluster.org/en/latest/Upgrade-Guide/upgrade_to_$(ver_cut '1-2')/" + + use emacs && elisp-site-regen +} + +pkg_postrm() { + use emacs && elisp-site-regen +} |