Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/games-server
diff options
context:
space:
mode:
authorConrad Kostecki <conikost@gentoo.org>2021-12-11 18:08:01 +0100
committerConrad Kostecki <conikost@gentoo.org>2021-12-11 18:08:01 +0100
commit9efd7aaf26aae0f3983d42906b9daa9de366ca9a (patch)
tree9004697ab4be16d4a0db90be91f4cd9747a29c45 /games-server
parentsys-devel/llvm: Include third-party directory in the checkout (diff)
downloadgentoo-9efd7aaf26aae0f3983d42906b9daa9de366ca9a.tar.gz
gentoo-9efd7aaf26aae0f3983d42906b9daa9de366ca9a.tar.bz2
gentoo-9efd7aaf26aae0f3983d42906b9daa9de366ca9a.zip
games-server/minecraft-server: add workaround for log4j rce
Bug: https://bugs.gentoo.org/828936 Signed-off-by: Conrad Kostecki <conikost@gentoo.org>
Diffstat (limited to 'games-server')
-rw-r--r--games-server/minecraft-server/files/log4j2_112-116.xml28
-rw-r--r--games-server/minecraft-server/files/minecraft-server.initd-r667
-rw-r--r--games-server/minecraft-server/files/minecraft-server.service-r117
-rw-r--r--games-server/minecraft-server/minecraft-server-1.16.5-r1.ebuild55
4 files changed, 167 insertions, 0 deletions
diff --git a/games-server/minecraft-server/files/log4j2_112-116.xml b/games-server/minecraft-server/files/log4j2_112-116.xml
new file mode 100644
index 000000000000..569223572f64
--- /dev/null
+++ b/games-server/minecraft-server/files/log4j2_112-116.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Configuration status="WARN">
+ <Appenders>
+ <Console name="SysOut" target="SYSTEM_OUT">
+ <PatternLayout pattern="[%d{HH:mm:ss}] [%t/%level]: %msg{nolookups}%n" />
+ </Console>
+ <Queue name="ServerGuiConsole">
+ <PatternLayout pattern="[%d{HH:mm:ss} %level]: %msg{nolookups}%n" />
+ </Queue>
+ <RollingRandomAccessFile name="File" fileName="logs/latest.log" filePattern="logs/%d{yyyy-MM-dd}-%i.log.gz">
+ <PatternLayout pattern="[%d{HH:mm:ss}] [%t/%level]: %msg{nolookups}%n" />
+ <Policies>
+ <TimeBasedTriggeringPolicy />
+ <OnStartupTriggeringPolicy />
+ </Policies>
+ </RollingRandomAccessFile>
+ </Appenders>
+ <Loggers>
+ <Root level="info">
+ <filters>
+ <MarkerFilter marker="NETWORK_PACKETS" onMatch="DENY" onMismatch="NEUTRAL" />
+ </filters>
+ <AppenderRef ref="SysOut"/>
+ <AppenderRef ref="File"/>
+ <AppenderRef ref="ServerGuiConsole"/>
+ </Root>
+ </Loggers>
+</Configuration>
diff --git a/games-server/minecraft-server/files/minecraft-server.initd-r6 b/games-server/minecraft-server/files/minecraft-server.initd-r6
new file mode 100644
index 000000000000..dc4ecc84a997
--- /dev/null
+++ b/games-server/minecraft-server/files/minecraft-server.initd-r6
@@ -0,0 +1,67 @@
+#!/sbin/openrc-run
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+if [ "${SVCNAME}" = "minecraft-server" ]; then
+ instance="main"
+else
+ instance="${SVCNAME#minecraft-server.}"
+fi
+
+dtach_tmpfile="$(mktemp -u)"
+minecraft_command="/usr/bin/minecraft-server"
+minecraft_log4j="log4j2_112-116.xml"
+minecraft_logs="/var/log/minecraft-server"
+minecraft_logs_instance="${minecraft_logs}/${instance}"
+minecraft_path="/var/lib/minecraft-server"
+minecraft_path_instance="${minecraft_path}/${instance}"
+name="Minecraft Server (World: ${instance})"
+pidfile="/run/minecraft-server.${instance}.pid"
+start_stop_daemon_args="--chdir ${minecraft_path_instance} --env JAVA_OPTS='${MINECRAFT_OPTS}'"
+
+description_attach="Attaches to the session (interactive console) of the Minecraft server"
+extra_started_commands="attach"
+
+command="/usr/bin/dtach"
+command_background="true"
+command_args="-N ${dtach_tmpfile} ${minecraft_command}"
+command_group="minecraft"
+command_user="minecraft"
+
+depend() {
+ use net
+}
+
+start_pre() {
+ checkpath -d -o "${command_user}:${command_group}" -q "${minecraft_path}" "${minecraft_path_instance}"
+
+ if [ ! -L "${minecraft_path_instance}/${minecraft_log4j}" ]; then
+ ln -s ../../../../usr/share/minecraft-server/"${minecraft_log4j}" "${minecraft_path_instance}"
+ fi
+
+ checkpath -f -o "${command_user}:${command_group}" -q "${minecraft_path_instance}"/eula.txt
+ echo "eula=true" > "${minecraft_path_instance}"/eula.txt
+
+ checkpath -d -o "${command_user}:${command_group}" -q "${minecraft_logs}" "${minecraft_logs_instance}"
+
+ if [ ! -L "${minecraft_path_instance}"/logs ]; then
+ cd "${minecraft_path_instance}" && ln -s ../../../log/minecraft-server/"${instance}" logs
+ fi
+
+ if [ -z "${MINECRAFT_OPTS}" ]; then
+ eerror "You must define 'MINECRAFT_OPTS' in '/etc/conf.d/${SVCNAME}'!"
+ return 1
+ fi
+}
+
+attach() {
+ pidnumber="$(cat ${pidfile})"
+ dtach_tmpfile="$(cat /proc/${pidnumber}/cmdline | tr '\0' ' ' | awk '{print $3}')"
+
+ if [ -S "${dtach_tmpfile}" ]; then
+ eval "${command}" -a "${dtach_tmpfile}" "${DTACH_OPTS}"
+ else
+ eerror "The determined socket file for dtach could not be found!"
+ eerror "Did the process crash?"
+ fi
+}
diff --git a/games-server/minecraft-server/files/minecraft-server.service-r1 b/games-server/minecraft-server/files/minecraft-server.service-r1
new file mode 100644
index 000000000000..fac26368a043
--- /dev/null
+++ b/games-server/minecraft-server/files/minecraft-server.service-r1
@@ -0,0 +1,17 @@
+[Unit]
+Description=Minecraft Server (World: %I)
+After=network.target
+
+[Service]
+User=minecraft
+Group=minecraft
+WorkingDirectory=-/var/lib/minecraft-server/%I
+PIDFile=/run/minecraft-server.%I.pid
+ExecStartPre=!/bin/mkdir -p /var/lib/minecraft-server/%I
+ExecStartPre=!/bin/chown -R minecraft:minecraft /var/lib/minecraft-server/%I
+ExecStartPre=!/bin/ln -s /usr/share/minecraft-server/log4j2_112-116.xml /var/lib/minecraft-server/%I
+ExecStartPre=/bin/sh -c 'echo "eula=true" > /var/lib/minecraft-server/%I/eula.txt'
+ExecStart=/bin/sh -c '/usr/bin/dtach -N $(mktemp -u) /usr/bin/minecraft-server'
+
+[Install]
+WantedBy=multi-user.target
diff --git a/games-server/minecraft-server/minecraft-server-1.16.5-r1.ebuild b/games-server/minecraft-server/minecraft-server-1.16.5-r1.ebuild
new file mode 100644
index 000000000000..d66a93f97015
--- /dev/null
+++ b/games-server/minecraft-server/minecraft-server-1.16.5-r1.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+EGIT_COMMIT="1b557e7b033b583cd9f66746b7a9ab1ec1673ced"
+README_GENTOO_SUFFIX="-r1"
+
+inherit readme.gentoo-r1 java-pkg-2 systemd
+
+DESCRIPTION="The official server for the sandbox video game"
+HOMEPAGE="https://www.minecraft.net/"
+SRC_URI="https://launcher.mojang.com/v1/objects/${EGIT_COMMIT}/server.jar -> ${P}.jar"
+S="${WORKDIR}"
+
+LICENSE="Mojang"
+SLOT="0"
+KEYWORDS="amd64 ~arm64 x86"
+RESTRICT="bindist mirror"
+
+RDEPEND="
+ acct-group/minecraft
+ acct-user/minecraft
+ app-misc/dtach
+ || (
+ >=virtual/jre-1.8
+ >=virtual/jdk-1.8
+ )
+"
+
+src_unpack() {
+ cp "${DISTDIR}/${A}" "${WORKDIR}" || die
+}
+
+src_compile() {
+ :;
+}
+
+src_install() {
+ java-pkg_newjar minecraft-server-${PV}.jar minecraft-server.jar
+ java-pkg_dolauncher minecraft-server --jar minecraft-server.jar --java_args "\${JAVA_OPTS} -Dlog4j.configurationFile=log4j2_112-116.xml" --pkg_args nogui
+
+ insinto /usr/share/minecraft-server
+ doins "${FILESDIR}"/log4j2_112-116.xml
+
+ newinitd "${FILESDIR}"/minecraft-server.initd-r6 minecraft-server
+ newconfd "${FILESDIR}"/minecraft-server.confd-r1 minecraft-server
+ systemd_newunit "${FILESDIR}"/minecraft-server.service-r1 minecraft-server@.service
+
+ readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ readme.gentoo_print_elog
+}