From 38b6fafecf4a802d0c7d9f6b0a6ddf4c94056220 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Thu, 15 Dec 2016 05:40:30 +0100 Subject: sys-auth/munge: fix lpe, bug 602596 Package-Manager: Portage-2.3.3, Repoman-2.3.1 --- sys-auth/munge/files/munged.initd | 14 +++++--- sys-auth/munge/munge-0.5.10-r1.ebuild | 62 --------------------------------- sys-auth/munge/munge-0.5.10-r2.ebuild | 61 ++++++++++++++++++++++++++++++++ sys-auth/munge/munge-0.5.11-r1.ebuild | 64 ++++++++++++++++++++++++++++++++++ sys-auth/munge/munge-0.5.11.ebuild | 65 ----------------------------------- 5 files changed, 134 insertions(+), 132 deletions(-) delete mode 100644 sys-auth/munge/munge-0.5.10-r1.ebuild create mode 100644 sys-auth/munge/munge-0.5.10-r2.ebuild create mode 100644 sys-auth/munge/munge-0.5.11-r1.ebuild delete mode 100644 sys-auth/munge/munge-0.5.11.ebuild (limited to 'sys-auth') diff --git a/sys-auth/munge/files/munged.initd b/sys-auth/munge/files/munged.initd index d1ac230c7642..c53219d2ae85 100644 --- a/sys-auth/munge/files/munged.initd +++ b/sys-auth/munge/files/munged.initd @@ -1,5 +1,5 @@ #!/sbin/openrc-run -# Copyright 1999-2012 Gentoo Foundation +# Copyright 1999-2016 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Id$ @@ -9,20 +9,24 @@ depend() { check_key() { [ -s "${KEYFILE}" ] && return 0 - dd if=/dev/urandom bs=1 count=1024 >/etc/munge/munge.key 2>/dev/null || return 1 - chown munge:munge "${KEYFILE}" || return 1 - chmod 700 "${KEYFILE}" || return 1 + local old_umask=$(umask) + local ret + umask 037 + dd if=/dev/urandom bs=1024 count=1 of="${KEYFILE}" 2>/dev/null; ret=$? + umask $old_umask + return $ret } start() { ebegin "Starting munged" if ! check_key; then - eerror "Failed to verify/create munge key" + eerror "Failed to create munge key" eend 1 && exit 1 fi checkpath -d -m 755 -o munge:munge /var/run/munge checkpath -d -m 711 -o munge:munge /var/lib/munge checkpath -d -m 700 -o munge:munge /var/log/munge + checkpath -f -m 640 -o root:munge "${KEYFILE}" start-stop-daemon -S /usr/sbin/munged \ --user munge \ --group munge \ diff --git a/sys-auth/munge/munge-0.5.10-r1.ebuild b/sys-auth/munge/munge-0.5.10-r1.ebuild deleted file mode 100644 index db28eb0208b2..000000000000 --- a/sys-auth/munge/munge-0.5.10-r1.ebuild +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI=4 -inherit user - -DESCRIPTION="An authentication service for creating and validating credentials" -HOMEPAGE="https://code.google.com/p/munge/" -SRC_URI="https://munge.googlecode.com/files/${P}.tar.bz2" - -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="alpha amd64 hppa ia64 ~mips ppc ppc64 sparc x86" -IUSE="gcrypt" - -DEPEND="app-arch/bzip2 - sys-libs/zlib - gcrypt? ( dev-libs/libgcrypt:0 ) - !gcrypt? ( dev-libs/openssl )" -RDEPEND="${DEPEND}" - -pkg_setup() { - enewgroup munge - enewuser munge -1 -1 /var/lib/munge munge -} - -src_configure() { - local conf="" - - if use gcrypt; then - conf="${conf} --with-crypto-lib=libgcrypt" - else - conf="${conf} --with-crypto-lib=openssl" - fi - - econf ${conf} \ - --localstatedir=/var -} - -src_install() { - emake DESTDIR="${D}" install || die - - # 450830 - if [ -d "${D}"/var/run ]; then - rm -rf "${D}"/var/run || die - fi - - diropts -o munge -g munge -m700 - dodir /etc/munge || die - - [ -d "${D}"/etc/init.d ] && rm -r "${D}"/etc/init.d - [ -d "${D}"/etc/default ] && rm -r "${D}"/etc/default - [ -d "${D}"/etc/sysconfig ] && rm -r "${D}"/etc/sysconfig - - newconfd "${FILESDIR}"/${PN}d.confd ${PN}d || die - newinitd "${FILESDIR}"/${PN}d.initd ${PN}d || die -} - -src_test() { - emake check || die -} diff --git a/sys-auth/munge/munge-0.5.10-r2.ebuild b/sys-auth/munge/munge-0.5.10-r2.ebuild new file mode 100644 index 000000000000..35975e8ff2ce --- /dev/null +++ b/sys-auth/munge/munge-0.5.10-r2.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 +inherit user + +DESCRIPTION="An authentication service for creating and validating credentials" +HOMEPAGE="https://code.google.com/p/munge/" +SRC_URI="https://munge.googlecode.com/files/${P}.tar.bz2" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="alpha amd64 hppa ia64 ~mips ppc ppc64 sparc x86" +IUSE="gcrypt" + +DEPEND="app-arch/bzip2 + sys-libs/zlib + gcrypt? ( dev-libs/libgcrypt:0 ) + !gcrypt? ( dev-libs/openssl )" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup munge + enewuser munge -1 -1 /var/lib/munge munge +} + +src_configure() { + local conf="" + + if use gcrypt; then + conf="${conf} --with-crypto-lib=libgcrypt" + else + conf="${conf} --with-crypto-lib=openssl" + fi + + econf ${conf} \ + --localstatedir=/var +} + +src_install() { + emake DESTDIR="${D}" install || die + + # 450830 + if [ -d "${D}"/var/run ]; then + rm -rf "${D}"/var/run || die + fi + + dodir /etc/munge || die + + [ -d "${D}"/etc/init.d ] && rm -r "${D}"/etc/init.d + [ -d "${D}"/etc/default ] && rm -r "${D}"/etc/default + [ -d "${D}"/etc/sysconfig ] && rm -r "${D}"/etc/sysconfig + + newconfd "${FILESDIR}"/${PN}d.confd ${PN}d || die + newinitd "${FILESDIR}"/${PN}d.initd ${PN}d || die +} + +src_test() { + emake check || die +} diff --git a/sys-auth/munge/munge-0.5.11-r1.ebuild b/sys-auth/munge/munge-0.5.11-r1.ebuild new file mode 100644 index 000000000000..4736ded9335f --- /dev/null +++ b/sys-auth/munge/munge-0.5.11-r1.ebuild @@ -0,0 +1,64 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools eutils user prefix + +DESCRIPTION="An authentication service for creating and validating credentials" +HOMEPAGE="https://github.com/dun/munge" +SRC_URI="https://github.com/dun/munge/releases/download/munge-${PV}/munge-${PV}.tar.bz2" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +IUSE="gcrypt" + +DEPEND="app-arch/bzip2 + sys-libs/zlib + gcrypt? ( dev-libs/libgcrypt:0 ) + !gcrypt? ( dev-libs/openssl:0 )" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup munge + enewuser munge -1 -1 /var/lib/munge munge +} + +src_prepare() { + # Accepted upstream, https://github.com/dun/munge/pull/40 + epatch "${FILESDIR}"/fixed-recursive-use-of-make-in-makefiles.patch + + hprefixify config/x_ac_path_openssl.m4 + + eautoreconf +} + +src_configure() { + econf \ + --localstatedir="${EPREFIX}"/var \ + --with-crypto-lib=$(usex gcrypt libgcrypt openssl) +} + +src_install() { + local d + + default + + # 450830 + if [ -d "${ED}"/var/run ]; then + rm -rf "${ED}"/var/run || die + fi + + dodir /etc/munge + + for d in "init.d" "default" "sysconfig"; do + if [ -d "${ED}"/etc/${d} ]; then + rm -r "${ED}"/etc/${d} || die + fi + done + + newconfd "$(prefixify_ro "${FILESDIR}"/${PN}d.confd)" ${PN}d + newinitd "$(prefixify_ro "${FILESDIR}"/${PN}d.initd)" ${PN}d +} diff --git a/sys-auth/munge/munge-0.5.11.ebuild b/sys-auth/munge/munge-0.5.11.ebuild deleted file mode 100644 index 5ca486579d88..000000000000 --- a/sys-auth/munge/munge-0.5.11.ebuild +++ /dev/null @@ -1,65 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI=5 -inherit autotools eutils user prefix - -DESCRIPTION="An authentication service for creating and validating credentials" -HOMEPAGE="https://github.com/dun/munge" -SRC_URI="https://github.com/dun/munge/releases/download/munge-${PV}/munge-${PV}.tar.bz2" - -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" - -IUSE="gcrypt" - -DEPEND="app-arch/bzip2 - sys-libs/zlib - gcrypt? ( dev-libs/libgcrypt:0 ) - !gcrypt? ( dev-libs/openssl:0 )" -RDEPEND="${DEPEND}" - -pkg_setup() { - enewgroup munge - enewuser munge -1 -1 /var/lib/munge munge -} - -src_prepare() { - # Accepted upstream, https://github.com/dun/munge/pull/40 - epatch "${FILESDIR}"/fixed-recursive-use-of-make-in-makefiles.patch - - hprefixify config/x_ac_path_openssl.m4 - - eautoreconf -} - -src_configure() { - econf \ - --localstatedir="${EPREFIX}"/var \ - --with-crypto-lib=$(usex gcrypt libgcrypt openssl) -} - -src_install() { - local d - - default - - # 450830 - if [ -d "${ED}"/var/run ]; then - rm -rf "${ED}"/var/run || die - fi - - [[ ${EUID} = 0 ]] && diropts -o munge -g munge -m700 - dodir /etc/munge - - for d in "init.d" "default" "sysconfig"; do - if [ -d "${ED}"/etc/${d} ]; then - rm -r "${ED}"/etc/${d} || die - fi - done - - newconfd "$(prefixify_ro "${FILESDIR}"/${PN}d.confd)" ${PN}d - newinitd "$(prefixify_ro "${FILESDIR}"/${PN}d.initd)" ${PN}d -} -- cgit v1.2.3-65-gdbad