diff options
author | Gilles Dartiguelongue <eva@gentoo.org> | 2009-04-09 22:45:30 +0000 |
---|---|---|
committer | Gilles Dartiguelongue <eva@gentoo.org> | 2009-04-09 22:45:30 +0000 |
commit | d1768a07517c653099298c326026c3f72579ca4d (patch) | |
tree | dd611aafe59f3d31fb3468eddac137dca922cb26 /app-admin | |
parent | Update category for apache in README.Gentoo file. Remove useless "standalone"... (diff) | |
download | gentoo-2-d1768a07517c653099298c326026c3f72579ca4d.tar.gz gentoo-2-d1768a07517c653099298c326026c3f72579ca4d.tar.bz2 gentoo-2-d1768a07517c653099298c326026c3f72579ca4d.zip |
Bump to 2.6.0-r2. Include more patches from bug #214265 and from ubuntu.
(Portage version: 2.2_rc28/cvs/Linux x86_64)
Diffstat (limited to 'app-admin')
7 files changed, 223 insertions, 2 deletions
diff --git a/app-admin/system-tools-backends/ChangeLog b/app-admin/system-tools-backends/ChangeLog index ca8177113f31..479cc1cb413d 100644 --- a/app-admin/system-tools-backends/ChangeLog +++ b/app-admin/system-tools-backends/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for app-admin/system-tools-backends -# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/ChangeLog,v 1.48 2008/10/13 21:27:11 eva Exp $ +# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/ChangeLog,v 1.49 2009/04/09 22:45:30 eva Exp $ + +*system-tools-backends-2.6.0-r2 (09 Apr 2009) + + 09 Apr 2009; Gilles Dartiguelongue <eva@gentoo.org> + +files/system-tools-backends-2.6.0-cleanup-pid-file.patch, + +files/system-tools-backends-2.6.0-cve-2008-4311.patch, + +files/system-tools-backends-2.6.0-default-permissions.patch, + +files/system-tools-backends-2.6.0-gcc43.patch, + +files/system-tools-backends-2.6.0-handle-services.patch, + +system-tools-backends-2.6.0-r2.ebuild: + Bump to 2.6.0-r2. Include more patches from bug #214265 and from ubuntu. *system-tools-backends-2.6.0-r1 (13 Oct 2008) diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch new file mode 100644 index 000000000000..6ec22b9f0645 --- /dev/null +++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch @@ -0,0 +1,30 @@ +# +# Ubuntu: https://bugs.launchpad.net/ubuntu/+source/system-tools-backends/+bug/298777 +# Upstream: https://bugs.freedesktop.org/show_bug.cgi?id=18625 +# Description: Patch to make S-T-B delete it's PID file when terminated +# +Index: system-tools-backends-2.6.0/dispatcher/main.c +=================================================================== +--- system-tools-backends-2.6.0.orig/dispatcher/main.c 2008-11-16 17:25:20.000000000 +0000 ++++ system-tools-backends-2.6.0/dispatcher/main.c 2008-11-16 17:25:30.000000000 +0000 +@@ -59,6 +59,12 @@ + close (dev_null_fd); + } + ++static void ++remove_pidfile (void) ++{ ++ unlink (LOCALSTATEDIR "/run/system-tools-backends.pid"); ++} ++ + void + signal_received (gint signal) + { +@@ -67,6 +73,7 @@ + case SIGTERM: + case SIGABRT: + g_object_unref (dispatcher); ++ remove_pidfile (); + exit (0); + break; + default: diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch new file mode 100644 index 000000000000..924b57b906cc --- /dev/null +++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch @@ -0,0 +1,44 @@ +commit fd648907e46017d46c367f59c62d0b0395830903 +Author: Simon McVittie <http://smcv.pseudorandom.co.uk/> +Date: 2009-01-04 19:35:51 +0000 + + Allow root to send messages to all the system tools backends, so they work even when CVE-2008-4311 has been fixed. + + Also disallow normal user access by destination, not by interface (fd.o #18961). + +diff --git a/system-tools-backends.conf b/system-tools-backends.conf +index 00d6d58..537ef73 100644 +--- a/system-tools-backends.conf ++++ b/system-tools-backends.conf +@@ -23,8 +23,8 @@ + --> + + <!-- configuration modules can't be accessed directly... --> +- <deny send_interface="org.freedesktop.SystemToolsBackends"/> +- <deny send_interface="org.freedesktop.SystemToolsBackends.Platform"/> ++ <deny send_destination="org.freedesktop.SystemToolsBackends"/> ++ <deny send_destination="org.freedesktop.SystemToolsBackends.Platform"/> + <deny send_destination="org.freedesktop.SystemToolsBackends"/> + </policy> + +@@ -47,9 +47,18 @@ + + <!-- be able to speak to configuration modules, + so any message to them has to go through the dispatcher --> +- <allow send_interface="org.freedesktop.SystemToolsBackends"/> +- <allow send_interface="org.freedesktop.SystemToolsBackends.Platform"/> + <allow send_destination="org.freedesktop.SystemToolsBackends"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.Platform"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.GroupsConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.HostsConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.IfacesConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.NFSConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.NTPConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.ServicesConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.SMBConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.TimeConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.UserConfig"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends.UsersConfig"/> + </policy> + <policy group="stb-admin"> + <!-- be able to speak to the dispatcher --> diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch new file mode 100644 index 000000000000..4712182cf7d6 --- /dev/null +++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch @@ -0,0 +1,24 @@ +--- a/system-tools-backends.conf.orig 2008-05-28 13:20:52.246850438 +0200 ++++ b/system-tools-backends.conf 2008-05-28 13:24:07.867969323 +0200 +@@ -25,9 +25,7 @@ + <!-- configuration modules can't be accessed directly... --> + <deny send_interface="org.freedesktop.SystemToolsBackends"/> + <deny send_interface="org.freedesktop.SystemToolsBackends.Platform"/> +- +- <!-- ...so petitions go through the dispatcher instead --> +- <allow send_destination="org.freedesktop.SystemToolsBackends"/> ++ <deny send_destination="org.freedesktop.SystemToolsBackends"/> + </policy> + + <policy user="0"> +@@ -51,5 +49,10 @@ + so any message to them has to go through the dispatcher --> + <allow send_interface="org.freedesktop.SystemToolsBackends"/> + <allow send_interface="org.freedesktop.SystemToolsBackends.Platform"/> ++ <allow send_destination="org.freedesktop.SystemToolsBackends"/> ++ </policy> ++ <policy group="stb-admin"> ++ <!-- be able to speak to the dispatcher --> ++ <allow send_destination="org.freedesktop.SystemToolsBackends"/> + </policy> + </busconfig> diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch new file mode 100644 index 000000000000..084c45f42ffc --- /dev/null +++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch @@ -0,0 +1,15 @@ +diff --git a/dispatcher/main.c b/dispatcher/main.c +index 8088bd0..0448b5e 100644 +--- a/dispatcher/main.c ++++ b/dispatcher/main.c +@@ -47,7 +47,9 @@ daemonize (void) + + setsid (); + +- if ((pidfile_fd = open (LOCALSTATEDIR "/run/system-tools-backends.pid", O_CREAT | O_WRONLY)) != -1) ++ if ((pidfile_fd = open (LOCALSTATEDIR "/run/system-tools-backends.pid", ++ O_CREAT | O_WRONLY, ++ S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) != -1) + { + str = g_strdup_printf ("%d", getpid ()); + write (pidfile_fd, str, strlen (str)); diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch new file mode 100644 index 000000000000..c8f8f96cc043 --- /dev/null +++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch @@ -0,0 +1,13 @@ +diff --git Init/Services.pm Init/Services.pm +index c1d2620..07ed2cd 100644 +--- Init/Services.pm ++++ Init/Services.pm +@@ -802,7 +802,7 @@ sub set_gentoo_service_status + + return if ($status == $old_status); + +- if ($action == $SERVICE_START) ++ if ($status == $SERVICE_START) + { + &Utils::File::run ("rc-update add $script $rl"); + &run_gentoo_script ($script, "start"); diff --git a/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild b/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild new file mode 100644 index 000000000000..5db89a08e114 --- /dev/null +++ b/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild,v 1.1 2009/04/09 22:45:30 eva Exp $ + +inherit autotools eutils gnome2 + +DESCRIPTION="Tools aimed to make easy the administration of UNIX systems" +HOMEPAGE="http://www.gnome.org/projects/gst/" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="policykit" + +RDEPEND="!<app-admin/gnome-system-tools-1.1.91 + >=sys-apps/dbus-1.1.2 + >=dev-libs/dbus-glib-0.74 + >=dev-libs/glib-2.15.2 + >=dev-perl/Net-DBus-0.33.4 + dev-lang/perl + policykit? ( >=sys-auth/policykit-0.5 ) + userland_GNU? ( sys-apps/shadow )" + +DEPEND="${RDEPEND} + dev-util/pkgconfig" + +DOCS="AUTHORS ChangeLog NEWS README TODO" + +pkg_setup() { + G2CONF="${G2CONF} $(use_enable policykit polkit)" + + enewgroup stb-admin || die "Failed to create stb-admin group" +} + +src_unpack() { + gnome2_src_unpack + + # Fix a typo in services + epatch "${FILESDIR}/${P}-services.patch" + + # Fix a distro detection in users to use proper variant + # of useradd + epatch "${FILESDIR}/${P}-users.patch" + + # Fix automagic policykit dependency + epatch "${FILESDIR}/${P}-automagic-polkit.patch" + + # Fix service handling + epatch "${FILESDIR}/${P}-handle-services.patch" + + # Clean up pid file + epatch "${FILESDIR}/${P}-cleanup-pid-file.patch" + + # Change default permission, only people in stb-admin is allowed + # to speak to the dispatcher. + epatch "${FILESDIR}/${P}-default-permissions.patch" + + # Apply fix from ubuntu for CVE 2008 4311 + epatch "${FILESDIR}/${P}-cve-2008-4311.patch" + + # Fix for gcc 4.3 + epatch "${FILESDIR}/${P}-gcc43.patch" + + eautoreconf +} + +src_compile() { + # Autotools insanity, localstatedir gets set to /usr/local/var by default + gnome2_src_compile --localstatedir="${ROOT}"/var +} + +src_install() { + gnome2_src_install + newinitd "${FILESDIR}"/stb.rc system-tools-backends +} + +pkg_postinst() { + echo + elog "You need to add yourself to the group stb-admin and" + elog "add system-tools-backends to the default runlevel." + elog "You can do this as root like so:" + elog " # rc-update add system-tools-backends default" + echo +} |