summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGilles Dartiguelongue <eva@gentoo.org>2009-04-09 22:45:30 +0000
committerGilles Dartiguelongue <eva@gentoo.org>2009-04-09 22:45:30 +0000
commitd1768a07517c653099298c326026c3f72579ca4d (patch)
treedd611aafe59f3d31fb3468eddac137dca922cb26 /app-admin
parentUpdate category for apache in README.Gentoo file. Remove useless "standalone"... (diff)
downloadgentoo-2-d1768a07517c653099298c326026c3f72579ca4d.tar.gz
gentoo-2-d1768a07517c653099298c326026c3f72579ca4d.tar.bz2
gentoo-2-d1768a07517c653099298c326026c3f72579ca4d.zip
Bump to 2.6.0-r2. Include more patches from bug #214265 and from ubuntu.
(Portage version: 2.2_rc28/cvs/Linux x86_64)
Diffstat (limited to 'app-admin')
-rw-r--r--app-admin/system-tools-backends/ChangeLog15
-rw-r--r--app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch30
-rw-r--r--app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch44
-rw-r--r--app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch24
-rw-r--r--app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch15
-rw-r--r--app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch13
-rw-r--r--app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild84
7 files changed, 223 insertions, 2 deletions
diff --git a/app-admin/system-tools-backends/ChangeLog b/app-admin/system-tools-backends/ChangeLog
index ca8177113f31..479cc1cb413d 100644
--- a/app-admin/system-tools-backends/ChangeLog
+++ b/app-admin/system-tools-backends/ChangeLog
@@ -1,6 +1,17 @@
# ChangeLog for app-admin/system-tools-backends
-# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/ChangeLog,v 1.48 2008/10/13 21:27:11 eva Exp $
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/ChangeLog,v 1.49 2009/04/09 22:45:30 eva Exp $
+
+*system-tools-backends-2.6.0-r2 (09 Apr 2009)
+
+ 09 Apr 2009; Gilles Dartiguelongue <eva@gentoo.org>
+ +files/system-tools-backends-2.6.0-cleanup-pid-file.patch,
+ +files/system-tools-backends-2.6.0-cve-2008-4311.patch,
+ +files/system-tools-backends-2.6.0-default-permissions.patch,
+ +files/system-tools-backends-2.6.0-gcc43.patch,
+ +files/system-tools-backends-2.6.0-handle-services.patch,
+ +system-tools-backends-2.6.0-r2.ebuild:
+ Bump to 2.6.0-r2. Include more patches from bug #214265 and from ubuntu.
*system-tools-backends-2.6.0-r1 (13 Oct 2008)
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch
new file mode 100644
index 000000000000..6ec22b9f0645
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch
@@ -0,0 +1,30 @@
+#
+# Ubuntu: https://bugs.launchpad.net/ubuntu/+source/system-tools-backends/+bug/298777
+# Upstream: https://bugs.freedesktop.org/show_bug.cgi?id=18625
+# Description: Patch to make S-T-B delete it's PID file when terminated
+#
+Index: system-tools-backends-2.6.0/dispatcher/main.c
+===================================================================
+--- system-tools-backends-2.6.0.orig/dispatcher/main.c 2008-11-16 17:25:20.000000000 +0000
++++ system-tools-backends-2.6.0/dispatcher/main.c 2008-11-16 17:25:30.000000000 +0000
+@@ -59,6 +59,12 @@
+ close (dev_null_fd);
+ }
+
++static void
++remove_pidfile (void)
++{
++ unlink (LOCALSTATEDIR "/run/system-tools-backends.pid");
++}
++
+ void
+ signal_received (gint signal)
+ {
+@@ -67,6 +73,7 @@
+ case SIGTERM:
+ case SIGABRT:
+ g_object_unref (dispatcher);
++ remove_pidfile ();
+ exit (0);
+ break;
+ default:
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch
new file mode 100644
index 000000000000..924b57b906cc
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch
@@ -0,0 +1,44 @@
+commit fd648907e46017d46c367f59c62d0b0395830903
+Author: Simon McVittie <http://smcv.pseudorandom.co.uk/>
+Date: 2009-01-04 19:35:51 +0000
+
+ Allow root to send messages to all the system tools backends, so they work even when CVE-2008-4311 has been fixed.
+
+ Also disallow normal user access by destination, not by interface (fd.o #18961).
+
+diff --git a/system-tools-backends.conf b/system-tools-backends.conf
+index 00d6d58..537ef73 100644
+--- a/system-tools-backends.conf
++++ b/system-tools-backends.conf
+@@ -23,8 +23,8 @@
+ -->
+
+ <!-- configuration modules can't be accessed directly... -->
+- <deny send_interface="org.freedesktop.SystemToolsBackends"/>
+- <deny send_interface="org.freedesktop.SystemToolsBackends.Platform"/>
++ <deny send_destination="org.freedesktop.SystemToolsBackends"/>
++ <deny send_destination="org.freedesktop.SystemToolsBackends.Platform"/>
+ <deny send_destination="org.freedesktop.SystemToolsBackends"/>
+ </policy>
+
+@@ -47,9 +47,18 @@
+
+ <!-- be able to speak to configuration modules,
+ so any message to them has to go through the dispatcher -->
+- <allow send_interface="org.freedesktop.SystemToolsBackends"/>
+- <allow send_interface="org.freedesktop.SystemToolsBackends.Platform"/>
+ <allow send_destination="org.freedesktop.SystemToolsBackends"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.Platform"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.GroupsConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.HostsConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.IfacesConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.NFSConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.NTPConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.ServicesConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.SMBConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.TimeConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.UserConfig"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends.UsersConfig"/>
+ </policy>
+ <policy group="stb-admin">
+ <!-- be able to speak to the dispatcher -->
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch
new file mode 100644
index 000000000000..4712182cf7d6
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch
@@ -0,0 +1,24 @@
+--- a/system-tools-backends.conf.orig 2008-05-28 13:20:52.246850438 +0200
++++ b/system-tools-backends.conf 2008-05-28 13:24:07.867969323 +0200
+@@ -25,9 +25,7 @@
+ <!-- configuration modules can't be accessed directly... -->
+ <deny send_interface="org.freedesktop.SystemToolsBackends"/>
+ <deny send_interface="org.freedesktop.SystemToolsBackends.Platform"/>
+-
+- <!-- ...so petitions go through the dispatcher instead -->
+- <allow send_destination="org.freedesktop.SystemToolsBackends"/>
++ <deny send_destination="org.freedesktop.SystemToolsBackends"/>
+ </policy>
+
+ <policy user="0">
+@@ -51,5 +49,10 @@
+ so any message to them has to go through the dispatcher -->
+ <allow send_interface="org.freedesktop.SystemToolsBackends"/>
+ <allow send_interface="org.freedesktop.SystemToolsBackends.Platform"/>
++ <allow send_destination="org.freedesktop.SystemToolsBackends"/>
++ </policy>
++ <policy group="stb-admin">
++ <!-- be able to speak to the dispatcher -->
++ <allow send_destination="org.freedesktop.SystemToolsBackends"/>
+ </policy>
+ </busconfig>
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch
new file mode 100644
index 000000000000..084c45f42ffc
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch
@@ -0,0 +1,15 @@
+diff --git a/dispatcher/main.c b/dispatcher/main.c
+index 8088bd0..0448b5e 100644
+--- a/dispatcher/main.c
++++ b/dispatcher/main.c
+@@ -47,7 +47,9 @@ daemonize (void)
+
+ setsid ();
+
+- if ((pidfile_fd = open (LOCALSTATEDIR "/run/system-tools-backends.pid", O_CREAT | O_WRONLY)) != -1)
++ if ((pidfile_fd = open (LOCALSTATEDIR "/run/system-tools-backends.pid",
++ O_CREAT | O_WRONLY,
++ S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) != -1)
+ {
+ str = g_strdup_printf ("%d", getpid ());
+ write (pidfile_fd, str, strlen (str));
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch
new file mode 100644
index 000000000000..c8f8f96cc043
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch
@@ -0,0 +1,13 @@
+diff --git Init/Services.pm Init/Services.pm
+index c1d2620..07ed2cd 100644
+--- Init/Services.pm
++++ Init/Services.pm
+@@ -802,7 +802,7 @@ sub set_gentoo_service_status
+
+ return if ($status == $old_status);
+
+- if ($action == $SERVICE_START)
++ if ($status == $SERVICE_START)
+ {
+ &Utils::File::run ("rc-update add $script $rl");
+ &run_gentoo_script ($script, "start");
diff --git a/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild b/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild
new file mode 100644
index 000000000000..5db89a08e114
--- /dev/null
+++ b/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild
@@ -0,0 +1,84 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild,v 1.1 2009/04/09 22:45:30 eva Exp $
+
+inherit autotools eutils gnome2
+
+DESCRIPTION="Tools aimed to make easy the administration of UNIX systems"
+HOMEPAGE="http://www.gnome.org/projects/gst/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="policykit"
+
+RDEPEND="!<app-admin/gnome-system-tools-1.1.91
+ >=sys-apps/dbus-1.1.2
+ >=dev-libs/dbus-glib-0.74
+ >=dev-libs/glib-2.15.2
+ >=dev-perl/Net-DBus-0.33.4
+ dev-lang/perl
+ policykit? ( >=sys-auth/policykit-0.5 )
+ userland_GNU? ( sys-apps/shadow )"
+
+DEPEND="${RDEPEND}
+ dev-util/pkgconfig"
+
+DOCS="AUTHORS ChangeLog NEWS README TODO"
+
+pkg_setup() {
+ G2CONF="${G2CONF} $(use_enable policykit polkit)"
+
+ enewgroup stb-admin || die "Failed to create stb-admin group"
+}
+
+src_unpack() {
+ gnome2_src_unpack
+
+ # Fix a typo in services
+ epatch "${FILESDIR}/${P}-services.patch"
+
+ # Fix a distro detection in users to use proper variant
+ # of useradd
+ epatch "${FILESDIR}/${P}-users.patch"
+
+ # Fix automagic policykit dependency
+ epatch "${FILESDIR}/${P}-automagic-polkit.patch"
+
+ # Fix service handling
+ epatch "${FILESDIR}/${P}-handle-services.patch"
+
+ # Clean up pid file
+ epatch "${FILESDIR}/${P}-cleanup-pid-file.patch"
+
+ # Change default permission, only people in stb-admin is allowed
+ # to speak to the dispatcher.
+ epatch "${FILESDIR}/${P}-default-permissions.patch"
+
+ # Apply fix from ubuntu for CVE 2008 4311
+ epatch "${FILESDIR}/${P}-cve-2008-4311.patch"
+
+ # Fix for gcc 4.3
+ epatch "${FILESDIR}/${P}-gcc43.patch"
+
+ eautoreconf
+}
+
+src_compile() {
+ # Autotools insanity, localstatedir gets set to /usr/local/var by default
+ gnome2_src_compile --localstatedir="${ROOT}"/var
+}
+
+src_install() {
+ gnome2_src_install
+ newinitd "${FILESDIR}"/stb.rc system-tools-backends
+}
+
+pkg_postinst() {
+ echo
+ elog "You need to add yourself to the group stb-admin and"
+ elog "add system-tools-backends to the default runlevel."
+ elog "You can do this as root like so:"
+ elog " # rc-update add system-tools-backends default"
+ echo
+}