summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTavis Ormandy <taviso@gentoo.org>2003-10-31 23:51:47 +0000
committerTavis Ormandy <taviso@gentoo.org>2003-10-31 23:51:47 +0000
commit9f040b64d3b199a8edb2400d35c6beac5a50ea50 (patch)
tree40a8c82cdfe64c05a8857c022339ce3e677d7b50 /app-crypt
parentversion bump (diff)
downloadgentoo-2-9f040b64d3b199a8edb2400d35c6beac5a50ea50.tar.gz
gentoo-2-9f040b64d3b199a8edb2400d35c6beac5a50ea50.tar.bz2
gentoo-2-9f040b64d3b199a8edb2400d35c6beac5a50ea50.zip
minor tweaks.
Diffstat (limited to 'app-crypt')
-rw-r--r--app-crypt/gnupg/Manifest2
-rw-r--r--app-crypt/gnupg/gnupg-1.2.3-r3.ebuild48
2 files changed, 35 insertions, 15 deletions
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
index 1e647db3f9c0..99a9531a29ea 100644
--- a/app-crypt/gnupg/Manifest
+++ b/app-crypt/gnupg/Manifest
@@ -1,5 +1,5 @@
MD5 0761192752d3ed8c1ced6a858261eff6 gnupg-1.2.3-r2.ebuild 1626
-MD5 7f9198189193dd8823a8e138ac336d71 gnupg-1.2.3-r3.ebuild 2937
+MD5 b9753968537e069430e5e0ed54ba117e gnupg-1.2.3-r3.ebuild 3656
MD5 95d9ba72ebb3d327a76a7b871aad85ed ChangeLog 5583
MD5 5ffa87354a03beae320d15a7be997529 gnupg-1.2.2-r1.ebuild 1629
MD5 773ecd19392b8f793d7626c9814e1e0b files/digest-gnupg-1.2.2-r1 65
diff --git a/app-crypt/gnupg/gnupg-1.2.3-r3.ebuild b/app-crypt/gnupg/gnupg-1.2.3-r3.ebuild
index b08887878c4e..bf0ad348059b 100644
--- a/app-crypt/gnupg/gnupg-1.2.3-r3.ebuild
+++ b/app-crypt/gnupg/gnupg-1.2.3-r3.ebuild
@@ -1,30 +1,41 @@
# Copyright 1999-2003 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-1.2.3-r3.ebuild,v 1.2 2003/10/31 22:03:10 taviso Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-1.2.3-r3.ebuild,v 1.3 2003/10/31 23:51:40 taviso Exp $
DESCRIPTION="The GNU Privacy Guard, a GPL pgp replacement"
HOMEPAGE="http://www.gnupg.org/"
SRC_URI="ftp://ftp.gnupg.org/gcrypt/gnupg/${P}.tar.bz2"
-
SLOT="0"
LICENSE="GPL-2"
KEYWORDS="~x86 ~alpha ~sparc ~hppa"
IUSE="X ldap nls static caps"
+# gpgkeys_mailto requires perl and sendmail,
+# depend on virtual/mta (ssmtp does just fine).
RDEPEND="!static? ( ldap? ( net-nds/openldap )
caps? ( sys-libs/libcap )
sys-libs/zlib )
X? ( x11-misc/xloadimage )
- nls? ( sys-devel/gettext )"
+ nls? ( sys-devel/gettext )
+ virtual/glibc
+ dev-lang/perl
+ virtual/mta"
+# libpcap earlier than 1.10-r3 did not provide
+# libcap.a, and therefore cannot be compiled
+# statically. >=sys-libs/libcap-1.10-r3 fixes.
DEPEND="caps? ( static? ( >=sys-libs/libcap-1.10-r3 )
!static? ( sys-libs/libcap ) )
ldap? ( net-nds/openldap )
nls? ( sys-devel/gettext )
!static? ( sys-libs/zlib )
+ virtual/glibc
dev-lang/perl"
src_compile() {
+ # support for external HKP keyservers requested in #16457.
+ # gpg faq entry 3.3 reccommends using --enable-static-rnd=linux
+ # whenever possible.
local myconf="--enable-external-hkp --enable-static-rnd=linux --libexecdir=/usr/lib"
# disable native language support
@@ -48,7 +59,8 @@ src_compile() {
fi
# if we are compiling statically, we might as well use
- # the included zlib library and remove a dep.
+ # the included zlib library and remove an rdep/dep.
+
# `USE=static` support was requested in #29299
if use static; then
myconf="${myconf} --with-included-zlib"
@@ -59,6 +71,7 @@ src_compile() {
# use the linux capability library to minimise security
# risks of running setuid root.
+ # see the capabilities(7) manpage.
if use caps; then
myconf="${myconf} --with-capabilities"
fi
@@ -69,13 +82,14 @@ src_compile() {
myconf="${myconf} --enable-m-guard"
fi
- econf ${myconf}
- emake
+ econf ${myconf} || die
+ emake || die
}
src_install() {
einstall libexecdir="${D}/usr/lib/gnupg"
+ # keep the documentation in /usr/share/doc/...
rm -rf "${D}/usr/share/gnupg/FAQ" "${D}/usr/share/gnupg/faq.html"
dodoc ABOUT-NLS AUTHORS BUGS COPYING ChangeLog INSTALL NEWS PROJECTS \
@@ -86,23 +100,29 @@ src_install() {
dohtml doc/faq.html
+ # please see glsa 200307-06
chmod u+s "${D}/usr/bin/gpg"
}
pkg_postinst() {
einfo "gpg is installed suid root to make use of protected memory space"
einfo "This is needed in order to have a secure place to store your"
- einfo "passphrases, etc. This may make some sysadmins nervous."
+ einfo "passphrases, etc. at runtime but may make some sysadmins nervous."
if use caps; then
echo
- einfo "gpg will use Linux capabilities to set the permitted"
- einfo "operations, this will minimise the security risks"
- einfo "associated with running setuid root."
- echo
- einfo "You can confirm the capabilities are being set correctly"
- einfo "with the following command while gpg is running"
- echo
+
+ # a quick blurb to explain the linux capabilities.
+ # $ /sbin/getpcaps `pidof gpg`
+ # Capabilities for `31677': = cap_ipc_lock+p
+ #
+ # useful reference in the comments from
+ # /usr/include/linux/capability.h
+
+ einfo "gpg will use the linux capabilities system to minimise the"
+ einfo "security risks associated with running setuid root."
+ einfo "you can confirm the capabilities have been set with the"
+ einfo "getpcaps application."
einfo " # getpcaps \`pidof gpg\`"
fi
}