summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2004-10-31 05:58:05 +0000
committerMike Frysinger <vapier@gentoo.org>2004-10-31 05:58:05 +0000
commite5cacf49b5b9333d0a2371a2b79ae6084130ebfd (patch)
treee1bc285dd8a9c829ee73cb8f7c7a2d97175ea54d
parentarm/hppa/ia64 stable for security #69315 (Manifest recommit) (diff)
downloadgentoo-2-e5cacf49b5b9333d0a2371a2b79ae6084130ebfd.tar.gz
gentoo-2-e5cacf49b5b9333d0a2371a2b79ae6084130ebfd.tar.bz2
gentoo-2-e5cacf49b5b9333d0a2371a2b79ae6084130ebfd.zip
Clean up ebuilds and add support for loopback-only #65199 by Elros Cyriatan.
-rw-r--r--net-nds/portmap/ChangeLog8
-rw-r--r--net-nds/portmap/files/portmap-5b-loopback-only.patch62
-rw-r--r--net-nds/portmap/files/portmap-5b-optional-tcpd.patch38
-rw-r--r--net-nds/portmap/files/portmap.confd6
-rw-r--r--net-nds/portmap/files/portmap.rc68
-rw-r--r--net-nds/portmap/portmap-5b-r8.ebuild32
-rw-r--r--net-nds/portmap/portmap-5b-r9.ebuild89
7 files changed, 168 insertions, 75 deletions
diff --git a/net-nds/portmap/ChangeLog b/net-nds/portmap/ChangeLog
index 2ddd5cb06016..1946105286a7 100644
--- a/net-nds/portmap/ChangeLog
+++ b/net-nds/portmap/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-nds/portmap
# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/ChangeLog,v 1.24 2004/08/02 04:21:21 agriffis Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/ChangeLog,v 1.25 2004/10/31 05:58:05 vapier Exp $
+
+ 31 Oct 2004; Mike Frysinger <vapier@gentoo.org>
+ +files/portmap-5b-loopback-only.patch,
+ +files/portmap-5b-optional-tcpd.patch, +files/portmap.confd,
+ files/portmap.rc6, portmap-5b-r8.ebuild, portmap-5b-r9.ebuild:
+ Clean up ebuilds and add support for loopback-only #65199 by Elros Cyriatan.
02 Aug 2004; Aron Griffis <agriffis@gentoo.org> portmap-5b-r8.ebuild,
portmap-5b-r9.ebuild:
diff --git a/net-nds/portmap/files/portmap-5b-loopback-only.patch b/net-nds/portmap/files/portmap-5b-loopback-only.patch
new file mode 100644
index 000000000000..4684319ce574
--- /dev/null
+++ b/net-nds/portmap/files/portmap-5b-loopback-only.patch
@@ -0,0 +1,62 @@
+diff -u portmap_5beta/pmap_check.c portmap_5beta_elros/pmap_check.c
+--- portmap_5beta/pmap_check.c 1996-07-07 10:49:10.000000000 +0200
++++ portmap_5beta_elros/pmap_check.c 2004-09-24 01:56:47.000000000 +0200
+@@ -63,6 +63,7 @@
+ static void logit();
+ static void toggle_verboselog();
+ int verboselog = 0;
++int listenonlyloopback = 0;
+ int allow_severity = LOG_INFO;
+ int deny_severity = LOG_WARNING;
+
+diff -u portmap_5beta/pmap_check.h portmap_5beta_elros/pmap_check.h
+--- portmap_5beta/pmap_check.h 1996-07-06 23:06:23.000000000 +0200
++++ portmap_5beta_elros/pmap_check.h 2004-09-24 01:55:24.000000000 +0200
+@@ -7,6 +7,7 @@
+ extern int check_privileged_port();
+ extern int check_callit();
+ extern int verboselog;
++extern int listenonlyloopback;
+ extern int allow_severity;
+ extern int deny_severity;
+
+diff -u portmap_5beta/portmap.c portmap_5beta_elros/portmap.c
+--- portmap_5beta/portmap.c 1996-07-06 23:06:24.000000000 +0200
++++ portmap_5beta_elros/portmap.c 2004-09-24 01:49:47.000000000 +0200
+@@ -158,7 +158,7 @@
+ int len = sizeof(struct sockaddr_in);
+ register struct pmaplist *pml;
+
+- while ((c = getopt(argc, argv, "dv")) != EOF) {
++ while ((c = getopt(argc, argv, "dvl")) != EOF) {
+ switch (c) {
+
+ case 'd':
+@@ -169,10 +169,15 @@
+ verboselog = 1;
+ break;
+
++ case 'l':
++ listenonlyloopback = 1;
++ break;
++
+ default:
+ (void) fprintf(stderr, "usage: %s [-dv]\n", argv[0]);
+ (void) fprintf(stderr, "-d: debugging mode\n");
+ (void) fprintf(stderr, "-v: verbose logging\n");
++ (void) fprintf(stderr, "-l: listen only on loopback address (not on external address)\n");
+ exit(1);
+ }
+ }
+@@ -201,6 +206,11 @@
+ addr.sin_addr.s_addr = 0;
+ addr.sin_family = AF_INET;
+ addr.sin_port = htons(PMAPPORT);
++
++ if (listenonlyloopback) {
++ addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
++ }
++
+ if (bind(sock, (struct sockaddr *)&addr, len) != 0) {
+ syslog(LOG_ERR, "cannot bind udp: %m");
+ exit(1);
diff --git a/net-nds/portmap/files/portmap-5b-optional-tcpd.patch b/net-nds/portmap/files/portmap-5b-optional-tcpd.patch
new file mode 100644
index 000000000000..fa2d5204af86
--- /dev/null
+++ b/net-nds/portmap/files/portmap-5b-optional-tcpd.patch
@@ -0,0 +1,38 @@
+--- Makefile.orig 2004-10-31 01:54:48.073875024 -0400
++++ Makefile 2004-10-31 01:54:58.395305928 -0400
+@@ -15,8 +15,6 @@
+ # no access control tables. The local system, since it runs the portmap
+ # daemon, is always treated as an authorized host.
+
+-HOSTS_ACCESS= -DHOSTS_ACCESS
+-WRAP_LIB = $(WRAP_DIR)/libwrap.a
+
+ # Comment out if your RPC library does not allocate privileged ports for
+ # requests from processes with root privilege, or the new portmap will
+@@ -87,7 +85,7 @@
+ #
+ AUX = # daemon.o strerror.o
+
+-LIBS = -lwrap -lutil
++LIBS = -lutil
+ NSARCHS =
+ O = -Wall -O2 -pipe
+
+@@ -110,7 +108,7 @@
+
+ SHELL = /bin/sh
+
+-COPT = $(CONST) -Dperror=xperror $(HOSTS_ACCESS) $(CHECK_PORT) \
++COPT = $(CONST) -Dperror=xperror $(CHECK_PORT) \
+ $(SYS) -DFACILITY=$(FACILITY) $(ULONG) $(ZOMBIES) $(SA_LEN) \
+ $(LOOPBACK) $(SETPGRP)
+ CFLAGS = $(COPT) $(O) $(NSARCHS)
+@@ -118,7 +116,7 @@
+
+ all: portmap pmap_dump pmap_set
+
+-portmap: $(OBJECTS) $(WRAP_DIR)/libwrap.a
++portmap: $(OBJECTS)
+ $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(WRAP_LIB) $(LIBS)
+
+ pmap_dump: pmap_dump.c
diff --git a/net-nds/portmap/files/portmap.confd b/net-nds/portmap/files/portmap.confd
new file mode 100644
index 000000000000..3f909c4d233e
--- /dev/null
+++ b/net-nds/portmap/files/portmap.confd
@@ -0,0 +1,6 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/files/portmap.confd,v 1.1 2004/10/31 05:58:05 vapier Exp $
+
+# Listen on localhost only by default
+#PORTMAP_OPTS="-l"
diff --git a/net-nds/portmap/files/portmap.rc6 b/net-nds/portmap/files/portmap.rc6
index ca8b2f692c01..1868004bb5a2 100644
--- a/net-nds/portmap/files/portmap.rc6
+++ b/net-nds/portmap/files/portmap.rc6
@@ -1,7 +1,7 @@
#!/sbin/runscript
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/files/portmap.rc6,v 1.8 2004/09/20 18:20:26 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/files/portmap.rc6,v 1.9 2004/10/31 05:58:05 vapier Exp $
depend() {
need net
@@ -11,11 +11,11 @@ depend() {
start() {
ebegin "Starting portmap"
- start-stop-daemon --start --quiet --exec /sbin/portmap
+ start-stop-daemon --start --quiet --exec /sbin/portmap -- ${PORTMAP_OPTS}
local ret=$?
eend ${ret}
- #without, if a service depending on portmap is started too fast,
- #connecting to portmap will fail -- azarah
+ # without, if a service depending on portmap is started too fast,
+ # connecting to portmap will fail -- azarah
sleep 1
return ${ret}
}
diff --git a/net-nds/portmap/portmap-5b-r8.ebuild b/net-nds/portmap/portmap-5b-r8.ebuild
index 31c3082cb8ff..648d8fd74431 100644
--- a/net-nds/portmap/portmap-5b-r8.ebuild
+++ b/net-nds/portmap/portmap-5b-r8.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/portmap-5b-r8.ebuild,v 1.16 2004/09/20 18:20:26 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/portmap-5b-r8.ebuild,v 1.17 2004/10/31 05:58:05 vapier Exp $
inherit eutils
@@ -12,13 +12,19 @@ SRC_URI="ftp://ftp.porcupine.org/pub/security/${MY_P}.tar.gz"
LICENSE="as-is"
SLOT="0"
-KEYWORDS="x86 ppc sparc mips alpha arm hppa amd64 ia64 ppc64 s390"
+KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 s390 sparc x86"
IUSE="selinux"
DEPEND="virtual/libc
- >=sys-apps/tcp-wrappers-7.6-r7"
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6-r7 )
+ >=sys-apps/portage-2.0.51"
RDEPEND="selinux? ( sec-policy/selinux-portmap )"
+pkg_setup() {
+ enewgroup rpc 111
+ enewuser rpc 111 /bin/false /dev/null rpc
+}
+
src_unpack() {
unpack ${A}
@@ -53,20 +59,12 @@ src_compile() {
}
src_install() {
- into / ; dosbin portmap
- into /usr ; dosbin pmap_dump pmap_set
- doman portmap.8 pmap_dump.8 pmap_set.8
-
- exeinto /etc/init.d
- newexe ${FILESDIR}/portmap.rc6 portmap
-
- # Is this really the sort of thing we wanna be doing? :)
- # ln -s ../../init.d/portmap ${D}/etc/runlevels/default/portmap
+ into /
+ dosbin portmap || die "portmap"
+ into /usr
+ dosbin pmap_dump pmap_set || die "pmap"
+ doman portmap.8 pmap_dump.8 pmap_set.8
dodoc BLURB CHANGES README
-}
-
-pkg_postinst() {
- enewgroup rpc 111
- enewuser rpc 111 /bin/false /dev/null rpc
+ newinitd ${FILESDIR}/portmap.rc6 portmap
}
diff --git a/net-nds/portmap/portmap-5b-r9.ebuild b/net-nds/portmap/portmap-5b-r9.ebuild
index 4cb5380131c4..eac0fb60d7c0 100644
--- a/net-nds/portmap/portmap-5b-r9.ebuild
+++ b/net-nds/portmap/portmap-5b-r9.ebuild
@@ -1,24 +1,29 @@
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/portmap-5b-r9.ebuild,v 1.4 2004/08/02 04:21:21 agriffis Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/portmap-5b-r9.ebuild,v 1.5 2004/10/31 05:58:05 vapier Exp $
-inherit eutils
+inherit eutils flag-o-matic toolchain-funcs
MY_P="${PN}_${PV}eta"
S="${WORKDIR}/${MY_P}"
DESCRIPTION="Netkit - portmapper"
-SRC_URI="ftp://ftp.porcupine.org/pub/security/${MY_P}.tar.gz"
HOMEPAGE="ftp://ftp.porcupine.org/pub/security/index.html"
+SRC_URI="ftp://ftp.porcupine.org/pub/security/${MY_P}.tar.gz"
-SLOT="0"
LICENSE="as-is"
-KEYWORDS="-*"
-#KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~hppa ~amd64 ~ia64 ~ppc64"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE="selinux tcpd"
DEPEND="virtual/libc
- tcpd? ( >=sys-apps/tcp-wrappers-7.6-r7 )"
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6-r7 )
+ >=sys-apps/portage-2.0.51"
RDEPEND="selinux? ( sec-policy/selinux-portmap )"
-IUSE="tcpd selinux"
+
+pkg_setup() {
+ enewgroup rpc 111
+ enewuser rpc 111 /bin/false /dev/null rpc
+}
src_unpack() {
unpack ${A}
@@ -37,58 +42,36 @@ src_unpack() {
# <azarah@gentoo.org> (31 Dec 2002).
epatch ${FILESDIR}/${P}-include-errno_h.patch
- # Get portmap to use our CFLAGS ...
- sed -e "s:-O2:${CFLAGS}:" -i Makefile || die
+ # Path to listen on loopback only #65199
+ epatch ${FILESDIR}/${P}-loopback-only.patch
+
+ # Make tcp wrapper checks easier
+ cp Makefile Makefile.orig
+ epatch ${FILESDIR}/${P}-optional-tcpd.patch
}
src_compile() {
- local LIBS
- local WRAP_DIR
- local HOSTS_ACCESS
- # libutil static as per -r8
- #LIBS="-Wl,-Bstatic -lutil -Wl,-Bdynamic -lnsl"
- # libutil dynamic
- LIBS="-Wl,-Bdynamic -lutil -Wl,-Bdynamic -lnsl"
- WRAP_DIR=""
- HOSTS_ACCESS=""
- if use tcpd; then
- WRAP_DIR="${ROOT}/usr/lib"
- [ -f "${ROOT}/lib/libwrap.a" ] && WRAP_DIR="${ROOT}/lib"
- # static libwrap as per -r8
- #LIBS="-Wl,-Bstatic -lwrap ${LIBS}"
- # libwrap dynamic
- LIBS="-Wl,-Bdynamic -lwrap ${LIBS}"
- HOSTS_ACCESS="-DHOSTS_ACCESS"
- else
- sed -i -e "s:^WRAP_LIB:\#WRAP_LIB:" \
- -e "s:^HOSTS_ACCESS:\#HOSTS_ACCESS:" \
- -e 's:$(WRAP_DIR)/libwrap.a::g' \
- Makefile
- fi
-
- make FACILITY=LOG_AUTH \
- ZOMBIES='-DIGNORE_SIGCHLD' \
- HOSTS_ACCESS="${HOSTS_ACCESS}" \
- WRAP_DIR="${WRAP_DIR}" \
- LIBS="${LIBS}" \
- AUX= || die
+ local tcpd=""
+ use tcpd \
+ && tcpd="-lwrap" \
+ && append-flags -DHOSTS_ACCESS
+
+ emake \
+ CC="$(tc-getCC)" \
+ O="${CFLAGS}" \
+ WRAP_LIB="${tcpd}" \
+ || die
}
src_install() {
- into / ; dosbin portmap
- into /usr ; dosbin pmap_dump pmap_set
- doman portmap.8 pmap_dump.8 pmap_set.8
-
- exeinto /etc/init.d
- newexe ${FILESDIR}/portmap.rc6 portmap
-
- # Is this really the sort of thing we wanna be doing? :)
- # ln -s ../../init.d/portmap ${D}/etc/runlevels/default/portmap
+ into /
+ dosbin portmap || die "portmap"
+ into /usr
+ dosbin pmap_dump pmap_set || die "pmap"
+ doman portmap.8 pmap_dump.8 pmap_set.8
dodoc BLURB CHANGES README
-}
-pkg_postinst() {
- enewgroup rpc 111
- enewuser rpc 111 /bin/false /dev/null rpc
+ newinitd ${FILESDIR}/portmap.rc6 portmap
+ newconfd ${FILESDIR}/portmap.confd portmap
}