Bump to 2.6.0-r2. Include more patches from bug #214265 and from ubuntu.

(Portage version: 2.2_rc28/cvs/Linux x86_64)

7 files changed, 223 insertions, 2 deletions

diff --git a/app-admin/system-tools-backends/ChangeLog b/app-admin/system-tools-backends/ChangeLog
index ca8177113f31..479cc1cb413d 100644
--- a/app-admin/system-tools-backends/ChangeLog
+++ b/app-admin/system-tools-backends/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for app-admin/system-tools-backends
-# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/ChangeLog,v 1.48 2008/10/13 21:27:11 eva Exp $
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/ChangeLog,v 1.49 2009/04/09 22:45:30 eva Exp $
+
+*system-tools-backends-2.6.0-r2 (09 Apr 2009)
+
+  09 Apr 2009; Gilles Dartiguelongue <eva@gentoo.org>
+  +files/system-tools-backends-2.6.0-cleanup-pid-file.patch,
+  +files/system-tools-backends-2.6.0-cve-2008-4311.patch,
+  +files/system-tools-backends-2.6.0-default-permissions.patch,
+  +files/system-tools-backends-2.6.0-gcc43.patch,
+  +files/system-tools-backends-2.6.0-handle-services.patch,
+  +system-tools-backends-2.6.0-r2.ebuild:
+  Bump to 2.6.0-r2. Include more patches from bug #214265 and from ubuntu.
 
 *system-tools-backends-2.6.0-r1 (13 Oct 2008)
 
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch
new file mode 100644
index 000000000000..6ec22b9f0645
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cleanup-pid-file.patch
@@ -0,0 +1,30 @@
+#
+# Ubuntu: https://bugs.launchpad.net/ubuntu/+source/system-tools-backends/+bug/298777
+# Upstream: https://bugs.freedesktop.org/show_bug.cgi?id=18625
+# Description: Patch to make S-T-B delete it's PID file when terminated
+#
+Index: system-tools-backends-2.6.0/dispatcher/main.c
+===================================================================
+--- system-tools-backends-2.6.0.orig/dispatcher/main.c	2008-11-16 17:25:20.000000000 +0000
++++ system-tools-backends-2.6.0/dispatcher/main.c	2008-11-16 17:25:30.000000000 +0000
+@@ -59,6 +59,12 @@
+   close (dev_null_fd);
+ }
+ 
++static void
++remove_pidfile (void)
++{
++  unlink (LOCALSTATEDIR "/run/system-tools-backends.pid");
++}
++
+ void
+ signal_received (gint signal)
+ {
+@@ -67,6 +73,7 @@
+     case SIGTERM:
+     case SIGABRT:
+       g_object_unref (dispatcher);
++      remove_pidfile ();
+       exit (0);
+       break;
+     default:
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch
new file mode 100644
index 000000000000..924b57b906cc
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-cve-2008-4311.patch
@@ -0,0 +1,44 @@
+commit fd648907e46017d46c367f59c62d0b0395830903
+Author: Simon McVittie <http://smcv.pseudorandom.co.uk/>
+Date:   2009-01-04 19:35:51 +0000
+
+    Allow root to send messages to all the system tools backends, so they work even when CVE-2008-4311 has been fixed.
+    
+    Also disallow normal user access by destination, not by interface (fd.o #18961).
+
+diff --git a/system-tools-backends.conf b/system-tools-backends.conf
+index 00d6d58..537ef73 100644
+--- a/system-tools-backends.conf
++++ b/system-tools-backends.conf
+@@ -23,8 +23,8 @@
+     -->
+ 
+     <!-- configuration modules can't be accessed directly... -->
+-    <deny send_interface="org.freedesktop.SystemToolsBackends"/>
+-    <deny send_interface="org.freedesktop.SystemToolsBackends.Platform"/>
++    <deny send_destination="org.freedesktop.SystemToolsBackends"/>
++    <deny send_destination="org.freedesktop.SystemToolsBackends.Platform"/>
+     <deny send_destination="org.freedesktop.SystemToolsBackends"/>
+   </policy>
+ 
+@@ -47,9 +47,18 @@
+ 
+     <!-- be able to speak to configuration modules,
+          so any message to them has to go through the dispatcher -->
+-    <allow send_interface="org.freedesktop.SystemToolsBackends"/>
+-    <allow send_interface="org.freedesktop.SystemToolsBackends.Platform"/>
+     <allow send_destination="org.freedesktop.SystemToolsBackends"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.Platform"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.GroupsConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.HostsConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.IfacesConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.NFSConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.NTPConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.ServicesConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.SMBConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.TimeConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.UserConfig"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends.UsersConfig"/>
+   </policy>
+   <policy group="stb-admin">
+     <!-- be able to speak to the dispatcher -->
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch
new file mode 100644
index 000000000000..4712182cf7d6
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-default-permissions.patch
@@ -0,0 +1,24 @@
+--- a/system-tools-backends.conf.orig	2008-05-28 13:20:52.246850438 +0200
++++ b/system-tools-backends.conf	2008-05-28 13:24:07.867969323 +0200
+@@ -25,9 +25,7 @@
+     <!-- configuration modules can't be accessed directly... -->
+     <deny send_interface="org.freedesktop.SystemToolsBackends"/>
+     <deny send_interface="org.freedesktop.SystemToolsBackends.Platform"/>
+-
+-    <!-- ...so petitions go through the dispatcher instead -->
+-    <allow send_destination="org.freedesktop.SystemToolsBackends"/>
++    <deny send_destination="org.freedesktop.SystemToolsBackends"/>
+   </policy>
+ 
+   <policy user="0">
+@@ -51,5 +49,10 @@
+          so any message to them has to go through the dispatcher -->
+     <allow send_interface="org.freedesktop.SystemToolsBackends"/>
+     <allow send_interface="org.freedesktop.SystemToolsBackends.Platform"/>
++    <allow send_destination="org.freedesktop.SystemToolsBackends"/>
++  </policy>
++  <policy group="stb-admin">
++    <!-- be able to speak to the dispatcher -->
++    <allow send_destination="org.freedesktop.SystemToolsBackends"/>
+   </policy>
+ </busconfig>
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch
new file mode 100644
index 000000000000..084c45f42ffc
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-gcc43.patch
@@ -0,0 +1,15 @@
+diff --git a/dispatcher/main.c b/dispatcher/main.c
+index 8088bd0..0448b5e 100644
+--- a/dispatcher/main.c
++++ b/dispatcher/main.c
+@@ -47,7 +47,9 @@ daemonize (void)
+ 
+   setsid ();
+ 
+-  if ((pidfile_fd = open (LOCALSTATEDIR "/run/system-tools-backends.pid", O_CREAT | O_WRONLY)) != -1)
++  if ((pidfile_fd = open (LOCALSTATEDIR "/run/system-tools-backends.pid",
++                          O_CREAT | O_WRONLY,
++                          S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) != -1)
+     {
+       str = g_strdup_printf ("%d", getpid ());
+       write (pidfile_fd, str, strlen (str));
diff --git a/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch
new file mode 100644
index 000000000000..c8f8f96cc043
--- /dev/null
+++ b/app-admin/system-tools-backends/files/system-tools-backends-2.6.0-handle-services.patch
@@ -0,0 +1,13 @@
+diff --git Init/Services.pm Init/Services.pm
+index c1d2620..07ed2cd 100644
+--- Init/Services.pm
++++ Init/Services.pm
+@@ -802,7 +802,7 @@ sub set_gentoo_service_status
+ 
+   return if ($status == $old_status);
+ 
+-  if ($action == $SERVICE_START)
++  if ($status == $SERVICE_START)
+   {
+     &Utils::File::run ("rc-update add $script $rl");
+     &run_gentoo_script ($script, "start");
diff --git a/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild b/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild
new file mode 100644
index 000000000000..5db89a08e114
--- /dev/null
+++ b/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild
@@ -0,0 +1,84 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/system-tools-backends/system-tools-backends-2.6.0-r2.ebuild,v 1.1 2009/04/09 22:45:30 eva Exp $
+
+inherit autotools eutils gnome2
+
+DESCRIPTION="Tools aimed to make easy the administration of UNIX systems"
+HOMEPAGE="http://www.gnome.org/projects/gst/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="policykit"
+
+RDEPEND="!<app-admin/gnome-system-tools-1.1.91
+	>=sys-apps/dbus-1.1.2
+	>=dev-libs/dbus-glib-0.74
+	>=dev-libs/glib-2.15.2
+	>=dev-perl/Net-DBus-0.33.4
+	dev-lang/perl
+	policykit? ( >=sys-auth/policykit-0.5 )
+	userland_GNU? ( sys-apps/shadow )"
+
+DEPEND="${RDEPEND}
+	dev-util/pkgconfig"
+
+DOCS="AUTHORS ChangeLog NEWS README TODO"
+
+pkg_setup() {
+	G2CONF="${G2CONF} $(use_enable policykit polkit)"
+
+	enewgroup stb-admin || die "Failed to create stb-admin group"
+}
+
+src_unpack() {
+	gnome2_src_unpack
+
+	# Fix a typo in services
+	epatch "${FILESDIR}/${P}-services.patch"
+
+	# Fix a distro detection in users to use proper variant
+	# of useradd
+	epatch "${FILESDIR}/${P}-users.patch"
+
+	# Fix automagic policykit dependency
+	epatch "${FILESDIR}/${P}-automagic-polkit.patch"
+
+	# Fix service handling
+	epatch "${FILESDIR}/${P}-handle-services.patch"
+
+	# Clean up pid file
+	epatch "${FILESDIR}/${P}-cleanup-pid-file.patch"
+
+	# Change default permission, only people in stb-admin is allowed
+	# to speak to the dispatcher.
+	epatch "${FILESDIR}/${P}-default-permissions.patch"
+
+	# Apply fix from ubuntu for CVE 2008 4311
+	epatch "${FILESDIR}/${P}-cve-2008-4311.patch"
+
+	# Fix for gcc 4.3
+	epatch "${FILESDIR}/${P}-gcc43.patch"
+
+	eautoreconf
+}
+
+src_compile() {
+	# Autotools insanity, localstatedir gets set to /usr/local/var by default
+	gnome2_src_compile --localstatedir="${ROOT}"/var
+}
+
+src_install() {
+	gnome2_src_install
+	newinitd "${FILESDIR}"/stb.rc system-tools-backends
+}
+
+pkg_postinst() {
+	echo
+	elog "You need to add yourself to the group stb-admin and"
+	elog "add system-tools-backends to the default runlevel."
+	elog "You can do this as root like so:"
+	elog "  # rc-update add system-tools-backends default"
+	echo
+}