diff options
| author |   Lars Wendler <polynomial-c@gentoo.org> | 2020-09-18 08:09:20 +0200 |
|---|---|---|
| committer | Lars Wendler <polynomial-c@gentoo.org> | 2020-09-18 08:09:29 +0200 |
| commit | 6bbef22015f3243fc012becd396e145981eb6c05 (patch) | |
| tree | 929c70b3aceafd3cb42968fc0a146f9a238f42be /net-fs | |
| parent | dev-util/cucumber-messages: cleanup (diff) | |
| download | gentoo-6bbef22015f3243fc012becd396e145981eb6c05.tar.gz gentoo-6bbef22015f3243fc012becd396e145981eb6c05.tar.bz2 gentoo-6bbef22015f3243fc012becd396e145981eb6c05.zip | |
net-fs/cifs-utils: Security bump to version 6.11
Bug: https://bugs.gentoo.org/743211
Package-Manager: Portage-3.0.7, Repoman-3.0.1
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'net-fs')
| -rw-r--r-- | net-fs/cifs-utils/Manifest | 1 | ||||
| -rw-r--r-- | net-fs/cifs-utils/cifs-utils-6.11.ebuild | 126 |
2 files changed, 127 insertions, 0 deletions
diff --git a/net-fs/cifs-utils/Manifest b/net-fs/cifs-utils/Manifest index 6571c0d3ac27..91cd6be06ba7 100644 --- a/net-fs/cifs-utils/Manifest +++ b/net-fs/cifs-utils/Manifest @@ -1,2 +1,3 @@ DIST cifs-utils-6.10.tar.bz2 364221 BLAKE2B 45b692fb85217a25b7042fbe7e40cc8c4fe0d6cc9c905acde2c6fc9c3048343064e376f47128bcacba88f745452148040ad3f5e8ca15e297531f0dc868e1b75b SHA512 e19ca69b7948f01c1fd6a4ed069e00511588b903a5b8b0dc35ac1e00743170b9ca180b747c47d56cfacf273b296da21df60e1957404f26ebf2ba80bfa7e275cc +DIST cifs-utils-6.11.tar.bz2 408903 BLAKE2B 5ee7cd87b54a266750bf938396ee90b3f20c2a3446aca295ccb58cb667fbfb68be9aa0e2bbc20aa5e18ffd7f1fcd5fbb0aef3bc25fd13bb96abc5a57a0b45b4b SHA512 064c0ac75572fb44908390508462e4fdfe0686751149fd8b656a209dd961a5a24a7d9774c38c0e72fa5f9875b43aea7bf2de038c4e4a63a11664e71d9003100e DIST cifs-utils-6.9.tar.bz2 400430 BLAKE2B fc8cc55fae54d84fc1f1d4a14a9d666d87a3da78d1502f0d72ac9cb44ff1424ca2c5b15b0be510579d4c9f5181980627efedd00e0e5cfb1b3e47188ba307ad28 SHA512 b92e4e39eeed1032bb175659296cde034703fb3ca63aae00419d46a33dadf821fedaf03734128112c164c84bcbb48d92d03cdc275c4a7cba26f984aeca40a40a diff --git a/net-fs/cifs-utils/cifs-utils-6.11.ebuild b/net-fs/cifs-utils/cifs-utils-6.11.ebuild new file mode 100644 index 000000000000..18fc41eaf8c6 --- /dev/null +++ b/net-fs/cifs-utils/cifs-utils-6.11.ebuild @@ -0,0 +1,126 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools bash-completion-r1 linux-info multilib pam + +DESCRIPTION="Tools for Managing Linux CIFS Client Filesystems" +HOMEPAGE="https://wiki.samba.org/index.php/LinuxCIFS_utils" +SRC_URI="https://ftp.samba.org/pub/linux-cifs/${PN}/${P}.tar.bz2" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~x86-linux" +IUSE="+acl +ads +caps creds pam systemd" + +RDEPEND=" + !net-fs/mount-cifs + sys-apps/keyutils:= + ads? ( + sys-libs/talloc + virtual/krb5 + ) + caps? ( sys-libs/libcap-ng ) + pam? ( sys-libs/pam ) +" +DEPEND="${RDEPEND}" +BDEPEND="dev-python/docutils" +PDEPEND=" + acl? ( >=net-fs/samba-4.0.0_alpha1 ) +" + +REQUIRED_USE="acl? ( ads )" + +DOCS="doc/linux-cifs-client-guide.odt" + +PATCHES=( "${FILESDIR}/${PN}-6.10-ln_in_destdir.patch" ) + +pkg_setup() { + linux-info_pkg_setup + + if ! linux_config_exists || ! linux_chkconfig_present CIFS; then + ewarn "You must enable CIFS support in your kernel config, " + ewarn "to be able to mount samba shares. You can find it at" + ewarn + ewarn " File systems" + ewarn " Network File Systems" + ewarn " CIFS support" + ewarn + ewarn "and recompile your kernel ..." + fi +} + +src_prepare() { + default + + if has_version app-crypt/heimdal ; then + # https://bugs.gentoo.org/612584 + eapply "${FILESDIR}/${PN}-6.7-heimdal.patch" + fi + + eautoreconf +} + +src_configure() { + local myeconfargs=( + --enable-man + --enable-smbinfo + $(use_enable acl cifsacl cifsidmap) + $(use_enable ads cifsupcall) + $(use_with caps libcap) + $(use_enable creds cifscreds) + $(use_enable pam) + $(use_with pam pamdir $(getpam_mod_dir)) + # mount.cifs can get passwords from systemd + $(use_enable systemd) + ) + ROOTSBINDIR="${EPREFIX}"/sbin \ + econf "${myeconfargs[@]}" +} + +src_install() { + default + + # remove empty directories + find "${ED}" -type d -empty -delete || die + + if use acl ; then + dodir /etc/cifs-utils + dosym ../../usr/$(get_libdir)/cifs-utils/idmapwb.so \ + /etc/cifs-utils/idmap-plugin + dodir /etc/request-key.d + echo 'create cifs.idmap * * /usr/sbin/cifs.idmap %k' \ + > "${ED}/etc/request-key.d/cifs.idmap.conf" + fi + + if use ads ; then + dodir /etc/request-key.d + echo 'create dns_resolver * * /usr/sbin/cifs.upcall %k' \ + > "${ED}/etc/request-key.d/cifs.upcall.conf" + echo 'create cifs.spnego * * /usr/sbin/cifs.upcall %k' \ + > "${ED}/etc/request-key.d/cifs.spnego.conf" + fi + + dobashcomp bash-completion/smbinfo +} + +pkg_postinst() { + # Inform about set-user-ID bit of mount.cifs + ewarn "setuid use flag was dropped due to multiple security implications" + ewarn "such as CVE-2009-2948, CVE-2011-3585 and CVE-2012-1586" + ewarn "You are free to set setuid flags by yourself" + + # Inform about upcall usage + if use acl ; then + einfo "The cifs.idmap utility has been enabled by creating the" + einfo "configuration file /etc/request-key.d/cifs.idmap.conf" + einfo "This enables you to get and set CIFS acls." + fi + + if use ads ; then + einfo "The cifs.upcall utility has been enabled by creating the" + einfo "configuration file /etc/request-key.d/cifs.upcall.conf" + einfo "This enables you to mount DFS shares." + fi +} |