diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2015-12-23 15:43:18 -0500 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2015-12-23 15:44:44 -0500 |
| commit | b87c18c6676bdd262e676eacbc65352e5404bb07 (patch) | |
| tree | d831848afe58139e7cd91752b83abf049476150e /sys-apps | |
| parent | x11-misc/nitrogen: Fix building with latest glibmm/libsigc++ (diff) | |
| download | gentoo-b87c18c6676bdd262e676eacbc65352e5404bb07.tar.gz gentoo-b87c18c6676bdd262e676eacbc65352e5404bb07.tar.bz2 gentoo-b87c18c6676bdd262e676eacbc65352e5404bb07.zip | |
sys-apps/xinetd: default to clearing active env
It's rare that we want the active shell environment to be passed down
to xinetd services, so default to clearing things. If a service wants
an env var to be set, they can do so explicitly.
Diffstat (limited to 'sys-apps')
| -rw-r--r-- | sys-apps/xinetd/files/xinetd-2.3.15-config.patch | 22 | ||||
| -rw-r--r-- | sys-apps/xinetd/xinetd-2.3.15-r3.ebuild | 55 |
2 files changed, 77 insertions, 0 deletions
diff --git a/sys-apps/xinetd/files/xinetd-2.3.15-config.patch b/sys-apps/xinetd/files/xinetd-2.3.15-config.patch new file mode 100644 index 000000000000..b362a97dbe82 --- /dev/null +++ b/sys-apps/xinetd/files/xinetd-2.3.15-config.patch @@ -0,0 +1,22 @@ +set up some secure defaults: + - services can only be accessed from localhost + - sanitize the runtime environment (so root's shell vars don't bleed through) + +--- contrib/xinetd.conf ++++ contrib/xinetd.conf +@@ -22,5 +22,5 @@ + # + # no_access = +-# only_from = ++ only_from = localhost + # max_load = 0 + cps = 50 10 +@@ -35,7 +35,7 @@ defaults + + # setup environmental attributes + # +-# passenv = ++ passenv = + groups = yes + umask = 002 + diff --git a/sys-apps/xinetd/xinetd-2.3.15-r3.ebuild b/sys-apps/xinetd/xinetd-2.3.15-r3.ebuild new file mode 100644 index 000000000000..7e46776b11b2 --- /dev/null +++ b/sys-apps/xinetd/xinetd-2.3.15-r3.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils flag-o-matic systemd toolchain-funcs + +DESCRIPTION="powerful replacement for inetd" +HOMEPAGE="http://www.xinetd.org/ https://github.com/xinetd-org/xinetd" +SRC_URI="http://www.xinetd.org/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" +IUSE="perl rpc tcpd" + +DEPEND="tcpd? ( >=sys-apps/tcp-wrappers-7.6-r2 ) + rpc? ( net-libs/libtirpc:= )" +RDEPEND="${DEPEND} + perl? ( dev-lang/perl )" +DEPEND="${DEPEND} + virtual/pkgconfig" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-2.3.14-DESTDIR.patch + epatch "${FILESDIR}"/${PN}-2.3.14-install-contrib.patch + epatch "${FILESDIR}"/${PN}-2.3.15-config.patch + epatch "${FILESDIR}"/${PN}-2.3.15-creds.patch #488158 + find -name Makefile.in -exec sed -i 's:\<ar\>:$(AR):' {} + +} + +src_configure() { + if ! use rpc ; then + append-cppflags -DNO_RPC + export ac_cv_header_{rpc_{rpc,rpcent,pmap_clnt},netdb}_h=no + fi + tc-export AR PKG_CONFIG + LIBS=$(${PKG_CONFIG} --libs libtirpc) \ + econf \ + $(use_with tcpd libwrap) \ + --with-loadavg +} + +src_install() { + emake DESTDIR="${ED}" install install-contrib + use perl || rm -f "${ED}"/usr/sbin/xconv.pl + + newinitd "${FILESDIR}"/xinetd.rc6 xinetd + newconfd "${FILESDIR}"/xinetd.confd xinetd + systemd_dounit "${FILESDIR}/${PN}.service" + + newdoc contrib/xinetd.conf xinetd.conf.dist.sample + dodoc AUDIT INSTALL README TODO CHANGELOG +} |