summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTomas Mozes <hydrapolic@gmail.com>2017-09-26 13:26:27 +0200
committerUltrabug <ultrabug@gentoo.org>2017-10-13 10:33:13 +0200
commitc309a1e0e20fd3af6f21f91db6ad67eddc3a488c (patch)
tree72c52a6245b3b02707af05f353ab9ce11e6a1e2b /dev-db/mongodb
parentapp-admin/mongo-tools: remove libressl support (bug #614384) (diff)
downloadgentoo-c309a1e0e20fd3af6f21f91db6ad67eddc3a488c.tar.gz
gentoo-c309a1e0e20fd3af6f21f91db6ad67eddc3a488c.tar.bz2
gentoo-c309a1e0e20fd3af6f21f91db6ad67eddc3a488c.zip
dev-db/mongodb: prevent privilege escalation (bug #631000)
Package-Manager: Portage-2.3.10, Repoman-2.3.3 Closes: https://github.com/gentoo/gentoo/pull/5763
Diffstat (limited to 'dev-db/mongodb')
-rw-r--r--dev-db/mongodb/files/mongodb.confd-r311
-rw-r--r--dev-db/mongodb/files/mongodb.initd-r318
-rw-r--r--dev-db/mongodb/files/mongos.confd-r311
-rw-r--r--dev-db/mongodb/files/mongos.initd-r318
-rw-r--r--dev-db/mongodb/mongodb-3.0.15.ebuild8
-rw-r--r--dev-db/mongodb/mongodb-3.2.16.ebuild8
-rw-r--r--dev-db/mongodb/mongodb-3.4.9.ebuild8
7 files changed, 70 insertions, 12 deletions
diff --git a/dev-db/mongodb/files/mongodb.confd-r3 b/dev-db/mongodb/files/mongodb.confd-r3
new file mode 100644
index 000000000000..e515d1ddc730
--- /dev/null
+++ b/dev-db/mongodb/files/mongodb.confd-r3
@@ -0,0 +1,11 @@
+# !! IMPORTANT !!
+#
+# This file is ONLY used to override some of the init script configuration.
+#
+# You should NOT use this file to configure your mongodb instance,
+# see the /etc/mongodb.conf file instead.
+#
+# Available init script modifiers :
+# - config_file : the configuration file to use (default : /etc/mongodb.conf)
+# - user : the user used to run your mongodb instance (default : mongodb)
+# - group : the group used to run your mongodb instance (default : mongodb)
diff --git a/dev-db/mongodb/files/mongodb.initd-r3 b/dev-db/mongodb/files/mongodb.initd-r3
new file mode 100644
index 000000000000..778ef7482406
--- /dev/null
+++ b/dev-db/mongodb/files/mongodb.initd-r3
@@ -0,0 +1,18 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+: ${config_file:="/etc/${RC_SVCNAME}.conf"}
+: ${user:=mongodb}
+: ${group:=mongodb}
+
+command="/usr/bin/mongod"
+command_args="--config ${config_file}"
+command_background="true"
+pidfile="/run/${RC_SVCNAME}.pid"
+command_user="${user}:${group}"
+required_files="${config_file}"
+
+depend() {
+ use net
+}
diff --git a/dev-db/mongodb/files/mongos.confd-r3 b/dev-db/mongodb/files/mongos.confd-r3
new file mode 100644
index 000000000000..7f297dfd3e43
--- /dev/null
+++ b/dev-db/mongodb/files/mongos.confd-r3
@@ -0,0 +1,11 @@
+# !! IMPORTANT !!
+#
+# This file is ONLY used to override some of the init script configuration.
+#
+# You should NOT use this file to configure your mongos instance,
+# see the /etc/mongos.conf file instead.
+#
+# Available init script modifiers :
+# - config_file : the configuration file to use (default : /etc/mongos.conf)
+# - user : the user used to run your mongodb instance (default : mongodb)
+# - group : the group used to run your mongodb instance (default : mongodb)
diff --git a/dev-db/mongodb/files/mongos.initd-r3 b/dev-db/mongodb/files/mongos.initd-r3
new file mode 100644
index 000000000000..cf5844ae30a9
--- /dev/null
+++ b/dev-db/mongodb/files/mongos.initd-r3
@@ -0,0 +1,18 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+: ${config_file:="/etc/${RC_SVCNAME}.conf"}
+: ${user:=mongodb}
+: ${group:=mongodb}
+
+command="/usr/bin/mongos"
+command_args="--config ${config_file}"
+command_background="true"
+pidfile="/run/${RC_SVCNAME}.pid"
+command_user="${user}:${group}"
+required_files="${config_file}"
+
+depend() {
+ use net
+}
diff --git a/dev-db/mongodb/mongodb-3.0.15.ebuild b/dev-db/mongodb/mongodb-3.0.15.ebuild
index 848080d07995..08741ca2af67 100644
--- a/dev-db/mongodb/mongodb-3.0.15.ebuild
+++ b/dev-db/mongodb/mongodb-3.0.15.ebuild
@@ -111,10 +111,10 @@ src_install() {
doman debian/mongo*.1
dodoc README docs/building.md
- newinitd "${FILESDIR}/${PN}.initd-r2" ${PN}
- newconfd "${FILESDIR}/${PN}.confd-r2" ${PN}
- newinitd "${FILESDIR}/${PN/db/s}.initd-r2" ${PN/db/s}
- newconfd "${FILESDIR}/${PN/db/s}.confd-r2" ${PN/db/s}
+ newinitd "${FILESDIR}/${PN}.initd-r3" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd-r3" ${PN}
+ newinitd "${FILESDIR}/${PN/db/s}.initd-r3" ${PN/db/s}
+ newconfd "${FILESDIR}/${PN/db/s}.confd-r3" ${PN/db/s}
insinto /etc
newins "${FILESDIR}/${PN}.conf-r3" ${PN}.conf
diff --git a/dev-db/mongodb/mongodb-3.2.16.ebuild b/dev-db/mongodb/mongodb-3.2.16.ebuild
index f18602bddd95..762934559887 100644
--- a/dev-db/mongodb/mongodb-3.2.16.ebuild
+++ b/dev-db/mongodb/mongodb-3.2.16.ebuild
@@ -129,10 +129,10 @@ src_install() {
doman debian/mongo*.1
dodoc README docs/building.md
- newinitd "${FILESDIR}/${PN}.initd-r2" ${PN}
- newconfd "${FILESDIR}/${PN}.confd-r2" ${PN}
- newinitd "${FILESDIR}/${PN/db/s}.initd-r2" ${PN/db/s}
- newconfd "${FILESDIR}/${PN/db/s}.confd-r2" ${PN/db/s}
+ newinitd "${FILESDIR}/${PN}.initd-r3" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd-r3" ${PN}
+ newinitd "${FILESDIR}/${PN/db/s}.initd-r3" ${PN/db/s}
+ newconfd "${FILESDIR}/${PN/db/s}.confd-r3" ${PN/db/s}
insinto /etc
newins "${FILESDIR}/${PN}.conf-r3" ${PN}.conf
diff --git a/dev-db/mongodb/mongodb-3.4.9.ebuild b/dev-db/mongodb/mongodb-3.4.9.ebuild
index 8b70cd5e8e22..1e193228dcc2 100644
--- a/dev-db/mongodb/mongodb-3.4.9.ebuild
+++ b/dev-db/mongodb/mongodb-3.4.9.ebuild
@@ -134,10 +134,10 @@ src_install() {
doman debian/mongo*.1
dodoc README docs/building.md
- newinitd "${FILESDIR}/${PN}.initd-r2" ${PN}
- newconfd "${FILESDIR}/${PN}.confd-r2" ${PN}
- newinitd "${FILESDIR}/${PN/db/s}.initd-r2" ${PN/db/s}
- newconfd "${FILESDIR}/${PN/db/s}.confd-r2" ${PN/db/s}
+ newinitd "${FILESDIR}/${PN}.initd-r3" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd-r3" ${PN}
+ newinitd "${FILESDIR}/${PN/db/s}.initd-r3" ${PN/db/s}
+ newconfd "${FILESDIR}/${PN/db/s}.confd-r3" ${PN/db/s}
insinto /etc
newins "${FILESDIR}/${PN}.conf-r3" ${PN}.conf