Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-cluster
diff options
context:
space:
mode:
Diffstat (limited to 'sys-cluster')
-rw-r--r--sys-cluster/cinder/cinder-2015.1.9999.ebuild207
-rw-r--r--sys-cluster/cinder/files/CVE-2015-1851_2014.2.3.patch85
-rw-r--r--sys-cluster/cinder/files/CVE-2015-1851_2015.1.0.patch85
3 files changed, 0 insertions, 377 deletions
diff --git a/sys-cluster/cinder/cinder-2015.1.9999.ebuild b/sys-cluster/cinder/cinder-2015.1.9999.ebuild
deleted file mode 100644
index 422f54e08a52..000000000000
--- a/sys-cluster/cinder/cinder-2015.1.9999.ebuild
+++ /dev/null
@@ -1,207 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-PYTHON_COMPAT=( python2_7 )
-
-inherit distutils-r1 eutils git-2 linux-info user
-
-DESCRIPTION="Cinder is the OpenStack Block storage service, a spin out of nova-volumes"
-HOMEPAGE="https://launchpad.net/cinder"
-EGIT_REPO_URI="https://github.com/openstack/cinder.git"
-EGIT_BRANCH="stable/kilo"
-
-LICENSE="Apache-2.0"
-SLOT="0"
-KEYWORDS=""
-IUSE="+api +scheduler +volume iscsi lvm mysql +memcached postgres sqlite test"
-REQUIRED_USE="|| ( mysql postgres sqlite )"
-
-#sudo is a build dep because I want the sudoers.d directory to exist, lazy.
-DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]
- >=dev-python/pbr-0.8[${PYTHON_USEDEP}]
- <dev-python/pbr-1.0[${PYTHON_USEDEP}]
- app-admin/sudo
- test? (
- ${RDEPEND}
- >=dev-python/coverage-3.6[${PYTHON_USEDEP}]
- >=dev-python/fixtures-0.3.14[${PYTHON_USEDEP}]
- <dev-python/fixtures-1.3.0[${PYTHON_USEDEP}]
- >=dev-python/mock-1.0[${PYTHON_USEDEP}]
- <dev-python/mock-1.1.0[${PYTHON_USEDEP}]
- >=dev-python/mox-0.5.3[${PYTHON_USEDEP}]
- dev-python/mysql-python[${PYTHON_USEDEP}]
- dev-python/psycopg[${PYTHON_USEDEP}]
- >=dev-python/oslotest-1.5.1[${PYTHON_USEDEP}]
- <dev-python/oslotest-1.6.0[${PYTHON_USEDEP}]
- >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}]
- !~dev-python/sphinx-1.2.0[${PYTHON_USEDEP}]
- <dev-python/sphinx-1.3[${PYTHON_USEDEP}]
- >=dev-python/subunit-0.0.18[${PYTHON_USEDEP}]
- >=dev-python/testtools-0.9.36[${PYTHON_USEDEP}]
- !~dev-python/testtools-1.2.0[${PYTHON_USEDEP}]
- >=dev-python/testrepository-0.0.18[${PYTHON_USEDEP}]
- >=dev-python/oslo-sphinx-2.5.0[${PYTHON_USEDEP}]
- <dev-python/oslo-sphinx-2.6.0[${PYTHON_USEDEP}]
- >=dev-python/tempest-lib-0.4.0[${PYTHON_USEDEP}]
- <dev-python/tempest-lib-0.5.0[${PYTHON_USEDEP}]
- )"
-
-RDEPEND="
- >=dev-python/anyjson-0.3.3[${PYTHON_USEDEP}]
- >=dev-python/Babel-1.3[${PYTHON_USEDEP}]
- >=dev-python/eventlet-0.16.1[${PYTHON_USEDEP}]
- !~dev-python/eventlet-0.17.0[${PYTHON_USEDEP}]
- >=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}]
- >=dev-python/iso8601-0.1.9[${PYTHON_USEDEP}]
- >=dev-python/keystonemiddleware-1.5.0[${PYTHON_USEDEP}]
- <dev-python/keystonemiddleware-1.6.0[${PYTHON_USEDEP}]
- >=dev-python/kombu-2.5.0[${PYTHON_USEDEP}]
- >=dev-python/lxml-2.3[${PYTHON_USEDEP}]
- >=dev-python/netaddr-0.7.12[${PYTHON_USEDEP}]
- >=dev-python/oslo-config-1.9.3[${PYTHON_USEDEP}]
- <dev-python/oslo-config-1.10.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-concurrency-1.8.2[${PYTHON_USEDEP}]
- <dev-python/oslo-concurrency-1.9.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-context-0.2.0[${PYTHON_USEDEP}]
- <dev-python/oslo-context-0.3.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-db-1.7.0[${PYTHON_USEDEP}]
- <dev-python/oslo-db-1.8.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-log-1.0.0[${PYTHON_USEDEP}]
- <dev-python/oslo-log-1.1.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-messaging-1.8.0[${PYTHON_USEDEP}]
- <dev-python/oslo-messaging-1.9.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-middleware-1.0.0[${PYTHON_USEDEP}]
- <dev-python/oslo-middleware-1.1.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-rootwrap-1.6.0[${PYTHON_USEDEP}]
- <dev-python/oslo-rootwrap-1.7.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-serialization-1.4.0[${PYTHON_USEDEP}]
- <dev-python/oslo-serialization-1.5.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-utils-1.4.0[${PYTHON_USEDEP}]
- !~dev-python/oslo-utils-1.4.1[${PYTHON_USEDEP}]
- <dev-python/oslo-utils-1.5.0[${PYTHON_USEDEP}]
- >=dev-python/osprofiler-0.3.0[${PYTHON_USEDEP}]
- >=dev-python/paramiko-1.13.0[${PYTHON_USEDEP}]
- dev-python/paste[${PYTHON_USEDEP}]
- >=dev-python/pastedeploy-1.5.0[${PYTHON_USEDEP}]
- >=dev-python/python-barbicanclient-3.0.1[${PYTHON_USEDEP}]
- <dev-python/python-barbicanclient-3.1.0[${PYTHON_USEDEP}]
- >=dev-python/python-glanceclient-0.15.0[${PYTHON_USEDEP}]
- <dev-python/python-glanceclient-0.18.0[${PYTHON_USEDEP}]
- >=dev-python/python-novaclient-2.22.0[${PYTHON_USEDEP}]
- <dev-python/python-novaclient-2.24.0[${PYTHON_USEDEP}]
- >=dev-python/python-swiftclient-2.2.0[${PYTHON_USEDEP}]
- <dev-python/python-swiftclient-2.5.0[${PYTHON_USEDEP}]
- >=dev-python/requests-2.2.0[${PYTHON_USEDEP}]
- !~dev-python/requests-2.4.0[${PYTHON_USEDEP}]
- >=dev-python/retrying-1.2.3[${PYTHON_USEDEP}]
- !~dev-python/retrying-1.3.0[${PYTHON_USEDEP}]
- >=dev-python/routes-1.12.3[${PYTHON_USEDEP}]
- !~dev-python/routes-2.0[${PYTHON_USEDEP}]
- >=dev-python/taskflow-0.7.1[${PYTHON_USEDEP}]
- <dev-python/taskflow-0.8.0[${PYTHON_USEDEP}]
- >=dev-python/rtslib-fb-2.1.41[${PYTHON_USEDEP}]
- >=dev-python/six-1.9.0[${PYTHON_USEDEP}]
- sqlite? (
- >=dev-python/sqlalchemy-0.9.7[sqlite,${PYTHON_USEDEP}]
- <=dev-python/sqlalchemy-0.9.99[sqlite,${PYTHON_USEDEP}]
- )
- mysql? (
- dev-python/mysql-python
- >=dev-python/sqlalchemy-0.9.7[${PYTHON_USEDEP}]
- <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}]
- )
- postgres? (
- dev-python/psycopg:2
- >=dev-python/sqlalchemy-0.9.7[${PYTHON_USEDEP}]
- <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}]
- )
- >=dev-python/sqlalchemy-migrate-0.9.5[${PYTHON_USEDEP}]
- !~dev-python/sqlalchemy-migrate-0.9.8[${PYTHON_USEDEP}]
- <dev-python/sqlalchemy-migrate-0.10.0[${PYTHON_USEDEP}]
- >=dev-python/stevedore-1.3.0[${PYTHON_USEDEP}]
- <dev-python/stevedore-1.4.0[${PYTHON_USEDEP}]
- >=dev-python/suds-0.4[${PYTHON_USEDEP}]
- >=dev-python/webob-1.2.3-r1[${PYTHON_USEDEP}]
- >=dev-python/oslo-i18n-1.5.0[${PYTHON_USEDEP}]
- <dev-python/oslo-i18n-1.6.0[${PYTHON_USEDEP}]
- >=dev-python/oslo-vmware-0.11.1[${PYTHON_USEDEP}]
- <dev-python/oslo-vmware-0.12.0[${PYTHON_USEDEP}]
- iscsi? (
- sys-block/tgt
- sys-block/open-iscsi
- )
- lvm? ( sys-fs/lvm2 )
- memcached? ( net-misc/memcached )
- app-emulation/qemu
- sys-fs/sysfsutils"
-# qemu is needed for image conversion
-
-PATCHES=(
-
-)
-
-pkg_setup() {
- linux-info_pkg_setup
- CONFIG_CHECK_MODULES="ISCSI_TCP"
- if linux_config_exists; then
- for module in ${CONFIG_CHECK_MODULES}; do
- linux_chkconfig_present ${module} || ewarn "${module} needs to be built as module (builtin doesn't work)"
- done
- fi
- enewgroup cinder
- enewuser cinder -1 -1 /var/lib/cinder cinder
-}
-
-python_prepare_all() {
- sed -i '/^hacking/d' test-requirements.txt || die
- distutils-r1_python_prepare_all
-}
-
-python_compile() {
- distutils-r1_python_compile
- mv cinder/test.py cinder/test.py.bak || die
- ./tools/config/generate_sample.sh -b ./ -p cinder -o etc/cinder || die
- mv cinder/test.py.bak cinder/test.py || die
-}
-
-python_test() {
- # Let's track progress of this # https://bugs.launchpad.net/swift/+bug/1249727
- nosetests -I test_wsgi.py cinder/tests/ || die "tests failed under python2.7"
-}
-
-python_install() {
- distutils-r1_python_install
- keepdir /etc/cinder
- dodir /etc/cinder/rootwrap.d
-
- for svc in api scheduler volume; do
- newinitd "${FILESDIR}/cinder.initd" cinder-${svc}
- done
-
- insinto /etc/cinder
- insopts -m0640 -o cinder -g cinder
- newins "${S}/etc/cinder/cinder.conf.sample" "cinder.conf"
- newins "${S}/etc/cinder/api-paste.ini" "api-paste.ini"
- newins "${S}/etc/cinder/logging_sample.conf" "logging_sample.conf"
- newins "${S}/etc/cinder/policy.json" "policy.json"
- newins "${S}/etc/cinder/rootwrap.conf" "rootwrap.conf"
- insinto /etc/cinder/rootwrap.d
- newins "${S}/etc/cinder/rootwrap.d/volume.filters" "volume.filters"
-
- dodir /var/log/cinder
- fowners cinder:cinder /var/log/cinder
-
- #add sudoers definitions for user nova
- insinto /etc/sudoers.d/
- insopts -m 0440 -o root -g root
- newins "${FILESDIR}/cinder.sudoersd" cinder
-}
-
-pkg_postinst() {
- if use iscsi ; then
- elog "Cinder needs tgtd to be installed and running to work with iscsi"
- elog "it also needs 'include /var/lib/cinder/volumes/*' in /etc/tgt/targets.conf"
- fi
-}
diff --git a/sys-cluster/cinder/files/CVE-2015-1851_2014.2.3.patch b/sys-cluster/cinder/files/CVE-2015-1851_2014.2.3.patch
deleted file mode 100644
index 5335e5c02ad5..000000000000
--- a/sys-cluster/cinder/files/CVE-2015-1851_2014.2.3.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From d31c937c566005dedf41a60c6b5bd5e7b26f221b Mon Sep 17 00:00:00 2001
-From: Eric Harney <eharney@redhat.com>
-Date: Tue, 31 Mar 2015 19:48:17 -0400
-Subject: [PATCH] Disallow backing files when uploading volumes to image
-
-Volumes with a header referencing a backing file can leak
-file data into the destination image when uploading a
-volume to an image.
-
-Halt the upload process if the volume data references a
-backing file to prevent this.
-
-Closes-Bug: #1415087
-Change-Id: Iab9718794e7f7e8444015712cfa08c46848ebf78
-(cherry picked from commit 9634b76ba5886d6c2f2128d550cb005dabf48213)
-Conflicts:
- cinder/tests/test_image_utils.py (backport to old tests)
----
- cinder/image/image_utils.py | 14 ++++++++++++++
- cinder/tests/test_image_utils.py | 13 +++++++++++++
- 2 files changed, 27 insertions(+)
-
-diff --git a/cinder/image/image_utils.py b/cinder/image/image_utils.py
-index 160dfe7..cac0072 100644
---- a/cinder/image/image_utils.py
-+++ b/cinder/image/image_utils.py
-@@ -312,6 +312,20 @@ def upload_volume(context, image_service, image_meta, volume_path,
- with fileutils.remove_path_on_error(tmp):
- LOG.debug("%s was %s, converting to %s" %
- (image_id, volume_format, image_meta['disk_format']))
-+
-+ data = qemu_img_info(volume_path)
-+ backing_file = data.backing_file
-+ fmt = data.file_format
-+ if backing_file is not None:
-+ # Disallow backing files as a security measure.
-+ # This prevents a user from writing an image header into a raw
-+ # volume with a backing file pointing to data they wish to
-+ # access.
-+ raise exception.ImageUnacceptable(
-+ image_id=image_id,
-+ reason=_("fmt=%(fmt)s backed by:%(backing_file)s")
-+ % {'fmt': fmt, 'backing_file': backing_file})
-+
- convert_image(volume_path, tmp, image_meta['disk_format'],
- bps_limit=CONF.volume_copy_bps_limit)
-
-diff --git a/cinder/tests/test_image_utils.py b/cinder/tests/test_image_utils.py
-index 86168c0..2cf571a 100644
---- a/cinder/tests/test_image_utils.py
-+++ b/cinder/tests/test_image_utils.py
-@@ -462,6 +462,10 @@ def test_upload_volume(self, mock_stat, bps_limit=0):
- volume_utils.setup_blkio_cgroup(mox.IgnoreArg(), mox.IgnoreArg(),
- bps_limit).AndReturn(prefix)
-
-+ utils.execute(
-+ 'env', 'LC_ALL=C', 'qemu-img', 'info',
-+ mox.IgnoreArg(), run_as_root=True).AndReturn(
-+ (TEST_RET, 'ignored'))
- utils.execute(*cmd, run_as_root=True)
- utils.execute(
- 'env', 'LC_ALL=C', 'qemu-img', 'info',
-@@ -497,6 +501,11 @@ def test_upload_volume_with_bps_limit(self, mock_stat):
-
- volume_utils.setup_blkio_cgroup(mox.IgnoreArg(), mox.IgnoreArg(),
- bps_limit).AndReturn(prefix)
-+
-+ utils.execute(
-+ 'env', 'LC_ALL=C', 'qemu-img', 'info',
-+ mox.IgnoreArg(), run_as_root=True).AndReturn(
-+ (TEST_RET, 'ignored'))
- utils.execute(*cmd, run_as_root=True)
- utils.execute(
- 'env', 'LC_ALL=C', 'qemu-img', 'info',
-@@ -534,6 +543,10 @@ def test_upload_volume_on_error(self, mock_stat):
- m.StubOutWithMock(utils, 'execute')
- m.StubOutWithMock(volume_utils, 'check_for_odirect_support')
-
-+ utils.execute(
-+ 'env', 'LC_ALL=C', 'qemu-img', 'info',
-+ mox.IgnoreArg(), run_as_root=True).AndReturn(
-+ (TEST_RET, 'ignored'))
- utils.execute('qemu-img', 'convert', '-O', 'qcow2',
- mox.IgnoreArg(), mox.IgnoreArg(), run_as_root=True)
- utils.execute(
diff --git a/sys-cluster/cinder/files/CVE-2015-1851_2015.1.0.patch b/sys-cluster/cinder/files/CVE-2015-1851_2015.1.0.patch
deleted file mode 100644
index 2e1d31970fc1..000000000000
--- a/sys-cluster/cinder/files/CVE-2015-1851_2015.1.0.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From 9634b76ba5886d6c2f2128d550cb005dabf48213 Mon Sep 17 00:00:00 2001
-From: Eric Harney <eharney@redhat.com>
-Date: Tue, 31 Mar 2015 19:48:17 -0400
-Subject: [PATCH] Disallow backing files when uploading volumes to image
-
-Volumes with a header referencing a backing file can leak
-file data into the destination image when uploading a
-volume to an image.
-
-Halt the upload process if the volume data references a
-backing file to prevent this.
-
-Closes-Bug: #1415087
-Change-Id: Iab9718794e7f7e8444015712cfa08c46848ebf78
-(cherry picked from commit b1143ee45323e63b965a3710f9063e65b252c978)
----
- cinder/image/image_utils.py | 14 ++++++++++++++
- cinder/tests/test_image_utils.py | 8 ++++++--
- 2 files changed, 20 insertions(+), 2 deletions(-)
-
-diff --git a/cinder/image/image_utils.py b/cinder/image/image_utils.py
-index 6e5e2fb..6ae0f81 100644
---- a/cinder/image/image_utils.py
-+++ b/cinder/image/image_utils.py
-@@ -344,6 +344,20 @@ def upload_volume(context, image_service, image_meta, volume_path,
- with temporary_file() as tmp:
- LOG.debug("%s was %s, converting to %s",
- image_id, volume_format, image_meta['disk_format'])
-+
-+ data = qemu_img_info(volume_path, run_as_root=run_as_root)
-+ backing_file = data.backing_file
-+ fmt = data.file_format
-+ if backing_file is not None:
-+ # Disallow backing files as a security measure.
-+ # This prevents a user from writing an image header into a raw
-+ # volume with a backing file pointing to data they wish to
-+ # access.
-+ raise exception.ImageUnacceptable(
-+ image_id=image_id,
-+ reason=_("fmt=%(fmt)s backed by:%(backing_file)s")
-+ % {'fmt': fmt, 'backing_file': backing_file})
-+
- convert_image(volume_path, tmp, image_meta['disk_format'],
- run_as_root=run_as_root)
-
-diff --git a/cinder/tests/test_image_utils.py b/cinder/tests/test_image_utils.py
-index ab41243..3f8e763 100644
---- a/cinder/tests/test_image_utils.py
-+++ b/cinder/tests/test_image_utils.py
-@@ -381,6 +381,7 @@ def test_diff_format(self, mock_os, mock_temp, mock_convert, mock_info,
- mock_os.name = 'posix'
- data = mock_info.return_value
- data.file_format = mock.sentinel.disk_format
-+ data.backing_file = None
- temp_file = mock_temp.return_value.__enter__.return_value
-
- output = image_utils.upload_volume(ctxt, image_service, image_meta,
-@@ -391,7 +392,8 @@ def test_diff_format(self, mock_os, mock_temp, mock_convert, mock_info,
- temp_file,
- mock.sentinel.disk_format,
- run_as_root=True)
-- mock_info.assert_called_once_with(temp_file, run_as_root=True)
-+ mock_info.assert_called_with(temp_file, run_as_root=True)
-+ self.assertEqual(mock_info.call_count, 2)
- mock_open.assert_called_once_with(temp_file, 'rb')
- image_service.update.assert_called_once_with(
- ctxt, image_meta['id'], {},
-@@ -470,6 +472,7 @@ def test_convert_error(self, mock_os, mock_temp, mock_convert, mock_info,
- mock_os.name = 'posix'
- data = mock_info.return_value
- data.file_format = mock.sentinel.other_disk_format
-+ data.backing_file = None
- temp_file = mock_temp.return_value.__enter__.return_value
-
- self.assertRaises(exception.ImageUnacceptable,
-@@ -479,7 +482,8 @@ def test_convert_error(self, mock_os, mock_temp, mock_convert, mock_info,
- temp_file,
- mock.sentinel.disk_format,
- run_as_root=True)
-- mock_info.assert_called_once_with(temp_file, run_as_root=True)
-+ mock_info.assert_called_with(temp_file, run_as_root=True)
-+ self.assertEqual(mock_info.call_count, 2)
- self.assertFalse(image_service.update.called)
-
-