diff options
| author |   Stephanie J. Lockwood-Childs <wormo@gentoo.org> | 2009-08-09 06:23:59 +0000 |
|---|---|---|
| committer | Stephanie J. Lockwood-Childs <wormo@gentoo.org> | 2009-08-09 06:23:59 +0000 |
| commit | 90d0e6611bb83acda7247761d44fed2e752fb96d (patch) | |
| tree | 723c903ba7b360f4ad9b48380a6a4b0e2ea7c928 /app-admin/ulogd | |
| parent | Version bump (diff) | |
| download | gentoo-2-90d0e6611bb83acda7247761d44fed2e752fb96d.tar.gz gentoo-2-90d0e6611bb83acda7247761d44fed2e752fb96d.tar.bz2 gentoo-2-90d0e6611bb83acda7247761d44fed2e752fb96d.zip | |
Security (Thanks to Yar Odin, bug #225363):
- prevent buffer overflows
- configure ulogd to run as non-privileged user instead of root
QA (Thanks to Henrique Rodrigues for sqlite suggestion, bug #251406):
- switch sqlite3 flag to sqlite flag, and use slot dependency for sqlite
- fix plugin Makefiles to work with LDFLAGS=-Wl,O1
- add runtime dependency on pcap (unconditional, pcap module always built)
(Portage version: 2.1.6.13/cvs/Linux x86_64)
Diffstat (limited to 'app-admin/ulogd')
| -rw-r--r-- | app-admin/ulogd/ChangeLog | 14 | ||||
| -rw-r--r-- | app-admin/ulogd/files/ulogd-0.98 | 5 | ||||
| -rw-r--r-- | app-admin/ulogd/metadata.xml | 3 | ||||
| -rw-r--r-- | app-admin/ulogd/ulogd-1.24-r1.ebuild | 94 | ||||
| -rw-r--r-- | app-admin/ulogd/ulogd-1.24.ebuild | 59 |
5 files changed, 110 insertions, 65 deletions
diff --git a/app-admin/ulogd/ChangeLog b/app-admin/ulogd/ChangeLog index 17a0a057161f..331c9b768d97 100644 --- a/app-admin/ulogd/ChangeLog +++ b/app-admin/ulogd/ChangeLog @@ -1,6 +1,18 @@ # ChangeLog for app-admin/ulogd # Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/ulogd/ChangeLog,v 1.54 2009/02/09 09:36:03 angelos Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/ulogd/ChangeLog,v 1.55 2009/08/09 06:23:59 wormo Exp $ + +*ulogd-1.24-r1 (09 Aug 2009) + + 09 Aug 2009; Stephanie Lockwood-Childs <wormo@gentoo.org> + files/ulogd-0.98, metadata.xml, -ulogd-1.24.ebuild, +ulogd-1.24-r1.ebuild: + Security (Thanks to Yar Odin, bug #225363): + - prevent buffer overflows + - configure ulogd to run as non-privileged user instead of root + QA (Thanks to Henrique Rodrigues for sqlite suggestion, bug #251406): + - switch sqlite3 flag to sqlite flag, and use slot dependency for sqlite + - fix plugin Makefiles to work with LDFLAGS="-Wl,O1" + - add runtime dependency on pcap (unconditional, pcap module always built) 09 Feb 2009; Christoph Mende <angelos@gentoo.org> ulogd-2.0.0_beta2.ebuild: diff --git a/app-admin/ulogd/files/ulogd-0.98 b/app-admin/ulogd/files/ulogd-0.98 index e21bac05b998..d60de2a6e24a 100644 --- a/app-admin/ulogd/files/ulogd-0.98 +++ b/app-admin/ulogd/files/ulogd-0.98 @@ -3,15 +3,14 @@ # chkconfig: - 91 35 # description: Starts and stops the ulogd daemon # -# pidfile: /var/lock/samba/ulogd.pid -# config: /usr/local/etc/ulogd.conf +# config: /etc/ulogd.conf opts="${opts} reload" depend() { need net - use mysql + use mysql } initService() { diff --git a/app-admin/ulogd/metadata.xml b/app-admin/ulogd/metadata.xml index 00a510a56a3f..62c5fe28c064 100644 --- a/app-admin/ulogd/metadata.xml +++ b/app-admin/ulogd/metadata.xml @@ -3,8 +3,7 @@ <pkgmetadata> <herd>no-herd</herd> <maintainer> - <email>maintainer-needed@gentoo.org</email> - <name>Default assignee for orphaned packages</name> + <email>wormo@gentoo.org</email> </maintainer> <use> <flag name='ip-as-string'>Logs IP addresses as stings</flag> diff --git a/app-admin/ulogd/ulogd-1.24-r1.ebuild b/app-admin/ulogd/ulogd-1.24-r1.ebuild new file mode 100644 index 000000000000..c4c086c1f379 --- /dev/null +++ b/app-admin/ulogd/ulogd-1.24-r1.ebuild @@ -0,0 +1,94 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/ulogd/ulogd-1.24-r1.ebuild,v 1.1 2009/08/09 06:23:59 wormo Exp $ + +EAPI="1" + +inherit eutils flag-o-matic autotools + +DESCRIPTION="A userspace logging daemon for netfilter/iptables related logging" +HOMEPAGE="http://netfilter.org/projects/ulogd/index.html" +SRC_URI="http://ftp.netfilter.org/pub/ulogd/${P}.tar.bz2 + mirror://gentoo/${PN}-glsa-200805.patch.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ia64 ~ppc -sparc ~x86" +IUSE="mysql postgres sqlite" + +DEPEND="net-firewall/iptables + mysql? ( virtual/mysql ) + postgres? ( virtual/postgresql-server ) + sqlite? ( dev-db/sqlite:3 )" +RDEPEND="${DEPEND} + net-libs/libpcap" + +pkg_setup() { + enewgroup ulogd + enewuser ulogd -1 -1 /var/log/ulogd ulogd +} + +src_unpack() { + unpack ${A} || die "unpack failed" + cd "${S}" || die "dir ${S} not found" + + # enables logfiles over 2G (#74924) + append-lfs-flags + + epatch "${DISTDIR}/${PN}-glsa-200805.patch.bz2" + + # switch plugin makefiles to use $(CC) instead of $(LD) for linking + # (prevents build from choking on stuff like "LDFLAGS=-Wl,O1") + for p in pgsql sqlite3 extensions mysql pcap ; do + f=$p/Makefile.in + sed -i -e 's/$(LD)/$(CC) -nostartfiles/' $f || die "failed to update $f" + done + + ewarn "Regenerating build system (this may take a bit)..." + eautoconf || die "Autoreconf failed" + econf \ + $(use_with mysql) \ + $(use_with postgres pgsql) \ + $(use_with sqlite sqlite3) \ + || die "configure failed" + + # Configure uses incorrect syntax for ld + use mysql && sed -i -e "s:-Wl,::g;s:-rdynamic::g" Rules.make +} + +src_compile() { + # not parallel make safe: bug #128976 + emake -j1 || die "make failed" +} + +src_install() { + # the Makefile seems to be "broken" - + # it relies on the existance of /usr, /etc .. + dodir /usr/sbin + + make DESTDIR="${D}" install || die "install failed" + + newinitd "${FILESDIR}"/ulogd-0.98 ulogd + local UsedServices="use" + use mysql && UsedServices+=" mysql" + use postgres && UsedServices+=" postgresql" + if [[ ${UsedServices} = "use" ]]; then + UsedServices="" + fi + sed -i -e "s:use mysql:${UsedServices}:g" "${D}/etc/init.d/ulogd" || die "sed failed" + + dodoc README AUTHORS Changes + cd doc/ + dodoc ulogd.txt ulogd.a4.ps + + use mysql && dodoc mysql.table mysql.table.ipaddr-as-string + use postgres && dodoc pgsql.table + use sqlite && dodoc sqlite3.table + + dohtml ulogd.html +} + +pkg_postinst() { + chown root:ulogd /etc/ulogd.conf + chmod 640 /etc/ulogd.conf +} diff --git a/app-admin/ulogd/ulogd-1.24.ebuild b/app-admin/ulogd/ulogd-1.24.ebuild deleted file mode 100644 index af19c726b41e..000000000000 --- a/app-admin/ulogd/ulogd-1.24.ebuild +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/ulogd/ulogd-1.24.ebuild,v 1.7 2008/05/21 15:44:43 dev-zero Exp $ - -inherit eutils flag-o-matic autotools - -DESCRIPTION="A userspace logging daemon for netfilter/iptables related logging" -HOMEPAGE="http://netfilter.org/projects/ulogd/index.html" -SRC_URI="http://ftp.netfilter.org/pub/ulogd/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~ia64 ~ppc -sparc ~x86" -IUSE="mysql postgres" - -DEPEND="net-firewall/iptables - mysql? ( virtual/mysql ) - postgres? ( virtual/postgresql-server )" - -src_compile() { - # enables logfiles over 2G (#74924) - append-lfs-flags - - epatch "${FILESDIR}/configure-fixes.patch" - ewarn "Regenerating build system (this may take a bit)..." - eautoconf || die "Autoreconf failed" - econf \ - $(use_with mysql) \ - $(use_with postgres pgsql) \ - || die "configure failed" - - # Configure uses incorrect syntax for ld - use mysql && sed -i -e "s:-Wl,::g" Rules.make - -# EPATCH_OPTS="-F3" \ -# epatch "${FILESDIR}/glsa-200701.patch" - - # not parallel make safe: bug #128976 - emake -j1 || die "make failed" -} - -src_install() { - # the Makefile seems to be "broken" - - # it relies on the existance of /usr, /etc .. - dodir /usr/sbin - - make DESTDIR="${D}" install || die "install failed" - - newinitd "${FILESDIR}"/ulogd-0.98 ulogd - - dodoc README AUTHORS Changes - cd doc/ - dodoc ulogd.txt ulogd.a4.ps - - use mysql && dodoc mysql.table mysql.table.ipaddr-as-string - use postgres && dodoc pgsql.table - - dohtml ulogd.html -} |