From 3f260ab2883952c43aea7f5930a4a9b16baf3f86 Mon Sep 17 00:00:00 2001 From: "Robin H. Johnson" Date: Sun, 21 Sep 2014 01:54:22 +0000 Subject: Bug #486680: do not create group-writable directories during build that would fail under grsec TPE. (Portage version: 2.2.10/cvs/Linux x86_64, unsigned Manifest commit) --- app-cdr/cdrtools/ChangeLog | 7 ++++++- app-cdr/cdrtools/cdrtools-3.01_alpha17.ebuild | 8 +++++++- app-cdr/cdrtools/cdrtools-3.01_alpha24.ebuild | 8 +++++++- 3 files changed, 20 insertions(+), 3 deletions(-) (limited to 'app-cdr') diff --git a/app-cdr/cdrtools/ChangeLog b/app-cdr/cdrtools/ChangeLog index 51e28aba1011..7ea2e3bd483e 100644 --- a/app-cdr/cdrtools/ChangeLog +++ b/app-cdr/cdrtools/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for app-cdr/cdrtools # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-cdr/cdrtools/ChangeLog,v 1.343 2014/08/03 19:12:46 tgall Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-cdr/cdrtools/ChangeLog,v 1.344 2014/09/21 01:54:22 robbat2 Exp $ + + 21 Sep 2014; Robin H. Johnson + cdrtools-3.01_alpha17.ebuild, cdrtools-3.01_alpha24.ebuild: + Bug #486680: do not create group-writable directories during build that would + fail under grsec TPE. 03 Aug 2014; cdrtools-3.01_alpha24.ebuild: arm64, initial support diff --git a/app-cdr/cdrtools/cdrtools-3.01_alpha17.ebuild b/app-cdr/cdrtools/cdrtools-3.01_alpha17.ebuild index e9435930e2b5..2bbef1077a23 100644 --- a/app-cdr/cdrtools/cdrtools-3.01_alpha17.ebuild +++ b/app-cdr/cdrtools/cdrtools-3.01_alpha17.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-cdr/cdrtools/cdrtools-3.01_alpha17.ebuild,v 1.16 2014/05/17 12:00:17 billie Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-cdr/cdrtools/cdrtools-3.01_alpha17.ebuild,v 1.17 2014/09/21 01:54:22 robbat2 Exp $ EAPI=5 @@ -87,7 +87,13 @@ src_prepare() { -e "s:/opt/schily:/usr:g" \ -e "s:/usr/src/linux/include::g" \ -e "s:bin:root:g" \ + -e '/^DEFUMASK/s,002,022,g' \ Defaults.${os} || die "sed Schily make setup" + # re DEFUMASK above: + # bug 486680: grsec TPE will block the exec if the directory is + # group-writable. This is painful with cdrtools, because it makes a bunch of + # group-writable directories during build. Change the umask on their + # creation to prevent this. } # skip obsolete configure script diff --git a/app-cdr/cdrtools/cdrtools-3.01_alpha24.ebuild b/app-cdr/cdrtools/cdrtools-3.01_alpha24.ebuild index 2da53847c084..bbbebe22b893 100644 --- a/app-cdr/cdrtools/cdrtools-3.01_alpha24.ebuild +++ b/app-cdr/cdrtools/cdrtools-3.01_alpha24.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-cdr/cdrtools/cdrtools-3.01_alpha24.ebuild,v 1.2 2014/08/03 19:12:46 tgall Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-cdr/cdrtools/cdrtools-3.01_alpha24.ebuild,v 1.3 2014/09/21 01:54:22 robbat2 Exp $ EAPI=5 @@ -94,7 +94,13 @@ src_prepare() { -e "s|^\(INS_BASE=\).*|\1\t${ED}/usr|" \ -e "s|^\(INS_RBASE=\).*|\1\t${ED}|" \ -e "s|^\(DEFINSGRP=\).*|\1\t0|" \ + -e '/^DEFUMASK/s,002,022,g' \ Defaults.${os} || die "sed Schily make setup" + # re DEFUMASK above: + # bug 486680: grsec TPE will block the exec if the directory is + # group-writable. This is painful with cdrtools, because it makes a bunch of + # group-writable directories during build. Change the umask on their + # creation to prevent this. } ac_cv_sizeof() { -- cgit v1.2.3-65-gdbad