diff options
author | Andrew Savchenko <bircoph@gentoo.org> | 2021-07-15 10:38:28 +0300 |
---|---|---|
committer | Andrew Savchenko <bircoph@gentoo.org> | 2021-07-15 10:38:28 +0300 |
commit | 03fa155efd60f9d52798c5c9a66605d983e21d66 (patch) | |
tree | 9920f3479cba261619c72cc27eb47867589ae818 | |
parent | orangefs: migrate to readme.gentoo-r1 eclass (diff) | |
download | bircoph-03fa155efd60f9d52798c5c9a66605d983e21d66.tar.gz bircoph-03fa155efd60f9d52798c5c9a66605d983e21d66.tar.bz2 bircoph-03fa155efd60f9d52798c5c9a66605d983e21d66.zip |
net-ftp/vsftpd: sync with portage version
This also solves EAPI deprecation problem.
Bug: https://bugs.gentoo.org/797016
Package-Manager: Portage-3.0.20, Repoman-3.0.3
Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>
-rw-r--r-- | net-ftp/vsftpd/Manifest | 2 | ||||
-rw-r--r-- | net-ftp/vsftpd/files/vsftpd-3.0.3-sparc.patch | 16 | ||||
-rw-r--r-- | net-ftp/vsftpd/files/vsftpd-3.0.4-dont-link-caps.patch | 17 | ||||
-rw-r--r-- | net-ftp/vsftpd/files/vsftpd-disable-seccomp-sandbox.patch | 15 | ||||
-rw-r--r-- | net-ftp/vsftpd/metadata.xml | 22 | ||||
-rw-r--r-- | net-ftp/vsftpd/vsftpd-3.0.4.ebuild (renamed from net-ftp/vsftpd/vsftpd-3.0.3.ebuild) | 94 |
6 files changed, 105 insertions, 61 deletions
diff --git a/net-ftp/vsftpd/Manifest b/net-ftp/vsftpd/Manifest index b49b2e8..09616ff 100644 --- a/net-ftp/vsftpd/Manifest +++ b/net-ftp/vsftpd/Manifest @@ -1 +1 @@ -DIST vsftpd-3.0.3.tar.gz 196649 SHA256 9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7 SHA512 5a4410a88e72ecf6f60a60a89771bcec300c9f63c2ea83b219bdf65fd9749b9853f9579f7257205b55659aefcd5dab243eba878dbbd4f0ff8532dd6e60884df7 WHIRLPOOL 014b13a1031d89a12412fb1abc808c8d62f474b84e9d1699ec789e99c9b9ec7f4538e7504caa810c6b77dcccea8fc0e32e9bb3ac5ffc8e2e9a29f67b69ddc3cb +DIST vsftpd-3.0.4.tar.gz 197637 SHA256 6b9421bd27e8a6cdeed5b31154f294a20b003a11a26c09500715a0a6b1b86a26 SHA512 a4c3b28ef7bd762dcfe53f5c9b68fc1bb371d2eb61dc88038959cc9f5efba8cc2c45a15956a7fddbac3b1ce03d8555df8fb7b86300e273a78e632f3dac15c2e3 WHIRLPOOL 4da5f5e6e6accdd6d37ee00b5024f873a842ea6415fd2fd7156d3bd5124bb59f59dd329e47651057c45007cc9ec586e20d381633e83299db83212e76ebf1b91b diff --git a/net-ftp/vsftpd/files/vsftpd-3.0.3-sparc.patch b/net-ftp/vsftpd/files/vsftpd-3.0.3-sparc.patch new file mode 100644 index 0000000..9bae9c0 --- /dev/null +++ b/net-ftp/vsftpd/files/vsftpd-3.0.3-sparc.patch @@ -0,0 +1,16 @@ +Workaround clone syscall mishandling. + +https://bugs.gentoo.org/630704 +--- a/sysdeputil.c 2017-09-11 11:38:06.522229630 +0200 ++++ b/sysdeputil.c 2017-09-11 11:38:10.422229500 +0200 +@@ -67,7 +67,9 @@ + #if defined(__linux__) + #include <errno.h> + #include <syscall.h> +- #define VSF_SYSDEP_HAVE_LINUX_CLONE ++ #ifndef __sparc__ ++ #define VSF_SYSDEP_HAVE_LINUX_CLONE ++ #endif + #include <sched.h> + #ifndef CLONE_NEWPID + #define CLONE_NEWPID 0x20000000 diff --git a/net-ftp/vsftpd/files/vsftpd-3.0.4-dont-link-caps.patch b/net-ftp/vsftpd/files/vsftpd-3.0.4-dont-link-caps.patch new file mode 100644 index 0000000..75e0e3e --- /dev/null +++ b/net-ftp/vsftpd/files/vsftpd-3.0.4-dont-link-caps.patch @@ -0,0 +1,17 @@ +--- a/vsf_findlibs.sh ++++ b/vsf_findlibs.sh +@@ -47,14 +47,6 @@ + # For older HP-UX... + locate_library /usr/lib/libsec.sl && echo "-lsec"; + +-# Look for libcap (capabilities) +-# Note that link may fail with: +-# /usr/bin/ld: cannot find -lcap +-# If the libcap-devel package isn't installed. +-locate_library /usr/lib/libcap.so && echo "-lcap"; +-locate_library /lib/libcap.so && echo "-lcap"; +-locate_library /lib64/libcap.so && echo "-lcap"; +- + # Solaris needs this for nanosleep().. + locate_library /lib/libposix4.so && echo "-lposix4"; + locate_library /usr/lib/libposix4.so && echo "-lposix4"; diff --git a/net-ftp/vsftpd/files/vsftpd-disable-seccomp-sandbox.patch b/net-ftp/vsftpd/files/vsftpd-disable-seccomp-sandbox.patch new file mode 100644 index 0000000..10266e3 --- /dev/null +++ b/net-ftp/vsftpd/files/vsftpd-disable-seccomp-sandbox.patch @@ -0,0 +1,15 @@ +Disable buggy seccomp sandbox code by default + +Bug: https://bugs.gentoo.org/443898 + +--- a/tunables.c ++++ b/tunables.c +@@ -226,7 +226,7 @@ + tunable_isolate_network = 1; + tunable_ftp_enable = 1; + tunable_http_enable = 0; +- tunable_seccomp_sandbox = 1; ++ tunable_seccomp_sandbox = 0; + tunable_allow_writeable_chroot = 0; + + tunable_accept_timeout = 60; diff --git a/net-ftp/vsftpd/metadata.xml b/net-ftp/vsftpd/metadata.xml index df9322c..7a38bb9 100644 --- a/net-ftp/vsftpd/metadata.xml +++ b/net-ftp/vsftpd/metadata.xml @@ -1,25 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> - <maintainer type="person"> - <email>hwoarang@gentoo.org</email> - <name>Markos Chandras</name> - </maintainer> - <maintainer type="person"> - <email>wired@gentoo.org</email> - <name>Alex Alexander</name> - </maintainer> - <maintainer type="person"> - <email>bugs@bergstroem.nu</email> - <name>Johan Bergström</name> - <description>Proxy Maintainer. CC him on bugs</description> - </maintainer> - <maintainer type="project"> - <email>proxy-maint@gentoo.org</email> - <name>Proxy Maintainers</name> - </maintainer> - <longdescription lang="en"> - Very Secure FTP Daemon written with speed, size and security - in mind - </longdescription> + <!-- maintainer-needed --> </pkgmetadata> diff --git a/net-ftp/vsftpd/vsftpd-3.0.3.ebuild b/net-ftp/vsftpd/vsftpd-3.0.4.ebuild index 3b6678d..43a413a 100644 --- a/net-ftp/vsftpd/vsftpd-3.0.3.ebuild +++ b/net-ftp/vsftpd/vsftpd-3.0.4.ebuild @@ -1,9 +1,9 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI="4" +EAPI=7 -inherit eutils systemd toolchain-funcs +inherit systemd toolchain-funcs DESCRIPTION="Very Secure FTP Daemon written with speed, size and security in mind" HOMEPAGE="http://vsftpd.beasts.org/" @@ -11,55 +11,71 @@ SRC_URI="http://security.appspot.com/downloads/${P}.tar.gz" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86" IUSE="caps pam tcpd ssl selinux xinetd" DEPEND="caps? ( >=sys-libs/libcap-2 ) - pam? ( virtual/pam ) + pam? ( sys-libs/pam ) tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) - ssl? ( >=dev-libs/openssl-0.9.7d )" + ssl? ( dev-libs/openssl:0= )" RDEPEND="${DEPEND} net-ftp/ftpbase selinux? ( sec-policy/selinux-ftp ) xinetd? ( sys-apps/xinetd )" -src_prepare() { +PATCHES=( # kerberos patch. bug #335980 - epatch "${FILESDIR}/${PN}-2.3.2-kerberos.patch" + "${FILESDIR}/${PN}-2.3.2-kerberos.patch" # Patch the source, config and the manpage to use /etc/vsftpd/ - epatch "${FILESDIR}/${PN}-2.3.5-gentoo.patch" + "${FILESDIR}/${PN}-2.3.5-gentoo.patch" # Fix building without the libcap - epatch "${FILESDIR}/${PN}-2.1.0-caps.patch" + "${FILESDIR}/${PN}-2.1.0-caps.patch" # Fix building on alpha. Bug #405829 - epatch "${FILESDIR}/${PN}-3.0.2-alpha.patch" + "${FILESDIR}/${PN}-3.0.2-alpha.patch" + + # Bug #335977 + "${FILESDIR}"/${PN}-3.0.0-Makefile.patch + + # Bug #450536 + "${FILESDIR}"/${PN}-3.0.2-remove-legacy-cap.patch + + # Bug #630704 + "${FILESDIR}"/${PN}-3.0.3-sparc.patch # Fix unicode logging - epatch "${FILESDIR}/${PN}-2.2.0-logging.patch" + "${FILESDIR}/${PN}-2.2.0-logging.patch" + # https://bugs.gentoo.org/443898 + #"${FILESDIR}"/vsftpd-disable-seccomp-sandbox.patch +) + +src_prepare() { # Configure vsftpd build defaults - use tcpd && echo "#define VSF_BUILD_TCPWRAPPERS" >> builddefs.h - use ssl && echo "#define VSF_BUILD_SSL" >> builddefs.h - use pam || echo "#undef VSF_BUILD_PAM" >> builddefs.h + if use tcpd ; then + echo "#define VSF_BUILD_TCPWRAPPERS" >> builddefs.h || die + fi + + if use ssl ; then + echo "#define VSF_BUILD_SSL" >> builddefs.h || die + fi + + if ! use pam; then + echo "#undef VSF_BUILD_PAM" >> builddefs.h || die + fi # Ensure that we don't link against libcap unless asked if ! use caps ; then sed -i '/^#define VSF_SYSDEP_HAVE_LIBCAP$/ d' sysdeputil.c || die - epatch "${FILESDIR}"/${PN}-2.2.0-dont-link-caps.patch + eapply "${FILESDIR}"/${PN}-3.0.4-dont-link-caps.patch fi # Let portage control stripping sed -i '/^LINK[[:space:]]*=[[:space:]]*/ s/-Wl,-s//' Makefile || die - #Bug #335977 - epatch "${FILESDIR}"/${PN}-3.0.0-Makefile.patch - - #Bug #450536 - epatch "${FILESDIR}"/${PN}-3.0.2-remove-legacy-cap.patch - - epatch_user + default } src_compile() { @@ -70,54 +86,54 @@ src_compile() { use tcpd && LIBS+=" -lwrap" use ssl && LIBS+=" -lssl -lcrypto" - CFLAGS="${CFLAGS}" \ - CC="$(tc-getCC)" \ - emake LIBS="${LIBS}" + tc-export CC + + CFLAGS="${CFLAGS}" emake LIBS="${LIBS}" } src_install() { into /usr doman ${PN}.conf.5 ${PN}.8 - dosbin ${PN} || die "disbin failed" + dosbin ${PN} dodoc AUDIT BENCHMARKS BUGS Changelog FAQ \ README README.security REWARD SIZE \ - SPEED TODO TUNING || die "dodoc failed" + SPEED TODO TUNING newdoc ${PN}.conf ${PN}.conf.example docinto security - dodoc SECURITY/* || die "dodoc failed" + dodoc SECURITY/* - insinto "/usr/share/doc/${PF}/examples" - doins -r EXAMPLE/* || die "doins faileD" + docinto examples + dodoc -r EXAMPLE/* insinto /etc/${PN} newins ${PN}.conf{,.example} insinto /etc/logrotate.d - newins "${FILESDIR}/${PN}.logrotate" ${PN} + newins "${FILESDIR}"/${PN}.logrotate ${PN} if use xinetd ; then insinto /etc/xinetd.d - newins "${FILESDIR}/${PN}.xinetd" ${PN} + newins "${FILESDIR}"/${PN}.xinetd ${PN} fi - newinitd "${FILESDIR}/${PN}.init" ${PN} + newinitd "${FILESDIR}"/${PN}.init ${PN} keepdir /usr/share/${PN}/empty exeinto /usr/libexec - doexe "${FILESDIR}/vsftpd-checkconfig.sh" - systemd_dounit "${FILESDIR}/${PN}.service" - systemd_newunit "${FILESDIR}/${PN}_at.service" "${PN}@.service" - systemd_dounit "${FILESDIR}/${PN}.socket" + doexe "${FILESDIR}"/vsftpd-checkconfig.sh + systemd_dounit "${FILESDIR}"/${PN}.service + systemd_newunit "${FILESDIR}"/${PN}_at.service "${PN}@.service" + systemd_dounit "${FILESDIR}"/${PN}.socket } pkg_preinst() { # If we use xinetd, then we set listen=NO # so that our default config works under xinetd - fixes #78347 if use xinetd ; then - sed -i 's/listen=YES/listen=NO/g' "${D}"/etc/${PN}/${PN}.conf.example + sed -i 's/listen=YES/listen=NO/g' "${D}"/etc/${PN}/${PN}.conf.example || die fi } |