| 1 |
commit: 7074326a1d2480b2f0c20d0562eb009f5325d2cc |
| 2 |
Author: Jonathan Vasquez <fearedbliss <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Sun Feb 12 19:06:03 2017 +0000 |
| 4 |
Commit: Jonathan Vasquez <fearedbliss <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Feb 12 19:06:24 2017 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7074326a |
| 7 |
|
| 8 |
media-tv/plex-media-server: adding pax marking, wrt bug #609154 |
| 9 |
|
| 10 |
Package-Manager: Portage-2.3.3, Repoman-2.3.1 |
| 11 |
|
| 12 |
...-1.3.4.ebuild => plex-media-server-1.3.4-r1.ebuild} | 18 +++++++++++++----- |
| 13 |
1 file changed, 13 insertions(+), 5 deletions(-) |
| 14 |
|
| 15 |
diff --git a/media-tv/plex-media-server/plex-media-server-1.3.4.ebuild b/media-tv/plex-media-server/plex-media-server-1.3.4-r1.ebuild |
| 16 |
similarity index 86% |
| 17 |
rename from media-tv/plex-media-server/plex-media-server-1.3.4.ebuild |
| 18 |
rename to media-tv/plex-media-server/plex-media-server-1.3.4-r1.ebuild |
| 19 |
index 99b6ac28a6..bfa0613bc9 100644 |
| 20 |
--- a/media-tv/plex-media-server/plex-media-server-1.3.4.ebuild |
| 21 |
+++ b/media-tv/plex-media-server/plex-media-server-1.3.4-r1.ebuild |
| 22 |
@@ -4,7 +4,7 @@ |
| 23 |
|
| 24 |
EAPI=6 |
| 25 |
|
| 26 |
-inherit eutils user systemd unpacker |
| 27 |
+inherit eutils user systemd unpacker pax-utils |
| 28 |
|
| 29 |
MINOR1="3285" |
| 30 |
MINOR2="b46e0ea" |
| 31 |
@@ -25,9 +25,8 @@ LICENSE="Plex" |
| 32 |
RESTRICT="mirror bindist strip" |
| 33 |
KEYWORDS="-* ~amd64" |
| 34 |
|
| 35 |
-DEPEND=" |
| 36 |
- net-dns/avahi |
| 37 |
- sys-apps/fix-gnustack" |
| 38 |
+DEPEND="sys-apps/fix-gnustack" |
| 39 |
+RDEPEND="net-dns/avahi" |
| 40 |
|
| 41 |
QA_DESKTOP_FILE="usr/share/applications/plexmediamanager.desktop" |
| 42 |
QA_PREBUILT="*" |
| 43 |
@@ -37,6 +36,7 @@ QA_MULTILIB_PATHS=( |
| 44 |
) |
| 45 |
|
| 46 |
EXECSTACKED_BINS=( "${ED%/}/usr/lib/plexmediaserver/libgnsdk_dsp.so*" ) |
| 47 |
+BINS_TO_PAX_MARK=( "${ED%/}/usr/lib/plexmediaserver/Plex Script Host" ) |
| 48 |
|
| 49 |
S="${WORKDIR}" |
| 50 |
|
| 51 |
@@ -85,6 +85,7 @@ src_install() { |
| 52 |
systemd_newunit "${INIT}" "${INIT_NAME}" |
| 53 |
|
| 54 |
_remove_execstack_markings |
| 55 |
+ _add_pax_markings |
| 56 |
} |
| 57 |
|
| 58 |
pkg_postinst() { |
| 59 |
@@ -105,10 +106,17 @@ _handle_multilib() { |
| 60 |
doenvd "${T}"/66plex |
| 61 |
} |
| 62 |
|
| 63 |
-# Remove execstack flag from library so that it works in hardened setups. |
| 64 |
+# Remove execstack flags from some libraries/executables so that it works in hardened setups. |
| 65 |
_remove_execstack_markings() { |
| 66 |
for f in "${EXECSTACKED_BINS[@]}"; do |
| 67 |
# Unquoting 'f' so that expansion works. |
| 68 |
fix-gnustack -f ${f} > /dev/null |
| 69 |
done |
| 70 |
} |
| 71 |
+ |
| 72 |
+# Add pax markings to some binaries so that they work on hardened setup. |
| 73 |
+_add_pax_markings() { |
| 74 |
+ for f in "${BINS_TO_PAX_MARK[@]}"; do |
| 75 |
+ pax-mark m "${f}" |
| 76 |
+ done |
| 77 |
+} |
Archives