1 |
prometheanfire 14/07/02 17:12:34 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: keystone-2014.1.1-r2.ebuild |
5 |
Removed: keystone-2014.1.1-r1.ebuild |
6 |
Log: |
7 |
bup for CVE-2014-3520, no vulnerable left in tree |
8 |
|
9 |
(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 0x2471eb3e40ac5ac3) |
10 |
|
11 |
Revision Changes Path |
12 |
1.74 sys-auth/keystone/ChangeLog |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/keystone/ChangeLog?rev=1.74&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/keystone/ChangeLog?rev=1.74&content-type=text/plain |
16 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/keystone/ChangeLog?r1=1.73&r2=1.74 |
17 |
|
18 |
Index: ChangeLog |
19 |
=================================================================== |
20 |
RCS file: /var/cvsroot/gentoo-x86/sys-auth/keystone/ChangeLog,v |
21 |
retrieving revision 1.73 |
22 |
retrieving revision 1.74 |
23 |
diff -u -r1.73 -r1.74 |
24 |
--- ChangeLog 30 Jun 2014 01:30:42 -0000 1.73 |
25 |
+++ ChangeLog 2 Jul 2014 17:12:34 -0000 1.74 |
26 |
@@ -1,6 +1,13 @@ |
27 |
# ChangeLog for sys-auth/keystone |
28 |
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 |
29 |
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/keystone/ChangeLog,v 1.73 2014/06/30 01:30:42 prometheanfire Exp $ |
30 |
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/keystone/ChangeLog,v 1.74 2014/07/02 17:12:34 prometheanfire Exp $ |
31 |
+ |
32 |
+*keystone-2014.1.1-r2 (02 Jul 2014) |
33 |
+ |
34 |
+ 02 Jul 2014; Matthew Thode <prometheanfire@g.o> |
35 |
+ +files/2014.1.1-CVE-2014-3250.patch, +keystone-2014.1.1-r2.ebuild, |
36 |
+ -files/CVE-2014-2828-2013.2.3.patch, -keystone-2014.1.1-r1.ebuild: |
37 |
+ bup for CVE-2014-3520, no vulnerable left in tree |
38 |
|
39 |
*keystone-2014.1.1-r1 (30 Jun 2014) |
40 |
|
41 |
|
42 |
|
43 |
|
44 |
1.1 sys-auth/keystone/keystone-2014.1.1-r2.ebuild |
45 |
|
46 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/keystone/keystone-2014.1.1-r2.ebuild?rev=1.1&view=markup |
47 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/keystone/keystone-2014.1.1-r2.ebuild?rev=1.1&content-type=text/plain |
48 |
|
49 |
Index: keystone-2014.1.1-r2.ebuild |
50 |
=================================================================== |
51 |
# Copyright 1999-2014 Gentoo Foundation |
52 |
# Distributed under the terms of the GNU General Public License v2 |
53 |
# $Header: /var/cvsroot/gentoo-x86/sys-auth/keystone/keystone-2014.1.1-r2.ebuild,v 1.1 2014/07/02 17:12:34 prometheanfire Exp $ |
54 |
|
55 |
EAPI=5 |
56 |
|
57 |
PYTHON_COMPAT=( python2_7 ) |
58 |
|
59 |
inherit distutils-r1 user |
60 |
|
61 |
DESCRIPTION="The Openstack authentication, authorization, and service catalog written in Python." |
62 |
HOMEPAGE="https://launchpad.net/keystone" |
63 |
SRC_URI="http://launchpad.net/${PN}/icehouse/${PV}/+download/${P}.tar.gz" |
64 |
|
65 |
LICENSE="Apache-2.0" |
66 |
SLOT="0" |
67 |
KEYWORDS="~amd64 ~x86" |
68 |
IUSE="+sqlite mysql postgres ldap test" |
69 |
REQUIRED_USE="|| ( mysql postgres sqlite )" |
70 |
|
71 |
#todo, seperate out rdepend via use flags |
72 |
# python-ldap needs to be relaxed... |
73 |
DEPEND="dev-python/setuptools[${PYTHON_USEDEP}] |
74 |
>=dev-python/pbr-0.6[${PYTHON_USEDEP}] |
75 |
<dev-python/pbr-1.0[${PYTHON_USEDEP}] |
76 |
test? ( ${RDEPEND} |
77 |
>=dev-python/hacking-0.8[${PYTHON_USEDEP}] |
78 |
<dev-python/hacking-0.9[${PYTHON_USEDEP}] |
79 |
dev-lang/python[sqlite] |
80 |
>=dev-python/python-memcached-1.48[${PYTHON_USEDEP}] |
81 |
>=dev-python/pymongo-2.4[${PYTHON_USEDEP}] |
82 |
ldap? ( dev-python/python-ldap ) |
83 |
>=dev-python/coverage-3.6[${PYTHON_USEDEP}] |
84 |
>=dev-python/fixtures-0.3.14[${PYTHON_USEDEP}] |
85 |
>=dev-python/mock-1.0[${PYTHON_USEDEP}] |
86 |
>=dev-python/mox-0.5.3[${PYTHON_USEDEP}] |
87 |
>=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}] |
88 |
<dev-python/sphinx-1.2[${PYTHON_USEDEP}] |
89 |
>=dev-python/webtest-2.0[${PYTHON_USEDEP}] |
90 |
>=dev-python/subunit-0.0.18[${PYTHON_USEDEP}] |
91 |
>=dev-python/testrepository-0.0.18[${PYTHON_USEDEP}] |
92 |
>=dev-python/testtools-0.9.34[${PYTHON_USEDEP}] |
93 |
>=dev-python/testscenarios-0.4[${PYTHON_USEDEP}] |
94 |
>=dev-python/httplib2-0.7.5[${PYTHON_USEDEP}] |
95 |
>=dev-python/requests-1.1[${PYTHON_USEDEP}] |
96 |
>=dev-python/keyring-2.1[${PYTHON_USEDEP}] |
97 |
dev-python/oslo-sphinx[${PYTHON_USEDEP}] |
98 |
>=dev-python/kombu-2.4.8[${PYTHON_USEDEP}] |
99 |
>=dev-python/lockfile-0.8[${PYTHON_USEDEP}] |
100 |
>=dev-python/stevedore-0.14[${PYTHON_USEDEP}] |
101 |
)" |
102 |
RDEPEND=">=dev-python/webob-1.2.3-r1[${PYTHON_USEDEP}] |
103 |
>=dev-python/eventlet-0.13.0[${PYTHON_USEDEP}] |
104 |
>=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}] |
105 |
>=dev-python/netaddr-0.7.6[${PYTHON_USEDEP}] |
106 |
>=dev-python/pastedeploy-1.5.0[${PYTHON_USEDEP}] |
107 |
dev-python/paste[${PYTHON_USEDEP}] |
108 |
>=dev-python/routes-1.12.3[${PYTHON_USEDEP}] |
109 |
>=dev-python/six-1.6.0[${PYTHON_USEDEP}] |
110 |
>=dev-python/sqlalchemy-0.7.8[${PYTHON_USEDEP}] |
111 |
<dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}] |
112 |
mysql? ( dev-python/mysql-python[${PYTHON_USEDEP}] ) |
113 |
postgres? ( >=dev-python/psycopg-2[${PYTHON_USEDEP}] ) |
114 |
sqlite? ( dev-db/sqlite ) |
115 |
>=dev-python/sqlalchemy-migrate-0.9[${PYTHON_USEDEP}] |
116 |
dev-python/passlib[${PYTHON_USEDEP}] |
117 |
>=dev-python/lxml-2.3[${PYTHON_USEDEP}] |
118 |
>=dev-python/iso8601-0.1.9[${PYTHON_USEDEP}] |
119 |
>=dev-python/python-keystoneclient-0.7.0[${PYTHON_USEDEP}] |
120 |
>=dev-python/oslo-config-1.2.0[${PYTHON_USEDEP}] |
121 |
>=dev-python/oslo-messaging-1.3.0[${PYTHON_USEDEP}] |
122 |
>=dev-python/Babel-1.3[${PYTHON_USEDEP}] |
123 |
>=dev-python/oauthlib-0.6.0[${PYTHON_USEDEP}] |
124 |
>=dev-python/dogpile-cache-0.5.0[${PYTHON_USEDEP}] |
125 |
>=dev-python/jsonschema-2.0.0[${PYTHON_USEDEP}] |
126 |
<dev-python/jsonschema-3.0.0[${PYTHON_USEDEP}] |
127 |
>=dev-python/pycadf-0.4.1[${PYTHON_USEDEP}] |
128 |
ldap? ( dev-python/python-ldap[${PYTHON_USEDEP}] )" |
129 |
|
130 |
PATCHES=( |
131 |
"${FILESDIR}/2014.1.1-CVE-2014-3476.patch" |
132 |
"${FILESDIR}/2014.1.1-CVE-2014-3250.patch" |
133 |
) |
134 |
|
135 |
pkg_setup() { |
136 |
enewgroup keystone |
137 |
enewuser keystone -1 -1 /var/lib/keystone keystone |
138 |
} |
139 |
|
140 |
python_prepare_all() { |
141 |
# it's in git, but not in the tarball..... |
142 |
mkdir -p ${PN}/tests/tmp/ || die |
143 |
cp etc/keystone-paste.ini ${PN}/tests/tmp/ || die |
144 |
distutils-r1_python_prepare_all |
145 |
} |
146 |
|
147 |
# Ignore (naughty) test_.py files & 1 test that connect to the network |
148 |
#-I 'test_keystoneclient*' \ |
149 |
python_test() { |
150 |
nosetests -I 'test_keystoneclient*' \ |
151 |
-e test_static_translated_string_is_Message \ |
152 |
-e test_get_token_id_error_handling \ |
153 |
-e test_provider_token_expiration_validation \ |
154 |
-e test_import --process-restartworker --process-timeout=60 || die "testsuite failed under python2.7" |
155 |
} |
156 |
|
157 |
python_install() { |
158 |
distutils-r1_python_install |
159 |
newconfd "${FILESDIR}/keystone.confd" keystone |
160 |
newinitd "${FILESDIR}/keystone.initd" keystone |
161 |
|
162 |
diropts -m 0750 |
163 |
keepdir /etc/keystone /var/log/keystone |
164 |
insinto /etc/keystone |
165 |
doins etc/keystone.conf.sample etc/logging.conf.sample |
166 |
doins etc/default_catalog.templates etc/policy.json |
167 |
doins etc/policy.v3cloudsample.json etc/keystone-paste.ini |
168 |
|
169 |
fowners keystone:keystone /etc/keystone /var/log/keystone |
170 |
} |
171 |
|
172 |
pkg_postinst() { |
173 |
elog "You might want to run:" |
174 |
elog "emerge --config =${CATEGORY}/${PF}" |
175 |
elog "if this is a new install." |
176 |
elog "If you have not already configured your openssl installation" |
177 |
elog "please do it by modifying /etc/ssl/openssl.cnf" |
178 |
elog "BEFORE issuing the configuration command." |
179 |
elog "Otherwise default values will be used." |
180 |
} |
181 |
|
182 |
pkg_config() { |
183 |
if [ ! -d "${ROOT}"/etc/keystone/ssl ] ; then |
184 |
einfo "Press ENTER to configure the keystone PKI, or Control-C to abort now..." |
185 |
read |
186 |
"${ROOT}"/usr/bin/keystone-manage pki_setup --keystone-user keystone --keystone-group keystone |
187 |
else |
188 |
einfo "keystone PKI certificates directory already present, skipping configuration" |
189 |
fi |
190 |
} |