Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Micheal Marineau (marineam)" <marineam@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in app-emulation/xen-tools: ChangeLog xen-tools-3.1.0-r1.ebuild xen-tools-3.0.4_p1-r1.ebuild xen-tools-3.0.4_p1.ebuild xen-tools-3.1.0.ebuild
Date: Wed, 26 Sep 2007 22:52:23
Message-Id: E1Iafbi-0005Fm-3i@stork.gentoo.org
1 marineam 07/09/26 22:43:50
2
3 Modified: ChangeLog
4 Added: xen-tools-3.1.0-r1.ebuild
5 xen-tools-3.0.4_p1-r1.ebuild
6 Removed: xen-tools-3.0.4_p1.ebuild xen-tools-3.1.0.ebuild
7 Log:
8 Security bump, see bug #193808
9 (Portage version: 2.1.2.12)
10
11 Revision Changes Path
12 1.29 app-emulation/xen-tools/ChangeLog
13
14 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-emulation/xen-tools/ChangeLog?rev=1.29&view=markup
15 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-emulation/xen-tools/ChangeLog?rev=1.29&content-type=text/plain
16 diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-emulation/xen-tools/ChangeLog?r1=1.28&r2=1.29
17
18 Index: ChangeLog
19 ===================================================================
20 RCS file: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/ChangeLog,v
21 retrieving revision 1.28
22 retrieving revision 1.29
23 diff -u -r1.28 -r1.29
24 --- ChangeLog 3 Sep 2007 19:40:30 -0000 1.28
25 +++ ChangeLog 26 Sep 2007 22:43:49 -0000 1.29
26 @@ -1,6 +1,17 @@
27 # ChangeLog for app-emulation/xen-tools
28 # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
29 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/ChangeLog,v 1.28 2007/09/03 19:40:30 marineam Exp $
30 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/ChangeLog,v 1.29 2007/09/26 22:43:49 marineam Exp $
31 +
32 +*xen-tools-3.1.0-r1 (26 Sep 2007)
33 +*xen-tools-3.0.4_p1-r1 (26 Sep 2007)
34 +
35 + 26 Sep 2007; Michael Marineau <marineam@g.o>
36 + +files/xen-tools-3.0.4_p1-pygrub-security-fix.patch,
37 + +files/xen-tools-3.1.0-pygrub-security-fix.patch,
38 + -xen-tools-3.0.4_p1.ebuild, +xen-tools-3.0.4_p1-r1.ebuild,
39 + -xen-tools-3.1.0.ebuild, +xen-tools-3.1.0-r1.ebuild:
40 + Security Bump: Guest domains could execute code on Dom0 via pygrub.
41 + Bug #193808 and CVE-2007-4993
42
43 03 Sep 2007; Michael Marineau <marineam@g.o>
44 xen-tools-3.0.4_p1.ebuild, xen-tools-3.1.0.ebuild:
45
46
47
48 1.1 app-emulation/xen-tools/xen-tools-3.1.0-r1.ebuild
49
50 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-emulation/xen-tools/xen-tools-3.1.0-r1.ebuild?rev=1.1&view=markup
51 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-emulation/xen-tools/xen-tools-3.1.0-r1.ebuild?rev=1.1&content-type=text/plain
52
53 Index: xen-tools-3.1.0-r1.ebuild
54 ===================================================================
55 # Copyright 1999-2007 Gentoo Foundation
56 # Distributed under the terms of the GNU General Public License v2
57 # $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/xen-tools-3.1.0-r1.ebuild,v 1.1 2007/09/26 22:43:49 marineam Exp $
58
59 inherit flag-o-matic distutils eutils multilib
60
61 DESCRIPTION="Xend daemon and tools"
62 HOMEPAGE="http://www.xensource.com/xen/xen/"
63 SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/src.tgz/xen-${PV}-src.tgz"
64 S="${WORKDIR}/xen-${PV}-src"
65
66 LICENSE="GPL-2"
67 SLOT="0"
68 KEYWORDS="~amd64 ~x86"
69 IUSE="doc debug screen custom-cflags pygrub hvm"
70
71 CDEPEND="dev-lang/python
72 sys-libs/zlib
73 hvm? ( media-libs/libsdl )"
74
75 DEPEND="${CDEPEND}
76 sys-devel/gcc
77 dev-lang/perl
78 app-misc/pax-utils
79 doc? (
80 dev-tex/latex2html
81 media-gfx/transfig
82 media-gfx/graphviz
83 )
84 hvm? (
85 x11-proto/xproto
86 net-libs/libvncserver
87 sys-devel/dev86
88 )"
89
90 RDEPEND="${CDEPEND}
91 sys-apps/iproute2
92 net-misc/bridge-utils
93 screen? (
94 app-misc/screen
95 app-admin/logrotate
96 )
97 || ( sys-fs/udev sys-apps/hotplug )"
98
99 PYTHON_MODNAME="xen grub"
100
101 # hvmloader is used to bootstrap a fully virtualized kernel
102 # Approved by QA team in bug #144032
103 QA_WX_LOAD="usr/lib/xen/boot/hvmloader"
104
105 pkg_setup() {
106 if ! use x86 && ! has x86 $(get_all_abis) && use hvm; then
107 eerror "HVM (VT-x and AMD-v) cannot be built on this system. An x86 or"
108 eerror "an amd64 multilib profile is required. Remove the hvm use flag"
109 eerror "to build xen-tools on your current profile."
110 die "USE=hvm is unsupported on this system."
111 fi
112
113 if [[ "$(scanelf -s __guard -q `which python`)" ]] ; then
114 ewarn "xend may not work when python is built with stack smashing protection (ssp)."
115 ewarn "If 'xm create' fails with '<ProtocolError for /RPC2: -1 >', see bug #141866"
116 fi
117
118 if [[ -z ${XEN_TARGET_ARCH} ]] ; then
119 if use x86 && use amd64; then
120 die "Confusion! Both x86 and amd64 are set in your use flags!"
121 elif use x86; then
122 export XEN_TARGET_ARCH="x86_32"
123 elif use amd64 ; then
124 export XEN_TARGET_ARCH="x86_64"
125 else
126 die "Unsupported architecture!"
127 fi
128 fi
129
130 if use doc && ! built_with_use -o dev-tex/latex2html png gif; then
131 # die early instead of later
132 eerror "USE=doc requires latex2html with image support. Please add"
133 eerror "'png' and/or 'gif' to your use flags and re-emerge latex2html"
134 die "latex2html missing both png and gif flags"
135 fi
136 }
137
138 src_unpack() {
139 unpack ${A}
140 cd "${S}"
141
142 # if the user *really* wants to use their own custom-cflags, let them
143 if use custom-cflags; then
144 einfo "User wants their own CFLAGS - removing defaults"
145 # try and remove all the default custom-cflags
146 find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
147 -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \
148 -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
149 -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
150 -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \
151 -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \
152 -i {} \;
153 fi
154
155 # Disable hvm support on systems that don't support x86_32 binaries.
156 if ! use hvm; then
157 chmod 644 tools/check/check_x11_devel
158 sed -i -e '/^CONFIG_IOEMU := y$/d' "${S}"/config/*.mk
159 sed -i -e '/SUBDIRS-$(CONFIG_X86) += firmware/d' "${S}"/tools/Makefile
160 fi
161
162 if ! use pygrub; then
163 sed -i -e "/^SUBDIRS-y += pygrub$/d" "${S}"/tools/Makefile
164 fi
165
166 # Allow --as-needed LDFLAGS
167 epatch "${FILESDIR}/${PN}-3.0.4_p1--as-needed.patch"
168
169 # Fix network broadcast on bridged networks
170 epatch "${FILESDIR}/${PN}-3.0.4_p1-network-bridge-broadcast.patch"
171
172 # Also look in python's site packages for xen, as it installs there
173 epatch "${FILESDIR}/${PN}-3.1.0-python-site-packages.patch"
174
175 # Fix building small dumb utility called 'xen-detect' on hardened
176 epatch "${FILESDIR}/${PN}-3.1.0-xen-detect-nopie-fix.patch"
177
178 # Security fix, CVE-2007-4993
179 # https://bugs.gentoo.org/show_bug.cgi?id=193808
180 epatch "${FILESDIR}/${PN}-3.1.0-pygrub-security-fix.patch"
181 }
182
183 src_compile() {
184 local myopt myconf
185 use debug && myopt="${myopt} debug=y"
186
187 use custom-cflags || unset CFLAGS
188 #gcc-specs-ssp && append-flags -fno-stack-protector -fno-stack-protector-all
189
190 if use hvm; then
191 myconf="${myconf} --disable-system --disable-user"
192 (cd tools/ioemu && econf ${myconf}) || die "configure failured"
193 fi
194
195 emake -C tools ${myopt} || die "compile failed"
196
197 if use doc; then
198 sh ./docs/check_pkgs || die "package check failed"
199 emake -C docs || die "compiling docs failed"
200 fi
201
202 emake -C docs man-pages || die "make man-pages failed"
203 }
204
205 src_install() {
206 local myopt="XEN_PYTHON_NATIVE_INSTALL=1"
207
208 make DESTDIR="${D}" -C tools ${myopt} install \
209 || die "install failed"
210
211 # Remove RedHat-specific stuff
212 rm -rf "${D}"/etc/sysconfig
213
214 if use doc; then
215 make DESTDIR="${D}" -C docs install || die "install docs failed"
216 # Rename doc/xen to the Gentoo-style doc/xen-x.y
217 mv "${D}"/usr/share/doc/{${PN},${PF}}
218 fi
219
220 doman docs/man?/*
221
222 newinitd "${FILESDIR}"/xend.initd xend \
223 || die "Couldn't install xen.initd"
224 newconfd "${FILESDIR}"/xendomains.confd xendomains \
225 || die "Couldn't install xendomains.confd"
226 newinitd "${FILESDIR}"/xendomains.initd xendomains \
227 || die "Couldn't install xendomains.initd"
228
229 if use screen; then
230 cat "${FILESDIR}"/xendomains-screen.confd >> "${D}"/etc/conf.d/xendomains
231 cp "${FILESDIR}"/xen-consoles.logrotate "${D}"/etc/xen/
232 keepdir /var/log/xen-consoles
233 fi
234
235 # xend expects these to exist
236 keepdir /var/run/xenstored /var/lib/xenstored /var/xen/dump /var/lib/xen /var/log/xen
237
238 # for xendomains
239 keepdir /etc/xen/auto
240 }
241
242 pkg_postinst() {
243 elog "Please visit the Xen and Gentoo wiki:"
244 elog "http://gentoo-wiki.com/HOWTO_Xen_and_Gentoo"
245
246 if [[ "$(scanelf -s __guard -q `which python`)" ]] ; then
247 echo
248 ewarn "xend may not work when python is built with stack smashing protection (ssp)."
249 ewarn "If 'xm create' fails with '<ProtocolError for /RPC2: -1 >', see bug #141866"
250 ewarn "This probablem may be resolved as of Xen 3.0.4, if not post in the bug."
251 fi
252
253 if ! built_with_use dev-lang/python ncurses; then
254 echo
255 ewarn "NB: Your dev-lang/python is built without USE=ncurses."
256 ewarn "Please rebuild python with USE=ncurses to make use of xenmon.py."
257 fi
258
259 if ! use hvm; then
260 echo
261 elog "HVM (VT-x and AMD-V) support has been disabled. If you need hvm"
262 elog "support enable the hvm use flag."
263 elog "An x86 or amd64 multilib system is required to build HVM support."
264 echo
265 elog "The ioemu use flag has been removed and replaced with hvm."
266 fi
267
268 if grep -qsF XENSV= "${ROOT}/etc/conf.d/xend"; then
269 echo
270 elog "xensv is broken upstream (Gentoo bug #142011)."
271 elog "Please remove '${ROOT%/}/etc/conf.d/xend', as it is no longer needed."
272 fi
273 }
274
275
276
277 1.1 app-emulation/xen-tools/xen-tools-3.0.4_p1-r1.ebuild
278
279 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-emulation/xen-tools/xen-tools-3.0.4_p1-r1.ebuild?rev=1.1&view=markup
280 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-emulation/xen-tools/xen-tools-3.0.4_p1-r1.ebuild?rev=1.1&content-type=text/plain
281
282 Index: xen-tools-3.0.4_p1-r1.ebuild
283 ===================================================================
284 # Copyright 1999-2007 Gentoo Foundation
285 # Distributed under the terms of the GNU General Public License v2
286 # $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/xen-tools-3.0.4_p1-r1.ebuild,v 1.1 2007/09/26 22:43:49 marineam Exp $
287
288 inherit flag-o-matic distutils eutils multilib
289
290 DESCRIPTION="Xend daemon and tools"
291 HOMEPAGE="http://www.xensource.com/xen/xen/"
292 MY_PV=${PV/_p/_}
293 SRC_URI="http://bits.xensource.com/oss-xen/release/${MY_PV/_/-}/src.tgz/xen-${MY_PV}-src.tgz"
294 S="${WORKDIR}/xen-${MY_PV}-src"
295
296 LICENSE="GPL-2"
297 SLOT="0"
298 KEYWORDS="~amd64 ~x86"
299 IUSE="doc debug screen custom-cflags pygrub ioemu"
300
301 CDEPEND="dev-lang/python
302 sys-libs/zlib
303 ioemu? ( media-libs/libsdl )"
304
305 DEPEND="${CDEPEND}
306 sys-devel/gcc
307 dev-lang/perl
308 sys-devel/dev86
309 app-misc/pax-utils
310 doc? (
311 dev-tex/latex2html
312 media-gfx/transfig
313 )
314 ioemu? (
315 x11-proto/xproto
316 net-libs/libvncserver
317 )"
318
319 RDEPEND="${CDEPEND}
320 sys-apps/iproute2
321 net-misc/bridge-utils
322 screen? (
323 app-misc/screen
324 app-admin/logrotate
325 )
326 || ( sys-fs/udev sys-apps/hotplug )"
327
328 PYTHON_MODNAME="xen grub"
329
330 # hvmloader is used to bootstrap a fully virtualized kernel
331 # Approved by QA team in bug #144032
332 QA_WX_LOAD="usr/lib/xen/boot/hvmloader"
333
334 pkg_setup() {
335 if [[ "$(scanelf -s __guard -q `which python`)" ]] ; then
336 ewarn "xend may not work when python is built with stack smashing protection (ssp)."
337 ewarn "If 'xm create' fails with '<ProtocolError for /RPC2: -1 >', see bug #141866"
338 fi
339
340 if [[ -z ${XEN_TARGET_ARCH} ]] ; then
341 if use x86 && use amd64; then
342 die "Confusion! Both x86 and amd64 are set in your use flags!"
343 elif use x86; then
344 export XEN_TARGET_ARCH="x86_32"
345 elif use amd64 ; then
346 export XEN_TARGET_ARCH="x86_64"
347 else
348 die "Unsupported architecture!"
349 fi
350 fi
351
352 if use doc && ! built_with_use -o dev-tex/latex2html png gif; then
353 # die early instead of later
354 eerror "USE=doc requires latex2html with image support. Please add"
355 eerror "'png' and/or 'gif' to your use flags and re-emerge latex2html"
356 die "latex2html missing both png and gif flags"
357 fi
358 }
359
360 src_unpack() {
361 unpack ${A}
362 cd "${S}"
363
364 # if the user *really* wants to use their own custom-cflags, let them
365 if use custom-cflags; then
366 einfo "User wants their own CFLAGS - removing defaults"
367 # try and remove all the default custom-cflags
368 find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
369 -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \
370 -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
371 -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
372 -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \
373 -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \
374 -i {} \;
375 fi
376
377 # Disable the 32bit-only vmxassist if we are not on x86 and we don't
378 # support the x86 ABI. Also disable hvmloader, since it requires vmxassist.
379 if ! use x86 && ! has x86 $(get_all_abis); then
380 sed -i -e "/SUBDIRS += vmxassist/d" "${S}"/tools/firmware/Makefile
381 sed -i -e "/SUBDIRS += hvmloader/d" "${S}"/tools/firmware/Makefile
382 fi
383
384 if ! use pygrub; then
385 sed -i -e "/^SUBDIRS-y += pygrub$/d" "${S}"/tools/Makefile
386 fi
387
388 # Don't bother with ioemu, only needed for fully virtualised guests
389 if ! use ioemu; then
390 chmod 644 tools/check/check_x11_devel
391 sed -i -e "/^CONFIG_IOEMU := y$/d" "${S}"/config/*.mk
392 fi
393
394 # Allow --as-needed LDFLAGS
395 epatch "${FILESDIR}/${P}"--as-needed.patch
396
397 # Fix vnclisten
398 epatch "${FILESDIR}/${P}"-vnclisten.patch
399
400 # Fix network broadcast on bridged networks
401 epatch "${FILESDIR}/${P}"-network-bridge-broadcast.patch
402
403 # Disable QEMU monitor mode in VNC, bug #170917
404 epatch "${FILESDIR}/${P}"-remove-monitor-mode-from-vnc.patch
405
406 # Security fix, CVE-2007-4993
407 # https://bugs.gentoo.org/show_bug.cgi?id=193808
408 epatch "${FILESDIR}/${P}-pygrub-security-fix.patch"
409 }
410
411 src_compile() {
412 local myopt myconf
413 use debug && myopt="${myopt} debug=y"
414
415 use custom-cflags || unset CFLAGS
416 gcc-specs-ssp && append-flags -fno-stack-protector -fno-stack-protector-all
417
418 if use ioemu; then
419 myconf="${myconf} --disable-system --disable-user"
420 (cd tools/ioemu && econf ${myconf}) || die "configure failured"
421 fi
422
423 emake -C tools ${myopt} || die "compile failed"
424
425 if use doc; then
426 sh ./docs/check_pkgs || die "package check failed"
427 emake -C docs || die "compiling docs failed"
428 fi
429
430 emake -C docs man-pages || die "make man-pages failed"
431 }
432
433 src_install() {
434 local myopt="XEN_PYTHON_NATIVE_INSTALL=1"
435
436 make DESTDIR="${D}" ${myopt} install-tools \
437 || die "install failed"
438
439 # Remove RedHat-specific stuff
440 rm -rf "${D}"/etc/sysconfig
441
442 if use doc; then
443 make DESTDIR="${D}" -C docs install || die "install docs failed"
444 # Rename doc/xen to the Gentoo-style doc/xen-x.y
445 mv "${D}"/usr/share/doc/{${PN},${PF}}
446 fi
447
448 doman docs/man?/*
449
450 newinitd "${FILESDIR}"/xend.initd xend \
451 || die "Couldn't install xen.initd"
452 newconfd "${FILESDIR}"/xendomains.confd xendomains \
453 || die "Couldn't install xendomains.confd"
454 newinitd "${FILESDIR}"/xendomains.initd xendomains \
455 || die "Couldn't install xendomains.initd"
456
457 if use screen; then
458 cat "${FILESDIR}"/xendomains-screen.confd >> "${D}"/etc/conf.d/xendomains
459 cp "${FILESDIR}"/xen-consoles.logrotate "${D}"/etc/xen/
460 keepdir /var/log/xen-consoles
461 fi
462
463 # xend expects these to exist
464 keepdir /var/run/xenstored /var/lib/xenstored /var/xen/dump /var/lib/xen /var/log/xen
465 }
466
467 pkg_postinst() {
468 elog "Please visit the Xen and Gentoo wiki:"
469 elog "http://gentoo-wiki.com/HOWTO_Xen_and_Gentoo"
470
471 if [[ "$(scanelf -s __guard -q `which python`)" ]] ; then
472 ewarn "xend may not work when python is built with stack smashing protection (ssp)."
473 ewarn "If 'xm create' fails with '<ProtocolError for /RPC2: -1 >', see bug #141866"
474 fi
475
476 if ! built_with_use dev-lang/python ncurses; then
477 echo
478 ewarn "NB: Your dev-lang/python is built without USE=ncurses."
479 ewarn "Please rebuild python with USE=ncurses to make use of xenmon.py."
480 fi
481
482 if ! use x86 && ! has x86 $(get_all_abis); then
483 echo
484 elog "Your system does not support building x86 binaries (amd64 no-multilib)"
485 elog "hvmloader has not been built, which is required for HVM guests."
486 fi
487
488 if grep -qsF XENSV= "${ROOT}/etc/conf.d/xend"; then
489 echo
490 elog "xensv is broken upstream (Gentoo bug #142011)."
491 elog "Please remove '${ROOT%/}/etc/conf.d/xend', as it is no longer needed."
492 fi
493 }
494
495
496
497 --
498 gentoo-commits@g.o mailing list
Report Message
Find on MARC Find on Google Groups