1 |
prometheanfire 14/01/27 08:44:51 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: nova-2013.2.1-r3.ebuild nova-2013.1.4-r5.ebuild |
5 |
Removed: nova-2013.2.1-r2.ebuild nova-2013.1.4-r4.ebuild |
6 |
Log: |
7 |
fixes for bug 494026 CVE-2013-7048 |
8 |
|
9 |
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 0x2471eb3e40ac5ac3) |
10 |
|
11 |
Revision Changes Path |
12 |
1.49 sys-cluster/nova/ChangeLog |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/ChangeLog?rev=1.49&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/ChangeLog?rev=1.49&content-type=text/plain |
16 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/ChangeLog?r1=1.48&r2=1.49 |
17 |
|
18 |
Index: ChangeLog |
19 |
=================================================================== |
20 |
RCS file: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v |
21 |
retrieving revision 1.48 |
22 |
retrieving revision 1.49 |
23 |
diff -u -r1.48 -r1.49 |
24 |
--- ChangeLog 23 Jan 2014 16:31:28 -0000 1.48 |
25 |
+++ ChangeLog 27 Jan 2014 08:44:51 -0000 1.49 |
26 |
@@ -1,6 +1,15 @@ |
27 |
# ChangeLog for sys-cluster/nova |
28 |
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 |
29 |
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.48 2014/01/23 16:31:28 prometheanfire Exp $ |
30 |
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.49 2014/01/27 08:44:51 prometheanfire Exp $ |
31 |
+ |
32 |
+*nova-2013.2.1-r3 (27 Jan 2014) |
33 |
+*nova-2013.1.4-r5 (27 Jan 2014) |
34 |
+ |
35 |
+ 27 Jan 2014; Matthew Thode <prometheanfire@g.o> |
36 |
+ +files/CVE-2013-7048-grizzly.patch, +files/CVE-2013-7048-havana.patch, |
37 |
+ +nova-2013.1.4-r5.ebuild, +nova-2013.2.1-r3.ebuild, -nova-2013.1.4-r4.ebuild, |
38 |
+ -nova-2013.2.1-r2.ebuild: |
39 |
+ fixes for bug 494026 CVE-2013-7048 |
40 |
|
41 |
*nova-2013.2.1-r2 (23 Jan 2014) |
42 |
*nova-2013.1.4-r4 (23 Jan 2014) |
43 |
|
44 |
|
45 |
|
46 |
1.1 sys-cluster/nova/nova-2013.2.1-r3.ebuild |
47 |
|
48 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/nova-2013.2.1-r3.ebuild?rev=1.1&view=markup |
49 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/nova-2013.2.1-r3.ebuild?rev=1.1&content-type=text/plain |
50 |
|
51 |
Index: nova-2013.2.1-r3.ebuild |
52 |
=================================================================== |
53 |
# Copyright 1999-2014 Gentoo Foundation |
54 |
# Distributed under the terms of the GNU General Public License v2 |
55 |
# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2013.2.1-r3.ebuild,v 1.1 2014/01/27 08:44:51 prometheanfire Exp $ |
56 |
|
57 |
EAPI=5 |
58 |
PYTHON_COMPAT=( python2_7 ) |
59 |
|
60 |
inherit distutils-r1 eutils multilib user |
61 |
|
62 |
DESCRIPTION="A cloud computing fabric controller (main part of an IaaS system) written in Python." |
63 |
HOMEPAGE="https://launchpad.net/nova" |
64 |
SRC_URI="http://launchpad.net/${PN}/havana/${PV}/+download/${P}.tar.gz" |
65 |
|
66 |
LICENSE="Apache-2.0" |
67 |
SLOT="0" |
68 |
KEYWORDS="~amd64 ~x86" |
69 |
IUSE="+api +cert +compute +conductor +consoleauth +kvm +network +novncproxy +scheduler +spicehtml5proxy +xvpvncproxy sqlite mysql postgres xen" |
70 |
REQUIRED_USE="|| ( mysql postgres sqlite ) |
71 |
|| ( kvm xen )" |
72 |
|
73 |
DEPEND="dev-python/setuptools[${PYTHON_USEDEP}] |
74 |
>=dev-python/pbr-0.5.21[${PYTHON_USEDEP}] |
75 |
<dev-python/pbr-1.0[${PYTHON_USEDEP}] |
76 |
app-admin/sudo" |
77 |
|
78 |
RDEPEND="sqlite? ( >=dev-python/sqlalchemy-0.7.8[sqlite,${PYTHON_USEDEP}] |
79 |
<dev-python/sqlalchemy-0.7.99[sqlite,${PYTHON_USEDEP}] ) |
80 |
mysql? ( >=dev-python/sqlalchemy-0.7.8[mysql,${PYTHON_USEDEP}] |
81 |
<dev-python/sqlalchemy-0.7.99[mysql,${PYTHON_USEDEP}] ) |
82 |
postgres? ( >=dev-python/sqlalchemy-0.7.8[postgres,${PYTHON_USEDEP}] |
83 |
<dev-python/sqlalchemy-0.7.99[postgres,${PYTHON_USEDEP}] ) |
84 |
>=dev-python/amqplib-0.6.1[${PYTHON_USEDEP}] |
85 |
>=dev-python/anyjson-0.3.3[${PYTHON_USEDEP}] |
86 |
virtual/python-argparse[${PYTHON_USEDEP}] |
87 |
>=dev-python/boto-2.4.0[${PYTHON_USEDEP}] |
88 |
!~dev-python/boto-2.13.0[${PYTHON_USEDEP}] |
89 |
>=dev-python/eventlet-0.13.0[${PYTHON_USEDEP}] |
90 |
dev-python/jinja[${PYTHON_USEDEP}] |
91 |
>=dev-python/kombu-2.4.8[${PYTHON_USEDEP}] |
92 |
>=dev-python/lxml-2.3[${PYTHON_USEDEP}] |
93 |
>=dev-python/routes-1.12.3-r1[${PYTHON_USEDEP}] |
94 |
>=dev-python/webob-1.2.3[${PYTHON_USEDEP}] |
95 |
<dev-python/webob-1.3[${PYTHON_USEDEP}] |
96 |
>=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}] |
97 |
>=dev-python/pastedeploy-1.5.0-r1[${PYTHON_USEDEP}] |
98 |
dev-python/paste[${PYTHON_USEDEP}] |
99 |
>=dev-python/sqlalchemy-migrate-0.7.2[${PYTHON_USEDEP}] |
100 |
dev-python/netaddr[${PYTHON_USEDEP}] |
101 |
>=dev-python/suds-0.4[${PYTHON_USEDEP}] |
102 |
>=dev-python/paramiko-1.8.0[${PYTHON_USEDEP}] |
103 |
dev-python/pyasn1[${PYTHON_USEDEP}] |
104 |
>=dev-python/Babel-1.3[${PYTHON_USEDEP}] |
105 |
>=dev-python/iso8601-0.1.8[${PYTHON_USEDEP}] |
106 |
>=dev-python/python-cinderclient-1.0.5[${PYTHON_USEDEP}] |
107 |
>=dev-python/python-neutronclient-2.3.0[${PYTHON_USEDEP}] |
108 |
<=dev-python/python-neutronclient-3.0.0[${PYTHON_USEDEP}] |
109 |
>=dev-python/python-glanceclient-0.9.0[${PYTHON_USEDEP}] |
110 |
>=dev-python/python-keystoneclient-0.3.2[${PYTHON_USEDEP}] |
111 |
>=dev-python/stevedore-0.10[${PYTHON_USEDEP}] |
112 |
>=dev-python/websockify-0.5.1[${PYTHON_USEDEP}] |
113 |
<dev-python/websockify-0.6[${PYTHON_USEDEP}] |
114 |
>=dev-python/oslo-config-1.2.0[${PYTHON_USEDEP}] |
115 |
dev-python/libvirt-python[${PYTHON_USEDEP}] |
116 |
novncproxy? ( www-apps/novnc ) |
117 |
sys-apps/iproute2 |
118 |
net-misc/openvswitch |
119 |
sys-fs/sysfsutils |
120 |
sys-fs/multipath-tools |
121 |
kvm? ( app-emulation/qemu ) |
122 |
xen? ( app-emulation/xen |
123 |
app-emulation/xen-tools )" |
124 |
|
125 |
PATCHES=( |
126 |
"${FILESDIR}/CVE-2013-6437-2012.2.1.patch" |
127 |
"${FILESDIR}/CVE-2013-7048-havana.patch" |
128 |
"${FILESDIR}/CVE-2013-7130-stable-havana.patch" |
129 |
) |
130 |
|
131 |
pkg_setup() { |
132 |
enewgroup nova |
133 |
enewuser nova -1 -1 /var/lib/nova nova |
134 |
} |
135 |
|
136 |
python_install() { |
137 |
distutils-r1_python_install |
138 |
newconfd "${FILESDIR}/nova-confd" "nova" |
139 |
newinitd "${FILESDIR}/nova-initd" "nova" |
140 |
use api && dosym /etc/init.d/nova /etc/init.d/nova-api |
141 |
use cert && dosym /etc/init.d/nova /etc/init.d/nova-cert |
142 |
use compute && dosym /etc/init.d/nova /etc/init.d/nova-compute |
143 |
use conductor && dosym /etc/init.d/nova /etc/init.d/nova-conductor |
144 |
use consoleauth && dosym /etc/init.d/nova /etc/init.d/nova-consoleauth |
145 |
use network && dosym /etc/init.d/nova /etc/init.d/nova-network |
146 |
use novncproxy &&dosym /etc/init.d/nova /etc/init.d/nova-novncproxy |
147 |
use scheduler && dosym /etc/init.d/nova /etc/init.d/nova-scheduler |
148 |
use spicehtml5proxy && dosym /etc/init.d/nova /etc/init.d/nova-spicehtml5proxy |
149 |
use xvpvncproxy && dosym /etc/init.d/nova /etc/init.d/nova-xvpncproxy |
150 |
|
151 |
diropts -m 0750 |
152 |
dodir /var/run/nova /var/log/nova /var/lock/nova |
153 |
fowners nova:nova /var/log/nova /var/lock/nova /var/run/nova |
154 |
|
155 |
diropts -m 0755 |
156 |
dodir /var/lib/nova/instances |
157 |
fowners nova:nova /var/lib/nova/instances |
158 |
|
159 |
keepdir /etc/nova |
160 |
insinto /etc/nova |
161 |
newins "etc/nova/nova.conf.sample" "nova.conf" |
162 |
doins "etc/nova/api-paste.ini" |
163 |
doins "etc/nova/logging_sample.conf" |
164 |
doins "etc/nova/policy.json" |
165 |
doins "etc/nova/rootwrap.conf" |
166 |
insinto /etc/nova/rootwrap.d |
167 |
doins "etc/nova/rootwrap.d/api-metadata.filters" |
168 |
doins "etc/nova/rootwrap.d/compute.filters" |
169 |
doins "etc/nova/rootwrap.d/network.filters" |
170 |
|
171 |
#copy migration conf file (not coppied on install via setup.py script) |
172 |
insinto /usr/$(get_libdir)/python2.7/site-packages/nova/db/sqlalchemy/migrate_repo/ |
173 |
doins "nova/db/sqlalchemy/migrate_repo/migrate.cfg" |
174 |
|
175 |
#copy the CA cert dir (not coppied on install via setup.py script) |
176 |
cp -R "${S}/nova/CA" "${D}/usr/$(get_libdir)/python2.7/site-packages/nova/" || die "isntalling CA files failed" |
177 |
|
178 |
#add sudoers definitions for user nova |
179 |
insinto /etc/sudoers.d/ |
180 |
doins "${FILESDIR}/nova-sudoers" |
181 |
} |
182 |
|
183 |
|
184 |
|
185 |
1.1 sys-cluster/nova/nova-2013.1.4-r5.ebuild |
186 |
|
187 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/nova-2013.1.4-r5.ebuild?rev=1.1&view=markup |
188 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-cluster/nova/nova-2013.1.4-r5.ebuild?rev=1.1&content-type=text/plain |
189 |
|
190 |
Index: nova-2013.1.4-r5.ebuild |
191 |
=================================================================== |
192 |
# Copyright 1999-2014 Gentoo Foundation |
193 |
# Distributed under the terms of the GNU General Public License v2 |
194 |
# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2013.1.4-r5.ebuild,v 1.1 2014/01/27 08:44:51 prometheanfire Exp $ |
195 |
|
196 |
EAPI=5 |
197 |
PYTHON_COMPAT=( python2_7 ) |
198 |
|
199 |
inherit distutils-r1 eutils multilib user |
200 |
|
201 |
DESCRIPTION="A cloud computing fabric controller (main part of an IaaS system) written in Python." |
202 |
HOMEPAGE="https://launchpad.net/nova" |
203 |
SRC_URI="http://launchpad.net/${PN}/grizzly/${PV}/+download/${P}.tar.gz" |
204 |
|
205 |
LICENSE="Apache-2.0" |
206 |
SLOT="0" |
207 |
KEYWORDS="~amd64 ~x86" |
208 |
IUSE="+api +cert +compute +conductor +consoleauth +kvm +network +novncproxy +scheduler +spicehtml5proxy +xvpvncproxy xen sqlite mysql postgres" |
209 |
REQUIRED_USE="|| ( mysql postgres sqlite ) |
210 |
|| ( kvm xen )" |
211 |
|
212 |
DEPEND="dev-python/setuptools[${PYTHON_USEDEP}] |
213 |
app-admin/sudo" |
214 |
|
215 |
RDEPEND=">=dev-python/amqplib-0.6.1[${PYTHON_USEDEP}] |
216 |
>=dev-python/anyjson-0.2.4[${PYTHON_USEDEP}] |
217 |
>=dev-python/cheetah-2.4.4[${PYTHON_USEDEP}] |
218 |
sqlite? ( >=dev-python/sqlalchemy-0.7.8[sqlite,${PYTHON_USEDEP}] |
219 |
<dev-python/sqlalchemy-0.7.10[sqlite,${PYTHON_USEDEP}] ) |
220 |
mysql? ( >=dev-python/sqlalchemy-0.7.8[mysql,${PYTHON_USEDEP}] |
221 |
<dev-python/sqlalchemy-0.7.10[mysql,${PYTHON_USEDEP}] ) |
222 |
postgres? ( >=dev-python/sqlalchemy-0.7.8[postgres,${PYTHON_USEDEP}] |
223 |
<dev-python/sqlalchemy-0.7.10[postgres,${PYTHON_USEDEP}] ) |
224 |
dev-python/boto[${PYTHON_USEDEP}] |
225 |
>=dev-python/lxml-2.3[${PYTHON_USEDEP}] |
226 |
>=dev-python/eventlet-0.9.17[${PYTHON_USEDEP}] |
227 |
>=dev-python/kombu-1.0.4-r1[${PYTHON_USEDEP}] |
228 |
>=dev-python/routes-1.12.3-r1[${PYTHON_USEDEP}] |
229 |
~dev-python/webob-1.2.3[${PYTHON_USEDEP}] |
230 |
>=dev-python/greenlet-0.3.1[${PYTHON_USEDEP}] |
231 |
>=dev-python/pastedeploy-1.5.0-r1[${PYTHON_USEDEP}] |
232 |
dev-python/paste[${PYTHON_USEDEP}] |
233 |
>=dev-python/sqlalchemy-migrate-0.7.2[${PYTHON_USEDEP}] |
234 |
dev-python/netaddr[${PYTHON_USEDEP}] |
235 |
>=dev-python/suds-0.4[${PYTHON_USEDEP}] |
236 |
dev-python/paramiko[${PYTHON_USEDEP}] |
237 |
dev-python/pyasn1[${PYTHON_USEDEP}] |
238 |
>=dev-python/Babel-0.9.6[${PYTHON_USEDEP}] |
239 |
>=dev-python/iso8601-0.1.4[${PYTHON_USEDEP}] |
240 |
dev-python/httplib2[${PYTHON_USEDEP}] |
241 |
>=dev-python/setuptools-git-0.4[${PYTHON_USEDEP}] |
242 |
>=dev-python/python-cinderclient-1.0.1[${PYTHON_USEDEP}] |
243 |
>=dev-python/python-glanceclient-0.5.0[${PYTHON_USEDEP}] |
244 |
<dev-python/python-glanceclient-2[${PYTHON_USEDEP}] |
245 |
>=dev-python/python-neutronclient-2.2.0[${PYTHON_USEDEP}] |
246 |
<=dev-python/python-neutronclient-3.0.0[${PYTHON_USEDEP}] |
247 |
>=dev-python/python-keystoneclient-0.2.0[${PYTHON_USEDEP}] |
248 |
>=dev-python/stevedore-0.7[${PYTHON_USEDEP}] |
249 |
<dev-python/websockify-0.4[${PYTHON_USEDEP}] |
250 |
>=dev-python/oslo-config-1.1.0[${PYTHON_USEDEP}] |
251 |
<dev-python/oslo-config-1.2.0[${PYTHON_USEDEP}] |
252 |
virtual/python-argparse[${PYTHON_USEDEP}] |
253 |
app-emulation/libvirt[${PYTHON_USEDEP}] |
254 |
novncproxy? ( www-apps/novnc ) |
255 |
sys-apps/iproute2 |
256 |
net-misc/openvswitch |
257 |
sys-fs/sysfsutils |
258 |
sys-fs/multipath-tools |
259 |
kvm? ( app-emulation/qemu ) |
260 |
xen? ( app-emulation/xen |
261 |
app-emulation/xen-tools )" |
262 |
|
263 |
PATCHES=( |
264 |
"${FILESDIR}/CVE-2013-4463_4469-grizzly.patch" |
265 |
"${FILESDIR}/CVE-2013-4497-grizzly-1.patch" |
266 |
"${FILESDIR}/CVE-2013-4497-grizzly-2.patch" |
267 |
"${FILESDIR}/CVE-2013-6419_2013.1.4.patch" |
268 |
"${FILESDIR}/CVE-2013-6437-2012.1.4.patch" |
269 |
"${FILESDIR}/CVE-2013-7048-grizzly.patch" |
270 |
"${FILESDIR}/CVE-2013-7130-stable-grizzly.patch" |
271 |
) |
272 |
|
273 |
pkg_setup() { |
274 |
enewgroup nova |
275 |
enewuser nova -1 -1 /var/lib/nova nova |
276 |
} |
277 |
|
278 |
src_prepare() { |
279 |
sed -i 's/setuptools_git>=0.4//g' "${S}/setup.py" |
280 |
distutils-r1_src_prepare |
281 |
} |
282 |
|
283 |
#python_test() { |
284 |
# nosetests || die |
285 |
#} |
286 |
|
287 |
python_install() { |
288 |
distutils-r1_python_install |
289 |
newconfd "${FILESDIR}/nova-confd" "nova" |
290 |
newinitd "${FILESDIR}/nova-initd" "nova" |
291 |
use api && dosym /etc/init.d/nova /etc/init.d/nova-api |
292 |
use cert && dosym /etc/init.d/nova /etc/init.d/nova-cert |
293 |
use compute && dosym /etc/init.d/nova /etc/init.d/nova-compute |
294 |
use conductor && dosym /etc/init.d/nova /etc/init.d/nova-conductor |
295 |
use consoleauth && dosym /etc/init.d/nova /etc/init.d/nova-consoleauth |
296 |
use network && dosym /etc/init.d/nova /etc/init.d/nova-network |
297 |
use novncproxy &&dosym /etc/init.d/nova /etc/init.d/nova-novncproxy |
298 |
use scheduler && dosym /etc/init.d/nova /etc/init.d/nova-scheduler |
299 |
use spicehtml5proxy && dosym /etc/init.d/nova /etc/init.d/nova-spicehtml5proxy |
300 |
use xvpvncproxy && dosym /etc/init.d/nova /etc/init.d/nova-xvpncproxy |
301 |
|
302 |
diropts -m 0750 |
303 |
dodir /var/run/nova /var/log/nova /var/lock/nova |
304 |
fowners nova:nova /var/log/nova /var/lock/nova /var/run/nova |
305 |
|
306 |
diropts -m 0755 |
307 |
dodir /var/lib/nova/instances |
308 |
fowners nova:nova /var/lib/nova/instances |
309 |
|
310 |
keepdir /etc/nova |
311 |
insinto /etc/nova |
312 |
newins "etc/nova/nova.conf.sample" "nova.conf" |
313 |
doins "etc/nova/api-paste.ini" |
314 |
doins "etc/nova/logging_sample.conf" |
315 |
doins "etc/nova/policy.json" |
316 |
doins "etc/nova/rootwrap.conf" |
317 |
insinto /etc/nova/rootwrap.d |
318 |
doins "etc/nova/rootwrap.d/api-metadata.filters" |
319 |
doins "etc/nova/rootwrap.d/compute.filters" |
320 |
doins "etc/nova/rootwrap.d/network.filters" |
321 |
|
322 |
#copy migration conf file (not coppied on install via setup.py script) |
323 |
insinto /usr/$(get_libdir)/python2.7/site-packages/nova/db/sqlalchemy/migrate_repo/ |
324 |
doins "nova/db/sqlalchemy/migrate_repo/migrate.cfg" |
325 |
|
326 |
#copy the CA cert dir (not coppied on install via setup.py script) |
327 |
cp -R "${S}/nova/CA" "${D}/usr/$(get_libdir)/python2.7/site-packages/nova/" || die "isntalling CA files failed" |
328 |
|
329 |
#add sudoers definitions for user nova |
330 |
insinto /etc/sudoers.d/ |
331 |
doins "${FILESDIR}/nova-sudoers" |
332 |
} |