[gentoo-commits] repo/gentoo:master commit in: net-misc/ntp/ - gentoo-commits

From:	Mikle Kolyada <zlogene@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-misc/ntp/
Date:	Fri, 04 Jan 2019 09:54:26
Message-Id:	`1546595633.329122445239e1c5e6abf4fbf651a288bf165386.zlogene@gentoo`

1

commit:     329122445239e1c5e6abf4fbf651a288bf165386

2

Author:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>

3

AuthorDate: Fri Jan  4 09:53:53 2019 +0000

4

Commit:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>

5

CommitDate: Fri Jan  4 09:53:53 2019 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=32912244

7

8

net-misc/ntp: Security cleanup

9

10

Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>

11

Package-Manager: Portage-2.3.51, Repoman-2.3.11

12

13

 net-misc/ntp/Manifest             |   2 -

14

 net-misc/ntp/ntp-4.2.8_p11.ebuild | 145 --------------------------------------

15

 2 files changed, 147 deletions(-)

16

17

diff --git a/net-misc/ntp/Manifest b/net-misc/ntp/Manifest

18

index 50ab95c1356..657e596c28f 100644

19

--- a/net-misc/ntp/Manifest

20

+++ b/net-misc/ntp/Manifest

21

@@ -1,4 +1,2 @@

22

-DIST ntp-4.2.8p11-manpages.tar.xz 25700 BLAKE2B 8efff006297925e4dfe57abfb8130d0dcb69e804744a597ad92b9969019b87c7b3e44f032187073d3c19092ca92445ce06b93f89f449430fd21cc540f11f5f3b SHA512 403bc238681abaadc838f5a6619851dcd0cfa5bf780e8aeaa94e8f77e776998d1f5142d65e3fa99c23e22e4cb7207d24b059fbbc6ddcf4414f0076a4b6ab4e81

23

-DIST ntp-4.2.8p11.tar.gz 7076566 BLAKE2B e81ce2093ea7307a565089bba9cb267be64c71499872272cda221d7356676762a23ac1066ddfed7fb803083dbb9b26ca7376ea75277a63ee8de1c70409e81432 SHA512 05ac60f15a6aac50aaf340d40e4e439a421fa6e3d897bf30a69b2cef0cc97f8a6956012bfc6ceba055f4c3485a24f7fb8ebbd055e1875f1c69cbfdc35e71f236

24

 DIST ntp-4.2.8p12-manpages.tar.xz 25700 BLAKE2B 0a84908556e997bdd08a78cd04f7f38a32a8441138f31d0adf7fefc380da79e509bea4a8bc67154501e359638f4edcab561d14cbdd1d573473bd2ea5a14f0c48 SHA512 e6df0099b9f62db63d200702267276ee094e8d00b20a67d2181f3f32fe6b871c49ac2eedbc2186b3255c919820c05eac528718b80afe7ed7ed7654b55c361f7c

25

 DIST ntp-4.2.8p12.tar.gz 7079642 BLAKE2B d7d7817afaf9f94bf230951901b7531aff03c0828eecd40ca6fcc836ffd081387837afee44978742b507a9bee58788022fe9556733e8861dcc37d63f5637b3d1 SHA512 5382dcd1bb7feca8f28fc650f68892cb53f9364ebeb3780754cfbe71b1602057fdfd6eb27956afe79014a435624d77e2648d9e07f4d86ce7a98f5a4438d08310

26

27

diff --git a/net-misc/ntp/ntp-4.2.8_p11.ebuild b/net-misc/ntp/ntp-4.2.8_p11.ebuild

28

deleted file mode 100644

29

index 7d4665cbe8a..00000000000

30

--- a/net-misc/ntp/ntp-4.2.8_p11.ebuild

31

+++ /dev/null

32

@@ -1,145 +0,0 @@

33

-# Copyright 1999-2018 Gentoo Foundation

34

-# Distributed under the terms of the GNU General Public License v2

35

-

36

-EAPI=6

37

-

38

-inherit autotools toolchain-funcs flag-o-matic user systemd

39

-

40

-MY_P=${P/_p/p}

41

-DESCRIPTION="Network Time Protocol suite/programs"

42

-HOMEPAGE="http://www.ntp.org/"

43

-SRC_URI="http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-${PV:0:3}/${MY_P}.tar.gz

44

-	https://dev.gentoo.org/~polynomial-c/${MY_P}-manpages.tar.xz"

45

-

46

-LICENSE="HPND BSD ISC"

47

-SLOT="0"

48

-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~m68k-mint"

49

-IUSE="caps debug ipv6 libressl openntpd parse-clocks readline samba selinux snmp ssl +threads vim-syntax zeroconf"

50

-

51

-CDEPEND="readline? ( >=sys-libs/readline-4.1:0= )

52

-	>=dev-libs/libevent-2.0.9:=[threads?]

53

-	kernel_linux? ( caps? ( sys-libs/libcap ) )

54

-	zeroconf? ( net-dns/avahi[mdnsresponder-compat] )

55

-	snmp? ( net-analyzer/net-snmp )

56

-	ssl? (

57

-		!libressl? ( dev-libs/openssl:0= )

58

-		libressl? ( dev-libs/libressl )

59

-	)

60

-	parse-clocks? ( net-misc/pps-tools )"

61

-DEPEND="${CDEPEND}

62

-	virtual/pkgconfig"

63

-RDEPEND="${CDEPEND}

64

-	selinux? ( sec-policy/selinux-ntp )

65

-	vim-syntax? ( app-vim/ntp-syntax )

66

-	!net-misc/ntpsec

67

-	!openntpd? ( !net-misc/openntpd )

68

-"

69

-PDEPEND="openntpd? ( net-misc/openntpd )"

70

-

71

-S="${WORKDIR}/${MY_P}"

72

-

73

-PATCHES=(

74

-	"${FILESDIR}"/${PN}-4.2.8-ipc-caps.patch #533966

75

-	"${FILESDIR}"/${PN}-4.2.8-sntp-test-pthreads.patch #563922

76

-	"${FILESDIR}"/${PN}-4.2.8_p10-fix-build-wo-ssl-or-libressl.patch

77

-)

78

-

79

-pkg_setup() {

80

-	enewgroup ntp 123

81

-	enewuser ntp 123 -1 /dev/null ntp

82

-}

83

-

84

-src_prepare() {

85

-	default

86

-	append-cppflags -D_GNU_SOURCE #264109

87

-	# Make sure every build uses the same install layout. #539092

88

-	find sntp/loc/ -type f '!' -name legacy -delete || die

89

-	eautoreconf #622754

90

-	# Disable pointless checks.

91

-	touch .checkChangeLog .gcc-warning FRC.html html/.datecheck

92

-}

93

-

94

-src_configure() {

95

-	# avoid libmd5/libelf

96

-	export ac_cv_search_MD5Init=no ac_cv_header_md5_h=no

97

-	export ac_cv_lib_elf_nlist=no

98

-	# blah, no real configure options #176333

99

-	export ac_cv_header_dns_sd_h=$(usex zeroconf)

100

-	export ac_cv_lib_dns_sd_DNSServiceRegister=${ac_cv_header_dns_sd_h}

101

-	# Increase the default memlimit from 32MiB to 128MiB.  #533232

102

-	local myeconfargs=(

103

-		--with-lineeditlibs=readline,edit,editline

104

-		--with-yielding-select

105

-		--disable-local-libevent

106

-		--docdir='$(datarootdir)'/doc/${PF}

107

-		--htmldir='$(docdir)/html'

108

-		--with-memlock=256

109

-		$(use_enable caps linuxcaps)

110

-		$(use_enable parse-clocks)

111

-		$(use_enable ipv6)

112

-		$(use_enable debug debugging)

113

-		$(use_with readline lineeditlibs readline)

114

-		$(use_enable samba ntp-signd)

115

-		$(use_with snmp ntpsnmpd)

116

-		$(use_with ssl crypto)

117

-		$(use_enable threads thread-support)

118

-	)

119

-	econf "${myeconfargs[@]}"

120

-}

121

-

122

-src_install() {

123

-	default

124

-	# move ntpd/ntpdate to sbin #66671

125

-	dodir /usr/sbin

126

-	mv "${ED%/}"/usr/bin/{ntpd,ntpdate} "${ED%/}"/usr/sbin/ || die "move to sbin"

127

-

128

-	dodoc INSTALL WHERE-TO-START

129

-	doman "${WORKDIR}"/man/*.[58]

130

-

131

-	insinto /etc

132

-	doins "${FILESDIR}"/ntp.conf

133

-	use ipv6 || sed -i '/^restrict .*::1/d' "${ED%/}"/etc/ntp.conf #524726

134

-	newinitd "${FILESDIR}"/ntpd.rc-r1 ntpd

135

-	newconfd "${FILESDIR}"/ntpd.confd ntpd

136

-	newinitd "${FILESDIR}"/ntp-client.rc ntp-client

137

-	newconfd "${FILESDIR}"/ntp-client.confd ntp-client

138

-	newinitd "${FILESDIR}"/sntp.rc sntp

139

-	newconfd "${FILESDIR}"/sntp.confd sntp

140

-	if ! use caps ; then

141

-		sed -i "s|-u ntp:ntp||" "${ED%/}"/etc/conf.d/ntpd || die

142

-	fi

143

-	sed -i "s:/usr/bin:/usr/sbin:" "${ED%/}"/etc/init.d/ntpd || die

144

-

145

-	keepdir /var/lib/ntp

146

-	use prefix || fowners ntp:ntp /var/lib/ntp

147

-

148

-	if use openntpd ; then

149

-		cd "${ED}" || die

150

-		rm usr/sbin/ntpd || die

151

-		rm -r var/lib || die

152

-		rm etc/{conf,init}.d/ntpd || die

153

-		rm usr/share/man/*/ntpd.8 || die

154

-	else

155

-		systemd_newunit "${FILESDIR}"/ntpd.service-r2 ntpd.service

156

-		if use caps ; then

157

-			sed -i '/ExecStart/ s|$| -u ntp:ntp|' \

158

-				"${D%/}$(systemd_get_systemunitdir)"/ntpd.service \

159

-				|| die

160

-		fi

161

-		systemd_enable_ntpunit 60-ntpd ntpd.service

162

-	fi

163

-

164

-	systemd_newunit "${FILESDIR}"/ntpdate.service-r1 ntpdate.service

165

-	systemd_install_serviced "${FILESDIR}"/ntpdate.service.conf

166

-	systemd_newunit "${FILESDIR}"/sntp.service-r2 sntp.service

167

-	systemd_install_serviced "${FILESDIR}"/sntp.service.conf

168

-}

169

-

170

-pkg_postinst() {

171

-	if grep -qs '^[^#].*notrust' "${EROOT}"/etc/ntp.conf ; then

172

-		eerror "The notrust option was found in your /etc/ntp.conf!"

173

-		ewarn "If your ntpd starts sending out weird responses,"

174

-		ewarn "then make sure you have keys properly setup and see"

175

-		ewarn "https://bugs.gentoo.org/41827"

176

-	fi

177

-}

1	commit: 329122445239e1c5e6abf4fbf651a288bf165386
2	Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
3	AuthorDate: Fri Jan 4 09:53:53 2019 +0000
4	Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
5	CommitDate: Fri Jan 4 09:53:53 2019 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=32912244
7
8	net-misc/ntp: Security cleanup
9
10	Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
11	Package-Manager: Portage-2.3.51, Repoman-2.3.11
12
13	net-misc/ntp/Manifest \| 2 -
14	net-misc/ntp/ntp-4.2.8_p11.ebuild \| 145 --------------------------------------
15	2 files changed, 147 deletions(-)
16
17	diff --git a/net-misc/ntp/Manifest b/net-misc/ntp/Manifest
18	index 50ab95c1356..657e596c28f 100644
19	--- a/net-misc/ntp/Manifest
20	+++ b/net-misc/ntp/Manifest
21	@@ -1,4 +1,2 @@
22	-DIST ntp-4.2.8p11-manpages.tar.xz 25700 BLAKE2B 8efff006297925e4dfe57abfb8130d0dcb69e804744a597ad92b9969019b87c7b3e44f032187073d3c19092ca92445ce06b93f89f449430fd21cc540f11f5f3b SHA512 403bc238681abaadc838f5a6619851dcd0cfa5bf780e8aeaa94e8f77e776998d1f5142d65e3fa99c23e22e4cb7207d24b059fbbc6ddcf4414f0076a4b6ab4e81
23	-DIST ntp-4.2.8p11.tar.gz 7076566 BLAKE2B e81ce2093ea7307a565089bba9cb267be64c71499872272cda221d7356676762a23ac1066ddfed7fb803083dbb9b26ca7376ea75277a63ee8de1c70409e81432 SHA512 05ac60f15a6aac50aaf340d40e4e439a421fa6e3d897bf30a69b2cef0cc97f8a6956012bfc6ceba055f4c3485a24f7fb8ebbd055e1875f1c69cbfdc35e71f236
24	DIST ntp-4.2.8p12-manpages.tar.xz 25700 BLAKE2B 0a84908556e997bdd08a78cd04f7f38a32a8441138f31d0adf7fefc380da79e509bea4a8bc67154501e359638f4edcab561d14cbdd1d573473bd2ea5a14f0c48 SHA512 e6df0099b9f62db63d200702267276ee094e8d00b20a67d2181f3f32fe6b871c49ac2eedbc2186b3255c919820c05eac528718b80afe7ed7ed7654b55c361f7c
25	DIST ntp-4.2.8p12.tar.gz 7079642 BLAKE2B d7d7817afaf9f94bf230951901b7531aff03c0828eecd40ca6fcc836ffd081387837afee44978742b507a9bee58788022fe9556733e8861dcc37d63f5637b3d1 SHA512 5382dcd1bb7feca8f28fc650f68892cb53f9364ebeb3780754cfbe71b1602057fdfd6eb27956afe79014a435624d77e2648d9e07f4d86ce7a98f5a4438d08310
26
27	diff --git a/net-misc/ntp/ntp-4.2.8_p11.ebuild b/net-misc/ntp/ntp-4.2.8_p11.ebuild
28	deleted file mode 100644
29	index 7d4665cbe8a..00000000000
30	--- a/net-misc/ntp/ntp-4.2.8_p11.ebuild
31	+++ /dev/null
32	@@ -1,145 +0,0 @@
33	-# Copyright 1999-2018 Gentoo Foundation
34	-# Distributed under the terms of the GNU General Public License v2
35	-
36	-EAPI=6
37	-
38	-inherit autotools toolchain-funcs flag-o-matic user systemd
39	-
40	-MY_P=${P/_p/p}
41	-DESCRIPTION="Network Time Protocol suite/programs"
42	-HOMEPAGE="http://www.ntp.org/"
43	-SRC_URI="http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-${PV:0:3}/${MY_P}.tar.gz
44	- https://dev.gentoo.org/~polynomial-c/${MY_P}-manpages.tar.xz"
45	-
46	-LICENSE="HPND BSD ISC"
47	-SLOT="0"
48	-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~m68k-mint"
49	-IUSE="caps debug ipv6 libressl openntpd parse-clocks readline samba selinux snmp ssl +threads vim-syntax zeroconf"
50	-
51	-CDEPEND="readline? ( >=sys-libs/readline-4.1:0= )
52	- >=dev-libs/libevent-2.0.9:=[threads?]
53	- kernel_linux? ( caps? ( sys-libs/libcap ) )
54	- zeroconf? ( net-dns/avahi[mdnsresponder-compat] )
55	- snmp? ( net-analyzer/net-snmp )
56	- ssl? (
57	- !libressl? ( dev-libs/openssl:0= )
58	- libressl? ( dev-libs/libressl )
59	- )
60	- parse-clocks? ( net-misc/pps-tools )"
61	-DEPEND="${CDEPEND}
62	- virtual/pkgconfig"
63	-RDEPEND="${CDEPEND}
64	- selinux? ( sec-policy/selinux-ntp )
65	- vim-syntax? ( app-vim/ntp-syntax )
66	- !net-misc/ntpsec
67	- !openntpd? ( !net-misc/openntpd )
68	-"
69	-PDEPEND="openntpd? ( net-misc/openntpd )"
70	-
71	-S="${WORKDIR}/${MY_P}"
72	-
73	-PATCHES=(
74	- "${FILESDIR}"/${PN}-4.2.8-ipc-caps.patch #533966
75	- "${FILESDIR}"/${PN}-4.2.8-sntp-test-pthreads.patch #563922
76	- "${FILESDIR}"/${PN}-4.2.8_p10-fix-build-wo-ssl-or-libressl.patch
77	-)
78	-
79	-pkg_setup() {
80	- enewgroup ntp 123
81	- enewuser ntp 123 -1 /dev/null ntp
82	-}
83	-
84	-src_prepare() {
85	- default
86	- append-cppflags -D_GNU_SOURCE #264109
87	- # Make sure every build uses the same install layout. #539092
88	- find sntp/loc/ -type f '!' -name legacy -delete \|\| die
89	- eautoreconf #622754
90	- # Disable pointless checks.
91	- touch .checkChangeLog .gcc-warning FRC.html html/.datecheck
92	-}
93	-
94	-src_configure() {
95	- # avoid libmd5/libelf
96	- export ac_cv_search_MD5Init=no ac_cv_header_md5_h=no
97	- export ac_cv_lib_elf_nlist=no
98	- # blah, no real configure options #176333
99	- export ac_cv_header_dns_sd_h=$(usex zeroconf)
100	- export ac_cv_lib_dns_sd_DNSServiceRegister=${ac_cv_header_dns_sd_h}
101	- # Increase the default memlimit from 32MiB to 128MiB. #533232
102	- local myeconfargs=(
103	- --with-lineeditlibs=readline,edit,editline
104	- --with-yielding-select
105	- --disable-local-libevent
106	- --docdir='$(datarootdir)'/doc/${PF}
107	- --htmldir='$(docdir)/html'
108	- --with-memlock=256
109	- $(use_enable caps linuxcaps)
110	- $(use_enable parse-clocks)
111	- $(use_enable ipv6)
112	- $(use_enable debug debugging)
113	- $(use_with readline lineeditlibs readline)
114	- $(use_enable samba ntp-signd)
115	- $(use_with snmp ntpsnmpd)
116	- $(use_with ssl crypto)
117	- $(use_enable threads thread-support)
118	- )
119	- econf "${myeconfargs[@]}"
120	-}
121	-
122	-src_install() {
123	- default
124	- # move ntpd/ntpdate to sbin #66671
125	- dodir /usr/sbin
126	- mv "${ED%/}"/usr/bin/{ntpd,ntpdate} "${ED%/}"/usr/sbin/ \|\| die "move to sbin"
127	-
128	- dodoc INSTALL WHERE-TO-START
129	- doman "${WORKDIR}"/man/*.[58]
130	-
131	- insinto /etc
132	- doins "${FILESDIR}"/ntp.conf
133	- use ipv6 \|\| sed -i '/^restrict .*::1/d' "${ED%/}"/etc/ntp.conf #524726
134	- newinitd "${FILESDIR}"/ntpd.rc-r1 ntpd
135	- newconfd "${FILESDIR}"/ntpd.confd ntpd
136	- newinitd "${FILESDIR}"/ntp-client.rc ntp-client
137	- newconfd "${FILESDIR}"/ntp-client.confd ntp-client
138	- newinitd "${FILESDIR}"/sntp.rc sntp
139	- newconfd "${FILESDIR}"/sntp.confd sntp
140	- if ! use caps ; then
141	- sed -i "s\|-u ntp:ntp\|\|" "${ED%/}"/etc/conf.d/ntpd \|\| die
142	- fi
143	- sed -i "s:/usr/bin:/usr/sbin:" "${ED%/}"/etc/init.d/ntpd \|\| die
144	-
145	- keepdir /var/lib/ntp
146	- use prefix \|\| fowners ntp:ntp /var/lib/ntp
147	-
148	- if use openntpd ; then
149	- cd "${ED}" \|\| die
150	- rm usr/sbin/ntpd \|\| die
151	- rm -r var/lib \|\| die
152	- rm etc/{conf,init}.d/ntpd \|\| die
153	- rm usr/share/man/*/ntpd.8 \|\| die
154	- else
155	- systemd_newunit "${FILESDIR}"/ntpd.service-r2 ntpd.service
156	- if use caps ; then
157	- sed -i '/ExecStart/ s\|$\| -u ntp:ntp\|' \
158	- "${D%/}$(systemd_get_systemunitdir)"/ntpd.service \
159	- \|\| die
160	- fi
161	- systemd_enable_ntpunit 60-ntpd ntpd.service
162	- fi
163	-
164	- systemd_newunit "${FILESDIR}"/ntpdate.service-r1 ntpdate.service
165	- systemd_install_serviced "${FILESDIR}"/ntpdate.service.conf
166	- systemd_newunit "${FILESDIR}"/sntp.service-r2 sntp.service
167	- systemd_install_serviced "${FILESDIR}"/sntp.service.conf
168	-}
169	-
170	-pkg_postinst() {
171	- if grep -qs '^[^#].*notrust' "${EROOT}"/etc/ntp.conf ; then
172	- eerror "The notrust option was found in your /etc/ntp.conf!"
173	- ewarn "If your ntpd starts sending out weird responses,"
174	- ewarn "then make sure you have keys properly setup and see"
175	- ewarn "https://bugs.gentoo.org/41827"
176	- fi
177	-}

Gentoo Archives: gentoo-commits