diff options
| author |   Aaron Walker <ka0ttic@gentoo.org> | 2005-05-18 15:30:42 +0000 |
|---|---|---|
| committer | Aaron Walker <ka0ttic@gentoo.org> | 2005-05-18 15:30:42 +0000 |
| commit | 7c36ff0351ce6eaf5177f744302eb806f8136c19 (patch) | |
| tree | e5dbd9ac62f6622af62eeb550df7e8c1275dff7e /net-analyzer/net-snmp | |
| parent | Quick mxml dep update. (diff) | |
| download | gentoo-2-7c36ff0351ce6eaf5177f744302eb806f8136c19.tar.gz gentoo-2-7c36ff0351ce6eaf5177f744302eb806f8136c19.tar.bz2 gentoo-2-7c36ff0351ce6eaf5177f744302eb806f8136c19.zip | |
Revision bump; added patch to fix fixproc insecure tmpfile handling, sec bug 91792.
Diffstat (limited to 'net-analyzer/net-snmp')
| -rw-r--r-- | net-analyzer/net-snmp/ChangeLog | 10 | ||||
| -rw-r--r-- | net-analyzer/net-snmp/Manifest | 15 | ||||
| -rw-r--r-- | net-analyzer/net-snmp/files/digest-net-snmp-5.2.1-r1 | 1 | ||||
| -rw-r--r-- | net-analyzer/net-snmp/files/net-snmp-5.2.1-fix-insecure-fixproc.diff | 52 | ||||
| -rw-r--r-- | net-analyzer/net-snmp/net-snmp-5.2.1-r1.ebuild | 170 |
5 files changed, 236 insertions, 12 deletions
diff --git a/net-analyzer/net-snmp/ChangeLog b/net-analyzer/net-snmp/ChangeLog index c4bc90e3378e..629d77d34534 100644 --- a/net-analyzer/net-snmp/ChangeLog +++ b/net-analyzer/net-snmp/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-analyzer/net-snmp # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/ChangeLog,v 1.99 2005/05/17 14:51:35 ka0ttic Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/ChangeLog,v 1.100 2005/05/18 15:30:42 ka0ttic Exp $ + +*net-snmp-5.2.1-r1 (18 May 2005) + + 18 May 2005; Aaron Walker <ka0ttic@gentoo.org> + +files/net-snmp-5.2.1-fix-insecure-fixproc.diff, + +net-snmp-5.2.1-r1.ebuild: + Revision bump; added patch to fix fixproc insecure tmpfile handling, sec bug + 91792. 17 May 2005; Aaron Walker <ka0ttic@gentoo.org> metadata.xml, net-snmp-5.2.1.ebuild: diff --git a/net-analyzer/net-snmp/Manifest b/net-analyzer/net-snmp/Manifest index 3e1235d931ad..ef5c7e361031 100644 --- a/net-analyzer/net-snmp/Manifest +++ b/net-analyzer/net-snmp/Manifest @@ -1,16 +1,16 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - MD5 46060a1ef5471d8e96257f9e39cd0c68 net-snmp-5.1.1.ebuild 2450 MD5 22d3d9ac88083c760a07ed3d9c1c32bf net-snmp-5.2.1.ebuild 4876 MD5 e4fde68a956e20a8794b3fb1526fa7e4 net-snmp-5.2-r3.ebuild 4175 MD5 040052d952d1af855d4b0fa535eb3aca net-snmp-5.1.1-r1.ebuild 3614 -MD5 e714a86286536e21bf3809bda322ab6f ChangeLog 15193 +MD5 73aea1ee440aa4e13c82d31967e7629b net-snmp-5.2.1-r1.ebuild 5028 +MD5 b88f018ab7874c074061eef5cfa9a7fc ChangeLog 15445 MD5 a521f4b56e6f9c21f9be164fd86367ae net-snmp-5.2.ebuild 3709 MD5 637389da071d8ee0c0292695525bc29f metadata.xml 160 MD5 b492aa2a6ad459eb41a26932d4c0740b files/digest-net-snmp-5.1.1-r1 67 +MD5 f4562e4c61904b17dab28aae2836ff6e files/digest-net-snmp-5.2.1-r1 67 MD5 b492aa2a6ad459eb41a26932d4c0740b files/digest-net-snmp-5.1.1 67 MD5 f4562e4c61904b17dab28aae2836ff6e files/digest-net-snmp-5.2.1 67 +MD5 a63107c1d81a8aeb10e84be0658e2794 files/net-snmp-5.2.1-fix-insecure-fixproc.diff 1639 MD5 791cd8d81154f2c1d01e3f87b86faa44 files/snmptrapd.conf 635 MD5 93ce82e69e9c66badd05144fd498530c files/digest-net-snmp-5.2 65 MD5 93ce82e69e9c66badd05144fd498530c files/digest-net-snmp-5.2-r3 65 @@ -21,10 +21,3 @@ MD5 ed2e953a9a923caec45eeca95bec2efc files/snmpd-5.1.conf 606 MD5 662833e61042a47d4bd8aaae404f4245 files/snmpd.rc6 710 MD5 25d92c9a7adcbb80240a914a8f6bbfe5 files/net-snmp-lm_sensors.patch 13686 MD5 0dbde7b1bdd9c9dc988039e676800337 files/snmpd-5.1.rc6 714 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.1 (GNU/Linux) - -iD8DBQFCigUREZCkKN40op4RAvdRAKCiXKp+cNrsbTqu8zXzbEWSS12AdACgory6 -uycdOh4rPhgZM1tWWoa6xC4= -=r+2j ------END PGP SIGNATURE----- diff --git a/net-analyzer/net-snmp/files/digest-net-snmp-5.2.1-r1 b/net-analyzer/net-snmp/files/digest-net-snmp-5.2.1-r1 new file mode 100644 index 000000000000..ea1106d64bfd --- /dev/null +++ b/net-analyzer/net-snmp/files/digest-net-snmp-5.2.1-r1 @@ -0,0 +1 @@ +MD5 4c38451b1f5914789da370b79dc06124 net-snmp-5.2.1.tar.gz 3971320 diff --git a/net-analyzer/net-snmp/files/net-snmp-5.2.1-fix-insecure-fixproc.diff b/net-analyzer/net-snmp/files/net-snmp-5.2.1-fix-insecure-fixproc.diff new file mode 100644 index 000000000000..cad67929e5be --- /dev/null +++ b/net-analyzer/net-snmp/files/net-snmp-5.2.1-fix-insecure-fixproc.diff @@ -0,0 +1,52 @@ +--- local/fixproc.orig 2005-05-18 09:57:16.000000000 -0400 ++++ local/fixproc 2005-05-18 11:00:38.000000000 -0400 +@@ -129,6 +129,9 @@ + # + # Timothy Kong 3/1995 + ++require File::Temp; ++use File::Temp(); ++ + $database_file = '/local/etc/fixproc.conf'; + + $debug = 0; # specify debug level using -dN +@@ -196,7 +199,6 @@ + printf (stderr "create_sh_script\n") if ($debug > 0); + + $! = $fixproc_error; +- open (file, ">"."$file") || die "$0: cannot open $file\n"; + while ( $shell_lines[$i] ne $shell_end_marker ) + { + printf (file "%s", $shell_lines[$i]); +@@ -231,13 +233,13 @@ + { + # it must be "shell", so execute the shell script defined in database + +- local ($tmpfile) = "/tmp/fix_$$"; ++ local ($tmpfile) = new File::Temp(TEMPLATE => 'fix_XXXXX', ++ DIR => '/tmp'); + + &create_sh_script ($fix{$proc}, $tmpfile); + + # return code is number divided by 256 + $error_code = (system "$tmpfile") / 256; +- system "rm $tmpfile"; + return ($fix_failed_error) if ($error_code != 0); + # sleep needed here? + return &do_exist ($proc); +@@ -262,13 +264,13 @@ + # if not "exist", then it must be "shell", so execute the shell script + # defined in database + +- local ($tmpfile) = "/tmp/check_$$"; ++ local ($tmpfile) = new File::Temp(TEMPLATE => 'check_XXXXXX', ++ DIR => '/tmp'); + + &create_sh_script ($check{$proc}, $tmpfile); + + # return code is number divided by 256 + $error_code = (system "$tmpfile") / 256; +- system "rm $tmpfile"; + return ($check_failed_error) if ($error_code != 0); + + # check passed, continue diff --git a/net-analyzer/net-snmp/net-snmp-5.2.1-r1.ebuild b/net-analyzer/net-snmp/net-snmp-5.2.1-r1.ebuild new file mode 100644 index 000000000000..13f0968c389f --- /dev/null +++ b/net-analyzer/net-snmp/net-snmp-5.2.1-r1.ebuild @@ -0,0 +1,170 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/net-snmp-5.2.1-r1.ebuild,v 1.1 2005/05/18 15:30:42 ka0ttic Exp $ + +inherit eutils fixheadtails perl-module + +DESCRIPTION="Software for generating and retrieving SNMP data" +HOMEPAGE="http://net-snmp.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc x86" +IUSE="perl ipv6 ssl tcpd X lm_sensors minimal smux selinux doc rpm elf" + +DEPEND=">=sys-libs/zlib-1.1.4 + !minimal? ( <sys-libs/db-2 ) + ssl? ( >=dev-libs/openssl-0.9.6d ) + tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) + lm_sensors? ( + x86? ( sys-apps/lm_sensors ) + amd64? ( sys-apps/lm_sensors ) + ) + rpm? ( app-arch/rpm + dev-libs/popt + app-arch/bzip2 + ) + elf? ( dev-libs/elfutils )" + +RDEPEND="${DEPEND} + perl? ( + X? ( dev-perl/perl-tk ) + !minimal? ( dev-perl/TermReadKey ) + ) + selinux? ( sec-policy/selinux-snmpd )" + +DEPEND="${DEPEND} + >=sys-apps/sed-4 + doc? ( app-doc/doxygen )" + +src_unpack() { + unpack ${A} + cd ${S} + + epatch ${FILESDIR}/${P}-fix-insecure-fixproc.diff + epatch ${FILESDIR}/${P}-conf-elf-rpm-bz2.patch + + if use lm_sensors; then + if use x86 || use amd64; then + epatch ${FILESDIR}/${PN}-lm_sensors.patch + else + eerror "Unfortunatly you are trying to enable lm_sensors support for an unsupported arch." + eerror "please check the availability of sys-apps/lm_sensors - if it is available on" + eerror "your arch, please file a bug about this." + die "lm_sensors patch error: unsupported arch." + fi + fi + + # bugs 68467 and 68254 + sed -i -e \ + 's/^NSC_AGENTLIBS="@AGENTLIBS@"/NSC_AGENTLIBS="@AGENTLIBS@ @WRAPLIBS@"/' \ + net-snmp-config.in || die "sed net-snmp-config.in" + sed -i -e 's;embed_perl="yes",;embed_perl=$enableval,;' configure.in \ + || die "sed configure.in failed" + # fix access violation in make check + sed -i 's/\(snmpd.*\)-Lf/\1-l/' testing/eval_tools.sh || \ + die "sed eval_tools.sh failed" + # fix path in fixproc + sed -i 's|\(database_file =.*\)/local\(.*\)$|\1\2|' local/fixproc || \ + die "sed fixproc failed" + + ht_fix_all +} + +src_compile() { + local mibs + + autoconf || die "autoconf failed" + + mibs="host ucd-snmp/dlmod" + use smux && mibs="${mibs} smux" + use lm_sensors && mibs="${mibs} ucd-snmp/lmSensors" + + econf \ + --with-install-prefix="${D}" \ + --with-sys-location="Unknown" \ + --with-sys-contact="root@Unknown" \ + --with-default-snmp-version="3" \ + --with-mib-modules="${mibs}" \ + --with-logfile="${ROOT}/var/log/net-snmpd.log" \ + --with-persistent-directory="${ROOT}/var/lib/net-snmp" \ + --enable-ucd-snmp-compatibility \ + --enable-shared \ + --with-zlib \ + $(use_enable perl embedded-perl) \ + $(use_enable ipv6) \ + $(use_enable !ssl internal-md5) \ + $(use_with ssl openssl) \ + $(use_with tcpd libwrap) \ + $(use_with rpm) \ + $(use_with rpm bzip2) \ + $(use_with elf) \ + || die "econf failed" + + emake -j1 || die "emake failed" + + if use perl ; then + emake perlmodules || die "compile perl modules problem" + fi + + if use doc ; then + einfo "Building HTML Documentation" + make docsdox || die "failed to build docs" + fi +} + +src_test() { + cd testing + if ! make test ; then + echo + einfo "Don't be alarmed if a few tests FAIL." + einfo "This could happen for several reasons:" + einfo " - You don't already have a working configuration." + einfo " - Your ethernet interface isn't properly configured." + echo + fi +} + +src_install () { + make DESTDIR="${D}" install || die "make install failed" + + if use perl ; then + make DESTDIR="${D}" perlinstall || die "make perlinstall failed" + fixlocalpod + + use X || rm -f "${D}/usr/bin/tkmib" + else + rm -f "${D}/usr/bin/mib2c" "${D}/usr/bin/tkmib" + fi + + dodoc AGENT.txt ChangeLog FAQ INSTALL NEWS PORTING README* TODO + newdoc EXAMPLE.conf.def EXAMPLE.conf + + use doc && dohtml docs/html/* + + keepdir /etc/snmp /var/lib/net-snmp + + newinitd ${FILESDIR}/snmpd-5.1.rc6 snmpd || die + newconfd ${FILESDIR}/snmpd-5.1.conf snmpd || die + + # snmptrapd can use the same rc script just slightly modified + sed -e 's/net-snmpd/snmptrapd/g' \ + -e 's/snmpd/snmptrapd/g' \ + -e 's/SNMPD/SNMPTRAPD/g' \ + ${D}/etc/init.d/snmpd > ${D}/etc/init.d/snmptrapd || \ + die "failed to create snmptrapd init script" + chmod 0755 ${D}/etc/init.d/snmptrapd + + newconfd ${FILESDIR}/snmptrapd.conf snmptrapd || die + + # Remove everything, keeping only the snmpd, snmptrapd, MIBs, libs, and includes. + if use minimal; then + einfo "USE=minimal is set. Cleaning up excess cruft for a embedded/minimal/server only install." + rm -rf ${D}/usr/bin/{encode_keychange,snmp{get,getnext,set,usm,walk,bulkwalk,table,trap,bulkget,translate,status,delta,test,df,vacm,netstat,inform}} + rm -rf ${D}/usr/share/snmp/snmpconf-data ${D}/usr/share/snmp/*.conf + rm -rf ${D}/usr/bin/{net-snmp-config,fixproc,traptoemail} ${D}/usr/bin/snmpc{heck,onf} + find ${D} -name '*.pl' -exec rm -f '{}' \; + use ipv6 || rm -rf ${D}/usr/share/snmp/mibs/IPV6* + fi +} |