diff options
Diffstat (limited to 'sys-freebsd')
-rw-r--r-- | sys-freebsd/freebsd-libexec/ChangeLog | 8 | ||||
-rw-r--r-- | sys-freebsd/freebsd-libexec/files/freebsd-libexec-7.2-rtld7.patch | 24 | ||||
-rw-r--r-- | sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild | 75 |
3 files changed, 106 insertions, 1 deletions
diff --git a/sys-freebsd/freebsd-libexec/ChangeLog b/sys-freebsd/freebsd-libexec/ChangeLog index 81fd8d7ed40a..113ec65c7ce5 100644 --- a/sys-freebsd/freebsd-libexec/ChangeLog +++ b/sys-freebsd/freebsd-libexec/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-freebsd/freebsd-libexec # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-libexec/ChangeLog,v 1.33 2009/12/04 20:02:06 aballier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-libexec/ChangeLog,v 1.34 2009/12/05 09:48:09 aballier Exp $ + +*freebsd-libexec-7.2-r1 (05 Dec 2009) + + 05 Dec 2009; Alexis Ballier <aballier@gentoo.org> + +freebsd-libexec-7.2-r1.ebuild, +files/freebsd-libexec-7.2-rtld7.patch: + Add a patch for latest FreeBSD security advisory 04 Dec 2009; Alexis Ballier <aballier@gentoo.org> -freebsd-libexec-7.1.ebuild: diff --git a/sys-freebsd/freebsd-libexec/files/freebsd-libexec-7.2-rtld7.patch b/sys-freebsd/freebsd-libexec/files/freebsd-libexec-7.2-rtld7.patch new file mode 100644 index 000000000000..6c6f0adf5fa8 --- /dev/null +++ b/sys-freebsd/freebsd-libexec/files/freebsd-libexec-7.2-rtld7.patch @@ -0,0 +1,24 @@ +http://security.freebsd.org/advisories/FreeBSD-SA-09:16.rtld.asc + +Index: libexec/rtld-elf/rtld.c +=================================================================== +--- libexec/rtld-elf/rtld.c ++++ libexec/rtld-elf/rtld.c +@@ -358,11 +358,12 @@ + * future processes to honor the potentially un-safe variables. + */ + if (!trust) { +- unsetenv(LD_ "PRELOAD"); +- unsetenv(LD_ "LIBMAP"); +- unsetenv(LD_ "LIBRARY_PATH"); +- unsetenv(LD_ "LIBMAP_DISABLE"); +- unsetenv(LD_ "DEBUG"); ++ if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") || ++ unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") || ++ unsetenv(LD_ "DEBUG")) { ++ _rtld_error("environment corrupt; aborting"); ++ die(); ++ } + } + ld_debug = getenv(LD_ "DEBUG"); + libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL; diff --git a/sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild b/sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild new file mode 100644 index 000000000000..fab71ce68bd5 --- /dev/null +++ b/sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild @@ -0,0 +1,75 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild,v 1.1 2009/12/05 09:48:09 aballier Exp $ + +EAPI=2 + +inherit bsdmk freebsd pam + +DESCRIPTION="FreeBSD libexec things" +SLOT="0" +KEYWORDS="~sparc-fbsd ~x86-fbsd" + +SRC_URI="mirror://gentoo/${LIBEXEC}.tar.bz2 + mirror://gentoo/${UBIN}.tar.bz2 + mirror://gentoo/${BIN}.tar.bz2 + mirror://gentoo/${CONTRIB}.tar.bz2 + mirror://gentoo/${LIB}.tar.bz2 + mirror://gentoo/${ETC}.tar.bz2 + mirror://gentoo/${USBIN}.tar.bz2" + +RDEPEND="=sys-freebsd/freebsd-lib-${RV}* + pam? ( virtual/pam )" +DEPEND="${RDEPEND} + =sys-freebsd/freebsd-mk-defs-${RV}* + =sys-freebsd/freebsd-sources-${RV}*" +RDEPEND="${RDEPEND} + xinetd? ( sys-apps/xinetd )" + +S="${WORKDIR}/libexec" + +PATCHES=( "${FILESDIR}/${PN}-setXid.patch" + "${FILESDIR}/${PN}-nossp.patch" + "${FILESDIR}/${PN}-7.0-libfallback.patch" + "${FILESDIR}/${P}-rtld7.patch" ) + +# Remove sendmail, tcp_wrapper and other useless stuff +REMOVE_SUBDIRS="smrsh mail.local tcpd telnetd rshd rlogind lukemftpd ftpd" + +IUSE="pam ssl kerberos ipv6 nis xinetd" + +pkg_setup() { + use ipv6 || mymakeopts="${mymakeopts} WITHOUT_INET6= WITHOUT_INET6_SUPPORT= " + use kerberos || mymakeopts="${mymakeopts} WITHOUT_KERBEROS_SUPPORT= " + use nis || mymakeopts="${mymakeopts} WITHOUT_NIS= " + use pam || mymakeopts="${mymakeopts} WITHOUT_PAM_SUPPORT= " + use ssl || mymakeopts="${mymakeopts} WITHOUT_OPENSSL= " + + mymakeopts="${mymakeopts} WITHOUT_SENDMAIL= WITHOUT_PF= WITHOUT_RCMDS= " +} + +src_prepare() { + ln -s /usr/include "${WORKDIR}/include" +} + +src_compile() { + NOSSP_FLAGS="$(test-flags -fno-stack-protector -fno-stack-protector-all)" + export NOSSP_FLAGS + freebsd_src_compile +} + +src_install() { + freebsd_src_install + + insinto /etc + doins "${WORKDIR}/etc/gettytab" + newinitd "${FILESDIR}/bootpd.initd" bootpd + newconfd "${FILESDIR}/bootpd.confd" bootpd + + if use xinetd; then + for rpcd in rstatd rusersd walld rquotad sprayd; do + insinto /etc/xinetd.d + newins "${FILESDIR}/${rpcd}.xinetd" ${rpcd} + done + fi +} |