summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'sys-freebsd')
-rw-r--r--sys-freebsd/freebsd-libexec/ChangeLog8
-rw-r--r--sys-freebsd/freebsd-libexec/files/freebsd-libexec-7.2-rtld7.patch24
-rw-r--r--sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild75
3 files changed, 106 insertions, 1 deletions
diff --git a/sys-freebsd/freebsd-libexec/ChangeLog b/sys-freebsd/freebsd-libexec/ChangeLog
index 81fd8d7ed40a..113ec65c7ce5 100644
--- a/sys-freebsd/freebsd-libexec/ChangeLog
+++ b/sys-freebsd/freebsd-libexec/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sys-freebsd/freebsd-libexec
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-libexec/ChangeLog,v 1.33 2009/12/04 20:02:06 aballier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-libexec/ChangeLog,v 1.34 2009/12/05 09:48:09 aballier Exp $
+
+*freebsd-libexec-7.2-r1 (05 Dec 2009)
+
+ 05 Dec 2009; Alexis Ballier <aballier@gentoo.org>
+ +freebsd-libexec-7.2-r1.ebuild, +files/freebsd-libexec-7.2-rtld7.patch:
+ Add a patch for latest FreeBSD security advisory
04 Dec 2009; Alexis Ballier <aballier@gentoo.org>
-freebsd-libexec-7.1.ebuild:
diff --git a/sys-freebsd/freebsd-libexec/files/freebsd-libexec-7.2-rtld7.patch b/sys-freebsd/freebsd-libexec/files/freebsd-libexec-7.2-rtld7.patch
new file mode 100644
index 000000000000..6c6f0adf5fa8
--- /dev/null
+++ b/sys-freebsd/freebsd-libexec/files/freebsd-libexec-7.2-rtld7.patch
@@ -0,0 +1,24 @@
+http://security.freebsd.org/advisories/FreeBSD-SA-09:16.rtld.asc
+
+Index: libexec/rtld-elf/rtld.c
+===================================================================
+--- libexec/rtld-elf/rtld.c
++++ libexec/rtld-elf/rtld.c
+@@ -358,11 +358,12 @@
+ * future processes to honor the potentially un-safe variables.
+ */
+ if (!trust) {
+- unsetenv(LD_ "PRELOAD");
+- unsetenv(LD_ "LIBMAP");
+- unsetenv(LD_ "LIBRARY_PATH");
+- unsetenv(LD_ "LIBMAP_DISABLE");
+- unsetenv(LD_ "DEBUG");
++ if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") ||
++ unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") ||
++ unsetenv(LD_ "DEBUG")) {
++ _rtld_error("environment corrupt; aborting");
++ die();
++ }
+ }
+ ld_debug = getenv(LD_ "DEBUG");
+ libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL;
diff --git a/sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild b/sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild
new file mode 100644
index 000000000000..fab71ce68bd5
--- /dev/null
+++ b/sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild
@@ -0,0 +1,75 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-libexec/freebsd-libexec-7.2-r1.ebuild,v 1.1 2009/12/05 09:48:09 aballier Exp $
+
+EAPI=2
+
+inherit bsdmk freebsd pam
+
+DESCRIPTION="FreeBSD libexec things"
+SLOT="0"
+KEYWORDS="~sparc-fbsd ~x86-fbsd"
+
+SRC_URI="mirror://gentoo/${LIBEXEC}.tar.bz2
+ mirror://gentoo/${UBIN}.tar.bz2
+ mirror://gentoo/${BIN}.tar.bz2
+ mirror://gentoo/${CONTRIB}.tar.bz2
+ mirror://gentoo/${LIB}.tar.bz2
+ mirror://gentoo/${ETC}.tar.bz2
+ mirror://gentoo/${USBIN}.tar.bz2"
+
+RDEPEND="=sys-freebsd/freebsd-lib-${RV}*
+ pam? ( virtual/pam )"
+DEPEND="${RDEPEND}
+ =sys-freebsd/freebsd-mk-defs-${RV}*
+ =sys-freebsd/freebsd-sources-${RV}*"
+RDEPEND="${RDEPEND}
+ xinetd? ( sys-apps/xinetd )"
+
+S="${WORKDIR}/libexec"
+
+PATCHES=( "${FILESDIR}/${PN}-setXid.patch"
+ "${FILESDIR}/${PN}-nossp.patch"
+ "${FILESDIR}/${PN}-7.0-libfallback.patch"
+ "${FILESDIR}/${P}-rtld7.patch" )
+
+# Remove sendmail, tcp_wrapper and other useless stuff
+REMOVE_SUBDIRS="smrsh mail.local tcpd telnetd rshd rlogind lukemftpd ftpd"
+
+IUSE="pam ssl kerberos ipv6 nis xinetd"
+
+pkg_setup() {
+ use ipv6 || mymakeopts="${mymakeopts} WITHOUT_INET6= WITHOUT_INET6_SUPPORT= "
+ use kerberos || mymakeopts="${mymakeopts} WITHOUT_KERBEROS_SUPPORT= "
+ use nis || mymakeopts="${mymakeopts} WITHOUT_NIS= "
+ use pam || mymakeopts="${mymakeopts} WITHOUT_PAM_SUPPORT= "
+ use ssl || mymakeopts="${mymakeopts} WITHOUT_OPENSSL= "
+
+ mymakeopts="${mymakeopts} WITHOUT_SENDMAIL= WITHOUT_PF= WITHOUT_RCMDS= "
+}
+
+src_prepare() {
+ ln -s /usr/include "${WORKDIR}/include"
+}
+
+src_compile() {
+ NOSSP_FLAGS="$(test-flags -fno-stack-protector -fno-stack-protector-all)"
+ export NOSSP_FLAGS
+ freebsd_src_compile
+}
+
+src_install() {
+ freebsd_src_install
+
+ insinto /etc
+ doins "${WORKDIR}/etc/gettytab"
+ newinitd "${FILESDIR}/bootpd.initd" bootpd
+ newconfd "${FILESDIR}/bootpd.confd" bootpd
+
+ if use xinetd; then
+ for rpcd in rstatd rusersd walld rquotad sprayd; do
+ insinto /etc/xinetd.d
+ newins "${FILESDIR}/${rpcd}.xinetd" ${rpcd}
+ done
+ fi
+}