dev-db/postgresql: Eselect and security related fixes

Dependency bumped on app-eselect/eselect-postgresql to 2.0. Some of
its work has been shifted into the ebuild as the files/links don’t
change until this package is reemerge, unmerged, or updated.

Security issues addressed in the initscripts per bugs 603716 and 603720.

Bugs: 603716, 603720

Package-Manager: portage-2.3.0

1 files changed, 69 insertions, 32 deletions

diff --git a/dev-db/postgresql/postgresql-9999.ebuild b/dev-db/postgresql/postgresql-9999.ebuild
index 6a995c154baa..4ef8157f431b 100644
--- a/dev-db/postgresql/postgresql-9999.ebuild
+++ b/dev-db/postgresql/postgresql-9999.ebuild
@@ -10,8 +10,8 @@ inherit eutils flag-o-matic git-2 linux-info multilib pam prefix \
 
 KEYWORDS=""
 
-# Fix if needed
-SLOT="9.7"
+# Bump when rc released.
+SLOT="10"
 
 EGIT_REPO_URI="git://git.postgresql.org/git/postgresql.git"
 
@@ -39,7 +39,7 @@ wanted_languages() {
 }
 
 CDEPEND="
->=app-eselect/eselect-postgresql-1.2.0
+>=app-eselect/eselect-postgresql-2.0
 sys-apps/less
 virtual/libintl
 kerberos? ( virtual/krb5 )
@@ -174,17 +174,13 @@ src_install() {
 	insinto /etc/postgresql-${SLOT}
 	newins src/bin/psql/psqlrc.sample psqlrc
 
-	dodir /etc/eselect/postgresql/slots/${SLOT}
-	echo "postgres_ebuilds=\"\${postgres_ebuilds} ${PF}\"" > \
-		"${ED}/etc/eselect/postgresql/slots/${SLOT}/base"
-
 	use static-libs || find "${ED}" -name '*.a' -delete
 
 	sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \
-		"${FILESDIR}/${PN}.confd" | newconfd - ${PN}-${SLOT}
+		"${FILESDIR}/${PN}.confd-9.3" | newconfd - ${PN}-${SLOT}
 
 	sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \
-		"${FILESDIR}/${PN}.init" | newinitd - ${PN}-${SLOT}
+		"${FILESDIR}/${PN}.init-9.3-r1" | newinitd - ${PN}-${SLOT}
 
 	sed -e "s|@SLOT@|${SLOT}|g" -e "s|@LIBDIR@|$(get_libdir)|g" \
 		"${FILESDIR}/${PN}.service" | \
@@ -194,26 +190,74 @@ src_install() {
 
 	use pam && pamd_mimic system-auth ${PN}-${SLOT} auth account session
 
+	local f bn
+	for f in $(find "${ED}/usr/$(get_libdir)/postgresql-${SLOT}/bin" \
+					-mindepth 1 -maxdepth 1)
+	do
+		bn=$(basename "${f}")
+		# Temporarily tack on tmp to workaround a file collision
+		# issue. This is only necessary for 9.7 and earlier. 10 never
+		# had this issue.
+		dosym "../$(get_libdir)/postgresql-${SLOT}/bin/${bn}" \
+			  "/usr/bin/${bn}${SLOT/.}tmp"
+	done
+
+	local linkname mansec
+	for mansec in {1,3,7} ; do
+		for f in "${ED}"/usr/share/postgresql-${SLOT}/man/man${mansec}/* ; do
+			bn=$(basename "${f}")
+			linkname=${bn/%.${mansec}/${SLOT/.}.${mansec}}
+			dosym ../../postgresql-${SLOT}/man/man${mansec}/$bn \
+				  /usr/share/man/man${mansec}/${linkname}
+		done
+	done
+
 	if use prefix ; then
 		keepdir /run/postgresql
 		fperms 0775 /run/postgresql
 	fi
 }
 
+pkg_preinst() {
+	# Find all of the slot-specific symlinks, if any, in /usr/bin (e.g.,
+	# /usr/bin/psql97). They may have been created by the
+	# postgresql.eselect module, but they're handled within this ebuild
+	# now. It's alright if we momentarily delete /usr/bin/psql as it
+	# will be recreated by the eselect module in pkg_ppostinst().  We
+	# only worry about the 9.7 slot as that's the last slot that had its
+	# slot-specific links generated by eselect.
+	#
+	# This can be removed when 10 is the lowest slot in the tree.
+	local canonicalise
+	if type -p realpath > /dev/null; then
+		canonicalise=realpath
+	elif type -p readlink > /dev/null; then
+		canonicalise='readlink -f'
+	else
+		# can't die, subshell
+		die "No readlink nor realpath found, cannot canonicalise"
+	fi
+
+	local l
+	# First remove any symlinks in /usr/bin that may have been created
+	# by the old eselect
+	for l in $(find "${ROOT%/}/usr/bin" -mindepth 1 -maxdepth 1 -type l) ; do
+		[[ $(${canonicalise} "${l}") == *postgresql-9.7* ]] && rm "${l}"
+	done
+
+	# Then move the symlinks created by the ebuild to their proper place.
+	for l in "${ED}"/usr/bin/*tmp ; do
+		mv "${l}" "${l%tmp}" \
+			|| ewarn "Couldn't rename $(basename ${l}) to $(basename ${l%tmp})"
+	done
+}
+
 pkg_postinst() {
 	postgresql-config update
 
 	elog "If you need a global psqlrc-file, you can place it in:"
 	elog "    ${EROOT%/}/etc/postgresql-${SLOT}/"
 
-	if [[ -z ${REPLACING_VERSIONS} ]] ; then
-		elog
-		elog "It looks like this is your first time installing PostgreSQL. Run the"
-		elog "following command in all active shells to pick up changes to the default"
-		elog "environment:"
-		elog "    source /etc/profile"
-	fi
-
 	elog
 	elog "Gentoo specific documentation:"
 	elog "https://wiki.gentoo.org/wiki/PostgreSQL"
@@ -297,21 +341,10 @@ pkg_config() {
 	einfo "The database cluster will be created in:"
 	einfo "    ${DATA_DIR}"
 	einfo
-	if [ -z "$PG_AUTOCONFIG" ] ; then
-		while [ "$correct" != "true" ] ; do
-			einfo "Are you ready to continue? (y/n)"
-			read answer
-			if [[ $answer =~ ^[Yy]([Ee][Ss])?$ ]] ; then
-				correct="true"
-			elif [[ $answer =~ ^[Nn]([Oo])?$ ]] ; then
-				die "Aborting initialization."
-			else
-				echo "Answer not recognized"
-			fi
-		done
-	else
-		einfo "PG_AUTOCONFIG set, not prompting"
-	fi
+
+	ebegin "Continuing initialization in 5 seconds (Control-C to cancel)"
+	sleep 5
+	eend 0
 
 	if [ -n "$(ls -A ${DATA_DIR} 2> /dev/null)" ] ; then
 		eerror "The given directory, '${DATA_DIR}', is not empty."
@@ -339,6 +372,10 @@ pkg_config() {
 		ln -s "${PGDATA%/}"/{pg_{hba,ident},postgresql}.conf "${DATA_DIR%/}"
 	fi
 
+	# unix_socket_directory has no effect in postgresql.conf as it's
+	# overridden in the initscript
+	sed '/^#unix_socket_directories/,+1d' -i "${PGDATA%/}"/postgresql.conf
+
 	cat <<- EOF >> "${PGDATA%/}"/postgresql.conf
 		# This is here because of https://bugs.gentoo.org/show_bug.cgi?id=518522
 		# On the off-chance that you might need to work with UTF-8 encoded