From: "Florian Schmaus" <flow@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sci-misc/boinc/, sci-misc/boinc/files/
Date: Sun, 24 Apr 2022 20:14:32 +0000 (UTC) [thread overview]
Message-ID: <1650831043.7a0414526e4942bf4767aaa2c9a9cfa5fd7f605a.flow@gentoo> (raw)
commit: 7a0414526e4942bf4767aaa2c9a9cfa5fd7f605a
Author: Florian Schmaus <flow <AT> gentoo <DOT> org>
AuthorDate: Sun Apr 24 19:43:52 2022 +0000
Commit: Florian Schmaus <flow <AT> gentoo <DOT> org>
CommitDate: Sun Apr 24 20:10:43 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a041452
sci-misc/boinc: fix dep, openrc: ALLOW_REMOTE_RPC=no, GROUP=(id -gn $USER)
Replace the deprecated virtual/jpeg with media-libs/libjpeg-turbo.
Use 'boinc' user's primary group per default. This syncs the behavior of
the openrc-run script with the systemd service file. We can now also
drop acct-group/boinc, since nothing in sci-misc/boinc depends on it.
Also set ALLOW_REMOTE_RPC=no, instead of yes, if absent. Allowing remote
RPCs, if not explicitly enabled by the user, that is, per default, is
not sensible from a security perspective.
Note that the shipped boinc.conf already sets ALLOW_REMOTE_RPC=no.
Signed-off-by: Florian Schmaus <flow <AT> gentoo.org>
sci-misc/boinc/{boinc-7.18.1.ebuild => boinc-7.18.1-r1.ebuild} | 3 +--
sci-misc/boinc/boinc-9999.ebuild | 3 +--
sci-misc/boinc/files/boinc.conf | 4 +++-
sci-misc/boinc/files/boinc.init.in | 6 +++---
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/sci-misc/boinc/boinc-7.18.1.ebuild b/sci-misc/boinc/boinc-7.18.1-r1.ebuild
similarity index 99%
rename from sci-misc/boinc/boinc-7.18.1.ebuild
rename to sci-misc/boinc/boinc-7.18.1-r1.ebuild
index 2d86dc42372a..3395522f0874 100644
--- a/sci-misc/boinc/boinc-7.18.1.ebuild
+++ b/sci-misc/boinc/boinc-7.18.1-r1.ebuild
@@ -30,7 +30,6 @@ REQUIRED_USE="^^ ( curl_ssl_gnutls curl_ssl_openssl ) "
# libcurl must not be using an ssl backend boinc does not support.
# If the libcurl ssl backend changes, boinc should be recompiled.
DEPEND="
- acct-group/boinc
acct-user/boinc
>=app-misc/ca-certificates-20080809
cuda? (
@@ -43,6 +42,7 @@ DEPEND="
X? (
dev-db/sqlite:3
media-libs/freeglut
+ media-libs/libjpeg-turbo:=
x11-libs/gtk+:3
x11-libs/libICE
>=x11-libs/libnotify-0.7
@@ -50,7 +50,6 @@ DEPEND="
x11-libs/libXi
x11-libs/libXmu
x11-libs/wxGTK:${WX_GTK_VER}[X,opengl,webkit]
- virtual/jpeg
)
"
BDEPEND="app-text/docbook-xml-dtd:4.4
diff --git a/sci-misc/boinc/boinc-9999.ebuild b/sci-misc/boinc/boinc-9999.ebuild
index 21a46ecfa659..78012a2d9c57 100644
--- a/sci-misc/boinc/boinc-9999.ebuild
+++ b/sci-misc/boinc/boinc-9999.ebuild
@@ -32,7 +32,6 @@ REQUIRED_USE="^^ ( curl_ssl_gnutls curl_ssl_openssl ) "
# libcurl must not be using an ssl backend boinc does not support.
# If the libcurl ssl backend changes, boinc should be recompiled.
DEPEND="
- acct-group/boinc
acct-user/boinc
>=app-misc/ca-certificates-20080809
cuda? (
@@ -45,6 +44,7 @@ DEPEND="
X? (
dev-db/sqlite:3
media-libs/freeglut
+ media-libs/libjpeg-turbo:=
x11-libs/gtk+:3
x11-libs/libICE
>=x11-libs/libnotify-0.7
@@ -52,7 +52,6 @@ DEPEND="
x11-libs/libXi
x11-libs/libXmu
x11-libs/wxGTK:${WX_GTK_VER}[X,opengl,webkit]
- virtual/jpeg
)
"
BDEPEND="app-text/docbook-xml-dtd:4.4
diff --git a/sci-misc/boinc/files/boinc.conf b/sci-misc/boinc/files/boinc.conf
index 22fcca0d3001..856be30a2402 100644
--- a/sci-misc/boinc/files/boinc.conf
+++ b/sci-misc/boinc/files/boinc.conf
@@ -2,7 +2,9 @@
# Owner of BOINC process (must be existing)
USER="boinc"
-GROUP="boinc"
+# Group of the BOINC process. Defaults to the user's primary group if
+# not set.
+#GROUP="boinc"
# Directory with runtime data: Work units, project binaries, user info etc.
RUNTIMEDIR="/var/lib/boinc"
diff --git a/sci-misc/boinc/files/boinc.init.in b/sci-misc/boinc/files/boinc.init.in
index 763b69694444..9ac9b11a930d 100644
--- a/sci-misc/boinc/files/boinc.init.in
+++ b/sci-misc/boinc/files/boinc.init.in
@@ -1,5 +1,5 @@
#!/sbin/openrc-run
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
extra_started_commands="attach resume suspend"
@@ -91,12 +91,12 @@ opencl_check() {
env_check() {
# Make sure the configuration is sane
: ${USER:="boinc"}
- : ${GROUP:="boinc"}
+ : ${GROUP:="$(id -ng ${USER})"}
: ${RUNTIMEDIR:="/var/lib/boinc"}
: ${BOINCBIN:="$(which boinc_client)"}
: ${BOINC_PIDFILE:="/var/run/boinc_client.pid"}
: ${BOINCCMD:="$(which /usr/bin/boinccmd)"}
- : ${ALLOW_REMOTE_RPC:="yes"}
+ : ${ALLOW_REMOTE_RPC:="no"}
: ${NICELEVEL:="19"}
# ARGS is not checked, it could have been explicitly set
# to be empty by the user.
next reply other threads:[~2022-04-24 20:14 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-24 20:14 Florian Schmaus [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-08-01 8:35 [gentoo-commits] repo/gentoo:master commit in: sci-misc/boinc/, sci-misc/boinc/files/ Florian Schmaus
2022-04-23 10:24 Florian Schmaus
2022-04-23 10:24 Florian Schmaus
2018-04-24 21:57 Andreas Sturmlechner
2017-08-19 19:01 Michał Górny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1650831043.7a0414526e4942bf4767aaa2c9a9cfa5fd7f605a.flow@gentoo \
--to=flow@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox