[gentoo-commits] repo/gentoo:master commit in: sys-apps/man-db/files/, sys-apps/man-db/

[gentoo-commits] repo/gentoo:master commit in: sys-apps/man-db/files/, sys-apps/man-db/

[Robin H. Johnson]

commit:     aaa42799b39bd2ad5a345ab28c71dac1a7a94664
Author:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Tue Feb 21 21:45:35 2017 +0000
Commit:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Tue Feb 21 21:46:15 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aaa42799

sys-apps/man-db: re-fix security bug #602588 because of comment #18.

Package-Manager: portage-2.3.3
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>

 sys-apps/man-db/files/man-db.cron        |   9 +--
 sys-apps/man-db/man-db-2.7.6.1-r2.ebuild | 109 +++++++++++++++++++++++++++++++
 2 files changed, 114 insertions(+), 4 deletions(-)

diff --git a/sys-apps/man-db/files/man-db.cron b/sys-apps/man-db/files/man-db.cron
index ced63900fc..d94e594d1a 100644
--- a/sys-apps/man-db/files/man-db.cron
+++ b/sys-apps/man-db/files/man-db.cron
@@ -1,10 +1,11 @@
 #!/bin/sh
 
 # Use same perms/settings as the ebuild.
-if [ ! -d /var/cache/man ]; then
-	mkdir -p /var/cache/man
-	chown man:root /var/cache/man
-	chmod 2755 /var/cache/man
+cachedir="/var/cache/man"
+if [ ! -d ${cachedir} ]; then
+	mkdir -p "${cachedir}"
+	chown man:man "${cachedir}"
+	chmod 0755 "${cachedir}"
 fi
 
 exec nice mandb --quiet

diff --git a/sys-apps/man-db/man-db-2.7.6.1-r2.ebuild b/sys-apps/man-db/man-db-2.7.6.1-r2.ebuild
new file mode 100644
index 0000000000..176e09719e
--- /dev/null
+++ b/sys-apps/man-db/man-db-2.7.6.1-r2.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit eutils user versionator
+
+DESCRIPTION="a man replacement that utilizes berkdb instead of flat files"
+HOMEPAGE="http://www.nongnu.org/man-db/"
+SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~arm-linux ~x86-linux"
+IUSE="berkdb +gdbm +manpager nls selinux static-libs zlib"
+
+CDEPEND=">=dev-libs/libpipeline-1.4.0
+	berkdb? ( sys-libs/db:= )
+	gdbm? ( sys-libs/gdbm )
+	!berkdb? ( !gdbm? ( sys-libs/gdbm ) )
+	sys-apps/groff
+	zlib? ( sys-libs/zlib )
+	!sys-apps/man"
+DEPEND="${CDEPEND}
+	app-arch/xz-utils
+	virtual/pkgconfig
+	nls? (
+		>=app-text/po4a-0.45
+		sys-devel/gettext
+	)"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-mandb )
+"
+PDEPEND="manpager? ( app-text/manpager )"
+
+pkg_setup() {
+	# Create user now as Makefile in src_install does setuid/chown
+	enewgroup man 15
+	enewuser man 13 -1 /usr/share/man man
+
+	if (use gdbm && use berkdb) || (use !gdbm && use !berkdb) ; then #496150
+		ewarn "Defaulting to USE=gdbm due to ambiguous berkdb/gdbm USE flag settings"
+	fi
+}
+
+src_configure() {
+	export ac_cv_lib_z_gzopen=$(usex zlib)
+	econf \
+		--docdir='$(datarootdir)'/doc/${PF} \
+		--with-systemdtmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d \
+		--enable-setuid \
+		--enable-cache-owner=man \
+		--with-sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o 1x 2x 3x 4x 5x 6x 7x 8x" \
+		$(use_enable nls) \
+		$(use_enable static-libs static) \
+		--with-db=$(usex gdbm gdbm $(usex berkdb db gdbm))
+
+	# Disable color output from groff so that the manpager can add it. #184604
+	sed -i \
+		-e '/^#DEFINE.*\<[nt]roff\>/{s:^#::;s:$: -c:}' \
+		src/man_db.conf || die
+}
+
+src_install() {
+	default
+	dodoc docs/{HACKING,TODO}
+	prune_libtool_files
+
+	exeinto /etc/cron.daily
+	newexe "${FILESDIR}"/man-db.cron man-db #289884
+}
+
+pkg_preinst() {
+	local cachedir="${EROOT}var/cache/man"
+	# If the system was already exploited, and the attacker is hiding in the
+	# cachedir of the old man-db, let's wipe them out.
+	# see bug  #602588 comment 18
+	local _replacing_version=
+	local _setgid_vuln=0
+	for _replacing_version in ${REPLACING_VERSIONS}; do
+		if version_is_at_least '2.7.6.1-r2' "${_replacing_version}"; then
+			debug-print "Skipping security bug #602588 ... existing installation (${_replacing_version}) should not be affected!"
+		else
+			_setgid_vuln=1
+			debug-print "Applying cleanup for security bug #602588"
+		fi
+	done
+	[[ ${_setgid_vuln} -eq 1 ]] && rm -rf "${cachedir}"
+
+	# Fall back to recreating the cachedir
+	if [[ ! -d ${cachedir} ]] ; then
+		mkdir -p "${cachedir}" || die
+		chown man:man "${cachedir}" || die
+	fi
+
+	# Update the whatis cache
+	if [[ -f ${cachedir}/whatis ]] ; then
+		einfo "Cleaning ${cachedir} from sys-apps/man"
+		find "${cachedir}" -type f '!' '(' -name index.bt -o -name index.db ')' -delete
+	fi
+}
+
+pkg_postinst() {
+	if [[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 7 ]] ; then
+		einfo "Rebuilding man-db from scratch with new database format!"
+		mandb --quiet --create
+	fi
+}

[gentoo-commits] repo/gentoo:master commit in: sys-apps/man-db/files/, sys-apps/man-db/

[Lars Wendler]

commit:     66af02c4670b0c8547c27810c1e2ddbe60c5788c
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Thu Feb  8 07:53:09 2018 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Thu Feb  8 07:59:22 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=66af02c4

sys-apps/man-db: Revbump adding seccomp support. Removed old.

Package-Manager: Portage-2.3.24, Repoman-2.3.6

 .../files/man-db-2.8.0-libseccomp_automagic.patch  |  99 +++++++++++++---
 .../files/man-db-2.8.0-refactor_drop_privs.patch   | 120 ++++++++++++++++++++
 .../man-db/files/man-db-2.8.0-seccomp_suid.patch   | 126 +++++++++++++++++++++
 ...{man-db-2.8.0.ebuild => man-db-2.8.0-r1.ebuild} |  19 ++--
 4 files changed, 335 insertions(+), 29 deletions(-)

diff --git a/sys-apps/man-db/files/man-db-2.8.0-libseccomp_automagic.patch b/sys-apps/man-db/files/man-db-2.8.0-libseccomp_automagic.patch
index 333bc5fe295..cf9c1257317 100644
--- a/sys-apps/man-db/files/man-db-2.8.0-libseccomp_automagic.patch
+++ b/sys-apps/man-db/files/man-db-2.8.0-libseccomp_automagic.patch
@@ -1,42 +1,107 @@
-From c693c0d6c41e777def51984035710779697d1989 Mon Sep 17 00:00:00 2001
+From 3d4ab15670079aa8e898f80a650b3be941230486 Mon Sep 17 00:00:00 2001
 From: Lars Wendler <polynomial-c@gentoo.org>
-Date: Tue, 6 Feb 2018 14:41:22 +0100
-Subject: [PATCH] Change libseccomp logic to not be automagic only.
+Date: Tue, 6 Feb 2018 15:30:21 +0100
+Subject: [PATCH] Change libseccomp logic to not be automagic only
 
-Introduce --with-libseccomp configure option so that users can disable
-seccomp even if libseccomp is available on the system.
-The default is unchanged to before this patch. If no --with(out)-libseccomp
-has been given on command line, the macro looks for presence of libseccomp
-and uses that if found.
+Introduce --without-libseccomp configure option so that users can
+disable seccomp even if libseccomp is available on the system.
+
+The default is unchanged from before this patch.  If no
+--with(out)-libseccomp has been given on the command line, the macro
+looks for presence of libseccomp and uses that if found.
+
+* m4/man-libseccomp.m4: Guard pkg-config test with a command-line
+option.
 ---
- m4/man-libseccomp.m4 | 19 ++++++++++++++-----
- 1 file changed, 14 insertions(+), 5 deletions(-)
 
+diff --git a/configure b/configure
+index 3f949306..8eaca64e 100755
+--- a/configure
++++ b/configure
+@@ -1718,6 +1718,7 @@ with_included_regex
+ enable_nls
+ with_libiconv_prefix
+ with_libintl_prefix
++with_libseccomp
+ '
+       ac_precious_vars='build_alias
+ host_alias
+@@ -2459,6 +2460,7 @@ Optional Packages:
+   --without-libiconv-prefix     don't search for libiconv in includedir and libdir
+   --with-libintl-prefix[=DIR]  search for libintl in DIR/include and DIR/lib
+   --without-libintl-prefix     don't search for libintl in includedir and libdir
++  --without-libseccomp    do not confine subprocesses using seccomp
+ 
+ Some influential environment variables:
+   CC          C compiler command
+@@ -47295,6 +47297,15 @@ fi
+ 
+ # Check for libseccomp library.
+ 
++# Check whether --with-libseccomp was given.
++if test "${with_libseccomp+set}" = set; then :
++  withval=$with_libseccomp;
++else
++  with_libseccomp=check
++fi
++
++	if test "x$with_libseccomp" != "xno"; then
++
+ pkg_failed=no
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libseccomp" >&5
+ $as_echo_n "checking for libseccomp... " >&6; }
+@@ -47353,11 +47364,15 @@ fi
+ 	# Put the nasty error message in config.log where it belongs
+ 	echo "$libseccomp_PKG_ERRORS" >&5
+ 
+-	:
++	if test "x$with_libseccomp" = "xyes"; then
++				as_fn_error $? "--with-libseccomp given but cannot find libseccomp" "$LINENO" 5
++			 fi
+ elif test $pkg_failed = untried; then
+      	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ $as_echo "no" >&6; }
+-	:
++	if test "x$with_libseccomp" = "xyes"; then
++				as_fn_error $? "--with-libseccomp given but cannot find libseccomp" "$LINENO" 5
++			 fi
+ else
+ 	libseccomp_CFLAGS=$pkg_cv_libseccomp_CFLAGS
+ 	libseccomp_LIBS=$pkg_cv_libseccomp_LIBS
+@@ -47367,6 +47382,7 @@ $as_echo "yes" >&6; }
+ $as_echo "#define HAVE_LIBSECCOMP 1" >>confdefs.h
+ 
+ fi
++	fi
+ 
+ 
+ { $as_echo "$as_me:${as_lineno-$LINENO}: default CC = \"$CC\"" >&5
 diff --git a/m4/man-libseccomp.m4 b/m4/man-libseccomp.m4
-index a9377317..17a52f72 100644
+index a9377317..c90e3aa4 100644
 --- a/m4/man-libseccomp.m4
 +++ b/m4/man-libseccomp.m4
 @@ -1,9 +1,18 @@
- # man-libseccomp.m4 serial 1
+-# man-libseccomp.m4 serial 1
++# man-libseccomp.m4 serial 2
  dnl MAN_LIBSECCOMP
 -dnl Check for the libseccomp library.
-+dnl Add a --with-libseccomp option.
++dnl Add a --without-libseccomp option; check for the libseccomp library.
  AC_DEFUN([MAN_LIBSECCOMP],
 -[PKG_CHECK_MODULES([libseccomp], [libseccomp],
 -	[AC_DEFINE([HAVE_LIBSECCOMP], [1],
 -		[Define to 1 if you have the `libseccomp' library.])],
 -	[:])
 +	[AC_ARG_WITH([libseccomp],
-+		[AS_HELP_STRING([--with-libseccomp],
-+			       [use libseccomp to do most subprocessing])],
++		[AS_HELP_STRING([--without-libseccomp],
++				[do not confine subprocesses using seccomp])],
 +		[],
 +		[with_libseccomp=check])
 +	if test "x$with_libseccomp" != "xno"; then
 +		PKG_CHECK_MODULES([libseccomp], [libseccomp],
 +			[AC_DEFINE([HAVE_LIBSECCOMP], [1],
 +				[Define to 1 if you have the `libseccomp' library.])],
-+			[if test "xyes" = "x$with_libseccomp"; then
-+				AC_MSG_ERROR(--with-libseccomp given but cannot find libseccomp)
++			[if test "x$with_libseccomp" = "xyes"; then
++				AC_MSG_ERROR([--with-libseccomp given but cannot find libseccomp])
 +			 fi])
 +	fi
  ]) # MAN_LIBSECCOMP

diff --git a/sys-apps/man-db/files/man-db-2.8.0-refactor_drop_privs.patch b/sys-apps/man-db/files/man-db-2.8.0-refactor_drop_privs.patch
new file mode 100644
index 00000000000..87db57afb9e
--- /dev/null
+++ b/sys-apps/man-db/files/man-db-2.8.0-refactor_drop_privs.patch
@@ -0,0 +1,120 @@
+From 24624eaf853158856b8fd0a6f78c873475a16686 Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@debian.org>
+Date: Wed, 7 Feb 2018 12:23:15 +0000
+Subject: Refactor do_system_drop_privs
+
+Now that we have pipecmd_pre_exec, this can be simplified quite a bit.
+
+* lib/security.c (drop_privs): New function.
+(do_system_drop_privs_child, do_system_drop_privs): Remove.
+* lib/security.h (drop_privs): Add prototype.
+(do_system_drop_privs): Remove prototype.
+* src/man.c (make_browser): Add drop_privs pre-exec hook to browser
+command.
+(format_display): Call browser using pipeline_run rather than
+do_system_drop_privs, since it now has a pre-exec hook to drop
+privileges.
+---
+ lib/security.c | 37 +++----------------------------------
+ lib/security.h |  2 +-
+ src/man.c      |  7 +++++--
+ 3 files changed, 9 insertions(+), 37 deletions(-)
+
+diff --git a/lib/security.c b/lib/security.c
+index 6e84de8..c9b365d 100644
+--- a/lib/security.c
++++ b/lib/security.c
+@@ -158,42 +158,11 @@ void regain_effective_privs (void)
+ #endif /* MAN_OWNER */
+ }
+ 
+-#ifdef MAN_OWNER
+-void do_system_drop_privs_child (void *data)
++/* Pipeline command pre-exec hook to permanently drop privileges. */
++void drop_privs (void *data ATTRIBUTE_UNUSED)
+ {
+-	pipeline *p = data;
+-
++#ifdef MAN_OWNER
+ 	if (idpriv_drop ())
+ 		gripe_set_euid ();
+-	exit (pipeline_run (p));
+-}
+-#endif /* MAN_OWNER */
+-
+-/* The safest way to execute a pipeline with no effective privileges is to
+- * fork, permanently drop privileges in the child, run the pipeline from the
+- * child, and wait for it to die.
+- *
+- * It is possible to use saved IDs to avoid the fork, since effective IDs
+- * are copied to saved IDs on execve; we used to do this.  However, forking
+- * is not expensive enough to justify the extra code.
+- *
+- * Note that this frees the supplied pipeline.
+- */
+-int do_system_drop_privs (pipeline *p)
+-{
+-#ifdef MAN_OWNER
+-	pipecmd *child_cmd;
+-	pipeline *child;
+-	int status;
+-
+-	child_cmd = pipecmd_new_function ("unprivileged child",
+-					  do_system_drop_privs_child, NULL, p);
+-	child = pipeline_new_commands (child_cmd, NULL);
+-	status = pipeline_run (child);
+-
+-	pipeline_free (p);
+-	return status;
+-#else  /* !MAN_OWNER */
+-	return pipeline_run (p);
+ #endif /* MAN_OWNER */
+ }
+diff --git a/lib/security.h b/lib/security.h
+index 7545502..851127d 100644
+--- a/lib/security.h
++++ b/lib/security.h
+@@ -27,7 +27,7 @@
+ /* security.c */
+ extern void drop_effective_privs (void);
+ extern void regain_effective_privs (void);
+-extern int do_system_drop_privs (struct pipeline *p);
++extern void drop_privs (void *data);
+ extern void init_security (void);
+ extern int running_setuid (void);
+ extern struct passwd *get_man_owner (void);
+diff --git a/src/man.c b/src/man.c
+index 959d6cc..ff7ebc7 100644
+--- a/src/man.c
++++ b/src/man.c
+@@ -1481,6 +1481,7 @@ static pipeline *make_roff_command (const char *dir, const char *file,
+ static pipeline *make_browser (const char *pattern, const char *file)
+ {
+ 	pipeline *p;
++	pipecmd *cmd;
+ 	char *browser = xmalloc (1);
+ 	int found_percent_s = 0;
+ 	char *percent;
+@@ -1526,7 +1527,9 @@ static pipeline *make_browser (const char *pattern, const char *file)
+ 		free (esc_file);
+ 	}
+ 
+-	p = pipeline_new_command_args ("/bin/sh", "-c", browser, NULL);
++	cmd = pipecmd_new_args ("/bin/sh", "-c", browser, NULL);
++	pipecmd_pre_exec (cmd, drop_privs, NULL, NULL);
++	p = pipeline_new_commands (cmd, NULL);
+ 	pipeline_ignore_signals (p, 1);
+ 	free (browser);
+ 
+@@ -2021,7 +2024,7 @@ static void format_display (pipeline *decomp,
+ 			pipeline *browser;
+ 			debug ("Trying browser: %s\n", candidate);
+ 			browser = make_browser (candidate, htmlfile);
+-			disp_status = do_system_drop_privs (browser);
++			disp_status = pipeline_run (browser);
+ 			if (!disp_status)
+ 				break;
+ 		}
+-- 
+cgit v1.0-41-gc330
+

diff --git a/sys-apps/man-db/files/man-db-2.8.0-seccomp_suid.patch b/sys-apps/man-db/files/man-db-2.8.0-seccomp_suid.patch
new file mode 100644
index 00000000000..f513ee8cca6
--- /dev/null
+++ b/sys-apps/man-db/files/man-db-2.8.0-seccomp_suid.patch
@@ -0,0 +1,126 @@
+From 10027a400d6a05f463f3981e1191a2f35d0cc02b Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@debian.org>
+Date: Wed, 7 Feb 2018 13:44:30 +0000
+Subject: [PATCH] Fix manconv under seccomp when man is setuid
+
+We must drop privileges before loading the sandbox.
+
+Reported by Lars Wendler.
+
+* src/manconv_client.c (manconv_pre_exec): New function.
+(manconv_stdin): Move setuid hack to ...
+(add_manconv): ... here, now implemented using a custom pre-exec hook.
+We no longer have a fall-through if dropping privileges fails, since
+that's now harder to do and wasn't really necessary in the first place.
+---
+ src/manconv_client.c | 80 +++++++++++++++++++++++++++++-----------------------
+ 1 file changed, 45 insertions(+), 35 deletions(-)
+
+diff --git a/src/manconv_client.c b/src/manconv_client.c
+index d6e010b0..41ce4790 100644
+--- a/src/manconv_client.c
++++ b/src/manconv_client.c
+@@ -56,41 +56,6 @@ static void manconv_stdin (void *data)
+ 	struct manconv_codes *codes = data;
+ 	pipeline *p;
+ 
+-#ifdef MAN_OWNER
+-	/* iconv_open may not work correctly in setuid processes; in GNU
+-	 * libc, gconv modules may be linked against other gconv modules and
+-	 * rely on RPATH $ORIGIN to load those modules from the correct
+-	 * path, but $ORIGIN is disabled in setuid processes.  It is
+-	 * impossible to reset libc's idea of setuidness without creating a
+-	 * whole new process image.  Therefore, if the calling process is
+-	 * setuid, we must drop privileges and execute manconv.
+-	 *
+-	 * If dropping privileges fails, fall through to the in-process
+-	 * code, as in some situations it may actually manage to work.
+-	 */
+-	if (running_setuid () && !idpriv_drop ()) {
+-		char **from_code;
+-		char *sources = NULL;
+-		pipecmd *cmd;
+-
+-		for (from_code = codes->from; *from_code; ++from_code) {
+-			sources = appendstr (sources, *from_code, NULL);
+-			if (*(from_code + 1))
+-				sources = appendstr (sources, ":", NULL);
+-		}
+-
+-		cmd = pipecmd_new_args (MANCONV, "-f", sources,
+-					"-t", codes->to, NULL);
+-		free (sources);
+-
+-		if (quiet >= 2)
+-			pipecmd_arg (cmd, "-q");
+-
+-		pipecmd_exec (cmd);
+-		/* never returns */
+-	}
+-#endif /* MAN_OWNER */
+-
+ 	p = decompress_fdopen (dup (STDIN_FILENO));
+ 	pipeline_start (p);
+ 	manconv (p, codes->from, codes->to);
+@@ -98,6 +63,17 @@ static void manconv_stdin (void *data)
+ 	pipeline_free (p);
+ }
+ 
++#ifdef MAN_OWNER
++static void manconv_pre_exec (void *data)
++{
++	/* We must drop privileges before loading the sandbox, since our
++	 * seccomp filter doesn't allow setresuid and friends.
++	 */
++	drop_privs (NULL);
++	sandbox_load (data);
++}
++#endif /* MAN_OWNER */
++
+ static void free_manconv_codes (void *data)
+ {
+ 	struct manconv_codes *codes = data;
+@@ -139,6 +115,40 @@ void add_manconv (pipeline *p, const char *source, const char *target)
+ 	name = appendstr (name, " -t ", codes->to, NULL);
+ 	if (quiet >= 2)
+ 		name = appendstr (name, " -q", NULL);
++
++#ifdef MAN_OWNER
++	/* iconv_open may not work correctly in setuid processes; in GNU
++	 * libc, gconv modules may be linked against other gconv modules and
++	 * rely on RPATH $ORIGIN to load those modules from the correct
++	 * path, but $ORIGIN is disabled in setuid processes.  It is
++	 * impossible to reset libc's idea of setuidness without creating a
++	 * whole new process image.  Therefore, if the calling process is
++	 * setuid, we must drop privileges and execute manconv.
++	 */
++	if (running_setuid ()) {
++		char **from_code;
++		char *sources = NULL;
++
++		cmd = pipecmd_new_args (MANCONV, "-f", NULL);
++		for (from_code = codes->from; *from_code; ++from_code) {
++			sources = appendstr (sources, *from_code, NULL);
++			if (*(from_code + 1))
++				sources = appendstr (sources, ":", NULL);
++		}
++		pipecmd_arg (cmd, sources);
++		free (sources);
++		pipecmd_args (cmd, "-t", codes->to, NULL);
++		if (quiet >= 2)
++			pipecmd_arg (cmd, "-q");
++		pipecmd_pre_exec (cmd, manconv_pre_exec, sandbox_free,
++				  sandbox);
++		free (name);
++		free_manconv_codes (codes);
++		pipeline_command (p, cmd);
++		return;
++	}
++#endif /* MAN_OWNER */
++
+ 	cmd = pipecmd_new_function (name, &manconv_stdin, &free_manconv_codes,
+ 				    codes);
+ 	free (name);
+-- 
+2.16.1
+

diff --git a/sys-apps/man-db/man-db-2.8.0.ebuild b/sys-apps/man-db/man-db-2.8.0-r1.ebuild
similarity index 87%
rename from sys-apps/man-db/man-db-2.8.0.ebuild
rename to sys-apps/man-db/man-db-2.8.0-r1.ebuild
index 10c1e80763d..1ff3ca11d5c 100644
--- a/sys-apps/man-db/man-db-2.8.0.ebuild
+++ b/sys-apps/man-db/man-db-2.8.0-r1.ebuild
@@ -3,7 +3,7 @@
 
 EAPI=6
 
-inherit autotools ltprune user versionator
+inherit ltprune user versionator
 
 DESCRIPTION="a man replacement that utilizes berkdb instead of flat files"
 HOMEPAGE="http://www.nongnu.org/man-db/"
@@ -12,7 +12,7 @@ SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz"
 LICENSE="GPL-3"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~arm-linux ~x86-linux"
-IUSE="berkdb +gdbm +manpager nls selinux static-libs zlib"
+IUSE="berkdb +gdbm +manpager nls seccomp selinux static-libs zlib"
 
 CDEPEND="
 	!sys-apps/man
@@ -21,6 +21,7 @@ CDEPEND="
 	berkdb? ( sys-libs/db:= )
 	gdbm? ( sys-libs/gdbm:= )
 	!berkdb? ( !gdbm? ( sys-libs/gdbm:= ) )
+	seccomp? ( sys-libs/libseccomp )
 	zlib? ( sys-libs/zlib )
 "
 DEPEND="
@@ -39,7 +40,9 @@ RDEPEND="
 PDEPEND="manpager? ( app-text/manpager )"
 
 PATCHES=(
-	"${FILESDIR}/${PN}-2.8.0-libseccomp_automagic.patch"
+	"${FILESDIR}/${P}-refactor_drop_privs.patch"
+	"${FILESDIR}/${P}-seccomp_suid.patch"
+	"${FILESDIR}/${P}-libseccomp_automagic.patch"
 )
 
 pkg_setup() {
@@ -52,11 +55,6 @@ pkg_setup() {
 	fi
 }
 
-src_prepare() {
-	default
-	eautoreconf
-}
-
 src_configure() {
 	export ac_cv_lib_z_gzopen=$(usex zlib)
 	local myeconfargs=(
@@ -67,10 +65,7 @@ src_configure() {
 		--with-sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o 1x 2x 3x 4x 5x 6x 7x 8x"
 		$(use_enable nls)
 		$(use_enable static-libs static)
-		# fails to show any man page with this error message:
-		# man: /usr/libexec/man-db/manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE: Bad system call
-		# This will be made optional or hard enabled once the issue has been resolved.
-		--without-libseccomp
+		$(use_with seccomp libseccomp)
 		--with-db=$(usex gdbm gdbm $(usex berkdb db gdbm))
 	)
 	econf "${myeconfargs[@]}"

[gentoo-commits] repo/gentoo:master commit in: sys-apps/man-db/files/, sys-apps/man-db/

[Lars Wendler]

commit:     8607cad379185ee6b427dc78dcf7c5fcd90de541
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Thu Feb  8 11:56:06 2018 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Thu Feb  8 11:56:55 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8607cad3

sys-apps/man-db: Revump to drop seccomp again. It segfaults.

Might re-add seccomp once 2.8.1 has been released.

Package-Manager: Portage-2.3.24, Repoman-2.3.6

 .../files/man-db-2.8.0-refactor_drop_privs.patch   | 120 --------------------
 .../man-db/files/man-db-2.8.0-seccomp_suid.patch   | 126 ---------------------
 ...n-db-2.8.0-r1.ebuild => man-db-2.8.0-r2.ebuild} |   7 +-
 3 files changed, 2 insertions(+), 251 deletions(-)

diff --git a/sys-apps/man-db/files/man-db-2.8.0-refactor_drop_privs.patch b/sys-apps/man-db/files/man-db-2.8.0-refactor_drop_privs.patch
deleted file mode 100644
index 87db57afb9e..00000000000
--- a/sys-apps/man-db/files/man-db-2.8.0-refactor_drop_privs.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-From 24624eaf853158856b8fd0a6f78c873475a16686 Mon Sep 17 00:00:00 2001
-From: Colin Watson <cjwatson@debian.org>
-Date: Wed, 7 Feb 2018 12:23:15 +0000
-Subject: Refactor do_system_drop_privs
-
-Now that we have pipecmd_pre_exec, this can be simplified quite a bit.
-
-* lib/security.c (drop_privs): New function.
-(do_system_drop_privs_child, do_system_drop_privs): Remove.
-* lib/security.h (drop_privs): Add prototype.
-(do_system_drop_privs): Remove prototype.
-* src/man.c (make_browser): Add drop_privs pre-exec hook to browser
-command.
-(format_display): Call browser using pipeline_run rather than
-do_system_drop_privs, since it now has a pre-exec hook to drop
-privileges.
----
- lib/security.c | 37 +++----------------------------------
- lib/security.h |  2 +-
- src/man.c      |  7 +++++--
- 3 files changed, 9 insertions(+), 37 deletions(-)
-
-diff --git a/lib/security.c b/lib/security.c
-index 6e84de8..c9b365d 100644
---- a/lib/security.c
-+++ b/lib/security.c
-@@ -158,42 +158,11 @@ void regain_effective_privs (void)
- #endif /* MAN_OWNER */
- }
- 
--#ifdef MAN_OWNER
--void do_system_drop_privs_child (void *data)
-+/* Pipeline command pre-exec hook to permanently drop privileges. */
-+void drop_privs (void *data ATTRIBUTE_UNUSED)
- {
--	pipeline *p = data;
--
-+#ifdef MAN_OWNER
- 	if (idpriv_drop ())
- 		gripe_set_euid ();
--	exit (pipeline_run (p));
--}
--#endif /* MAN_OWNER */
--
--/* The safest way to execute a pipeline with no effective privileges is to
-- * fork, permanently drop privileges in the child, run the pipeline from the
-- * child, and wait for it to die.
-- *
-- * It is possible to use saved IDs to avoid the fork, since effective IDs
-- * are copied to saved IDs on execve; we used to do this.  However, forking
-- * is not expensive enough to justify the extra code.
-- *
-- * Note that this frees the supplied pipeline.
-- */
--int do_system_drop_privs (pipeline *p)
--{
--#ifdef MAN_OWNER
--	pipecmd *child_cmd;
--	pipeline *child;
--	int status;
--
--	child_cmd = pipecmd_new_function ("unprivileged child",
--					  do_system_drop_privs_child, NULL, p);
--	child = pipeline_new_commands (child_cmd, NULL);
--	status = pipeline_run (child);
--
--	pipeline_free (p);
--	return status;
--#else  /* !MAN_OWNER */
--	return pipeline_run (p);
- #endif /* MAN_OWNER */
- }
-diff --git a/lib/security.h b/lib/security.h
-index 7545502..851127d 100644
---- a/lib/security.h
-+++ b/lib/security.h
-@@ -27,7 +27,7 @@
- /* security.c */
- extern void drop_effective_privs (void);
- extern void regain_effective_privs (void);
--extern int do_system_drop_privs (struct pipeline *p);
-+extern void drop_privs (void *data);
- extern void init_security (void);
- extern int running_setuid (void);
- extern struct passwd *get_man_owner (void);
-diff --git a/src/man.c b/src/man.c
-index 959d6cc..ff7ebc7 100644
---- a/src/man.c
-+++ b/src/man.c
-@@ -1481,6 +1481,7 @@ static pipeline *make_roff_command (const char *dir, const char *file,
- static pipeline *make_browser (const char *pattern, const char *file)
- {
- 	pipeline *p;
-+	pipecmd *cmd;
- 	char *browser = xmalloc (1);
- 	int found_percent_s = 0;
- 	char *percent;
-@@ -1526,7 +1527,9 @@ static pipeline *make_browser (const char *pattern, const char *file)
- 		free (esc_file);
- 	}
- 
--	p = pipeline_new_command_args ("/bin/sh", "-c", browser, NULL);
-+	cmd = pipecmd_new_args ("/bin/sh", "-c", browser, NULL);
-+	pipecmd_pre_exec (cmd, drop_privs, NULL, NULL);
-+	p = pipeline_new_commands (cmd, NULL);
- 	pipeline_ignore_signals (p, 1);
- 	free (browser);
- 
-@@ -2021,7 +2024,7 @@ static void format_display (pipeline *decomp,
- 			pipeline *browser;
- 			debug ("Trying browser: %s\n", candidate);
- 			browser = make_browser (candidate, htmlfile);
--			disp_status = do_system_drop_privs (browser);
-+			disp_status = pipeline_run (browser);
- 			if (!disp_status)
- 				break;
- 		}
--- 
-cgit v1.0-41-gc330
-

diff --git a/sys-apps/man-db/files/man-db-2.8.0-seccomp_suid.patch b/sys-apps/man-db/files/man-db-2.8.0-seccomp_suid.patch
deleted file mode 100644
index f513ee8cca6..00000000000
--- a/sys-apps/man-db/files/man-db-2.8.0-seccomp_suid.patch
+++ /dev/null
@@ -1,126 +0,0 @@
-From 10027a400d6a05f463f3981e1191a2f35d0cc02b Mon Sep 17 00:00:00 2001
-From: Colin Watson <cjwatson@debian.org>
-Date: Wed, 7 Feb 2018 13:44:30 +0000
-Subject: [PATCH] Fix manconv under seccomp when man is setuid
-
-We must drop privileges before loading the sandbox.
-
-Reported by Lars Wendler.
-
-* src/manconv_client.c (manconv_pre_exec): New function.
-(manconv_stdin): Move setuid hack to ...
-(add_manconv): ... here, now implemented using a custom pre-exec hook.
-We no longer have a fall-through if dropping privileges fails, since
-that's now harder to do and wasn't really necessary in the first place.
----
- src/manconv_client.c | 80 +++++++++++++++++++++++++++++-----------------------
- 1 file changed, 45 insertions(+), 35 deletions(-)
-
-diff --git a/src/manconv_client.c b/src/manconv_client.c
-index d6e010b0..41ce4790 100644
---- a/src/manconv_client.c
-+++ b/src/manconv_client.c
-@@ -56,41 +56,6 @@ static void manconv_stdin (void *data)
- 	struct manconv_codes *codes = data;
- 	pipeline *p;
- 
--#ifdef MAN_OWNER
--	/* iconv_open may not work correctly in setuid processes; in GNU
--	 * libc, gconv modules may be linked against other gconv modules and
--	 * rely on RPATH $ORIGIN to load those modules from the correct
--	 * path, but $ORIGIN is disabled in setuid processes.  It is
--	 * impossible to reset libc's idea of setuidness without creating a
--	 * whole new process image.  Therefore, if the calling process is
--	 * setuid, we must drop privileges and execute manconv.
--	 *
--	 * If dropping privileges fails, fall through to the in-process
--	 * code, as in some situations it may actually manage to work.
--	 */
--	if (running_setuid () && !idpriv_drop ()) {
--		char **from_code;
--		char *sources = NULL;
--		pipecmd *cmd;
--
--		for (from_code = codes->from; *from_code; ++from_code) {
--			sources = appendstr (sources, *from_code, NULL);
--			if (*(from_code + 1))
--				sources = appendstr (sources, ":", NULL);
--		}
--
--		cmd = pipecmd_new_args (MANCONV, "-f", sources,
--					"-t", codes->to, NULL);
--		free (sources);
--
--		if (quiet >= 2)
--			pipecmd_arg (cmd, "-q");
--
--		pipecmd_exec (cmd);
--		/* never returns */
--	}
--#endif /* MAN_OWNER */
--
- 	p = decompress_fdopen (dup (STDIN_FILENO));
- 	pipeline_start (p);
- 	manconv (p, codes->from, codes->to);
-@@ -98,6 +63,17 @@ static void manconv_stdin (void *data)
- 	pipeline_free (p);
- }
- 
-+#ifdef MAN_OWNER
-+static void manconv_pre_exec (void *data)
-+{
-+	/* We must drop privileges before loading the sandbox, since our
-+	 * seccomp filter doesn't allow setresuid and friends.
-+	 */
-+	drop_privs (NULL);
-+	sandbox_load (data);
-+}
-+#endif /* MAN_OWNER */
-+
- static void free_manconv_codes (void *data)
- {
- 	struct manconv_codes *codes = data;
-@@ -139,6 +115,40 @@ void add_manconv (pipeline *p, const char *source, const char *target)
- 	name = appendstr (name, " -t ", codes->to, NULL);
- 	if (quiet >= 2)
- 		name = appendstr (name, " -q", NULL);
-+
-+#ifdef MAN_OWNER
-+	/* iconv_open may not work correctly in setuid processes; in GNU
-+	 * libc, gconv modules may be linked against other gconv modules and
-+	 * rely on RPATH $ORIGIN to load those modules from the correct
-+	 * path, but $ORIGIN is disabled in setuid processes.  It is
-+	 * impossible to reset libc's idea of setuidness without creating a
-+	 * whole new process image.  Therefore, if the calling process is
-+	 * setuid, we must drop privileges and execute manconv.
-+	 */
-+	if (running_setuid ()) {
-+		char **from_code;
-+		char *sources = NULL;
-+
-+		cmd = pipecmd_new_args (MANCONV, "-f", NULL);
-+		for (from_code = codes->from; *from_code; ++from_code) {
-+			sources = appendstr (sources, *from_code, NULL);
-+			if (*(from_code + 1))
-+				sources = appendstr (sources, ":", NULL);
-+		}
-+		pipecmd_arg (cmd, sources);
-+		free (sources);
-+		pipecmd_args (cmd, "-t", codes->to, NULL);
-+		if (quiet >= 2)
-+			pipecmd_arg (cmd, "-q");
-+		pipecmd_pre_exec (cmd, manconv_pre_exec, sandbox_free,
-+				  sandbox);
-+		free (name);
-+		free_manconv_codes (codes);
-+		pipeline_command (p, cmd);
-+		return;
-+	}
-+#endif /* MAN_OWNER */
-+
- 	cmd = pipecmd_new_function (name, &manconv_stdin, &free_manconv_codes,
- 				    codes);
- 	free (name);
--- 
-2.16.1
-

diff --git a/sys-apps/man-db/man-db-2.8.0-r1.ebuild b/sys-apps/man-db/man-db-2.8.0-r2.ebuild
similarity index 93%
rename from sys-apps/man-db/man-db-2.8.0-r1.ebuild
rename to sys-apps/man-db/man-db-2.8.0-r2.ebuild
index 1ff3ca11d5c..cb7cf8d1c4e 100644
--- a/sys-apps/man-db/man-db-2.8.0-r1.ebuild
+++ b/sys-apps/man-db/man-db-2.8.0-r2.ebuild
@@ -12,7 +12,7 @@ SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz"
 LICENSE="GPL-3"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~arm-linux ~x86-linux"
-IUSE="berkdb +gdbm +manpager nls seccomp selinux static-libs zlib"
+IUSE="berkdb +gdbm +manpager nls selinux static-libs zlib"
 
 CDEPEND="
 	!sys-apps/man
@@ -21,7 +21,6 @@ CDEPEND="
 	berkdb? ( sys-libs/db:= )
 	gdbm? ( sys-libs/gdbm:= )
 	!berkdb? ( !gdbm? ( sys-libs/gdbm:= ) )
-	seccomp? ( sys-libs/libseccomp )
 	zlib? ( sys-libs/zlib )
 "
 DEPEND="
@@ -40,8 +39,6 @@ RDEPEND="
 PDEPEND="manpager? ( app-text/manpager )"
 
 PATCHES=(
-	"${FILESDIR}/${P}-refactor_drop_privs.patch"
-	"${FILESDIR}/${P}-seccomp_suid.patch"
 	"${FILESDIR}/${P}-libseccomp_automagic.patch"
 )
 
@@ -65,7 +62,7 @@ src_configure() {
 		--with-sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o 1x 2x 3x 4x 5x 6x 7x 8x"
 		$(use_enable nls)
 		$(use_enable static-libs static)
-		$(use_with seccomp libseccomp)
+		--without-libseccomp
 		--with-db=$(usex gdbm gdbm $(usex berkdb db gdbm))
 	)
 	econf "${myeconfargs[@]}"

[gentoo-commits] repo/gentoo:master commit in: sys-apps/man-db/files/, sys-apps/man-db/

[Lars Wendler]

commit:     5f96b31dfd4738313f0ffbde83945f64c2b46ca2
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Tue Apr 21 07:37:32 2020 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Tue Apr 21 07:37:32 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5f96b31d

sys-apps/man-db: Removed old

Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

 sys-apps/man-db/Manifest                 |   2 -
 sys-apps/man-db/files/man-db.cron        |  11 ---
 sys-apps/man-db/man-db-2.7.6.1-r2.ebuild | 110 ----------------------
 sys-apps/man-db/man-db-2.9.0.ebuild      | 157 -------------------------------
 4 files changed, 280 deletions(-)

diff --git a/sys-apps/man-db/Manifest b/sys-apps/man-db/Manifest
index 6e12ba7270a..071f45cf4b9 100644
--- a/sys-apps/man-db/Manifest
+++ b/sys-apps/man-db/Manifest
@@ -1,4 +1,2 @@
-DIST man-db-2.7.6.1.tar.xz 1541316 BLAKE2B ea3aa7e90ea8af4882bd99d99374cc37d9c0c7f70bb970973eb3f2178aa4323bcdebc7f39f142ec0144dbe55a9f86aba15d9fe281d2662d280b8e6dca9452f24 SHA512 623c5e7f8b7c289908b2c926f8777293b8d39aeceef0d2509d701a8b0bfa81408650f655c8608318221786c751a79ee91124b07993de5298cd7fa6d8bb737301
 DIST man-db-2.8.7.tar.xz 1839012 BLAKE2B 19b438b1083cfd838421f29ed053fe85686929bc9f2105fe399ea99622f138bca2c8888a17cddb9223362db2d5f9c4bb3669865ecf749fe845ea8e4223027f67 SHA512 9f9d6f3b776c0b35f95c179fb668f2dc3db3d3e63a162cfda98c5d126fe147f2418e1a1503037ebe28314f57d9b6f48b7f7674d611df14424973a866a61ff2d9
-DIST man-db-2.9.0.tar.xz 1857216 BLAKE2B b797c1bc48027346114d35f00624686daa7e139cf5836e207b482d645009b95577bc13cbad3f1b2498e8c7e8c2f530d43aa8dec96ebad6bb84e6cc77064319d1 SHA512 7deb4421c7944276c6edf974b1336ee2f6605ee470c98d374544e2fcaa32ec2afe077c5fd020fc1f74df058384a293b8ad5a92d86b1c15a949573af46ba09cda
 DIST man-db-2.9.1.tar.xz 1875456 BLAKE2B 42d7d5f49bf19e031bde18dd60cbf18a7656e8756f2cc5d3789cab6ea82283115ed0303ae2f7f7ffd3e32310302b7b70b4e39704bd5c2a08ab60a38905d8c448 SHA512 ae2d1e9f293795c63f5a9a1a765478a9a59cbe5fe6f759647be5057c1ae53f90baee8d5467921f3d0102300f2111a5026eeb25f78401bcb16ce45ad790634977

diff --git a/sys-apps/man-db/files/man-db.cron b/sys-apps/man-db/files/man-db.cron
deleted file mode 100644
index b3794f25573..00000000000
--- a/sys-apps/man-db/files/man-db.cron
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-# Use same perms/settings as the ebuild.
-cachedir="/var/cache/man"
-if [ ! -d "${cachedir}" ]; then
-	mkdir -p "${cachedir}"
-	chown man:man "${cachedir}"
-	chmod 0755 "${cachedir}"
-fi
-
-exec nice mandb --quiet

diff --git a/sys-apps/man-db/man-db-2.7.6.1-r2.ebuild b/sys-apps/man-db/man-db-2.7.6.1-r2.ebuild
deleted file mode 100644
index a4faae26809..00000000000
--- a/sys-apps/man-db/man-db-2.7.6.1-r2.ebuild
+++ /dev/null
@@ -1,110 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit eutils ltprune user versionator
-
-DESCRIPTION="a man replacement that utilizes berkdb instead of flat files"
-HOMEPAGE="http://www.nongnu.org/man-db/"
-SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~amd64-linux ~x86-linux"
-IUSE="berkdb +gdbm +manpager nls selinux static-libs zlib"
-
-CDEPEND=">=dev-libs/libpipeline-1.4.0
-	berkdb? ( sys-libs/db:= )
-	gdbm? ( sys-libs/gdbm:= )
-	!berkdb? ( !gdbm? ( sys-libs/gdbm:= ) )
-	sys-apps/groff
-	zlib? ( sys-libs/zlib )
-	!sys-apps/man"
-DEPEND="${CDEPEND}
-	app-arch/xz-utils
-	virtual/pkgconfig
-	nls? (
-		>=app-text/po4a-0.45
-		sys-devel/gettext
-	)"
-RDEPEND="${CDEPEND}
-	selinux? ( sec-policy/selinux-mandb )
-"
-PDEPEND="manpager? ( app-text/manpager )"
-
-pkg_setup() {
-	# Create user now as Makefile in src_install does setuid/chown
-	enewgroup man 15
-	enewuser man 13 -1 /usr/share/man man
-
-	if (use gdbm && use berkdb) || (use !gdbm && use !berkdb) ; then #496150
-		ewarn "Defaulting to USE=gdbm due to ambiguous berkdb/gdbm USE flag settings"
-	fi
-}
-
-src_configure() {
-	export ac_cv_lib_z_gzopen=$(usex zlib)
-	local myeconfargs=(
-		--docdir='$(datarootdir)'/doc/${PF}
-		--with-systemdtmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d
-		--enable-setuid
-		--enable-cache-owner=man
-		--with-sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o 1x 2x 3x 4x 5x 6x 7x 8x"
-		$(use_enable nls)
-		$(use_enable static-libs static)
-		--with-db=$(usex gdbm gdbm $(usex berkdb db gdbm))
-	)
-	econf "${myeconfargs[@]}"
-
-	# Disable color output from groff so that the manpager can add it. #184604
-	sed -i \
-		-e '/^#DEFINE.*\<[nt]roff\>/{s:^#::;s:$: -c:}' \
-		src/man_db.conf || die
-}
-
-src_install() {
-	default
-	dodoc docs/{HACKING,TODO}
-	prune_libtool_files
-
-	exeinto /etc/cron.daily
-	newexe "${FILESDIR}"/man-db.cron man-db #289884
-}
-
-pkg_preinst() {
-	local cachedir="${EROOT}var/cache/man"
-	# If the system was already exploited, and the attacker is hiding in the
-	# cachedir of the old man-db, let's wipe them out.
-	# see bug  #602588 comment 18
-	local _replacing_version=
-	local _setgid_vuln=0
-	for _replacing_version in ${REPLACING_VERSIONS}; do
-		if version_is_at_least '2.7.6.1-r2' "${_replacing_version}"; then
-			debug-print "Skipping security bug #602588 ... existing installation (${_replacing_version}) should not be affected!"
-		else
-			_setgid_vuln=1
-			debug-print "Applying cleanup for security bug #602588"
-		fi
-	done
-	[[ ${_setgid_vuln} -eq 1 ]] && rm -rf "${cachedir}"
-
-	# Fall back to recreating the cachedir
-	if [[ ! -d ${cachedir} ]] ; then
-		mkdir -p "${cachedir}" || die
-		chown man:man "${cachedir}" || die
-	fi
-
-	# Update the whatis cache
-	if [[ -f ${cachedir}/whatis ]] ; then
-		einfo "Cleaning ${cachedir} from sys-apps/man"
-		find "${cachedir}" -type f '!' '(' -name index.bt -o -name index.db ')' -delete
-	fi
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 7 ]] ; then
-		einfo "Rebuilding man-db from scratch with new database format!"
-		mandb --quiet --create
-	fi
-}

diff --git a/sys-apps/man-db/man-db-2.9.0.ebuild b/sys-apps/man-db/man-db-2.9.0.ebuild
deleted file mode 100644
index 92546556c66..00000000000
--- a/sys-apps/man-db/man-db-2.9.0.ebuild
+++ /dev/null
@@ -1,157 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit systemd
-
-DESCRIPTION="a man replacement that utilizes berkdb instead of flat files"
-HOMEPAGE="http://www.nongnu.org/man-db/"
-if [[ "${PV}" = 9999* ]] ; then
-	inherit autotools git-r3
-	EGIT_REPO_URI="https://git.savannah.gnu.org/git/man-db.git"
-else
-	SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz"
-	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
-fi
-
-LICENSE="GPL-3"
-SLOT="0"
-IUSE="berkdb +gdbm +manpager nls +seccomp selinux static-libs zlib"
-
-CDEPEND="
-	!sys-apps/man
-	>=dev-libs/libpipeline-1.5.0
-	sys-apps/groff
-	gdbm? ( sys-libs/gdbm:= )
-	!gdbm? ( berkdb? ( sys-libs/db:= ) )
-	!berkdb? ( !gdbm? ( sys-libs/gdbm:= ) )
-	seccomp? ( sys-libs/libseccomp )
-	zlib? ( sys-libs/zlib )
-"
-DEPEND="${CDEPEND}"
-BDEPEND="
-	app-arch/xz-utils
-	virtual/pkgconfig
-	nls? (
-		>=app-text/po4a-0.45
-		sys-devel/gettext
-	)
-"
-RDEPEND="
-	${CDEPEND}
-	acct-group/man
-	acct-user/man
-	selinux? ( sec-policy/selinux-mandb )
-"
-PDEPEND="manpager? ( app-text/manpager )"
-
-pkg_setup() {
-	if (use gdbm && use berkdb) || (use !gdbm && use !berkdb) ; then #496150
-		ewarn "Defaulting to USE=gdbm due to ambiguous berkdb/gdbm USE flag settings"
-	fi
-}
-
-src_unpack() {
-	if [[ "${PV}" == *9999 ]] ; then
-		git-r3_src_unpack
-
-		# We need to mess with gnulib :-/
-		EGIT_REPO_URI="https://git.savannah.gnu.org/r/gnulib.git" \
-		EGIT_CHECKOUT_DIR="${WORKDIR}/gnulib" \
-		git-r3_src_unpack
-	else
-		default
-	fi
-}
-
-src_prepare() {
-	default
-	if [[ "${PV}" == *9999 ]] ; then
-		local bootstrap_opts=(
-			--gnulib-srcdir=../gnulib
-			--no-bootstrap-sync
-			--copy
-			--no-git
-		)
-		AUTORECONF="/bin/true" \
-		LIBTOOLIZE="/bin/true" \
-		sh ./bootstrap "${bootstrap_opts[@]}" || die
-
-		eautoreconf
-	fi
-}
-
-src_configure() {
-	export ac_cv_lib_z_gzopen=$(usex zlib)
-	local myeconfargs=(
-		--with-systemdtmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d
-		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
-		--disable-setuid #662438
-		--enable-cache-owner=man
-		--with-sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o 1x 2x 3x 4x 5x 6x 7x 8x"
-		$(use_enable nls)
-		$(use_enable static-libs static)
-		$(use_with seccomp libseccomp)
-		--with-db=$(usex gdbm gdbm $(usex berkdb db gdbm))
-	)
-	econf "${myeconfargs[@]}"
-
-	# Disable color output from groff so that the manpager can add it. #184604
-	sed -i \
-		-e '/^#DEFINE.*\<[nt]roff\>/{s:^#::;s:$: -c:}' \
-		src/man_db.conf || die
-
-	cat > 15man-db <<-EOF || die
-	SANDBOX_PREDICT="/var/cache/man"
-	EOF
-}
-
-src_install() {
-	default
-	dodoc docs/{HACKING,TODO}
-	find "${ED}" -name "*.la" -delete || die
-
-	exeinto /etc/cron.daily
-	newexe "${FILESDIR}"/man-db.cron-r1 man-db #289884
-
-	insinto /etc/sandbox.d
-	doins 15man-db
-}
-
-pkg_preinst() {
-	local cachedir="${EROOT}/var/cache/man"
-	# If the system was already exploited, and the attacker is hiding in the
-	# cachedir of the old man-db, let's wipe them out.
-	# see bug  #602588 comment 18
-	local _replacing_version=
-	local _setgid_vuln=0
-	for _replacing_version in ${REPLACING_VERSIONS}; do
-		if ver_test '2.7.6.1-r2' -le "${_replacing_version}"; then
-			debug-print "Skipping security bug #602588 ... existing installation (${_replacing_version}) should not be affected!"
-		else
-			_setgid_vuln=1
-			debug-print "Applying cleanup for security bug #602588"
-		fi
-	done
-	[[ ${_setgid_vuln} -eq 1 ]] && rm -rf "${cachedir}"
-
-	# Fall back to recreating the cachedir
-	if [[ ! -d ${cachedir} ]] ; then
-		mkdir -p "${cachedir}" || die
-		chown man:man "${cachedir}" || die
-	fi
-
-	# Update the whatis cache
-	if [[ -f ${cachedir}/whatis ]] ; then
-		einfo "Cleaning ${cachedir} from sys-apps/man"
-		find "${cachedir}" -type f '!' '(' -name index.bt -o -name index.db ')' -delete
-	fi
-}
-
-pkg_postinst() {
-	if [[ $(ver_cut 2 ${REPLACING_VERSIONS}) -lt 7 ]] ; then
-		einfo "Rebuilding man-db from scratch with new database format!"
-		su man -s /bin/sh -c 'mandb --quiet --create' 2>/dev/null
-	fi
-}