public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] repo/gentoo:master commit in: sys-auth/munge/, sys-auth/munge/files/
@ 2016-12-15  4:43 Jason Donenfeld
  0 siblings, 0 replies; 2+ messages in thread
From: Jason Donenfeld @ 2016-12-15  4:43 UTC (permalink / raw
  To: gentoo-commits

commit:     38b6fafecf4a802d0c7d9f6b0a6ddf4c94056220
Author:     Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Thu Dec 15 04:40:30 2016 +0000
Commit:     Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Thu Dec 15 04:42:03 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=38b6fafe

sys-auth/munge: fix lpe, bug 602596

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 sys-auth/munge/files/munged.initd                          | 14 +++++++++-----
 .../{munge-0.5.10-r1.ebuild => munge-0.5.10-r2.ebuild}     |  3 +--
 .../munge/{munge-0.5.11.ebuild => munge-0.5.11-r1.ebuild}  |  1 -
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/sys-auth/munge/files/munged.initd b/sys-auth/munge/files/munged.initd
index d1ac230..c53219d 100644
--- a/sys-auth/munge/files/munged.initd
+++ b/sys-auth/munge/files/munged.initd
@@ -1,5 +1,5 @@
 #!/sbin/openrc-run
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2016 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Id$
 
@@ -9,20 +9,24 @@ depend() {
 
 check_key() {
 	[ -s "${KEYFILE}" ] && return 0
-	dd if=/dev/urandom bs=1 count=1024 >/etc/munge/munge.key 2>/dev/null || return 1
-	chown munge:munge "${KEYFILE}" || return 1
-	chmod 700 "${KEYFILE}" || return 1
+	local old_umask=$(umask)
+	local ret
+	umask 037
+	dd if=/dev/urandom bs=1024 count=1 of="${KEYFILE}" 2>/dev/null; ret=$?
+	umask $old_umask
+	return $ret
 }
 
 start() {
 	ebegin "Starting munged"
 	if ! check_key; then
-		eerror "Failed to verify/create munge key"
+		eerror "Failed to create munge key"
 		eend 1 && exit 1
 	fi
 	checkpath -d -m 755 -o munge:munge /var/run/munge
 	checkpath -d -m 711 -o munge:munge /var/lib/munge
 	checkpath -d -m 700 -o munge:munge /var/log/munge
+	checkpath -f -m 640 -o root:munge "${KEYFILE}"
 	start-stop-daemon -S /usr/sbin/munged \
 		--user munge \
 		--group munge \

diff --git a/sys-auth/munge/munge-0.5.10-r1.ebuild b/sys-auth/munge/munge-0.5.10-r2.ebuild
similarity index 94%
rename from sys-auth/munge/munge-0.5.10-r1.ebuild
rename to sys-auth/munge/munge-0.5.10-r2.ebuild
index db28eb0..35975e8 100644
--- a/sys-auth/munge/munge-0.5.10-r1.ebuild
+++ b/sys-auth/munge/munge-0.5.10-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2014 Gentoo Foundation
+# Copyright 1999-2016 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Id$
 
@@ -46,7 +46,6 @@ src_install() {
 		rm -rf "${D}"/var/run || die
 	fi
 
-	diropts -o munge -g munge -m700
 	dodir /etc/munge || die
 
 	[ -d "${D}"/etc/init.d ] && rm -r "${D}"/etc/init.d

diff --git a/sys-auth/munge/munge-0.5.11.ebuild b/sys-auth/munge/munge-0.5.11-r1.ebuild
similarity index 96%
rename from sys-auth/munge/munge-0.5.11.ebuild
rename to sys-auth/munge/munge-0.5.11-r1.ebuild
index 5ca4865..4736ded 100644
--- a/sys-auth/munge/munge-0.5.11.ebuild
+++ b/sys-auth/munge/munge-0.5.11-r1.ebuild
@@ -51,7 +51,6 @@ src_install() {
 		rm -rf "${ED}"/var/run || die
 	fi
 
-	[[ ${EUID} = 0 ]] && diropts -o munge -g munge -m700
 	dodir /etc/munge
 
 	for d in "init.d" "default" "sysconfig"; do


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: sys-auth/munge/, sys-auth/munge/files/
@ 2018-11-10 13:25 Justin Lecher
  0 siblings, 0 replies; 2+ messages in thread
From: Justin Lecher @ 2018-11-10 13:25 UTC (permalink / raw
  To: gentoo-commits

commit:     00465fcf6c74c73407d7247a915354fd7c0d8cf6
Author:     Justin Lecher <jlec <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 10 12:04:54 2018 +0000
Commit:     Justin Lecher <jlec <AT> gentoo <DOT> org>
CommitDate: Sat Nov 10 13:25:36 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=00465fcf

sys-auth/munge: Fix munge.key permission problems

Closes: https://bugs.gentoo.org/624962
Signed-off-by: Justin Lecher <jlec <AT> gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11

 sys-auth/munge/files/munged.initd     |  4 +-
 sys-auth/munge/munge-0.5.13-r1.ebuild | 69 +++++++++++++++++++++++++++++++++++
 2 files changed, 71 insertions(+), 2 deletions(-)

diff --git a/sys-auth/munge/files/munged.initd b/sys-auth/munge/files/munged.initd
index e028d4ffd16..6bb0a1097f2 100644
--- a/sys-auth/munge/files/munged.initd
+++ b/sys-auth/munge/files/munged.initd
@@ -1,5 +1,5 @@
 #!/sbin/openrc-run
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 depend() {
@@ -25,7 +25,7 @@ start() {
 	checkpath -d -m 755 -o munge:munge /var/run/munge
 	checkpath -d -m 711 -o munge:munge /var/lib/munge
 	checkpath -d -m 700 -o munge:munge /var/log/munge
-	checkpath -f -m 640 -o root:munge "${KEYFILE}"
+	checkpath -f -m 600 -o munge:munge "${KEYFILE}"
 	start-stop-daemon -S /usr/sbin/munged \
 		--user munge \
 		--group munge \

diff --git a/sys-auth/munge/munge-0.5.13-r1.ebuild b/sys-auth/munge/munge-0.5.13-r1.ebuild
new file mode 100644
index 00000000000..b84cd36bf18
--- /dev/null
+++ b/sys-auth/munge/munge-0.5.13-r1.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools user prefix
+
+DESCRIPTION="An authentication service for creating and validating credentials"
+HOMEPAGE="https://github.com/dun/munge"
+SRC_URI="https://github.com/dun/munge/releases/download/munge-${PV}/munge-${PV}.tar.xz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
+IUSE="debug gcrypt static-libs"
+
+DEPEND="
+	app-arch/bzip2
+	sys-libs/zlib
+	gcrypt? ( dev-libs/libgcrypt:0 )
+	!gcrypt? ( dev-libs/openssl:0 )"
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+	enewgroup munge
+	enewuser munge -1 -1 /var/lib/munge munge
+}
+
+src_prepare() {
+	default
+
+	hprefixify config/x_ac_path_openssl.m4
+
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		--localstatedir="${EPREFIX}"/var \
+		--with-crypto-lib=$(usex gcrypt libgcrypt openssl) \
+		$(use_enable debug) \
+		$(use_enable static-libs static)
+}
+
+src_install() {
+	local d
+
+	default
+
+	# 450830
+	if [ -d "${ED}"/var/run ]; then
+		rm -rf "${ED}"/var/run || die
+	fi
+
+	dodir /etc/munge
+
+	for d in "init.d" "default" "sysconfig"; do
+		if [ -d "${ED}"/etc/${d} ]; then
+			rm -r "${ED}"/etc/${d} || die
+		fi
+	done
+
+	newconfd "$(prefixify_ro "${FILESDIR}"/${PN}d.confd)" ${PN}d
+	newinitd "$(prefixify_ro "${FILESDIR}"/${PN}d.initd)" ${PN}d
+
+	if ! use static-libs; then
+		find "${D}" -name '*.la' -delete || die
+	fi
+}


^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2018-11-10 13:25 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-11-10 13:25 [gentoo-commits] repo/gentoo:master commit in: sys-auth/munge/, sys-auth/munge/files/ Justin Lecher
  -- strict thread matches above, loose matches on Subject: below --
2016-12-15  4:43 Jason Donenfeld

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox