From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1206759-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 1597D138359
	for <garchives@archives.gentoo.org>; Fri, 18 Sep 2020 06:09:38 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 28F56E080E;
	Fri, 18 Sep 2020 06:09:37 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id E34E2E080E
	for <gentoo-commits@lists.gentoo.org>; Fri, 18 Sep 2020 06:09:36 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 69E44340E35
	for <gentoo-commits@lists.gentoo.org>; Fri, 18 Sep 2020 06:09:35 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id DA641342
	for <gentoo-commits@lists.gentoo.org>; Fri, 18 Sep 2020 06:09:33 +0000 (UTC)
From: "Lars Wendler" <polynomial-c@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Lars Wendler" <polynomial-c@gentoo.org>
Message-ID: <1600409369.6bbef22015f3243fc012becd396e145981eb6c05.polynomial-c@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-fs/cifs-utils/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-fs/cifs-utils/Manifest net-fs/cifs-utils/cifs-utils-6.11.ebuild
X-VCS-Directories: net-fs/cifs-utils/
X-VCS-Committer: polynomial-c
X-VCS-Committer-Name: Lars Wendler
X-VCS-Revision: 6bbef22015f3243fc012becd396e145981eb6c05
X-VCS-Branch: master
Date: Fri, 18 Sep 2020 06:09:33 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 1bbfa387-8257-455d-9bc5-5ab8341a09b4
X-Archives-Hash: 20fb6548a4ab588fa690808ee0fc45ca

commit:     6bbef22015f3243fc012becd396e145981eb6c05
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Fri Sep 18 06:09:20 2020 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Fri Sep 18 06:09:29 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6bbef220

net-fs/cifs-utils: Security bump to version 6.11

Bug: https://bugs.gentoo.org/743211
Package-Manager: Portage-3.0.7, Repoman-3.0.1
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

 net-fs/cifs-utils/Manifest               |   1 +
 net-fs/cifs-utils/cifs-utils-6.11.ebuild | 126 +++++++++++++++++++++++++++++++
 2 files changed, 127 insertions(+)

diff --git a/net-fs/cifs-utils/Manifest b/net-fs/cifs-utils/Manifest
index 6571c0d3ac2..91cd6be06ba 100644
--- a/net-fs/cifs-utils/Manifest
+++ b/net-fs/cifs-utils/Manifest
@@ -1,2 +1,3 @@
 DIST cifs-utils-6.10.tar.bz2 364221 BLAKE2B 45b692fb85217a25b7042fbe7e40cc8c4fe0d6cc9c905acde2c6fc9c3048343064e376f47128bcacba88f745452148040ad3f5e8ca15e297531f0dc868e1b75b SHA512 e19ca69b7948f01c1fd6a4ed069e00511588b903a5b8b0dc35ac1e00743170b9ca180b747c47d56cfacf273b296da21df60e1957404f26ebf2ba80bfa7e275cc
+DIST cifs-utils-6.11.tar.bz2 408903 BLAKE2B 5ee7cd87b54a266750bf938396ee90b3f20c2a3446aca295ccb58cb667fbfb68be9aa0e2bbc20aa5e18ffd7f1fcd5fbb0aef3bc25fd13bb96abc5a57a0b45b4b SHA512 064c0ac75572fb44908390508462e4fdfe0686751149fd8b656a209dd961a5a24a7d9774c38c0e72fa5f9875b43aea7bf2de038c4e4a63a11664e71d9003100e
 DIST cifs-utils-6.9.tar.bz2 400430 BLAKE2B fc8cc55fae54d84fc1f1d4a14a9d666d87a3da78d1502f0d72ac9cb44ff1424ca2c5b15b0be510579d4c9f5181980627efedd00e0e5cfb1b3e47188ba307ad28 SHA512 b92e4e39eeed1032bb175659296cde034703fb3ca63aae00419d46a33dadf821fedaf03734128112c164c84bcbb48d92d03cdc275c4a7cba26f984aeca40a40a

diff --git a/net-fs/cifs-utils/cifs-utils-6.11.ebuild b/net-fs/cifs-utils/cifs-utils-6.11.ebuild
new file mode 100644
index 00000000000..18fc41eaf8c
--- /dev/null
+++ b/net-fs/cifs-utils/cifs-utils-6.11.ebuild
@@ -0,0 +1,126 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools bash-completion-r1 linux-info multilib pam
+
+DESCRIPTION="Tools for Managing Linux CIFS Client Filesystems"
+HOMEPAGE="https://wiki.samba.org/index.php/LinuxCIFS_utils"
+SRC_URI="https://ftp.samba.org/pub/linux-cifs/${PN}/${P}.tar.bz2"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~x86-linux"
+IUSE="+acl +ads +caps creds pam systemd"
+
+RDEPEND="
+	!net-fs/mount-cifs
+	sys-apps/keyutils:=
+	ads? (
+		sys-libs/talloc
+		virtual/krb5
+	)
+	caps? ( sys-libs/libcap-ng )
+	pam? ( sys-libs/pam )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="dev-python/docutils"
+PDEPEND="
+	acl? ( >=net-fs/samba-4.0.0_alpha1 )
+"
+
+REQUIRED_USE="acl? ( ads )"
+
+DOCS="doc/linux-cifs-client-guide.odt"
+
+PATCHES=( "${FILESDIR}/${PN}-6.10-ln_in_destdir.patch" )
+
+pkg_setup() {
+	linux-info_pkg_setup
+
+	if ! linux_config_exists || ! linux_chkconfig_present CIFS; then
+		ewarn "You must enable CIFS support in your kernel config, "
+		ewarn "to be able to mount samba shares. You can find it at"
+		ewarn
+		ewarn "  File systems"
+		ewarn "	Network File Systems"
+		ewarn "			CIFS support"
+		ewarn
+		ewarn "and recompile your kernel ..."
+	fi
+}
+
+src_prepare() {
+	default
+
+	if has_version app-crypt/heimdal ; then
+		# https://bugs.gentoo.org/612584
+		eapply "${FILESDIR}/${PN}-6.7-heimdal.patch"
+	fi
+
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		--enable-man
+		--enable-smbinfo
+		$(use_enable acl cifsacl cifsidmap)
+		$(use_enable ads cifsupcall)
+		$(use_with caps libcap)
+		$(use_enable creds cifscreds)
+		$(use_enable pam)
+		$(use_with pam pamdir $(getpam_mod_dir))
+		# mount.cifs can get passwords from systemd
+		$(use_enable systemd)
+	)
+	ROOTSBINDIR="${EPREFIX}"/sbin \
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	# remove empty directories
+	find "${ED}" -type d -empty -delete || die
+
+	if use acl ; then
+		dodir /etc/cifs-utils
+		dosym ../../usr/$(get_libdir)/cifs-utils/idmapwb.so \
+			/etc/cifs-utils/idmap-plugin
+		dodir /etc/request-key.d
+		echo 'create cifs.idmap * * /usr/sbin/cifs.idmap %k' \
+			> "${ED}/etc/request-key.d/cifs.idmap.conf"
+	fi
+
+	if use ads ; then
+		dodir /etc/request-key.d
+		echo 'create dns_resolver * * /usr/sbin/cifs.upcall %k' \
+			> "${ED}/etc/request-key.d/cifs.upcall.conf"
+		echo 'create cifs.spnego * * /usr/sbin/cifs.upcall %k' \
+			> "${ED}/etc/request-key.d/cifs.spnego.conf"
+	fi
+
+	dobashcomp bash-completion/smbinfo
+}
+
+pkg_postinst() {
+	# Inform about set-user-ID bit of mount.cifs
+	ewarn "setuid use flag was dropped due to multiple security implications"
+	ewarn "such as CVE-2009-2948, CVE-2011-3585 and CVE-2012-1586"
+	ewarn "You are free to set setuid flags by yourself"
+
+	# Inform about upcall usage
+	if use acl ; then
+		einfo "The cifs.idmap utility has been enabled by creating the"
+		einfo "configuration file /etc/request-key.d/cifs.idmap.conf"
+		einfo "This enables you to get and set CIFS acls."
+	fi
+
+	if use ads ; then
+		einfo "The cifs.upcall utility has been enabled by creating the"
+		einfo "configuration file /etc/request-key.d/cifs.upcall.conf"
+		einfo "This enables you to mount DFS shares."
+	fi
+}