diff options
author | Andrew Savchenko <bircoph@gmail.com> | 2011-04-22 18:14:07 +0400 |
---|---|---|
committer | Andrew Savchenko <bircoph@gmail.com> | 2011-04-22 18:14:07 +0400 |
commit | eba8e65376bc0bcc2d54ba3977efb6d9eb93c8d7 (patch) | |
tree | 0f732a71b9aacd9c208920fadb1a717af89d0d71 /net-misc | |
parent | kdelibs: sync with portage (diff) | |
download | bircoph-eba8e65376bc0bcc2d54ba3977efb6d9eb93c8d7.tar.gz bircoph-eba8e65376bc0bcc2d54ba3977efb6d9eb93c8d7.tar.bz2 bircoph-eba8e65376bc0bcc2d54ba3977efb6d9eb93c8d7.zip |
dhcp: security update by upstream
Diffstat (limited to 'net-misc')
-rw-r--r-- | net-misc/dhcp/Manifest | 2 | ||||
-rw-r--r-- | net-misc/dhcp/dhcp-4.2.1_p1.ebuild | 223 |
2 files changed, 225 insertions, 0 deletions
diff --git a/net-misc/dhcp/Manifest b/net-misc/dhcp/Manifest index 9478188..9b10dfb 100644 --- a/net-misc/dhcp/Manifest +++ b/net-misc/dhcp/Manifest @@ -10,7 +10,9 @@ AUX dhcpd.conf 1092 RMD160 936bb112c7cdf8e669b695599252d1f6626be2f3 SHA1 cbabbce AUX dhcpd.init4 2639 RMD160 c3fdb1594aa88e03b6f2cf1eddb4c30ec85bb792 SHA1 a2f7d947626b18928f5a639e70c6dffa08051f0e SHA256 1c26f943deac8c41231359f303193f9845ecbf3126cfa07c12d078629c99e69f AUX dhcrelay.conf 421 RMD160 456edbc9bcc8d3a44db5bb6dbf0c3003c3e7419c SHA1 78ecdb000382893fb49d0052ced063955b0ad9cf SHA256 409b895ed489e75c1a08f72961b45d641b93fd9357f528abc78b1fd036b7f730 AUX dhcrelay.init2 712 RMD160 2baeaf7c0fb8a5796792b5721f32104907243798 SHA1 ced20da5625b6517fa6044ce179e1c5d9a17297e SHA256 6cca726147474c600662b0c2e49eb5aa148a7a9af1358dbc56f16b1d08255ae3 +DIST dhcp-4.2.1-P1.tar.gz 8797289 RMD160 e3607828ea12eb718c0877430f9607d336d78c36 SHA1 7767019313b4128357054a1eb053c66799831dd6 SHA256 6cd5e06512c53ad43d71400f39071ce0bd07f074e416c727d5bc7e5949ec55ec DIST dhcp-4.2.1.tar.gz 8795980 RMD160 8ecb0608f2cdb660d27ce48b9ba09c64bb7af995 SHA1 dc9be6d2d458a5a7a921eb08281a431506fcca17 SHA256 5f10bb28740c3bd2c632f6dbd9de53fb7e9db07cd274c60c7c1884ae6d5870a1 EBUILD dhcp-4.2.1-r1.ebuild 6682 RMD160 4767cf13bbcac2788cf498dc7aaea5ffb07aac4c SHA1 cf36f08f00f68534a0408e5593bc970e728f5371 SHA256 3b2d1756a01cd3563d5b019003b075c42ec37e904304f69e1372b9c6ec676182 +EBUILD dhcp-4.2.1_p1.ebuild 6657 RMD160 9b6107a0e179e9114eebd380b7d6deba9fa480c3 SHA1 9eebcb1f44c0b902f656121d8cfe92e82f453a21 SHA256 6b459d0d80a7481f6e8f1435d7d1c00d569b9ff32b9182ce182264c4a4e5fb0d MISC ChangeLog 30098 RMD160 fda3bed0f9445e7702b4ea3e8fbbc5bcfe2774ba SHA1 8a3d48b4873ef5fd6080a156997ee526e1b68cf0 SHA256 671718580e8e5fb455d953df810c2bebbcac128c027aba2618b127c9650d5045 MISC metadata.xml 500 RMD160 b5ad909ab2b12acd20e78039e33fda0a27383c9e SHA1 2fc5cee8e105e75a251195254c96085a0f3fa9a3 SHA256 e9e4edcf7671391ee2f2af0917a75fc07883f1401aaa22b72dd0133bef81601c diff --git a/net-misc/dhcp/dhcp-4.2.1_p1.ebuild b/net-misc/dhcp/dhcp-4.2.1_p1.ebuild new file mode 100644 index 0000000..1ce0712 --- /dev/null +++ b/net-misc/dhcp/dhcp-4.2.1_p1.ebuild @@ -0,0 +1,223 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/dhcp-4.2.1-r1.ebuild,v 1.1 2011/03/23 04:36:04 vapier Exp $ + +EAPI="2" + +inherit eutils + +MY_PV="${PV//_alpha/a}" +MY_PV="${MY_PV//_beta/b}" +MY_PV="${MY_PV//_rc/rc}" +MY_PV="${MY_PV//_p/-P}" +MY_P="${PN}-${MY_PV}" +DESCRIPTION="ISC Dynamic Host Configuration Protocol (DHCP) client/server" +HOMEPAGE="http://www.isc.org/products/DHCP" +SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz" + +LICENSE="as-is BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" +IUSE="+client ipv6 kernel_linux ldap selinux +server ssl vim-syntax" + +DEPEND="selinux? ( sec-policy/selinux-dhcp ) + kernel_linux? ( sys-apps/net-tools ) + vim-syntax? ( app-vim/dhcpd-syntax ) + ldap? ( + net-nds/openldap + ssl? ( dev-libs/openssl ) + )" + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + # Gentoo patches - these will probably never be accepted upstream + # Fix some permission issues + epatch "${FILESDIR}"/${PN}-3.0-fix-perms.patch + # Enable dhclient to equery NTP servers + epatch "${FILESDIR}"/${PN}-4.0-dhclient-ntp.patch + # resolvconf support in dhclient-script + epatch "${FILESDIR}"/${PN}-4.2.1-dhclient-resolvconf.patch + # Stop downing the interface on Linux as that breaks link daemons + # such as wpa_supplicant and netplug + epatch "${FILESDIR}"/${PN}-3.0.3-dhclient-no-down.patch + epatch "${FILESDIR}"/${PN}-4.2.0-errwarn-message.patch + # Enable dhclient to get extra configuration from stdin + epatch "${FILESDIR}"/${PN}-4.0.1-dhclient-stdin-conf.patch + epatch "${FILESDIR}"/${PN}-4.2.1-nogateway.patch #265531 + + # NetworkManager support patches + # If they fail to apply to future versions they will be dropped + # Add dbus support to dhclient + epatch "${FILESDIR}"/${PN}-3.0.3-dhclient-dbus.patch + + # Brand the version with Gentoo + sed -i \ + -e "/VERSION=/s:'$: Gentoo-${PR}':" \ + configure || die + + # Change the hook script locations of the scripts + sed -i \ + -e 's,/etc/dhclient-exit-hooks,/etc/dhcp/dhclient-exit-hooks,g' \ + -e 's,/etc/dhclient-enter-hooks,/etc/dhcp/dhclient-enter-hooks,g' \ + client/scripts/* || die + + # No need for the linux script to force bash, #158540. + sed -i -e 's,#!/bin/bash,#!/bin/sh,' client/scripts/linux || die + + # Quiet the freebsd logger a little + sed -i -e '/LOGGER=/ s/-s -p user.notice //g' client/scripts/freebsd || die + + # Remove these options from the sample config + sed -i \ + -e "/\(script\|host-name\|domain-name\) / d" \ + client/dhclient.conf || die + + if use client && ! use server ; then + sed -i -r \ + -e '/^SUBDIRS/s:\<(dhcpctl|relay|server)\>::g' \ + Makefile.in || die + elif ! use client && use server ; then + sed -i -r \ + -e '/^SUBDIRS/s:\<client\>::' \ + Makefile.in || die + fi + + # Only install different man pages if we don't have en + if [[ " ${LINGUAS} " != *" en "* ]]; then + # Install Japanese man pages + if [[ " ${LINGUAS} " == *" ja "* && -d doc/ja_JP.eucJP ]]; then + einfo "Installing Japanese documention" + cp doc/ja_JP.eucJP/dhclient* client + cp doc/ja_JP.eucJP/dhcp* common + fi + fi + # Now remove the non-english docs so there are no errors later + rm -rf doc/ja_JP.eucJP +} + +src_configure() { + econf \ + --enable-paranoia \ + --sysconfdir=/etc/dhcp \ + --with-cli-pid-file=/var/run/dhcp/dhclient.pid \ + --with-cli-lease-file=/var/lib/dhcp/dhclient.leases \ + --with-cli6-pid-file=/var/run/dhcp/dhclient6.pid \ + --with-cli6-lease-file=/var/lib/dhcp/dhclient6.leases \ + --with-srv-pid-file=/var/run/dhcp/dhcpd.pid \ + --with-srv-lease-file=/var/lib/dhcp/dhcpd.leases \ + --with-srv6-pid-file=/var/run/dhcp/dhcpd6.pid \ + --with-srv6-lease-file=/var/lib/dhcp/dhcpd6.leases \ + --with-relay-pid-file=/var/run/dhcp/dhcrelay.pid \ + $(use_enable ipv6 dhcpv6) \ + $(use_with ldap) \ + $(use ldap && use_with ssl ldapcrypto || echo --without-ldapcrypto) +} + +src_install() { + emake install DESTDIR="${D}" || die + + dodoc README RELNOTES doc/{api+protocol,IANA-arp-parameters} + dohtml doc/References.html + + if [[ -e client/dhclient ]] ; then + # move the client to / + dodir /sbin + mv "${D}"/usr/sbin/dhclient "${D}"/sbin/ || die + + exeinto /sbin + if use kernel_linux ; then + newexe "${S}"/client/scripts/linux dhclient-script || die + else + newexe "${S}"/client/scripts/freebsd dhclient-script || die + fi + + insinto /etc/dhcp + doins client/dhclient.conf || die + + keepdir /var/lib/dhclient + fi + + if [[ -e server/dhcpd ]] ; then + if use ldap ; then + insinto /etc/openldap/schema + doins contrib/ldap/dhcp.* || die + dosbin contrib/ldap/dhcpd-conf-to-ldap || die + fi + + newinitd "${FILESDIR}"/dhcpd.init4 dhcpd + newinitd "${FILESDIR}"/dhcrelay.init2 dhcrelay + newconfd "${FILESDIR}"/dhcpd.conf dhcpd + newconfd "${FILESDIR}"/dhcrelay.conf dhcrelay + + insinto /etc/dhcp + doins server/dhcpd.conf || die + + keepdir /var/{lib,run}/dhcp + fi +} + +pkg_preinst() { + enewgroup dhcp + enewuser dhcp -1 -1 /var/lib/dhcp dhcp + + # Keep the user files over the sample ones + local f + for f in dhclient dhcpd ; do + f="/etc/dhcp/${f}.conf" + if [ -e "${ROOT}"${f} ] ; then + cp -p "${ROOT}"${f} "${D}"${f} + fi + done +} + +pkg_postinst() { + chown -R dhcp:dhcp "${ROOT}"/var/{lib,run}/dhcp + + if [[ -e "${ROOT}"/etc/init.d/dhcp ]] ; then + ewarn + ewarn "WARNING: The dhcp init script has been renamed to dhcpd" + ewarn "/etc/init.d/dhcp and /etc/conf.d/dhcp need to be removed and" + ewarn "and dhcp should be removed from the default runlevel" + ewarn + fi + + einfo "You can edit /etc/conf.d/dhcpd to customize dhcp settings." + einfo + einfo "If you would like to run dhcpd in a chroot, simply configure the" + einfo "DHCPD_CHROOT directory in /etc/conf.d/dhcpd and then run:" + einfo " emerge --config =${PF}" +} + +pkg_config() { + local CHROOT="$( + sed -n -e 's/^[[:blank:]]\?DHCPD_CHROOT="*\([^#"]\+\)"*/\1/p' \ + "${ROOT}"/etc/conf.d/dhcpd + )" + + if [[ -z ${CHROOT} ]]; then + eerror "CHROOT not defined in /etc/conf.d/dhcpd" + return 1 + fi + + CHROOT="${ROOT}/${CHROOT}" + + if [[ -d ${CHROOT} ]] ; then + ewarn "${CHROOT} already exists - aborting" + return 0 + fi + + ebegin "Setting up the chroot directory" + mkdir -m 0755 -p "${CHROOT}/"{dev,etc,proc,var/lib,var/run/dhcp} + cp /etc/{localtime,resolv.conf} "${CHROOT}"/etc + cp -R /etc/dhcp "${CHROOT}"/etc + rm -f "${CHROOT}"/etc/dhcp/dhcpd.conf + cp -R /var/lib/dhcp "${CHROOT}"/var/lib + ln -s ../../var/lib/dhcp "${CHROOT}"/etc/dhcp/lib + chown -R dhcp:dhcp "${CHROOT}"/var/{lib,run}/dhcp + eend 0 + + local logger="$(best_version virtual/logger)" + einfo "To enable logging from the dhcpd server, configure your" + einfo "logger (${logger}) to listen on ${CHROOT}/dev/log" +} |