Date: Saturday, June 15, 2013 @ 12:17:06 Author: andyrtr Revision: 188542
archrelease: copy trunk to extra-i686, extra-x86_64 Added: x2goserver/repos/extra-i686/PKGBUILD (from rev 188541, x2goserver/trunk/PKGBUILD) x2goserver/repos/extra-i686/x2goserver.install (from rev 188541, x2goserver/trunk/x2goserver.install) x2goserver/repos/extra-i686/x2goserver.service (from rev 188541, x2goserver/trunk/x2goserver.service) x2goserver/repos/extra-x86_64/PKGBUILD (from rev 188541, x2goserver/trunk/PKGBUILD) x2goserver/repos/extra-x86_64/x2goserver.install (from rev 188541, x2goserver/trunk/x2goserver.install) x2goserver/repos/extra-x86_64/x2goserver.service (from rev 188541, x2goserver/trunk/x2goserver.service) Deleted: x2goserver/repos/extra-i686/PKGBUILD x2goserver/repos/extra-i686/revert.patch x2goserver/repos/extra-i686/x2goserver.install x2goserver/repos/extra-i686/x2goserver.service x2goserver/repos/extra-x86_64/PKGBUILD x2goserver/repos/extra-x86_64/revert.patch x2goserver/repos/extra-x86_64/x2goserver.install x2goserver/repos/extra-x86_64/x2goserver.service ---------------------------------+ /PKGBUILD | 126 +++++++++++++++++++++++++++++++ /x2goserver.install | 122 ++++++++++++++++++++++++++++++ /x2goserver.service | 20 +++++ extra-i686/PKGBUILD | 69 ----------------- extra-i686/revert.patch | 152 -------------------------------------- extra-i686/x2goserver.install | 61 --------------- extra-i686/x2goserver.service | 10 -- extra-x86_64/PKGBUILD | 69 ----------------- extra-x86_64/revert.patch | 152 -------------------------------------- extra-x86_64/x2goserver.install | 61 --------------- extra-x86_64/x2goserver.service | 10 -- 11 files changed, 268 insertions(+), 584 deletions(-) Deleted: extra-i686/PKGBUILD =================================================================== --- extra-i686/PKGBUILD 2013-06-15 10:16:41 UTC (rev 188541) +++ extra-i686/PKGBUILD 2013-06-15 10:17:06 UTC (rev 188542) @@ -1,69 +0,0 @@ -# $Id$ -# Maintainer: AndyRTR <andy...@archlinux.org> - -# Contributor: Gerhard Brauer <ger...@archlinux.de> -# Contributor: Richard Murri <ad...@richardmurri.com> -# Contributor: Markus Opitz <mastero23 at gmail dot com> -# Contributor: Milan Knížek <kni...@volny.cz> - -pkgname=x2goserver -pkgver=4.0.0.2 -pkgrel=2 -pkgdesc="Open source terminal server" -arch=('i686' 'x86_64') -url="http://www.x2go.org/" -license=('GPL') -depends=('openssh' 'perl-config-simple' 'perl-dbd-sqlite' 'perl-file-basedir' 'python' 'x2go-agent' 'xorg-xauth') -makedepends=('man2html') -#optdepends=('cups-x2go: printing support') -options=('emptydirs') -install=x2goserver.install -backup=('etc/x2go/x2goserver.conf' 'etc/x2go/x2gosql/sql') -source=(http://code.x2go.org/releases/source/${pkgname}/${pkgname}-${pkgver}.tar.gz - x2goserver.service - revert.patch) -md5sums=('6b8cecfdd31a8877203f50d3666c265f' - 'f76081c01e40b6206895d194dc949707' - 'c487c31e7c0aa9a73323313007497764') - -build() { - cd "${srcdir}/${pkgname}-${pkgver}" - - # revert an upstream commit that breaks sessions showing up - # http://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=011d14ae076ba6fec96cd1e019c4f82444ab0f9f - patch -Rp1 -i ${srcdir}/revert.patch - - # -r option does not exist in Arch linux - # (However, html man pages do not get installed anyway...) - for Makefile in $(find . -type f -name Makefile); do - sed -i 's@(MAN2HTML_BIN) -r @(MAN2HTML_BIN) < @g' $Makefile - sed -i 's@ \$(MAN2HTML_SRC)/@ < \$(MAN2HTML_SRC)/@g' $Makefile - done - - # fix some Makefile permission options - for Makefile in $(find . -type f -name Makefile); do - sed -i "s:-o root -g root ::g" $Makefile - done - - make -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - make -j1 PREFIX=/usr SBINDIR=/usr/bin DESTDIR="$pkgdir" install - - # systemd service file - only runs x2gocleansessions - install -Dm 644 "$srcdir/x2goserver.service" "$pkgdir/usr/lib/systemd/system/x2goserver.service" - - # X2go homedir + printing spool dir - install -dm 770 $pkgdir/var/lib/x2go - install -dm 770 $pkgdir/var/spool/x2go - - # load fuse module at system start - install -dm755 $pkgdir/lib/modules-load.d - echo "fuse" > $pkgdir/lib/modules-load.d/x2goserver.conf - - install -dm 755 "${pkgdir}/usr/share/doc/${pkgname}" - install -m 644 "debian/changelog" "${pkgdir}/usr/share/doc/${pkgname}/changelog.DEBIAN" - install -m 644 "debian/copyright" "${pkgdir}/usr/share/doc/${pkgname}/copyright.DEBIAN" -} Copied: x2goserver/repos/extra-i686/PKGBUILD (from rev 188541, x2goserver/trunk/PKGBUILD) =================================================================== --- extra-i686/PKGBUILD (rev 0) +++ extra-i686/PKGBUILD 2013-06-15 10:17:06 UTC (rev 188542) @@ -0,0 +1,63 @@ +# $Id$ +# Maintainer: AndyRTR <andy...@archlinux.org> + +# Contributor: Gerhard Brauer <ger...@archlinux.de> +# Contributor: Richard Murri <ad...@richardmurri.com> +# Contributor: Markus Opitz <mastero23 at gmail dot com> +# Contributor: Milan Knížek <kni...@volny.cz> + +pkgname=x2goserver +pkgver=4.0.1.1 +pkgrel=1 +pkgdesc="Open source terminal server" +arch=('i686' 'x86_64') +url="http://www.x2go.org/" +license=('GPL') +depends=('openssh' 'perl-config-simple' 'perl-dbd-sqlite' 'perl-file-basedir' 'python' 'x2go-agent' 'xorg-xauth') +makedepends=('man2html') +#optdepends=('cups-x2go: printing support') +options=('emptydirs') +install=x2goserver.install +backup=('etc/x2go/x2goserver.conf' 'etc/x2go/x2gosql/sql') +source=(http://code.x2go.org/releases/source/${pkgname}/${pkgname}-${pkgver}.tar.gz + x2goserver.service) +md5sums=('d970699f1df8d7096a7d3151c0ede447' + 'f76081c01e40b6206895d194dc949707') + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + + # -r option does not exist in Arch linux + # (However, html man pages do not get installed anyway...) + for Makefile in $(find . -type f -name Makefile); do + sed -i 's@(MAN2HTML_BIN) -r @(MAN2HTML_BIN) < @g' $Makefile + sed -i 's@ \$(MAN2HTML_SRC)/@ < \$(MAN2HTML_SRC)/@g' $Makefile + done + + # fix some Makefile permission options + for Makefile in $(find . -type f -name Makefile); do + sed -i "s:-o root -g root ::g" $Makefile + done + + make PREFIX=/usr SBINDIR=/usr/bin DESTDIR="$pkgdir" +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make -j1 PREFIX=/usr SBINDIR=/usr/bin DESTDIR="$pkgdir" install + + # systemd service file - only runs x2gocleansessions + install -Dm 644 "$srcdir/x2goserver.service" "$pkgdir/usr/lib/systemd/system/x2goserver.service" + + # X2go homedir + printing spool dir + install -dm 770 $pkgdir/var/lib/x2go + install -dm 770 $pkgdir/var/spool/x2go + + # load fuse module at system start + install -dm755 $pkgdir/usr/lib/modules-load.d + echo "fuse" > $pkgdir/usr/lib/modules-load.d/x2goserver.conf + + install -dm 755 "${pkgdir}/usr/share/doc/${pkgname}" + install -m 644 "debian/changelog" "${pkgdir}/usr/share/doc/${pkgname}/changelog.DEBIAN" + install -m 644 "debian/copyright" "${pkgdir}/usr/share/doc/${pkgname}/copyright.DEBIAN" +} Deleted: extra-i686/revert.patch =================================================================== --- extra-i686/revert.patch 2013-06-15 10:16:41 UTC (rev 188541) +++ extra-i686/revert.patch 2013-06-15 10:17:06 UTC (rev 188542) @@ -1,152 +0,0 @@ -From 011d14ae076ba6fec96cd1e019c4f82444ab0f9f Mon Sep 17 00:00:00 2001 -From: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> -Date: Sun, 19 May 2013 00:41:32 +0200 -Subject: [PATCH] Security fix for setgid wrapper x2gosqlitewrapper.c. - Hard-code path to x2gosqlitewrapper.pl during build via - defining a macro in the Makefile. Thanks to Richard - Weinberger for spotting this!!! - ---- - Makefile | 2 +- - debian/changelog | 3 +++ - debian/rules | 4 +-- - x2goserver/Makefile | 4 +-- - x2goserver/x2gosqlitewrapper.c | 54 +++------------------------------------- - 5 files changed, 12 insertions(+), 55 deletions(-) - -diff --git a/Makefile b/Makefile -index 3be40f9..588084f 100755 ---- a/Makefile -+++ b/Makefile -@@ -4,7 +4,7 @@ RM_FILE=rm -f - RM_DIR=rmdir -p --ignore-fail-on-non-empty - - DESTDIR= --PREFIX=/usr/local -+PREFIX ?= /usr/local - ETCDIR=/etc/x2go - LIBDIR=$(PREFIX)/lib/x2go - SHAREDIR=$(PREFIX)/share/x2go -diff --git a/debian/changelog b/debian/changelog -index 470a502..2cf2dde 100644 ---- a/debian/changelog -+++ b/debian/changelog -@@ -12,6 +12,9 @@ x2goserver (4.0.0.2-0~x2go1) UNRELEASED; urgency=low - * New upstream version (4.0.0.2): - - Use make_path from File::Path in x2godbadmin to create user directory if - not present. (Fixes: #200). -+ - Security fix for setgid wrapper x2gosqlitewrapper.c. Hard-code path to -+ x2gosqlitewrapper.pl during build via defining a macro in the Makefile. -+ Thanks to Richard Weinberger for spotting this!!! - /debian/control: - + Let x2goserver bin:package depend on xfonts-base and fontconfig. (Fixes: - #163). -diff --git a/debian/rules b/debian/rules -index b32e08d..5bb94b2 100755 ---- a/debian/rules -+++ b/debian/rules -@@ -1,10 +1,10 @@ - #!/usr/bin/make -f - - %: -- dh $@ -+ PREFIX=/usr dh $@ - - override_dh_auto_install: -- make -f Makefile build-arch -+ PREFIX=/usr make -f Makefile build-arch - - override_dh_auto_clean: - rm -fv x2gosqlitewrapper -diff --git a/x2goserver/Makefile b/x2goserver/Makefile -index 4287478..e9d56e6 100755 ---- a/x2goserver/Makefile -+++ b/x2goserver/Makefile -@@ -15,7 +15,7 @@ RM_FILE=rm -f - RM_DIR=rmdir -p --ignore-fail-on-non-empty - - DESTDIR= --PREFIX=/usr/local -+PREFIX ?= /usr/local - ETCDIR=/etc/x2go - BINDIR=$(PREFIX)/bin - SBINDIR=$(PREFIX)/sbin -@@ -41,7 +41,7 @@ build: build-arch build-indep - build-arch: build_setgidwrappers - - build_setgidwrappers: -- $(CC) $(CFLAGS) $(LDFLAGS) -o x2gosqlitewrapper x2gosqlitewrapper.c -+ $(CC) $(CFLAGS) $(LDFLAGS) -DTRUSTED_BINARY=\"$(DESTDIR)$(LIBDIR)/x2gosqlitewrapper.pl\" -o x2gosqlitewrapper x2gosqlitewrapper.c - - build-indep: build_man2html - -diff --git a/x2goserver/x2gosqlitewrapper.c b/x2goserver/x2gosqlitewrapper.c -index a134efc..ad95eff 100644 ---- a/x2goserver/x2gosqlitewrapper.c -+++ b/x2goserver/x2gosqlitewrapper.c -@@ -21,58 +21,12 @@ - * - */ - --#include <stdio.h> --#include <stdlib.h> --#include <unistd.h> --#include <libgen.h> --#include <errno.h> -- - int main( int argc, char *argv[] ) { -- char * x2gosqlitewrapper = NULL; -- size_t path_max; -- --/* -- The following snippet is taken from the realpath manpage --*/ --#ifdef PATH_MAX -- path_max = PATH_MAX; --#else -- path_max = pathconf (".", _PC_PATH_MAX); -- if (path_max <= 0){ -- path_max = 4096; -- } --#endif -- { -- // allocate dynamic buffer in stack: this needs C99 or gnu?? -- char buffer[path_max]; -- ssize_t rvrl; -- int rvap; -- -- // resolve link of /proc/self/exe to find out where we are -- rvrl = readlink("/proc/self/exe", buffer, path_max); -- if(rvrl == -1){ -- perror("readlink(\"/proc/self/exe\",buffer,path_max)"); -- exit(EXIT_FAILURE); -- } -- if(rvrl >= path_max){ -- fprintf(stderr, "Could not resolve the path of this file using \"/proc/self/exe\". The path is too long (> %i)", path_max); -- exit(EXIT_FAILURE); -- } -- -- // derive the full path of x2gosqlitewrapper.pl from path of this binary -- rvap = asprintf(&x2gosqlitewrapper, "%s/%s", dirname(buffer), "x2gosqlitewrapper.pl"); -- if(rvap == -1){ -- fprintf(stderr, "Failed to allocate memory calling asprintf\n"); -- exit(EXIT_FAILURE); -- } -- -- // execute the script, running with user-rights of this binary -- execv(x2gosqlitewrapper, argv); - -- } -+ char x2gosqlitewrapper[] = TRUSTED_BINARY; - -- // ...fail -- fprintf(stderr, "Failed to execute %s: %s\n", x2gosqlitewrapper, strerror(errno)); -- return EXIT_FAILURE; -+ argv[0] = "x2gosqlitewrapper.pl"; -+ // execute the script, running with user-rights of this binary -+ execv(x2gosqlitewrapper, argv); - - } --- -1.7.9.5 - Deleted: extra-i686/x2goserver.install =================================================================== --- extra-i686/x2goserver.install 2013-06-15 10:16:41 UTC (rev 188541) +++ extra-i686/x2goserver.install 2013-06-15 10:17:06 UTC (rev 188542) @@ -1,61 +0,0 @@ -pre_install() { - cat << 'EOM' - ==> Use the following command to setup sqlite database: - ==> x2godbadmin --createdb -EOM -} - - -post_install() { - - # Make sure the group and user "x2gouser"(111) +"x2goprint"(112) exists on this system and have the correct values - - # x2gouser - if grep -q "^x2gouser:" /etc/group &> /dev/null ; then - groupmod -g 111 -n x2gouser x2gouser &> /dev/null - else - groupadd -g 111 x2gouser &> /dev/null - fi - - if grep -q "^x2gouser:" /etc/passwd 2> /dev/null ; then - usermod -s /usr/bin/false -c "X2GoUser user" -M -d /var/lib/x2go -u 111 -g x2gouser x2gouser &> /dev/null - else - useradd -s /usr/bin/false -c "X2GoUser user" -M -d /var/lib/x2go -u 111 -g x2gouser -r x2gouser &> /dev/null - fi - - # x2goprint - if grep -q "^x2goprint:" /etc/group &> /dev/null ; then - groupmod -g 112 -n x2goprint x2goprint &> /dev/null - else - groupadd -g 112 x2goprint &> /dev/null - fi - - if grep -q "^x2goprint:" /etc/passwd 2> /dev/null ; then - usermod -s /usr/bin/false -c "X2GoPrint user" -M -d /var/spool/x2go -u 112 -g x2goprint x2goprint &> /dev/null - else - useradd -s /usr/bin/false -c "X2GoPrint user" -M -d /var/spool/x2go -u 112 -g x2goprint -r x2goprint &> /dev/null - fi - - # fix permissions - see INSTALL file - chown -R x2goprint:x2goprint /var/spool/x2go - chmod 0770 /var/spool/x2go - - chown root:x2gouser /usr/lib/x2go/x2gosqlitewrapper - chmod 2755 /usr/lib/x2go/x2gosqlitewrapper - - chown root:x2goprint /usr/bin/x2goprint - chmod 2755 /usr/bin/x2goprint -} - -post_upgrade() { - post_install $1 -} - -pre_remove() { - userdel x2gouser &> /dev/null - userdel x2goprint &> /dev/null - groupdel x2gouser &> /dev/null || /bin/true - groupdel x2goprint &> /dev/null || /bin/true - rm -rf /var/lib/x2go/* &> /dev/null || /bin/true - rm -rf /var/spool/x2go/* &> /dev/null || /bin/true -} Copied: x2goserver/repos/extra-i686/x2goserver.install (from rev 188541, x2goserver/trunk/x2goserver.install) =================================================================== --- extra-i686/x2goserver.install (rev 0) +++ extra-i686/x2goserver.install 2013-06-15 10:17:06 UTC (rev 188542) @@ -0,0 +1,61 @@ +pre_install() { + cat << 'EOM' + ==> Use the following command to setup sqlite database: + ==> x2godbadmin --createdb +EOM +} + + +post_install() { + + # Make sure the group and user "x2gouser"(111) +"x2goprint"(112) exists on this system and have the correct values + + # x2gouser + if grep -q "^x2gouser:" /etc/group &> /dev/null ; then + groupmod -g 111 -n x2gouser x2gouser &> /dev/null + else + groupadd -g 111 x2gouser &> /dev/null + fi + + if grep -q "^x2gouser:" /etc/passwd 2> /dev/null ; then + usermod -s /usr/bin/false -c "X2GoUser user" -M -d /var/lib/x2go -u 111 -g x2gouser x2gouser &> /dev/null + else + useradd -s /usr/bin/false -c "X2GoUser user" -M -d /var/lib/x2go -u 111 -g x2gouser -r x2gouser &> /dev/null + fi + + # x2goprint + if grep -q "^x2goprint:" /etc/group &> /dev/null ; then + groupmod -g 112 -n x2goprint x2goprint &> /dev/null + else + groupadd -g 112 x2goprint &> /dev/null + fi + + if grep -q "^x2goprint:" /etc/passwd 2> /dev/null ; then + usermod -s /usr/bin/false -c "X2GoPrint user" -M -d /var/spool/x2go -u 112 -g x2goprint x2goprint &> /dev/null + else + useradd -s /usr/bin/false -c "X2GoPrint user" -M -d /var/spool/x2go -u 112 -g x2goprint -r x2goprint &> /dev/null + fi + + # fix permissions - see INSTALL file + chown -R x2goprint:x2goprint /var/spool/x2go + chmod 0770 /var/spool/x2go + + chown root:x2gouser /usr/lib/x2go/x2gosqlitewrapper + chmod 2755 /usr/lib/x2go/x2gosqlitewrapper + + chown root:x2goprint /usr/bin/x2goprint + chmod 2755 /usr/bin/x2goprint +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + userdel x2gouser &> /dev/null + userdel x2goprint &> /dev/null + groupdel x2gouser &> /dev/null || /bin/true + groupdel x2goprint &> /dev/null || /bin/true + rm -rf /var/lib/x2go/* &> /dev/null || /bin/true + rm -rf /var/spool/x2go/* &> /dev/null || /bin/true +} Deleted: extra-i686/x2goserver.service =================================================================== --- extra-i686/x2goserver.service 2013-06-15 10:16:41 UTC (rev 188541) +++ extra-i686/x2goserver.service 2013-06-15 10:17:06 UTC (rev 188542) @@ -1,10 +0,0 @@ -[Unit] -Description=x2go - remote desktop server -After=syslog.target network.target - -[Service] -ExecStart=/usr/bin/x2gocleansessions -PIDFile=/run/x2goserver.pid - -[Install] -WantedBy=multi-user.target Copied: x2goserver/repos/extra-i686/x2goserver.service (from rev 188541, x2goserver/trunk/x2goserver.service) =================================================================== --- extra-i686/x2goserver.service (rev 0) +++ extra-i686/x2goserver.service 2013-06-15 10:17:06 UTC (rev 188542) @@ -0,0 +1,10 @@ +[Unit] +Description=x2go - remote desktop server +After=syslog.target network.target + +[Service] +ExecStart=/usr/bin/x2gocleansessions +PIDFile=/run/x2goserver.pid + +[Install] +WantedBy=multi-user.target Deleted: extra-x86_64/PKGBUILD =================================================================== --- extra-x86_64/PKGBUILD 2013-06-15 10:16:41 UTC (rev 188541) +++ extra-x86_64/PKGBUILD 2013-06-15 10:17:06 UTC (rev 188542) @@ -1,69 +0,0 @@ -# $Id$ -# Maintainer: AndyRTR <andy...@archlinux.org> - -# Contributor: Gerhard Brauer <ger...@archlinux.de> -# Contributor: Richard Murri <ad...@richardmurri.com> -# Contributor: Markus Opitz <mastero23 at gmail dot com> -# Contributor: Milan Knížek <kni...@volny.cz> - -pkgname=x2goserver -pkgver=4.0.0.2 -pkgrel=2 -pkgdesc="Open source terminal server" -arch=('i686' 'x86_64') -url="http://www.x2go.org/" -license=('GPL') -depends=('openssh' 'perl-config-simple' 'perl-dbd-sqlite' 'perl-file-basedir' 'python' 'x2go-agent' 'xorg-xauth') -makedepends=('man2html') -#optdepends=('cups-x2go: printing support') -options=('emptydirs') -install=x2goserver.install -backup=('etc/x2go/x2goserver.conf' 'etc/x2go/x2gosql/sql') -source=(http://code.x2go.org/releases/source/${pkgname}/${pkgname}-${pkgver}.tar.gz - x2goserver.service - revert.patch) -md5sums=('6b8cecfdd31a8877203f50d3666c265f' - 'f76081c01e40b6206895d194dc949707' - 'c487c31e7c0aa9a73323313007497764') - -build() { - cd "${srcdir}/${pkgname}-${pkgver}" - - # revert an upstream commit that breaks sessions showing up - # http://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=011d14ae076ba6fec96cd1e019c4f82444ab0f9f - patch -Rp1 -i ${srcdir}/revert.patch - - # -r option does not exist in Arch linux - # (However, html man pages do not get installed anyway...) - for Makefile in $(find . -type f -name Makefile); do - sed -i 's@(MAN2HTML_BIN) -r @(MAN2HTML_BIN) < @g' $Makefile - sed -i 's@ \$(MAN2HTML_SRC)/@ < \$(MAN2HTML_SRC)/@g' $Makefile - done - - # fix some Makefile permission options - for Makefile in $(find . -type f -name Makefile); do - sed -i "s:-o root -g root ::g" $Makefile - done - - make -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - make -j1 PREFIX=/usr SBINDIR=/usr/bin DESTDIR="$pkgdir" install - - # systemd service file - only runs x2gocleansessions - install -Dm 644 "$srcdir/x2goserver.service" "$pkgdir/usr/lib/systemd/system/x2goserver.service" - - # X2go homedir + printing spool dir - install -dm 770 $pkgdir/var/lib/x2go - install -dm 770 $pkgdir/var/spool/x2go - - # load fuse module at system start - install -dm755 $pkgdir/lib/modules-load.d - echo "fuse" > $pkgdir/lib/modules-load.d/x2goserver.conf - - install -dm 755 "${pkgdir}/usr/share/doc/${pkgname}" - install -m 644 "debian/changelog" "${pkgdir}/usr/share/doc/${pkgname}/changelog.DEBIAN" - install -m 644 "debian/copyright" "${pkgdir}/usr/share/doc/${pkgname}/copyright.DEBIAN" -} Copied: x2goserver/repos/extra-x86_64/PKGBUILD (from rev 188541, x2goserver/trunk/PKGBUILD) =================================================================== --- extra-x86_64/PKGBUILD (rev 0) +++ extra-x86_64/PKGBUILD 2013-06-15 10:17:06 UTC (rev 188542) @@ -0,0 +1,63 @@ +# $Id$ +# Maintainer: AndyRTR <andy...@archlinux.org> + +# Contributor: Gerhard Brauer <ger...@archlinux.de> +# Contributor: Richard Murri <ad...@richardmurri.com> +# Contributor: Markus Opitz <mastero23 at gmail dot com> +# Contributor: Milan Knížek <kni...@volny.cz> + +pkgname=x2goserver +pkgver=4.0.1.1 +pkgrel=1 +pkgdesc="Open source terminal server" +arch=('i686' 'x86_64') +url="http://www.x2go.org/" +license=('GPL') +depends=('openssh' 'perl-config-simple' 'perl-dbd-sqlite' 'perl-file-basedir' 'python' 'x2go-agent' 'xorg-xauth') +makedepends=('man2html') +#optdepends=('cups-x2go: printing support') +options=('emptydirs') +install=x2goserver.install +backup=('etc/x2go/x2goserver.conf' 'etc/x2go/x2gosql/sql') +source=(http://code.x2go.org/releases/source/${pkgname}/${pkgname}-${pkgver}.tar.gz + x2goserver.service) +md5sums=('d970699f1df8d7096a7d3151c0ede447' + 'f76081c01e40b6206895d194dc949707') + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + + # -r option does not exist in Arch linux + # (However, html man pages do not get installed anyway...) + for Makefile in $(find . -type f -name Makefile); do + sed -i 's@(MAN2HTML_BIN) -r @(MAN2HTML_BIN) < @g' $Makefile + sed -i 's@ \$(MAN2HTML_SRC)/@ < \$(MAN2HTML_SRC)/@g' $Makefile + done + + # fix some Makefile permission options + for Makefile in $(find . -type f -name Makefile); do + sed -i "s:-o root -g root ::g" $Makefile + done + + make PREFIX=/usr SBINDIR=/usr/bin DESTDIR="$pkgdir" +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make -j1 PREFIX=/usr SBINDIR=/usr/bin DESTDIR="$pkgdir" install + + # systemd service file - only runs x2gocleansessions + install -Dm 644 "$srcdir/x2goserver.service" "$pkgdir/usr/lib/systemd/system/x2goserver.service" + + # X2go homedir + printing spool dir + install -dm 770 $pkgdir/var/lib/x2go + install -dm 770 $pkgdir/var/spool/x2go + + # load fuse module at system start + install -dm755 $pkgdir/usr/lib/modules-load.d + echo "fuse" > $pkgdir/usr/lib/modules-load.d/x2goserver.conf + + install -dm 755 "${pkgdir}/usr/share/doc/${pkgname}" + install -m 644 "debian/changelog" "${pkgdir}/usr/share/doc/${pkgname}/changelog.DEBIAN" + install -m 644 "debian/copyright" "${pkgdir}/usr/share/doc/${pkgname}/copyright.DEBIAN" +} Deleted: extra-x86_64/revert.patch =================================================================== --- extra-x86_64/revert.patch 2013-06-15 10:16:41 UTC (rev 188541) +++ extra-x86_64/revert.patch 2013-06-15 10:17:06 UTC (rev 188542) @@ -1,152 +0,0 @@ -From 011d14ae076ba6fec96cd1e019c4f82444ab0f9f Mon Sep 17 00:00:00 2001 -From: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> -Date: Sun, 19 May 2013 00:41:32 +0200 -Subject: [PATCH] Security fix for setgid wrapper x2gosqlitewrapper.c. - Hard-code path to x2gosqlitewrapper.pl during build via - defining a macro in the Makefile. Thanks to Richard - Weinberger for spotting this!!! - ---- - Makefile | 2 +- - debian/changelog | 3 +++ - debian/rules | 4 +-- - x2goserver/Makefile | 4 +-- - x2goserver/x2gosqlitewrapper.c | 54 +++------------------------------------- - 5 files changed, 12 insertions(+), 55 deletions(-) - -diff --git a/Makefile b/Makefile -index 3be40f9..588084f 100755 ---- a/Makefile -+++ b/Makefile -@@ -4,7 +4,7 @@ RM_FILE=rm -f - RM_DIR=rmdir -p --ignore-fail-on-non-empty - - DESTDIR= --PREFIX=/usr/local -+PREFIX ?= /usr/local - ETCDIR=/etc/x2go - LIBDIR=$(PREFIX)/lib/x2go - SHAREDIR=$(PREFIX)/share/x2go -diff --git a/debian/changelog b/debian/changelog -index 470a502..2cf2dde 100644 ---- a/debian/changelog -+++ b/debian/changelog -@@ -12,6 +12,9 @@ x2goserver (4.0.0.2-0~x2go1) UNRELEASED; urgency=low - * New upstream version (4.0.0.2): - - Use make_path from File::Path in x2godbadmin to create user directory if - not present. (Fixes: #200). -+ - Security fix for setgid wrapper x2gosqlitewrapper.c. Hard-code path to -+ x2gosqlitewrapper.pl during build via defining a macro in the Makefile. -+ Thanks to Richard Weinberger for spotting this!!! - /debian/control: - + Let x2goserver bin:package depend on xfonts-base and fontconfig. (Fixes: - #163). -diff --git a/debian/rules b/debian/rules -index b32e08d..5bb94b2 100755 ---- a/debian/rules -+++ b/debian/rules -@@ -1,10 +1,10 @@ - #!/usr/bin/make -f - - %: -- dh $@ -+ PREFIX=/usr dh $@ - - override_dh_auto_install: -- make -f Makefile build-arch -+ PREFIX=/usr make -f Makefile build-arch - - override_dh_auto_clean: - rm -fv x2gosqlitewrapper -diff --git a/x2goserver/Makefile b/x2goserver/Makefile -index 4287478..e9d56e6 100755 ---- a/x2goserver/Makefile -+++ b/x2goserver/Makefile -@@ -15,7 +15,7 @@ RM_FILE=rm -f - RM_DIR=rmdir -p --ignore-fail-on-non-empty - - DESTDIR= --PREFIX=/usr/local -+PREFIX ?= /usr/local - ETCDIR=/etc/x2go - BINDIR=$(PREFIX)/bin - SBINDIR=$(PREFIX)/sbin -@@ -41,7 +41,7 @@ build: build-arch build-indep - build-arch: build_setgidwrappers - - build_setgidwrappers: -- $(CC) $(CFLAGS) $(LDFLAGS) -o x2gosqlitewrapper x2gosqlitewrapper.c -+ $(CC) $(CFLAGS) $(LDFLAGS) -DTRUSTED_BINARY=\"$(DESTDIR)$(LIBDIR)/x2gosqlitewrapper.pl\" -o x2gosqlitewrapper x2gosqlitewrapper.c - - build-indep: build_man2html - -diff --git a/x2goserver/x2gosqlitewrapper.c b/x2goserver/x2gosqlitewrapper.c -index a134efc..ad95eff 100644 ---- a/x2goserver/x2gosqlitewrapper.c -+++ b/x2goserver/x2gosqlitewrapper.c -@@ -21,58 +21,12 @@ - * - */ - --#include <stdio.h> --#include <stdlib.h> --#include <unistd.h> --#include <libgen.h> --#include <errno.h> -- - int main( int argc, char *argv[] ) { -- char * x2gosqlitewrapper = NULL; -- size_t path_max; -- --/* -- The following snippet is taken from the realpath manpage --*/ --#ifdef PATH_MAX -- path_max = PATH_MAX; --#else -- path_max = pathconf (".", _PC_PATH_MAX); -- if (path_max <= 0){ -- path_max = 4096; -- } --#endif -- { -- // allocate dynamic buffer in stack: this needs C99 or gnu?? -- char buffer[path_max]; -- ssize_t rvrl; -- int rvap; -- -- // resolve link of /proc/self/exe to find out where we are -- rvrl = readlink("/proc/self/exe", buffer, path_max); -- if(rvrl == -1){ -- perror("readlink(\"/proc/self/exe\",buffer,path_max)"); -- exit(EXIT_FAILURE); -- } -- if(rvrl >= path_max){ -- fprintf(stderr, "Could not resolve the path of this file using \"/proc/self/exe\". The path is too long (> %i)", path_max); -- exit(EXIT_FAILURE); -- } -- -- // derive the full path of x2gosqlitewrapper.pl from path of this binary -- rvap = asprintf(&x2gosqlitewrapper, "%s/%s", dirname(buffer), "x2gosqlitewrapper.pl"); -- if(rvap == -1){ -- fprintf(stderr, "Failed to allocate memory calling asprintf\n"); -- exit(EXIT_FAILURE); -- } -- -- // execute the script, running with user-rights of this binary -- execv(x2gosqlitewrapper, argv); - -- } -+ char x2gosqlitewrapper[] = TRUSTED_BINARY; - -- // ...fail -- fprintf(stderr, "Failed to execute %s: %s\n", x2gosqlitewrapper, strerror(errno)); -- return EXIT_FAILURE; -+ argv[0] = "x2gosqlitewrapper.pl"; -+ // execute the script, running with user-rights of this binary -+ execv(x2gosqlitewrapper, argv); - - } --- -1.7.9.5 - Deleted: extra-x86_64/x2goserver.install =================================================================== --- extra-x86_64/x2goserver.install 2013-06-15 10:16:41 UTC (rev 188541) +++ extra-x86_64/x2goserver.install 2013-06-15 10:17:06 UTC (rev 188542) @@ -1,61 +0,0 @@ -pre_install() { - cat << 'EOM' - ==> Use the following command to setup sqlite database: - ==> x2godbadmin --createdb -EOM -} - - -post_install() { - - # Make sure the group and user "x2gouser"(111) +"x2goprint"(112) exists on this system and have the correct values - - # x2gouser - if grep -q "^x2gouser:" /etc/group &> /dev/null ; then - groupmod -g 111 -n x2gouser x2gouser &> /dev/null - else - groupadd -g 111 x2gouser &> /dev/null - fi - - if grep -q "^x2gouser:" /etc/passwd 2> /dev/null ; then - usermod -s /usr/bin/false -c "X2GoUser user" -M -d /var/lib/x2go -u 111 -g x2gouser x2gouser &> /dev/null - else - useradd -s /usr/bin/false -c "X2GoUser user" -M -d /var/lib/x2go -u 111 -g x2gouser -r x2gouser &> /dev/null - fi - - # x2goprint - if grep -q "^x2goprint:" /etc/group &> /dev/null ; then - groupmod -g 112 -n x2goprint x2goprint &> /dev/null - else - groupadd -g 112 x2goprint &> /dev/null - fi - - if grep -q "^x2goprint:" /etc/passwd 2> /dev/null ; then - usermod -s /usr/bin/false -c "X2GoPrint user" -M -d /var/spool/x2go -u 112 -g x2goprint x2goprint &> /dev/null - else - useradd -s /usr/bin/false -c "X2GoPrint user" -M -d /var/spool/x2go -u 112 -g x2goprint -r x2goprint &> /dev/null - fi - - # fix permissions - see INSTALL file - chown -R x2goprint:x2goprint /var/spool/x2go - chmod 0770 /var/spool/x2go - - chown root:x2gouser /usr/lib/x2go/x2gosqlitewrapper - chmod 2755 /usr/lib/x2go/x2gosqlitewrapper - - chown root:x2goprint /usr/bin/x2goprint - chmod 2755 /usr/bin/x2goprint -} - -post_upgrade() { - post_install $1 -} - -pre_remove() { - userdel x2gouser &> /dev/null - userdel x2goprint &> /dev/null - groupdel x2gouser &> /dev/null || /bin/true - groupdel x2goprint &> /dev/null || /bin/true - rm -rf /var/lib/x2go/* &> /dev/null || /bin/true - rm -rf /var/spool/x2go/* &> /dev/null || /bin/true -} Copied: x2goserver/repos/extra-x86_64/x2goserver.install (from rev 188541, x2goserver/trunk/x2goserver.install) =================================================================== --- extra-x86_64/x2goserver.install (rev 0) +++ extra-x86_64/x2goserver.install 2013-06-15 10:17:06 UTC (rev 188542) @@ -0,0 +1,61 @@ +pre_install() { + cat << 'EOM' + ==> Use the following command to setup sqlite database: + ==> x2godbadmin --createdb +EOM +} + + +post_install() { + + # Make sure the group and user "x2gouser"(111) +"x2goprint"(112) exists on this system and have the correct values + + # x2gouser + if grep -q "^x2gouser:" /etc/group &> /dev/null ; then + groupmod -g 111 -n x2gouser x2gouser &> /dev/null + else + groupadd -g 111 x2gouser &> /dev/null + fi + + if grep -q "^x2gouser:" /etc/passwd 2> /dev/null ; then + usermod -s /usr/bin/false -c "X2GoUser user" -M -d /var/lib/x2go -u 111 -g x2gouser x2gouser &> /dev/null + else + useradd -s /usr/bin/false -c "X2GoUser user" -M -d /var/lib/x2go -u 111 -g x2gouser -r x2gouser &> /dev/null + fi + + # x2goprint + if grep -q "^x2goprint:" /etc/group &> /dev/null ; then + groupmod -g 112 -n x2goprint x2goprint &> /dev/null + else + groupadd -g 112 x2goprint &> /dev/null + fi + + if grep -q "^x2goprint:" /etc/passwd 2> /dev/null ; then + usermod -s /usr/bin/false -c "X2GoPrint user" -M -d /var/spool/x2go -u 112 -g x2goprint x2goprint &> /dev/null + else + useradd -s /usr/bin/false -c "X2GoPrint user" -M -d /var/spool/x2go -u 112 -g x2goprint -r x2goprint &> /dev/null + fi + + # fix permissions - see INSTALL file + chown -R x2goprint:x2goprint /var/spool/x2go + chmod 0770 /var/spool/x2go + + chown root:x2gouser /usr/lib/x2go/x2gosqlitewrapper + chmod 2755 /usr/lib/x2go/x2gosqlitewrapper + + chown root:x2goprint /usr/bin/x2goprint + chmod 2755 /usr/bin/x2goprint +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + userdel x2gouser &> /dev/null + userdel x2goprint &> /dev/null + groupdel x2gouser &> /dev/null || /bin/true + groupdel x2goprint &> /dev/null || /bin/true + rm -rf /var/lib/x2go/* &> /dev/null || /bin/true + rm -rf /var/spool/x2go/* &> /dev/null || /bin/true +} Deleted: extra-x86_64/x2goserver.service =================================================================== --- extra-x86_64/x2goserver.service 2013-06-15 10:16:41 UTC (rev 188541) +++ extra-x86_64/x2goserver.service 2013-06-15 10:17:06 UTC (rev 188542) @@ -1,10 +0,0 @@ -[Unit] -Description=x2go - remote desktop server -After=syslog.target network.target - -[Service] -ExecStart=/usr/bin/x2gocleansessions -PIDFile=/run/x2goserver.pid - -[Install] -WantedBy=multi-user.target Copied: x2goserver/repos/extra-x86_64/x2goserver.service (from rev 188541, x2goserver/trunk/x2goserver.service) =================================================================== --- extra-x86_64/x2goserver.service (rev 0) +++ extra-x86_64/x2goserver.service 2013-06-15 10:17:06 UTC (rev 188542) @@ -0,0 +1,10 @@ +[Unit] +Description=x2go - remote desktop server +After=syslog.target network.target + +[Service] +ExecStart=/usr/bin/x2gocleansessions +PIDFile=/run/x2goserver.pid + +[Install] +WantedBy=multi-user.target