Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gerbera for openSUSE:Factory checked in at 2021-10-08 00:06:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gerbera (Old) and /work/SRC/openSUSE:Factory/.gerbera.new.2443 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gerbera" Fri Oct 8 00:06:16 2021 rev:4 rq:923735 version:1.9.2 Changes: -------- --- /work/SRC/openSUSE:Factory/gerbera/gerbera.changes 2021-09-02 23:20:36.404575319 +0200 +++ /work/SRC/openSUSE:Factory/.gerbera.new.2443/gerbera.changes 2021-10-08 00:07:11.701869738 +0200 @@ -1,0 +2,29 @@ +Thu Oct 7 12:51:58 UTC 2021 - Paolo Stivanin <i...@paolostivanin.com> + +- Update to 1.9.2: +* Titles of search results can be configured +* Containers in virtual layout can be defined as search result, so, + e.g. albums, located in several places are only found once +* Metadata, like artist, appearing multiple times are now stored + in that way and can be sent to UPnP clients as separate entries + as well or addressed in layout scripts. If you have a custom js + import script which updates metadata you have to modify it using + the new properties (see doc on scripting) +* DLNA profile can be configured using video and audio codec, + allow devices to pick supported streams +* DLNA profile can be set for transcoding + +------------------------------------------------------------------- +Tue Sep 21 12:33:17 UTC 2021 - Paolo Stivanin <i...@paolostivanin.com> + +- Fix spec file +- Add config.xml +- Remove unneeded tmpfile + +------------------------------------------------------------------- +Tue Sep 21 09:51:10 UTC 2021 - Johannes Segitz <jseg...@suse.com> + +- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): + * harden_gerbera.service.patch + +------------------------------------------------------------------- Old: ---- gerbera-1.9.1.tar.gz gerbera.tmpfile.in New: ---- config.xml gerbera-1.9.2.tar.gz harden_gerbera.service.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gerbera.spec ++++++ --- /var/tmp/diff_new_pack.IQBa1L/_old 2021-10-08 00:07:12.313870776 +0200 +++ /var/tmp/diff_new_pack.IQBa1L/_new 2021-10-08 00:07:12.317870782 +0200 @@ -17,15 +17,16 @@ Name: gerbera -Version: 1.9.1 +Version: 1.9.2 Release: 0 Summary: UPnP Media Server License: GPL-2.0-only Group: Productivity/Multimedia/Other URL: https://gerbera.io Source0: https://github.com/gerbera/gerbera/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz -Source3: gerbera.tmpfile.in -Source4: gerbera.sysusers.in +Source1: config.xml +Source2: gerbera.sysusers.in +Patch0: harden_gerbera.service.patch BuildRequires: cmake >= 3.13 BuildRequires: fdupes BuildRequires: file-devel @@ -67,22 +68,18 @@ compatible devices. %prep -%autosetup +%autosetup -p1 # server test hardcodes alpha strings sed -i -e '/test_server/d' test/CMakeLists.txt - -for _file in %{SOURCE3} %{SOURCE4}; do - sed -e 's/@USER@/gerbera/' \ - -e 's/@GROUP@/gerbera/' \ - < $_file > ${_file##*/} -done +sed -i -e 's/@USER@/gerbera/' %{SOURCE2} +sed -i -e 's/@GROUP@/gerbera/' %{SOURCE2} %build -export CFLAGS="${CFLAGS} -fPIE" -export CXXFLAGS="${CXXFLAGS} -fPIE" -export LDFLAGS="${LDFLAGS} -pie" %cmake \ + -DWITH_JS=1 \ + -DWITH_TAGLIB=1 \ + -DWITH_MAGIC=1 \ -DWITH_AVCODEC=1 \ -DWITH_EXIF=0 \ -DWITH_EXIV2=1 \ @@ -91,6 +88,8 @@ -DCMAKE_C_COMPILER=gcc-10 \ %endif -DWITH_FFMPEGTHUMBNAILER=1 \ + -DWITH_INOTIFY=1 \ + -DWITH_SYSTEMD=1 \ -DWITH_TESTS=1 \ -Wno-dev %cmake_build @@ -98,13 +97,25 @@ %install %cmake_install +mkdir -p %{buildroot}%{_sysconfdir}/gerbera +touch %{buildroot}%{_sysconfdir}/gerbera/{gerbera.db,gerbera.html} +mkdir -p %{buildroot}%{_localstatedir}/log/gerbera +touch %{buildroot}%{_localstatedir}/log/%{name} +mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d +cat > %{buildroot}%{_sysconfdir}/logrotate.d/%{name} << 'EOF' +/var/log/gerbera/gerbera { +create 644 gerbera gerbera + monthly + compress + missingok +} +EOF + install -d %{buildroot}%{_sbindir} ln -s service %{buildroot}%{_sbindir}/rc%{name} -install -Dm 0644 %{name}.tmpfile.in %{buildroot}%{_tmpfilesdir}/%{name}.conf -install -Dm 0644 %{name}.sysusers.in %{buildroot}%{_sysusersdir}/%{name}.conf -install -d %{buildroot}%{_localstatedir}/lib/%{name} -touch %{buildroot}%{_localstatedir}/lib/%{name}/{config.xml,%{name}.db,%{name}.html} +install -p -D -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/gerbera/config.xml +install -p -D -m0644 %{SOURCE2} %{buildroot}%{_sysusersdir}/gerbera.conf %check %ctest @@ -118,7 +129,6 @@ %post %service_add_post %{name}.service -%tmpfiles_create %{_tmpfilesdir}/%{name}.conf %sysusers_create %{_sysusersdir}/%{name}.conf %preun @@ -130,16 +140,24 @@ %files %license LICENSE.md %doc AUTHORS CONTRIBUTING.md ChangeLog.md +%attr(-,gerbera,gerbera)%dir %{_sysconfdir}/%{name}/ +%attr(-,gerbera,gerbera)%config(noreplace) %{_sysconfdir}/%{name}/* +%attr(-,gerbera,gerbera) %{_localstatedir}/log/%{name} +%dir %{_sysconfdir}/logrotate.d +%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %{_bindir}/%{name} -%{_datadir}/%{name}/ -%{_unitdir}/%{name}.service %{_sbindir}/rc%{name} -%{_tmpfilesdir}/%{name}.conf -%{_sysusersdir}/%{name}.conf +%{_unitdir}/gerbera.service +%{_sysusersdir}/gerbera.conf %{_mandir}/man?/%{name}.?%{?ext_man} -%ghost %attr(-,gerbera,gerbera) %dir %{_localstatedir}/lib/%{name} -%ghost %attr(0660,gerbera,gerbera) %{_localstatedir}/lib/%{name}/config.xml -%ghost %attr(0750,gerbera,gerbera) %{_localstatedir}/lib/%{name}/%{name}.db -%ghost %attr(0660,gerbera,gerbera) %{_localstatedir}/lib/%{name}/%{name}.html +%{_datadir}/gerbera/mysql-upgrade.xml +%{_datadir}/gerbera/mysql.sql +%{_datadir}/gerbera/sqlite3-upgrade.xml +%{_datadir}/gerbera/sqlite3.sql +%dir %{_datadir}/gerbera +%dir %{_datadir}/gerbera/js +%dir %{_datadir}/gerbera/web +%{_datadir}/gerbera/js/* +%{_datadir}/gerbera/web/* %changelog ++++++ config.xml ++++++ <?xml version="1.0" encoding="UTF-8"?> <config version="2" xmlns="http://mediatomb.cc/config/2"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://mediatomb.cc/config/2 http://mediatomb.cc/config/2.xsd";> <!-- See http://gerbera.io or read the docs for more information on creating and using config.xml configuration files. --> <server> <ui enabled="yes" show-tooltips="yes"> <accounts enabled="no" session-timeout="30"> <account user="gerbera" password="gerbera" /> </accounts> </ui> <name>Gerbera</name> <udn>uuid:ebc72883-bdd4-432e-be5f-87051d2d0091</udn> <home>/etc/gerbera</home> <webroot>/usr/share/gerbera/web</webroot> <!-- How frequently (in seconds) to send ssdp:alive advertisements. Minimum alive value accepted is: 62 The advertisement will be sent every (A/2)-30 seconds, and will have a cache-control max-age of A where A is the value configured here. Ex: A value of 62 will result in an SSDP advertisement being sent every second. --> <alive>1800</alive> <storage> <sqlite3 enabled="yes"> <database-file>gerbera.db</database-file> </sqlite3> </storage> <containers enabled="yes"> <container location="/LastAdded" title="Recently Added" sort="-last_updated"> <filter>upnp:class derivedfrom "object.item" and last_updated > "@last7"</filter> </container> <container location="/LastModified" title="Recently Modified" sort="-last_modified"> <filter>upnp:class derivedfrom "object.item" and last_modified > "@last7"</filter> </container> </containers> <extended-runtime-options> <ffmpegthumbnailer enabled="no"> <thumbnail-size>128</thumbnail-size> <seek-percentage>5</seek-percentage> <filmstrip-overlay>yes</filmstrip-overlay> <workaround-bugs>no</workaround-bugs> <image-quality>8</image-quality> </ffmpegthumbnailer> <mark-played-items enabled="no" suppress-cds-updates="yes"> <string mode="prepend">*</string> <mark> <content>video</content> </mark> </mark-played-items> </extended-runtime-options> </server> <import hidden-files="no"> <scripting script-charset="UTF-8"> <common-script>/usr/share/gerbera/js/common.js</common-script> <playlist-script>/usr/share/gerbera/js/playlists.js</playlist-script> <virtual-layout type="builtin"> <import-script>/usr/share/gerbera/js/import.js</import-script> </virtual-layout> </scripting> <mappings> <extension-mimetype ignore-unknown="no"> <map from="asf" to="video/x-ms-asf" /> <map from="asx" to="video/x-ms-asf" /> <map from="dff" to="audio/x-dsd" /> <map from="dsf" to="audio/x-dsd" /> <map from="flv" to="video/x-flv" /> <map from="m2ts" to="video/mp2t" /> <map from="m3u" to="audio/x-mpegurl" /> <map from="m3u8" to="audio/x-mpegurl" /> <map from="m4a" to="audio/mp4" /> <map from="mka" to="audio/x-matroska" /> <map from="mkv" to="video/x-matroska" /> <map from="mp3" to="audio/mpeg" /> <map from="mts" to="video/mp2t" /> <map from="oga" to="audio/ogg" /> <map from="ogg" to="audio/ogg" /> <map from="ogm" to="video/ogg" /> <map from="ogv" to="video/ogg" /> <map from="ogx" to="application/ogg" /> <map from="pls" to="audio/x-scpls" /> <map from="ts" to="video/mp2t" /> <map from="tsa" to="audio/mp2t" /> <map from="tsv" to="video/mp2t" /> <map from="wax" to="audio/x-ms-wax" /> <map from="wm" to="video/x-ms-wm" /> <map from="wma" to="audio/x-ms-wma" /> <map from="wmv" to="video/x-ms-wmv" /> <map from="wmx" to="video/x-ms-wmx" /> <map from="wv" to="audio/x-wavpack" /> <map from="wvx" to="video/x-ms-wvx" /> <!-- Uncomment the line below for PS3 divx support --> <!-- <map from="avi" to="video/divx" /> --> <!-- Uncomment the line below for D-Link DSM / ZyXEL DMA-1000 --> <!-- <map from="avi" to="video/avi" /> --> </extension-mimetype> <mimetype-upnpclass> <map from="application/ogg" to="object.item.audioItem.musicTrack" /> <map from="audio/*" to="object.item.audioItem.musicTrack" /> <map from="image/*" to="object.item.imageItem" /> <map from="video/*" to="object.item.videoItem" /> </mimetype-upnpclass> <mimetype-contenttype> <treat mimetype="application/ogg" as="ogg" /> <treat mimetype="audio/L16" as="pcm" /> <treat mimetype="audio/flac" as="flac" /> <treat mimetype="audio/mp4" as="mp4" /> <treat mimetype="audio/mpeg" as="mp3" /> <treat mimetype="audio/ogg" as="ogg" /> <treat mimetype="audio/x-dsd" as="dsd" /> <treat mimetype="audio/x-flac" as="flac" /> <treat mimetype="audio/x-matroska" as="mka" /> <treat mimetype="audio/x-mpegurl" as="playlist" /> <treat mimetype="audio/x-ms-wma" as="wma" /> <treat mimetype="audio/x-scpls" as="playlist" /> <treat mimetype="audio/x-wav" as="pcm" /> <treat mimetype="audio/x-wavpack" as="wv" /> <treat mimetype="image/jpeg" as="jpg" /> <treat mimetype="video/mp4" as="mp4" /> <treat mimetype="video/x-matroska" as="mkv" /> <treat mimetype="video/x-msvideo" as="avi" /> </mimetype-contenttype> <contenttype-dlnaprofile> <map from="avi" to="AVI" /> <map from="mkv" to="MKV" /> <map from="mp3" to="MP3" /> <map from="mp4" to="AVC_MP4_EU" /> <map from="mpeg" to="MPEG_PS_PAL" /> <map from="pcm" to="LPCM" /> </contenttype-dlnaprofile> </mappings> <online-content> <AppleTrailers enabled="no" refresh="43200" update-at-start="no" resolution="640" /> </online-content> </import> <transcoding enabled="no"> <mimetype-profile-mappings> <transcode mimetype="application/ogg" using="vlcmpeg" /> <transcode mimetype="audio/ogg" using="ogg2mp3" /> <transcode mimetype="video/x-flv" using="vlcmpeg" /> </mimetype-profile-mappings> <profiles> <profile name="ogg2mp3" enabled="no" type="external"> <mimetype>audio/mpeg</mimetype> <accept-url>no</accept-url> <first-resource>yes</first-resource> <accept-ogg-theora>no</accept-ogg-theora> <agent command="ffmpeg" arguments="-y -i %in -f mp3 %out" /> <buffer size="1048576" chunk-size="131072" fill-size="262144" /> </profile> <profile name="vlcmpeg" enabled="no" type="external"> <mimetype>video/mpeg</mimetype> <accept-url>yes</accept-url> <first-resource>yes</first-resource> <accept-ogg-theora>yes</accept-ogg-theora> <agent command="vlc" arguments="-I dummy %in --sout #transcode{venc=ffmpeg,vcodec=mp2v,vb=4096,fps=25,aenc=ffmpeg,acodec=mpga,ab=192,samplerate=44100,channels=2}:standard{access=file,mux=ps,dst=%out} vlc:quit" /> <buffer size="14400000" chunk-size="512000" fill-size="120000" /> </profile> </profiles> </transcoding> </config> ++++++ gerbera-1.9.1.tar.gz -> gerbera-1.9.2.tar.gz ++++++ ++++ 13686 lines of diff (skipped) ++++++ gerbera.sysusers.in ++++++ --- /var/tmp/diff_new_pack.IQBa1L/_old 2021-10-08 00:07:12.809871616 +0200 +++ /var/tmp/diff_new_pack.IQBa1L/_new 2021-10-08 00:07:12.809871616 +0200 @@ -1,2 +1,2 @@ u @USER@ - "Gerbera daemon user" /var/lib/gerbera -m @USER@ video +m @GROUP@ video ++++++ harden_gerbera.service.patch ++++++ Index: gerbera-1.9.1/scripts/systemd/gerbera.service.cmake =================================================================== --- gerbera-1.9.1.orig/scripts/systemd/gerbera.service.cmake +++ gerbera-1.9.1/scripts/systemd/gerbera.service.cmake @@ -3,6 +3,20 @@ Description=${SYSTEMD_DESCRIPTION} After=${SYSTEMD_AFTER_TARGET} [Service] +# added automatically, for details please see +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort +ProtectSystem=full +ProtectHome=true +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictRealtime=true +ReadWritePaths=/usr/share/gerbera/ /etc/gerbera/ +# end of automatic additions Type=simple User=gerbera Group=gerbera
