commit: 5db9c5c25b8ce0b1d2f3ca9c0a6ab50f4d82cea3
Author: Andrew Savchenko <bircoph <AT> gentoo <DOT> org>
AuthorDate: Tue May 19 21:41:26 2015 +0000
Commit: Andrew Savchenko <bircoph <AT> gentoo <DOT> org>
CommitDate: Tue May 19 21:41:26 2015 +0000
URL: https://gitweb.gentoo.org/dev/bircoph.git/commit/?id=5db9c5c2
clsync-docs: 0.4.1+ fixes
app-admin/clsync/ChangeLog | 11 +--
app-admin/clsync/Manifest | 9 +-
app-admin/clsync/clsync-0.4.1.ebuild | 108 ++++++++++++++++++++-
app-admin/clsync/clsync-9999.ebuild | 4 +-
.../clsync/files/clsync-0.4.1-capabilities.patch | 68 +++++++++++++
.../files/clsync-0.4.1-check-exec-arguments.patch | 21 ++++
.../clsync/files/clsync-0.4.1-splitting.patch | 35 +++++++
7 files changed, 245 insertions(+), 11 deletions(-)
diff --git a/app-admin/clsync/ChangeLog b/app-admin/clsync/ChangeLog
index 32c604f..fd27b73 100644
--- a/app-admin/clsync/ChangeLog
+++ b/app-admin/clsync/ChangeLog
@@ -2,12 +2,11 @@
# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
# $Header: $
-*clsync-0.4.1 (18 May 2015)
-
- 18 May 2015; Andrew Savchenko <birc...@gentoo.org> +clsync-0.4.1.ebuild,
- clsync-9999.ebuild, files/clsync.conf, files/clsync.confd,
- files/clsync.initd, metadata.xml:
- Version 0.4.1 is added for testing.
+ 19 May 2015; Andrew Savchenko <birc...@gentoo.org> clsync-9999.ebuild,
+ +files/clsync-0.4.1-capabilities.patch,
+ +files/clsync-0.4.1-check-exec-arguments.patch,
+ +files/clsync-0.4.1-splitting.patch:
+ Version bump (0.4.1 testing)
11 Feb 2015; Andrew Savchenko <birc...@gentoo.org> -clsync-0.2.1.ebuild,
-clsync-0.3.ebuild, -clsync-0.4-r1.ebuild, clsync-9999.ebuild,
diff --git a/app-admin/clsync/Manifest b/app-admin/clsync/Manifest
index bfe7d0f..4faf0ec 100644
--- a/app-admin/clsync/Manifest
+++ b/app-admin/clsync/Manifest
@@ -1,8 +1,11 @@
+AUX clsync-0.4.1-capabilities.patch 2027 SHA256
3bc8150cd1479b02b132902e9b9efacce3eb94748e52e0023fea954c6933d5de SHA512
ff435c7e1d7cd93ab410f42c461b8ea4ef3807b0c7656e447fafc54e007b93e54b216b63f43b5a440e2ed9b8c01abd42cd3b31dfd575e5c8b0b07151eff79bb6
WHIRLPOOL
d8b3ae0dd2fdab82fd6705181356efbdd576ef5d16f62899fff7093749432e3751659b27584550cc7da07f172c6e186b3fb503df5640ba1f7af9283cfeee9e75
+AUX clsync-0.4.1-check-exec-arguments.patch 800 SHA256
5f7711d6f79c956e0014426a94943ccbdad51cf0ea228895d8f9fd631d7f69f4 SHA512
649c07543fe3382eec23073ba3ed6901bfde984e4cb05e2eba41282fd9343c465ae4ca0e0d8534c293152764a547cbc463b7c7b625bfdf7a34a242b7f567738a
WHIRLPOOL
98eefa5fcceecf3738fec98fe80a5e945183fb68d6edc827cfa98344bb7be5fbe52a2c25380cec290c276dd3be2f77323787ed1dc24dfbbd65e3d05e8f49c5c0
+AUX clsync-0.4.1-splitting.patch 983 SHA256
0f99e07d0f6cfef050b2bba1cc5c1e715741a83df1ef6e35f02d271210e46f9e SHA512
1efbe3f2341cf861926af64adaa76097894cea622df967625afbe06cf871e2d47a2f76020b8ef9b8b3942e109884f582db98848ed7734b3d8105c65e4dc4ca46
WHIRLPOOL
b493c716c03e47057ff83947b30f81c1f68f3540810117c72fa1289308e9944849940ce172934043e38d7a2fe228c9e38adc416d6ec44b0e5bab198b9128ebbc
AUX clsync.conf 589 SHA256
1a8689b86cf9475ef72ef42a623a1bb1ae55abff31578dcfdf3537331c681815 SHA512
46d8d786378eed0bfa46195e45f764015258ba55b35a5acf2685967e9fbd1fc7656c6aeba26b06889fa2f7c62cb11ecb84b10b856356ea3c0d463eaa4980c33d
WHIRLPOOL
cd9a0800b75eab476d7feec079f23538295dca5067f979ce4280c3188b9a24adf7c78e0c2ec5e2e8cadd71d11be181d873bc462d9fe321ada85e4e11690272db
AUX clsync.confd 645 SHA256
ae7e9cacf618f9a32a4a1580580a901831aaaa0abb9de9e0379fbcc6a7359b0d SHA512
75dcc49d51f6da94d42eb501f1ad2868f163405dd7aa933f4c8078ec18f5b54eb6c66ff796ee744f7751699162627af843edbe5de5adf99c23712cedaebaddc5
WHIRLPOOL
06289c7645430d10b242983daa9cd2d4c2f327b34ede308012354947c64c654a7864586743ae6de7c02770a8b1c22de04b63404a6431b317b328ac6ac1e121ce
AUX clsync.initd 573 SHA256
1f3306dfeb4c8d8260551ed0edebe842452de2a2b7e85d07aa0fe46b88f10414 SHA512
c944388d5e61cfba73d462d457dbdcfef42c4bfc6f9ba814eea592dd630d64309e8e2b4af1cb621a41151613f28ab4508cc7d26d44def0b5a01938742cfbdd2e
WHIRLPOOL
c824fd5ed8e45afcd5df737dfea7645fc3460e42c5ab0512c4c462fc646f789e81597fb460126412f2347e0cb9468339b1874a697b65a40a3ff278625241f460
DIST clsync-0.4.1.tar.gz 253890 SHA256
3f14a72d7c3c1747ea908e373f25bd1918ce00450492fbb7094549db6bf21e27 SHA512
875280f706026d44806b92c22fa58d016136b2792f67a6b7e77f932465081da7a1ebaf22c25e538e4b58bfe04cd1cd5450ecab99c3df53ddd2a0fa966442d444
WHIRLPOOL
10ab11821766f7d16d03993069ac4da5fe362a1e5977ea6721e49ada7044d3659e59b507b03be4de09609b0a0ca9d7878407d7b6e1f40df5dbe1d041dac373cb
-EBUILD clsync-0.4.1.ebuild 2729 SHA256
25723e95cf5583a904c7ee6d5d10758deca0ad7999f8d133c81e8790c75531ca SHA512
d824724131f9f806c1d3701c52566c729c0520d88427633ec41bb2a3bff7bbb756d7d4f6ec8aafeaef095e3f86343af14f867511210e63707044fd5d87adc453
WHIRLPOOL
92917fd871700da8fc15a7c12685646115b5f61d59b8f809da4556ac0a1fb2295129955eef8c3f74ab91920b53bc785ff81ce28ebddf5e665826750d5a764549
-EBUILD clsync-9999.ebuild 2729 SHA256
25723e95cf5583a904c7ee6d5d10758deca0ad7999f8d133c81e8790c75531ca SHA512
d824724131f9f806c1d3701c52566c729c0520d88427633ec41bb2a3bff7bbb756d7d4f6ec8aafeaef095e3f86343af14f867511210e63707044fd5d87adc453
WHIRLPOOL
92917fd871700da8fc15a7c12685646115b5f61d59b8f809da4556ac0a1fb2295129955eef8c3f74ab91920b53bc785ff81ce28ebddf5e665826750d5a764549
-MISC ChangeLog 6016 SHA256
9604b2ba7f7474f65ca1968e273978fb9672256e5ce6260c9d9e338207fd0950 SHA512
a38aa14bd5e33365c17b6a40a10424b2843abef4c5094153b571413d0c44d5e601974a735cabf42766f9ebf9205c5a6b5e0b571e2a4c833a9d9a1dfd7320eff8
WHIRLPOOL
fa49da0179eb5f6631e3eb65b9afae4b1ef5c42dcb8d22bf26bc31b645af3daa25642f1775ae61b25b4c852958e924dcc73817d3b95c78cafcb8c8ff3d392644
+EBUILD clsync-0.4.1.ebuild 2925 SHA256
c835ef7fbcf59e58d27e5ab07aa758c855b8736b03c3df316ae62e8959203cea SHA512
00e900de4aa63f8962dd3089579ab468faa6d984f0dff0481485a7b7d20179bbee3c2753088093ba00712dfa5930b70ba2b22f7a8fd3087f97d52b5fabdc7756
WHIRLPOOL
99aaa540f719f0543064c7681400da03357d478d70574958cdf923c856393d3920391719b0e588b5f757e90448cc4030491bdf0308cd1a9b3c4e9eec36c4d2ef
+EBUILD clsync-9999.ebuild 2751 SHA256
3d1ced06980c5693db5b137e49d63df18b980810e0cf672eeb13de28467be6bd SHA512
b091afffbb922e588df5eabc99a8bb6ca1ff3874068699b97a7e6062017fa871812f991a31132e330091362c83d6f1ddb0f410929d4010339a855497d28fa8b8
WHIRLPOOL
035211cf315a0924c38fec39895b66bd9cddbbd3d80ec6da3a4e90a466199cbb29fb006a46de61fb0bb749a6f555d272a009eb11455c17aa14d042fac4c66b1b
+MISC ChangeLog 6012 SHA256
672c45533b851157cb9980aa0cb241fb2afc073ed1657edd99f140a7ed314aa3 SHA512
d0dd82d93686ac2ebd60153b95d617e66b06ba2b361dd04d6b438b22dc9765e6e9bbbc39063200c0bef2dddaf9ca905aa8f2afe8b4da947e1079e81cb349cdcd
WHIRLPOOL
0929582207753a13ed733c136ccce5eff853ed39aa53de1e060803de32cb046dfe0c4b9dd6b2f2f948ca25237fcdf6088509c12f849acc6dabeea075cff1d187
MISC metadata.xml 1572 SHA256
6d90b9c0f0b37dffda05a9b5ca6d02f05ce0362eb8bf8fbe19e90c3f77570940 SHA512
5be148bc1f8b1ca76e2b5713bf5a9ecfc88c4c101620fbbf1cb4efcbe7b33a923038ea0c2d5b2d66689552a04b865c4b0625887baa98a80d64f486208143ce67
WHIRLPOOL
e1cd84b85b5ac476407930f14217cfed16f67d3aeb221e61dffa94c688b69ada4f29f7a7e9f4f2b610f8730c10d700bff9148d6b871ca9d98e76eaa0c5de68c8
diff --git a/app-admin/clsync/clsync-0.4.1.ebuild
b/app-admin/clsync/clsync-0.4.1.ebuild
deleted file mode 120000
index 868bf4a..0000000
--- a/app-admin/clsync/clsync-0.4.1.ebuild
+++ /dev/null
@@ -1 +0,0 @@
-clsync-9999.ebuild
\ No newline at end of file
diff --git a/app-admin/clsync/clsync-0.4.1.ebuild
b/app-admin/clsync/clsync-0.4.1.ebuild
new file mode 100644
index 0000000..6b60095
--- /dev/null
+++ b/app-admin/clsync/clsync-0.4.1.ebuild
@@ -0,0 +1,107 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI=5
+
+if [[ ${PV} == "9999" ]] ; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/xaionaro/${PN}.git";
+else
+ SRC_URI="https://github.com/xaionaro/${PN}/archive/v${PV}.tar.gz ->
${P}.tar.gz"
+ KEYWORDS="~amd64 ~x86"
+fi
+
+inherit autotools eutils linux-info
+
+DESCRIPTION="Live sync tool based on inotify, written in GNU C"
+HOMEPAGE="https://github.com/xaionaro/clsync http://ut.mephi.ru/oss/clsync";
+LICENSE="GPL-3+"
+SLOT="0"
+IUSE="+caps cluster control-socket cgroups debug extra-hardened
+gio hardened +highload-locks +inotify mhash namespaces seccomp"
+
+REQUIRED_USE="
+ || ( gio inotify )
+ extra-hardened? ( hardened )
+ mhash? ( cluster )"
+
+RDEPEND="
+ dev-libs/glib:2
+ cgroups? ( dev-libs/libcgroup )
+ mhash? ( app-crypt/mhash )
+"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig
+"
+RDEPEND="${CDEPEND}
+ ~app-doc/clsync-docs-${PV}
+"
+
+pkg_pretend() {
+ use namespaces && CONFIG_CHECK="~NAMESPACES ~UTS_NS ~IPC_NS ~USER_NS
~PID_NS ~NET_NS"
+ use seccomp && CONFIG_CHECK+=" ~SECCOMP"
+ check_extra_config
+}
+
+src_prepare() {
+ # upstream fixes for 0.4.1
+ epatch \
+ "${FILESDIR}/${P}-capabilities.patch" \
+ "${FILESDIR}/${P}-check-exec-arguments.patch" \
+ "${FILESDIR}/${P}-splitting.patch"
+ eautoreconf
+}
+
+src_configure() {
+ local harden_level=0
+ use hardened && harden_level=1
+ use extra-hardened && harden_level=2
+
+ econf \
+ --docdir="${EPREFIX}/usr/share/doc/${PF}" \
+ --disable-socket-library \
+ --enable-clsync \
+ --enable-paranoid=${harden_level} \
+ --without-bsm \
+ --without-kqueue \
+ $(use_enable caps capabilities) \
+ $(use_enable cluster) \
+ $(use_enable control-socket socket) \
+ $(use_enable debug) \
+ $(use_enable highload-locks) \
+ $(use_enable namespaces unshare) \
+ $(use_enable seccomp) \
+ $(use_with cgroups libcgroup) \
+ $(use_with gio gio lib) \
+ $(use_with inotify inotify native) \
+ $(use_with mhash)
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ # docs go into clsync-docs
+ rm -rf "${ED}/usr/share/doc" || die
+
+ newinitd "${FILESDIR}/${PN}.initd" "${PN}"
+ newconfd "${FILESDIR}/${PN}.confd" "${PN}"
+
+ # filter rules and sync scripts are supposed to be here
+ keepdir "${EPREFIX}/etc/${PN}"
+ insinto "/etc/${PN}"
+ newins "${FILESDIR}/${PN}.conf" "${PN}.conf"
+}
+
+pkg_postinst() {
+ einfo "${PN} is just a convenient way to run synchronization tools on
live data,"
+ einfo "it doesn't copy data itself, so you need to install software to
do actual"
+ einfo "data transfer. Usually net-misc/rsync is a good choise, but
${PN} is"
+ einfo "is flexible enough to use any user tool, see manual page for
details."
+ einfo
+ einfo "${PN} init script can be multiplexed, to use symlink init script
to"
+ einfo "othername and use conf.d/othername to configure it."
+ einfo
+ einfo "If you're interested in improved security, enable"
+ einfo "USE=\"caps cgroups hardened namespaces seccomp\""
+}
diff --git a/app-admin/clsync/clsync-9999.ebuild
b/app-admin/clsync/clsync-9999.ebuild
index 2e1f080..5ba6875 100644
--- a/app-admin/clsync/clsync-9999.ebuild
+++ b/app-admin/clsync/clsync-9999.ebuild
@@ -31,8 +31,10 @@ RDEPEND="
cgroups? ( dev-libs/libcgroup )
mhash? ( app-crypt/mhash )
"
-DEPEND="${RDEPEND}
+DEPEND="${CDEPEND}
virtual/pkgconfig
+"
+RDEPEND="${CDEPEND}
~app-doc/clsync-docs-${PV}
"
diff --git a/app-admin/clsync/files/clsync-0.4.1-capabilities.patch
b/app-admin/clsync/files/clsync-0.4.1-capabilities.patch
new file mode 100644
index 0000000..83cf15c
--- /dev/null
+++ b/app-admin/clsync/files/clsync-0.4.1-capabilities.patch
@@ -0,0 +1,68 @@
+commit 2589dd0217bf358c41dbd2d65390d0bf156a02b0
+Author: Dmitry Yu Okunev <dyoku...@ut.mephi.ru>
+Date: Tue May 19 13:26:32 2015 +0300
+
+ Fixed: Permission denied on --enable-debug=no
+
+ Bugreport: https://github.com/xaionaro/clsync/issues/133
+
+diff --git a/privileged.c b/privileged.c
+index 2a9d0f3..1c3117e 100644
+--- a/privileged.c
++++ b/privileged.c
+@@ -1054,19 +1054,28 @@ int privileged_handler(ctx_t *ctx_p)
+ case -1:
+ error("Cannot fork().");
+ break;
+- case 0:
++ case 0: {
++ int rc;
++ (void)rc; // anti-warning
on ./configure --enable-debug=no
+ #ifdef ANTIPARANOID
+ if (ctx_p->privileged_gid !=
exec_gid)
+ #endif
+- debug(4, "setgid(%u) ==
%i", exec_gid, setgid(exec_gid));
++ {
++ rc = setgid(exec_gid);
++ debug(4, "setgid(%u) ==
%i", exec_gid, rc);
++ }
+
+ #ifdef ANTIPARANOID
+ if (ctx_p->privileged_uid !=
exec_uid)
+ #endif
+- debug(4, "setuid(%u) ==
%i", exec_uid, setuid(exec_uid));
++ {
++ rc = setuid(exec_uid);
++ debug(4, "setuid(%u) ==
%i", exec_uid, rc);
++ }
+
+ debug(3, "execvp(\"%s\",
argv)", file);
+ exit(execvp(file, argv));
++ }
+ }
+ cmd_ret_p->ret = (void *)(long)pid;
+ debug(21, "/PA_FORK_EXECVP");
+@@ -1640,12 +1649,20 @@ int __privileged_fork_execvp(const char *file, char
*const argv[])
+ case -1:
+ error("Cannot fork().");
+ return -1;
+- case 0:
+- debug(4, "setgid(%u) == %i",
__privileged_fork_execvp_gid, setgid(__privileged_fork_execvp_gid));
+- debug(4, "setuid(%u) == %i",
__privileged_fork_execvp_uid, setuid(__privileged_fork_execvp_uid));
++ case 0: {
++ int rc;
++ (void)rc; // anti-warning on ./configure
--enable-debug=no
++
++ rc = setgid(__privileged_fork_execvp_gid);
++ debug(4, "setgid(%u) == %i",
__privileged_fork_execvp_gid, rc);
++
++ rc = setuid(__privileged_fork_execvp_uid);
++ debug(4, "setuid(%u) == %i",
__privileged_fork_execvp_uid, rc);
++
+ errno = 0;
+ execvp(file, argv);
+ exit(errno);
++ }
+ }
+
+ return pid;
diff --git a/app-admin/clsync/files/clsync-0.4.1-check-exec-arguments.patch
b/app-admin/clsync/files/clsync-0.4.1-check-exec-arguments.patch
new file mode 100644
index 0000000..af76e4b
--- /dev/null
+++ b/app-admin/clsync/files/clsync-0.4.1-check-exec-arguments.patch
@@ -0,0 +1,21 @@
+commit 48bc49bc21ed0aea9c1b8a06434a0db31530b217
+Author: Dmitry Yu Okunev <dyoku...@ut.mephi.ru>
+Date: Tue May 19 16:45:36 2015 +0300
+
+ Fixed name of option "--check-exec-arguments"
+
+ Was "--check-exec-args"
+
+diff --git a/main.c b/main.c
+index 19e2fb8..e52429e 100644
+--- a/main.c
++++ b/main.c
+@@ -97,7 +97,7 @@ static const struct option long_options[] =
+ {"secure-splitting", no_argument, NULL,
SECURESPLITTING},
+ # endif
+ {"splitting", required_argument, NULL, SPLITTING},
+- {"check-execvp-args", optional_argument, NULL,
CHECK_EXECVP_ARGS},
++ {"check-execvp-arguments",optional_argument, NULL,
CHECK_EXECVP_ARGS},
+ {"add-permitted-hook-files",required_argument, NULL,
ADDPERMITTEDHOOKFILES},
+ # ifdef SECCOMP_SUPPORT
+ {"seccomp-filter", optional_argument, NULL, SECCOMP_FILTER},
diff --git a/app-admin/clsync/files/clsync-0.4.1-splitting.patch
b/app-admin/clsync/files/clsync-0.4.1-splitting.patch
new file mode 100644
index 0000000..259762d
--- /dev/null
+++ b/app-admin/clsync/files/clsync-0.4.1-splitting.patch
@@ -0,0 +1,35 @@
+commit 582bb46d6350ad100ac5fbf1082988cf6bd5198c
+Author: Dmitry Yu Okunev <dyoku...@ut.mephi.ru>
+Date: Wed May 13 15:37:41 2015 +0300
+
+ [paranoid=0] Fixed a segfault on thread/process splitting
+
+ Fixes: https://github.com/xaionaro/clsync/issues/127
+
+diff --git a/malloc.c b/malloc.c
+index f320b84..a5ca48d 100644
+--- a/malloc.c
++++ b/malloc.c
+@@ -101,11 +101,11 @@ void *malloc_align(size_t size) {
+ # endif
+
+ total_size = size;
+-# ifdef PARANOID
++
++ // Rounding total_size up to a number of times pagesize
+ total_size += pagesize-1;
+ total_size /= pagesize;
+ total_size *= pagesize;
+-# endif
+
+ if (posix_memalign(&ret, pagesize, total_size))
+ critical("(%li): Cannot allocate memory.", size);
+@@ -136,7 +136,7 @@ void *calloc_align(size_t nmemb, size_t size) {
+ }
+
+ char *strdup_protect(const char *src, int prot) {
+- size_t len = strlen(src);
++ size_t len = strlen(src)+1;
+ char *dst = malloc_align(len);
+ strcpy(dst, src);
+ if (mprotect(dst, len, prot))
