diff options
author | taca <taca@pkgsrc.org> | 2010-02-04 16:22:02 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2010-02-04 16:22:02 +0000 |
commit | 661b3fb52e814187c725662c99740f1e94cd93c9 (patch) | |
tree | d29ad4496b94e720293e35da97ef61c72c65a141 /sysutils | |
parent | 2b3d974ca647f747fc7024975154e13e8b9b5b65 (diff) | |
download | pkgsrc-661b3fb52e814187c725662c99740f1e94cd93c9.tar.gz |
Update sysutils/puppet to 0.24.9.
* Add LICENSE.
* Add patches for CVE-2009-3564 from puppet's repositry.
* puppet user/group handling which commented out now.
* Some other pkgsrc tweak.
0.24.9
Fix for temporary file issues
(https://bugzilla.redhat.com/show_bug.cgi?id=502881)
Diffstat (limited to 'sysutils')
-rw-r--r-- | sysutils/puppet/Makefile | 35 | ||||
-rw-r--r-- | sysutils/puppet/PLIST | 22 | ||||
-rw-r--r-- | sysutils/puppet/distinfo | 10 | ||||
-rw-r--r-- | sysutils/puppet/patches/patch-ae | 20 | ||||
-rw-r--r-- | sysutils/puppet/patches/patch-af | 46 |
5 files changed, 112 insertions, 21 deletions
diff --git a/sysutils/puppet/Makefile b/sysutils/puppet/Makefile index 8409c868ad7..15f4ed3c33d 100644 --- a/sysutils/puppet/Makefile +++ b/sysutils/puppet/Makefile @@ -1,17 +1,16 @@ -# $NetBSD: Makefile,v 1.8 2010/01/27 19:51:55 joerg Exp $ +# $NetBSD: Makefile,v 1.9 2010/02/04 16:22:02 taca Exp $ -DISTNAME= puppet-0.24.8 +DISTNAME= puppet-0.24.9 CATEGORIES= sysutils +MASTER_SITES= http://reductivelabs.com/downloads/gems/ MAINTAINER= tonnerre@NetBSD.org HOMEPAGE= http://www.reductivelabs.com/projects/puppet/ -MASTER_SITES= http://reductivelabs.com/downloads/gems/ COMMENT= Configuration management framework written in Ruby +LICENSE= gnu-gpl-v2 PKG_DESTDIR_SUPPORT= user-destdir -.include "../../mk/bsd.prefs.mk" - DEPENDS+= ${RUBY_PKGPREFIX}-facter>=1.3.8:../../sysutils/ruby-facter GEM_BUILD= gemspec @@ -25,7 +24,7 @@ SUBST_FILES.prefix= lib/puppet/reference/configuration.rb SUBST_FILES.prefix+= lib/puppet/defaults.rb spec/unit/util/selinux.rb SUBST_FILES.prefix+= bin/puppetrun bin/puppet bin/puppetdoc SUBST_FILES.prefix+= ext/puppetstoredconfigclean.rb ext/puppetlast -SUBST_FILES.prefix+= examples/puppetmasterd.conf man/man8/puppet.8 +SUBST_FILES.prefix+= man/man8/puppet.8 SUBST_FILES.prefix+= conf/solaris/smf/puppetd.xml SUBST_FILES.prefix+= conf/solaris/smf/puppetmasterd.xml SUBST_FILES.prefix+= man/man8/puppetrun.8 man/man8/puppet.conf.8 @@ -35,10 +34,31 @@ SUBST_SED.prefix+= -e "s|/opt/csw/lib|${PREFIX}/lib|g" EGDIR= ${PREFIX}/share/examples/${PKGBASE} CONF_FILES= ${EGDIR}/puppet.conf ${PKG_SYSCONFDIR}/puppet.conf +## Since these users are needed only for puppet server, +## puppet-server package should be created. +#SUBST_CLASSES+= user +#SUBST_STAGE.user= post-patch +#SUBST_FILES.user= lib/puppet/defaults.rb +#SUBST_SED.user= -e "s|@PUPPET_GROUP@|${PUPPET_GROUP}|g" +#SUBST_SED.user+= -e "s|@PUPPET_USER@|${PUPPET_USER}|g" +# +#PKG_GROUPS_VARS= PUPPET_GROUP +#PKG_USERS_VARS= PUPPET_USER +# +#PKG_GROUPS= ${PUPPET_GROUP} +#PKG_USERS= ${PUPPET_USER}:${PUPPET_GROUP} +#PKG_GECOS.${PUPPET_USER}= Puppet configuration management pseudo-user + PLIST_VARS+= sunos +BUILD_DEFS+= VARBASE INSTALLATION_DIRS+= ${EGDIR} +.include "../../mk/bsd.prefs.mk" + +#PUPPET_GROUP?= puppet +#PUPPET_USER?= puppet + .if ${OPSYS} == "SunOS" INSTALLATION_DIRS+= lib/svc/method ${EGDIR}/svc CONF_DIRS+= ${VARBASE}/svc/manifest @@ -48,6 +68,9 @@ PLIST.sunos= yes .endif pre-build: + cd ${WRKSRC} && ${FIND} . -type f -exec ${CHMOD} g-w {} \; + cd ${WRKSRC} && \ + ${FIND} lib/puppet spec test -type f -exec ${CHMOD} -x {} \; cd ${WRKSRC} && ${RUBY} -Ilib bin/puppetmasterd \ --confdir=${PKG_SYSCONFDIR:Q} --rundir=${VARBASE:Q}/run \ --genconfig | \ diff --git a/sysutils/puppet/PLIST b/sysutils/puppet/PLIST index 1e5b71bc804..12310d0eff3 100644 --- a/sysutils/puppet/PLIST +++ b/sysutils/puppet/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.8 2009/11/28 23:39:18 dholland Exp $ +@comment $NetBSD: PLIST,v 1.9 2010/02/04 16:22:02 taca Exp $ bin/puppet bin/puppetca bin/puppetd @@ -531,16 +531,16 @@ ${GEM_LIBDIR}/lib/puppet/util/tagging.rb ${GEM_LIBDIR}/lib/puppet/util/uri_helper.rb ${GEM_LIBDIR}/lib/puppet/util/user_attr.rb ${GEM_LIBDIR}/lib/puppet/util/warnings.rb -${GEM_LIBDIR}/man/man8/filebucket.8.gz -${GEM_LIBDIR}/man/man8/pi.8.gz -${GEM_LIBDIR}/man/man8/puppet.8.gz -${GEM_LIBDIR}/man/man8/puppet.conf.8.gz -${GEM_LIBDIR}/man/man8/puppetca.8.gz -${GEM_LIBDIR}/man/man8/puppetd.8.gz -${GEM_LIBDIR}/man/man8/puppetdoc.8.gz -${GEM_LIBDIR}/man/man8/puppetmasterd.8.gz -${GEM_LIBDIR}/man/man8/puppetrun.8.gz -${GEM_LIBDIR}/man/man8/ralsh.8.gz +${GEM_LIBDIR}/man/man8/filebucket.8 +${GEM_LIBDIR}/man/man8/pi.8 +${GEM_LIBDIR}/man/man8/puppet.8 +${GEM_LIBDIR}/man/man8/puppet.conf.8 +${GEM_LIBDIR}/man/man8/puppetca.8 +${GEM_LIBDIR}/man/man8/puppetd.8 +${GEM_LIBDIR}/man/man8/puppetdoc.8 +${GEM_LIBDIR}/man/man8/puppetmasterd.8 +${GEM_LIBDIR}/man/man8/puppetrun.8 +${GEM_LIBDIR}/man/man8/ralsh.8 ${GEM_LIBDIR}/spec/Rakefile ${GEM_LIBDIR}/spec/integration/checksum.rb ${GEM_LIBDIR}/spec/integration/defaults.rb diff --git a/sysutils/puppet/distinfo b/sysutils/puppet/distinfo index 2b63f44fd9b..f220f2eaa17 100644 --- a/sysutils/puppet/distinfo +++ b/sysutils/puppet/distinfo @@ -1,8 +1,10 @@ -$NetBSD: distinfo,v 1.5 2009/11/11 12:21:52 tonnerre Exp $ +$NetBSD: distinfo,v 1.6 2010/02/04 16:22:02 taca Exp $ -SHA1 (puppet-0.24.8.gem) = c7a01a2f5a339769c1c4d3aa375ce3cd917e4fca -RMD160 (puppet-0.24.8.gem) = 98175142fb973a58fd174ec747a56aa248383a1b -Size (puppet-0.24.8.gem) = 1100800 bytes +SHA1 (puppet-0.24.9.gem) = 6acbfe7ee3dc7ac6c8716ea481633abfc3001a3a +RMD160 (puppet-0.24.9.gem) = a80835bac5ab862038bfa2f6a367ff31c70e547a +Size (puppet-0.24.9.gem) = 1101312 bytes SHA1 (patch-aa) = 3ecd66f1b16c906672d505b01c9f916334613e39 SHA1 (patch-ab) = b08aa80de75d0c7d2321dee34accebe05ad70684 SHA1 (patch-ac) = 150ef40f2097fecf8bd9b0096d84432246ba3701 +SHA1 (patch-ae) = 001fcf7deab2e42694f5541fce6c1fca3194c267 +SHA1 (patch-af) = 4c1916ec3626c5ac38bf7ab4f1f49cdd4cda40cd diff --git a/sysutils/puppet/patches/patch-ae b/sysutils/puppet/patches/patch-ae new file mode 100644 index 00000000000..a66824d6478 --- /dev/null +++ b/sysutils/puppet/patches/patch-ae @@ -0,0 +1,20 @@ +$NetBSD: patch-ae,v 1.1 2010/02/04 16:22:02 taca Exp $ + +Fix for CVE-2009-3564. + +--- lib/puppet/util.rb.orig 2010-02-03 01:16:24.000000000 +0000 ++++ lib/puppet/util.rb +@@ -58,10 +58,11 @@ module Util + end + unless Puppet::Util::SUIDManager.uid == user + begin ++ Puppet::Util::SUIDManager.initgroups(user) + Puppet::Util::SUIDManager.uid = user + Puppet::Util::SUIDManager.euid = user +- rescue +- $stderr.puts "could not change to user %s" % user ++ rescue => detail ++ $stderr.puts "Could not change to user %s: %s" % [user, detail] + exit(74) + end + end diff --git a/sysutils/puppet/patches/patch-af b/sysutils/puppet/patches/patch-af new file mode 100644 index 00000000000..e9fb1467a17 --- /dev/null +++ b/sysutils/puppet/patches/patch-af @@ -0,0 +1,46 @@ +$NetBSD: patch-af,v 1.1 2010/02/04 16:22:02 taca Exp $ + +Fix for CVE-2009-3564. + +--- lib/puppet/util/suidmanager.rb.orig 2010-02-03 01:16:24.000000000 +0000 ++++ lib/puppet/util/suidmanager.rb +@@ -7,7 +7,7 @@ module Puppet::Util::SUIDManager + extend Forwardable + + to_delegate_to_process = [ :euid=, :euid, :egid=, :egid, +- :uid=, :uid, :gid=, :gid ] ++ :uid=, :uid, :gid=, :gid, :groups=, :groups ] + + to_delegate_to_process.each do |method| + def_delegator Process, method +@@ -26,13 +26,16 @@ module Puppet::Util::SUIDManager + # We set both because some programs like to drop privs, i.e. bash. + old_uid, old_gid = self.uid, self.gid + old_euid, old_egid = self.euid, self.egid ++ old_groups = self.groups + begin + self.egid = convert_xid :gid, new_gid if new_gid ++ self.initgroups(convert_xid(:uid, new_uid)) if new_uid + self.euid = convert_xid :uid, new_uid if new_uid + + yield + ensure + self.euid, self.egid = old_euid, old_egid ++ self.groups = old_groups + end + end + module_function :asuser +@@ -49,6 +52,13 @@ module Puppet::Util::SUIDManager + end + module_function :convert_xid + ++ # Initialize supplementary groups ++ def initgroups(user) ++ require 'etc' ++ Process.initgroups(Etc.getpwuid(user).name, Process.gid) ++ end ++ ++ module_function :initgroups + + def run_and_capture(command, new_uid=nil, new_gid=nil) + output = Puppet::Util.execute(command, :failonfail => false, :uid => new_uid, :gid => new_gid) |