Update sysutils/puppet to 0.24.9.

* Add LICENSE. * Add patches for CVE-2009-3564 from puppet's repositry. * puppet user/group handling which commented out now. * Some other pkgsrc tweak. 0.24.9 Fix for temporary file issues (https://bugzilla.redhat.com/show_bug.cgi?id=502881)
author: taca <taca@pkgsrc.org> 2010-02-04 16:22:02 +0000
committer: taca <taca@pkgsrc.org> 2010-02-04 16:22:02 +0000
commit: 661b3fb52e814187c725662c99740f1e94cd93c9 (patch)
tree: d29ad4496b94e720293e35da97ef61c72c65a141 /sysutils
parent: 2b3d974ca647f747fc7024975154e13e8b9b5b65 (diff)
download: pkgsrc-661b3fb52e814187c725662c99740f1e94cd93c9.tar.gz
5 files changed, 112 insertions, 21 deletions
diff --git a/sysutils/puppet/Makefile b/sysutils/puppet/Makefile
index 8409c868ad7..15f4ed3c33d 100644
--- a/sysutils/puppet/Makefile
+++ b/sysutils/puppet/Makefile
@@ -1,17 +1,16 @@
-# $NetBSD: Makefile,v 1.8 2010/01/27 19:51:55 joerg Exp $
+# $NetBSD: Makefile,v 1.9 2010/02/04 16:22:02 taca Exp $
 
-DISTNAME=		puppet-0.24.8
+DISTNAME=		puppet-0.24.9
 CATEGORIES=		sysutils
+MASTER_SITES=		http://reductivelabs.com/downloads/gems/
 
 MAINTAINER=		tonnerre@NetBSD.org
 HOMEPAGE=		http://www.reductivelabs.com/projects/puppet/
-MASTER_SITES=		http://reductivelabs.com/downloads/gems/
 COMMENT=		Configuration management framework written in Ruby
+LICENSE=		gnu-gpl-v2
 
 PKG_DESTDIR_SUPPORT=	user-destdir
 
-.include "../../mk/bsd.prefs.mk"
-
 DEPENDS+=		${RUBY_PKGPREFIX}-facter>=1.3.8:../../sysutils/ruby-facter
 
 GEM_BUILD=		gemspec
@@ -25,7 +24,7 @@ SUBST_FILES.prefix=	lib/puppet/reference/configuration.rb
 SUBST_FILES.prefix+=	lib/puppet/defaults.rb spec/unit/util/selinux.rb
 SUBST_FILES.prefix+=	bin/puppetrun bin/puppet bin/puppetdoc
 SUBST_FILES.prefix+=	ext/puppetstoredconfigclean.rb ext/puppetlast
-SUBST_FILES.prefix+=	examples/puppetmasterd.conf man/man8/puppet.8
+SUBST_FILES.prefix+=	man/man8/puppet.8
 SUBST_FILES.prefix+=	conf/solaris/smf/puppetd.xml
 SUBST_FILES.prefix+=	conf/solaris/smf/puppetmasterd.xml
 SUBST_FILES.prefix+=	man/man8/puppetrun.8 man/man8/puppet.conf.8
@@ -35,10 +34,31 @@ SUBST_SED.prefix+=	-e "s|/opt/csw/lib|${PREFIX}/lib|g"
 EGDIR=			${PREFIX}/share/examples/${PKGBASE}
 CONF_FILES=		${EGDIR}/puppet.conf ${PKG_SYSCONFDIR}/puppet.conf
 
+## Since these users are needed only for puppet server,
+## puppet-server package should be created.
+#SUBST_CLASSES+=		user
+#SUBST_STAGE.user=	post-patch
+#SUBST_FILES.user=	lib/puppet/defaults.rb
+#SUBST_SED.user=		-e "s|@PUPPET_GROUP@|${PUPPET_GROUP}|g"
+#SUBST_SED.user+=	-e "s|@PUPPET_USER@|${PUPPET_USER}|g"
+#
+#PKG_GROUPS_VARS=		PUPPET_GROUP
+#PKG_USERS_VARS=			PUPPET_USER
+#
+#PKG_GROUPS=			${PUPPET_GROUP}
+#PKG_USERS=			${PUPPET_USER}:${PUPPET_GROUP}
+#PKG_GECOS.${PUPPET_USER}=       Puppet configuration management pseudo-user
+
 PLIST_VARS+=		sunos
 
+BUILD_DEFS+=		VARBASE
 INSTALLATION_DIRS+=	${EGDIR}
 
+.include "../../mk/bsd.prefs.mk"
+
+#PUPPET_GROUP?=		puppet
+#PUPPET_USER?=		puppet
+
 .if ${OPSYS} == "SunOS"
 INSTALLATION_DIRS+=	lib/svc/method ${EGDIR}/svc
 CONF_DIRS+=		${VARBASE}/svc/manifest
@@ -48,6 +68,9 @@ PLIST.sunos=		yes
 .endif
 
 pre-build:
+	cd ${WRKSRC} && ${FIND} . -type f -exec ${CHMOD} g-w {} \;
+	cd ${WRKSRC} && \
+		${FIND} lib/puppet spec test -type f -exec ${CHMOD} -x {} \;
 	cd ${WRKSRC} && ${RUBY} -Ilib bin/puppetmasterd			\
 		--confdir=${PKG_SYSCONFDIR:Q} --rundir=${VARBASE:Q}/run	\
 		--genconfig |						\
diff --git a/sysutils/puppet/PLIST b/sysutils/puppet/PLIST
index 1e5b71bc804..12310d0eff3 100644
--- a/sysutils/puppet/PLIST
+++ b/sysutils/puppet/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2009/11/28 23:39:18 dholland Exp $
+@comment $NetBSD: PLIST,v 1.9 2010/02/04 16:22:02 taca Exp $
 bin/puppet
 bin/puppetca
 bin/puppetd
@@ -531,16 +531,16 @@ ${GEM_LIBDIR}/lib/puppet/util/tagging.rb
 ${GEM_LIBDIR}/lib/puppet/util/uri_helper.rb
 ${GEM_LIBDIR}/lib/puppet/util/user_attr.rb
 ${GEM_LIBDIR}/lib/puppet/util/warnings.rb
-${GEM_LIBDIR}/man/man8/filebucket.8.gz
-${GEM_LIBDIR}/man/man8/pi.8.gz
-${GEM_LIBDIR}/man/man8/puppet.8.gz
-${GEM_LIBDIR}/man/man8/puppet.conf.8.gz
-${GEM_LIBDIR}/man/man8/puppetca.8.gz
-${GEM_LIBDIR}/man/man8/puppetd.8.gz
-${GEM_LIBDIR}/man/man8/puppetdoc.8.gz
-${GEM_LIBDIR}/man/man8/puppetmasterd.8.gz
-${GEM_LIBDIR}/man/man8/puppetrun.8.gz
-${GEM_LIBDIR}/man/man8/ralsh.8.gz
+${GEM_LIBDIR}/man/man8/filebucket.8
+${GEM_LIBDIR}/man/man8/pi.8
+${GEM_LIBDIR}/man/man8/puppet.8
+${GEM_LIBDIR}/man/man8/puppet.conf.8
+${GEM_LIBDIR}/man/man8/puppetca.8
+${GEM_LIBDIR}/man/man8/puppetd.8
+${GEM_LIBDIR}/man/man8/puppetdoc.8
+${GEM_LIBDIR}/man/man8/puppetmasterd.8
+${GEM_LIBDIR}/man/man8/puppetrun.8
+${GEM_LIBDIR}/man/man8/ralsh.8
 ${GEM_LIBDIR}/spec/Rakefile
 ${GEM_LIBDIR}/spec/integration/checksum.rb
 ${GEM_LIBDIR}/spec/integration/defaults.rb
diff --git a/sysutils/puppet/distinfo b/sysutils/puppet/distinfo
index 2b63f44fd9b..f220f2eaa17 100644
--- a/sysutils/puppet/distinfo
+++ b/sysutils/puppet/distinfo
@@ -1,8 +1,10 @@
-$NetBSD: distinfo,v 1.5 2009/11/11 12:21:52 tonnerre Exp $
+$NetBSD: distinfo,v 1.6 2010/02/04 16:22:02 taca Exp $
 
-SHA1 (puppet-0.24.8.gem) = c7a01a2f5a339769c1c4d3aa375ce3cd917e4fca
-RMD160 (puppet-0.24.8.gem) = 98175142fb973a58fd174ec747a56aa248383a1b
-Size (puppet-0.24.8.gem) = 1100800 bytes
+SHA1 (puppet-0.24.9.gem) = 6acbfe7ee3dc7ac6c8716ea481633abfc3001a3a
+RMD160 (puppet-0.24.9.gem) = a80835bac5ab862038bfa2f6a367ff31c70e547a
+Size (puppet-0.24.9.gem) = 1101312 bytes
 SHA1 (patch-aa) = 3ecd66f1b16c906672d505b01c9f916334613e39
 SHA1 (patch-ab) = b08aa80de75d0c7d2321dee34accebe05ad70684
 SHA1 (patch-ac) = 150ef40f2097fecf8bd9b0096d84432246ba3701
+SHA1 (patch-ae) = 001fcf7deab2e42694f5541fce6c1fca3194c267
+SHA1 (patch-af) = 4c1916ec3626c5ac38bf7ab4f1f49cdd4cda40cd
diff --git a/sysutils/puppet/patches/patch-ae b/sysutils/puppet/patches/patch-ae
new file mode 100644
index 00000000000..a66824d6478
--- /dev/null
+++ b/sysutils/puppet/patches/patch-ae
@@ -0,0 +1,20 @@
+$NetBSD: patch-ae,v 1.1 2010/02/04 16:22:02 taca Exp $
+
+Fix for CVE-2009-3564.
+
+--- lib/puppet/util.rb.orig	2010-02-03 01:16:24.000000000 +0000
++++ lib/puppet/util.rb
+@@ -58,10 +58,11 @@ module Util
+             end
+             unless Puppet::Util::SUIDManager.uid == user
+                 begin
++                    Puppet::Util::SUIDManager.initgroups(user)
+                     Puppet::Util::SUIDManager.uid = user 
+                     Puppet::Util::SUIDManager.euid = user 
+-                rescue
+-                    $stderr.puts "could not change to user %s" % user
++                rescue => detail
++                    $stderr.puts "Could not change to user %s: %s" % [user, detail]
+                     exit(74)
+                 end
+             end
diff --git a/sysutils/puppet/patches/patch-af b/sysutils/puppet/patches/patch-af
new file mode 100644
index 00000000000..e9fb1467a17
--- /dev/null
+++ b/sysutils/puppet/patches/patch-af
@@ -0,0 +1,46 @@
+$NetBSD: patch-af,v 1.1 2010/02/04 16:22:02 taca Exp $
+
+Fix for CVE-2009-3564.
+
+--- lib/puppet/util/suidmanager.rb.orig	2010-02-03 01:16:24.000000000 +0000
++++ lib/puppet/util/suidmanager.rb
+@@ -7,7 +7,7 @@ module Puppet::Util::SUIDManager
+     extend Forwardable
+ 
+     to_delegate_to_process = [ :euid=, :euid, :egid=, :egid,
+-                               :uid=, :uid, :gid=, :gid ]
++                               :uid=, :uid, :gid=, :gid, :groups=, :groups ]
+ 
+     to_delegate_to_process.each do |method|
+         def_delegator Process, method
+@@ -26,13 +26,16 @@ module Puppet::Util::SUIDManager
+         # We set both because some programs like to drop privs, i.e. bash.
+         old_uid, old_gid = self.uid, self.gid
+         old_euid, old_egid = self.euid, self.egid
++        old_groups = self.groups
+         begin
+             self.egid = convert_xid :gid, new_gid if new_gid
++            self.initgroups(convert_xid(:uid, new_uid)) if new_uid
+             self.euid = convert_xid :uid, new_uid if new_uid
+   
+             yield
+         ensure
+             self.euid, self.egid = old_euid, old_egid
++            self.groups = old_groups
+         end
+     end
+     module_function :asuser
+@@ -49,6 +52,13 @@ module Puppet::Util::SUIDManager
+     end
+     module_function :convert_xid
+ 
++    # Initialize supplementary groups
++    def initgroups(user)
++        require 'etc'
++        Process.initgroups(Etc.getpwuid(user).name, Process.gid)
++    end
++
++    module_function :initgroups
+ 
+     def run_and_capture(command, new_uid=nil, new_gid=nil)
+         output = Puppet::Util.execute(command, :failonfail => false, :uid => new_uid, :gid => new_gid)
author	taca <taca@pkgsrc.org>	2010-02-04 16:22:02 +0000
committer	taca <taca@pkgsrc.org>	2010-02-04 16:22:02 +0000
commit	661b3fb52e814187c725662c99740f1e94cd93c9 (patch)
tree	d29ad4496b94e720293e35da97ef61c72c65a141 /sysutils
parent	2b3d974ca647f747fc7024975154e13e8b9b5b65 (diff)
download	pkgsrc-661b3fb52e814187c725662c99740f1e94cd93c9.tar.gz