From 521a8b2161614db50deed16a7a70d924b8ffe12f Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Fri, 30 Jul 2021 13:45:02 +0200 Subject: iputils: update 20210202 -> 20210722 Drop rdisc part from 0001-rarpd-rdisc-Drop-PrivateUsers.patch as it's been fixed upstream; rarpd still isn't. Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie --- .../0001-rarpd-rdisc-Drop-PrivateUsers.patch | 31 ++-------- meta/recipes-extended/iputils/iputils_20210202.bb | 71 ---------------------- meta/recipes-extended/iputils/iputils_20210722.bb | 71 ++++++++++++++++++++++ 3 files changed, 77 insertions(+), 96 deletions(-) delete mode 100644 meta/recipes-extended/iputils/iputils_20210202.bb create mode 100644 meta/recipes-extended/iputils/iputils_20210722.bb diff --git a/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch b/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch index d7367caf78..c61e39dc80 100644 --- a/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch +++ b/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch @@ -1,20 +1,20 @@ -From 6e51d529988cfc0bb357751fd767e9f1478e2b81 Mon Sep 17 00:00:00 2001 +From dfeeb3f1328d09f516edeb6349bd63e3c87f9397 Mon Sep 17 00:00:00 2001 From: Alex Kiernan Date: Thu, 13 Feb 2020 06:08:45 +0000 -Subject: [PATCH] rarpd: rdisc: Drop PrivateUsers +Subject: [PATCH] rarpd:Drop PrivateUsers -Neither rarpd nor rdisc can gain the necessary capabilities with +rarpd cannot gain the necessary capabilities with PrivateUsers enabled. Upstream-Status: Pending Signed-off-by: Alex Kiernan + --- systemd/rarpd.service.in | 1 - - systemd/rdisc.service.in | 3 ++- - 2 files changed, 2 insertions(+), 2 deletions(-) + 1 file changed, 1 deletion(-) diff --git a/systemd/rarpd.service.in b/systemd/rarpd.service.in -index e600c10c93e6..f5d7621a7ce8 100644 +index e600c10..f5d7621 100644 --- a/systemd/rarpd.service.in +++ b/systemd/rarpd.service.in @@ -12,7 +12,6 @@ AmbientCapabilities=CAP_NET_RAW @@ -25,22 +25,3 @@ index e600c10c93e6..f5d7621a7ce8 100644 ProtectSystem=strict ProtectHome=yes ProtectControlGroups=yes -diff --git a/systemd/rdisc.service.in b/systemd/rdisc.service.in -index 4e2a1ec9d0e5..a71b87d36b37 100644 ---- a/systemd/rdisc.service.in -+++ b/systemd/rdisc.service.in -@@ -8,9 +8,10 @@ After=network.target - EnvironmentFile=-/etc/sysconfig/rdisc - ExecStart=@sbindir@/rdisc -f -t $OPTIONS $SEND_ADDRESS $RECEIVE_ADDRESS - -+CapabilityBoundingSet=CAP_NET_RAW - AmbientCapabilities=CAP_NET_RAW - PrivateTmp=yes --PrivateUsers=yes -+DynamicUser=yes - ProtectSystem=strict - ProtectHome=yes - ProtectControlGroups=yes --- -2.17.1 - diff --git a/meta/recipes-extended/iputils/iputils_20210202.bb b/meta/recipes-extended/iputils/iputils_20210202.bb deleted file mode 100644 index b8596ddf6a..0000000000 --- a/meta/recipes-extended/iputils/iputils_20210202.bb +++ /dev/null @@ -1,71 +0,0 @@ -SUMMARY = "Network monitoring tools" -DESCRIPTION = "Utilities for the IP protocol, including traceroute6, \ -tracepath, tracepath6, ping, ping6 and arping." -HOMEPAGE = "https://github.com/iputils/iputils" -SECTION = "console/network" - -LICENSE = "BSD & GPLv2+" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390" - -DEPENDS = "gnutls" - -SRC_URI = "git://github.com/iputils/iputils \ - file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \ - " -SRCREV = "cc16da6b574ce6637f3e6e9ab3c1a728663006ff" - -S = "${WORKDIR}/git" - -UPSTREAM_CHECK_GITTAGREGEX = "(?P20\d+)" - -# Fixed in 2000-10-10, but the versioning of iputils -# breaks the version order. -CVE_CHECK_WHITELIST += "CVE-2000-1213 CVE-2000-1214" - -PACKAGECONFIG ??= "libcap rarpd \ - ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ninfod traceroute6', '', d)} \ - ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" -PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false -DNO_SETCAP_OR_SUID=true, libcap libcap-native" -PACKAGECONFIG[libidn] = "-DUSE_IDN=true, -DUSE_IDN=false, libidn2" -PACKAGECONFIG[gettext] = "-DUSE_GETTEXT=true, -DUSE_GETTEXT=false, gettext" -PACKAGECONFIG[ninfod] = "-DBUILD_NINFOD=true,-DBUILD_NINFOD=false," -PACKAGECONFIG[rarpd] = "-DBUILD_RARPD=true,-DBUILD_RARPD=false," -PACKAGECONFIG[systemd] = "-Dsystemdunitdir=${systemd_unitdir}/system,,systemd" -PACKAGECONFIG[tftpd] = "-DBUILD_TFTPD=true, -DBUILD_TFTPD=false," -PACKAGECONFIG[traceroute6] = "-DBUILD_TRACEROUTE6=true,-DBUILD_TRACEROUTE6=false," -PACKAGECONFIG[docs] = "-DBUILD_HTML_MANS=true -DBUILD_MANS=true,-DBUILD_HTML_MANS=false -DBUILD_MANS=false, libxslt" - -inherit meson systemd update-alternatives - -EXTRA_OEMESON += "--prefix=${root_prefix}/" - -ALTERNATIVE_PRIORITY = "100" - -ALTERNATIVE:${PN}-ping = "ping" -ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" - -SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff ${PN}-rdisc \ - ${@bb.utils.contains('PACKAGECONFIG', 'rarpd', '${PN}-rarpd', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'tftpd', '${PN}-tftpd', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-traceroute6 ${PN}-ninfod', '', d)}" -PACKAGES += "${SPLITPKGS}" - -ALLOW_EMPTY:${PN} = "1" -RDEPENDS:${PN} += "${SPLITPKGS}" - -FILES:${PN} = "" -FILES:${PN}-ping = "${base_bindir}/ping.${BPN}" -FILES:${PN}-arping = "${base_bindir}/arping" -FILES:${PN}-tracepath = "${base_bindir}/tracepath" -FILES:${PN}-traceroute6 = "${base_bindir}/traceroute6" -FILES:${PN}-clockdiff = "${base_bindir}/clockdiff" -FILES:${PN}-tftpd = "${base_bindir}/tftpd ${sysconfdir}/xinetd.d/tftp" -FILES:${PN}-rarpd = "${base_sbindir}/rarpd ${systemd_unitdir}/system/rarpd@.service" -FILES:${PN}-rdisc = "${base_sbindir}/rdisc" -FILES:${PN}-ninfod = "${base_sbindir}/ninfod ${sysconfdir}/init.d/ninfod.sh" - -SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-ninfod', '', d)} \ - ${PN}-rdisc" -SYSTEMD_SERVICE:${PN}-ninfod = "ninfod.service" -SYSTEMD_SERVICE:${PN}-rdisc = "rdisc.service" diff --git a/meta/recipes-extended/iputils/iputils_20210722.bb b/meta/recipes-extended/iputils/iputils_20210722.bb new file mode 100644 index 0000000000..c2a5bf44ea --- /dev/null +++ b/meta/recipes-extended/iputils/iputils_20210722.bb @@ -0,0 +1,71 @@ +SUMMARY = "Network monitoring tools" +DESCRIPTION = "Utilities for the IP protocol, including traceroute6, \ +tracepath, tracepath6, ping, ping6 and arping." +HOMEPAGE = "https://github.com/iputils/iputils" +SECTION = "console/network" + +LICENSE = "BSD & GPLv2+" + +LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390" + +DEPENDS = "gnutls" + +SRC_URI = "git://github.com/iputils/iputils \ + file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \ + " +SRCREV = "71bb2a6c72e9f658e90ac618c73d873a76bbaa81" + +S = "${WORKDIR}/git" + +UPSTREAM_CHECK_GITTAGREGEX = "(?P20\d+)" + +# Fixed in 2000-10-10, but the versioning of iputils +# breaks the version order. +CVE_CHECK_WHITELIST += "CVE-2000-1213 CVE-2000-1214" + +PACKAGECONFIG ??= "libcap rarpd \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ninfod traceroute6', '', d)} \ + ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" +PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false -DNO_SETCAP_OR_SUID=true, libcap libcap-native" +PACKAGECONFIG[libidn] = "-DUSE_IDN=true, -DUSE_IDN=false, libidn2" +PACKAGECONFIG[gettext] = "-DUSE_GETTEXT=true, -DUSE_GETTEXT=false, gettext" +PACKAGECONFIG[ninfod] = "-DBUILD_NINFOD=true,-DBUILD_NINFOD=false," +PACKAGECONFIG[rarpd] = "-DBUILD_RARPD=true,-DBUILD_RARPD=false," +PACKAGECONFIG[systemd] = "-Dsystemdunitdir=${systemd_unitdir}/system,,systemd" +PACKAGECONFIG[tftpd] = "-DBUILD_TFTPD=true, -DBUILD_TFTPD=false," +PACKAGECONFIG[traceroute6] = "-DBUILD_TRACEROUTE6=true,-DBUILD_TRACEROUTE6=false," +PACKAGECONFIG[docs] = "-DBUILD_HTML_MANS=true -DBUILD_MANS=true,-DBUILD_HTML_MANS=false -DBUILD_MANS=false, libxslt" + +inherit meson systemd update-alternatives + +EXTRA_OEMESON += "--prefix=${root_prefix}/" + +ALTERNATIVE_PRIORITY = "100" + +ALTERNATIVE:${PN}-ping = "ping" +ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" + +SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff ${PN}-rdisc \ + ${@bb.utils.contains('PACKAGECONFIG', 'rarpd', '${PN}-rarpd', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'tftpd', '${PN}-tftpd', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-traceroute6 ${PN}-ninfod', '', d)}" +PACKAGES += "${SPLITPKGS}" + +ALLOW_EMPTY:${PN} = "1" +RDEPENDS:${PN} += "${SPLITPKGS}" + +FILES:${PN} = "" +FILES:${PN}-ping = "${base_bindir}/ping.${BPN}" +FILES:${PN}-arping = "${base_bindir}/arping" +FILES:${PN}-tracepath = "${base_bindir}/tracepath" +FILES:${PN}-traceroute6 = "${base_bindir}/traceroute6" +FILES:${PN}-clockdiff = "${base_bindir}/clockdiff" +FILES:${PN}-tftpd = "${base_bindir}/tftpd ${sysconfdir}/xinetd.d/tftp" +FILES:${PN}-rarpd = "${base_sbindir}/rarpd ${systemd_unitdir}/system/rarpd@.service" +FILES:${PN}-rdisc = "${base_sbindir}/rdisc" +FILES:${PN}-ninfod = "${base_sbindir}/ninfod ${sysconfdir}/init.d/ninfod.sh" + +SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-ninfod', '', d)} \ + ${PN}-rdisc" +SYSTEMD_SERVICE:${PN}-ninfod = "ninfod.service" +SYSTEMD_SERVICE:${PN}-rdisc = "rdisc.service" -- cgit 1.2.3-korg