From 792d4ea1a3db535bc7ae440f72c993c8c6f32d32 Mon Sep 17 00:00:00 2001 From: Wes Cilldhaire Date: Fri, 10 Nov 2017 10:16:49 +1100 Subject: net-nds/389-ds-base: Bump to 1.3.5.19 and 1.3.6.8 Bump to 1.3.5.19 and 1.3.6.8 to fix CVE-2017-7551 Bug: https://bugs.gentoo.org/627038 Acked-by: wibrown@redhat.com Package-Manager: Portage-2.3.13, Repoman-2.3.4 --- net-nds/389-ds-base/389-ds-base-1.3.5.19.ebuild | 124 ++++++++++++++++++++++++ net-nds/389-ds-base/389-ds-base-1.3.6.8.ebuild | 124 ++++++++++++++++++++++++ net-nds/389-ds-base/Manifest | 2 + 3 files changed, 250 insertions(+) create mode 100644 net-nds/389-ds-base/389-ds-base-1.3.5.19.ebuild create mode 100644 net-nds/389-ds-base/389-ds-base-1.3.6.8.ebuild (limited to 'net-nds') diff --git a/net-nds/389-ds-base/389-ds-base-1.3.5.19.ebuild b/net-nds/389-ds-base/389-ds-base-1.3.5.19.ebuild new file mode 100644 index 000000000000..6fddd0315a5b --- /dev/null +++ b/net-nds/389-ds-base/389-ds-base-1.3.5.19.ebuild @@ -0,0 +1,124 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +WANT_AUTOMAKE="1.13" + +inherit user eutils multilib flag-o-matic autotools + +DESCRIPTION="389 Directory Server (core librares and daemons )" +HOMEPAGE="http://www.port389.org/" +SRC_URI="http://www.port389.org/sources/${P}.tar.bz2" + +LICENSE="GPL-3+" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="autobind auto-dn-suffix debug doc +pam-passthru +dna +ldapi +bitwise presence kerberos selinux" + +# Pinned to db:4.8 as it is the current stable, can change to a later db version < 6 when they stabilize. +# The --with-db-inc line in econf will need to be updated as well when changing db version. +COMMON_DEPEND=" + sys-libs/db:4.8 + >=dev-libs/cyrus-sasl-2.1.19 + >=net-analyzer/net-snmp-5.1.2 + >=dev-libs/icu-3.4:= + >=dev-libs/nss-3.22[utils] + dev-libs/nspr + >=dev-libs/svrcore-4.1.2 + dev-libs/openssl:0= + dev-libs/libpcre:3 + >=dev-perl/perl-mozldap-1.5.3 + dev-perl/NetAddr-IP + net-nds/openldap + sys-libs/pam + sys-libs/zlib + kerberos? ( >=app-crypt/mit-krb5-1.7-r100[openldap] )" + +DEPEND="${COMMON_DEPEND} + virtual/pkgconfig + doc? ( app-doc/doxygen )" + +RDEPEND="${COMMON_DEPEND} + selinux? ( sec-policy/selinux-dirsrv ) + virtual/perl-Time-Local + virtual/perl-MIME-Base64" + +pkg_setup() { + enewgroup dirsrv + enewuser dirsrv -1 -1 -1 dirsrv +} + +src_prepare() { + # as per 389 documentation, when 64bit, export USE_64 + use amd64 && export USE_64=1 + + eautoreconf + + append-lfs-flags +} + +src_configure() { + econf \ + $(use_enable debug) \ + $(use_enable pam-passthru) \ + $(use_enable ldapi) \ + $(use_enable autobind) \ + $(use_enable dna) \ + $(use_enable bitwise) \ + $(use_enable presence) \ + $(use_with kerberos) \ + $(use_enable auto-dn-suffix) \ + --with-initddir=no \ + --enable-maintainer-mode \ + --with-fhs \ + --with-openldap \ + --sbindir=/usr/sbin \ + --bindir=/usr/bin \ + --with-db-inc=/usr/include/db4.8 + +} + +src_compile() { + default + if use doc; then + doxygen slapi.doxy || die "cannot run doxygen" + fi +} + +src_install () { + # -j1 is a temporary workaround for bug #605432 + emake -j1 DESTDIR="${D}" install + + # Install gentoo style init script + # Get these merged upstream + newinitd "${FILESDIR}"/389-ds.initd-r1 389-ds + newinitd "${FILESDIR}"/389-ds-snmp.initd 389-ds-snmp + + # cope with libraries being in /usr/lib/dirsrv + dodir /etc/env.d + echo "LDPATH=/usr/$(get_libdir)/dirsrv" > "${D}"/etc/env.d/08dirsrv + + if use doc; then + cd "${S}" || die + docinto html/ + dodoc -r docs/html/. + fi +} + +pkg_postinst() { + echo + elog "If you are planning to use 389-ds-snmp (ldap-agent)," + elog "make sure to properly configure: /etc/dirsrv/config/ldap-agent.conf" + elog "adding proper 'server' entries, and adding the lines below to" + elog " => /etc/snmp/snmpd.conf" + elog + elog "master agentx" + elog "agentXSocket /var/agentx/master" + elog + elog "To start 389 Directory Server (LDAP service) at boot:" + elog + elog " rc-update add 389-ds default" + elog + echo +} diff --git a/net-nds/389-ds-base/389-ds-base-1.3.6.8.ebuild b/net-nds/389-ds-base/389-ds-base-1.3.6.8.ebuild new file mode 100644 index 000000000000..6fddd0315a5b --- /dev/null +++ b/net-nds/389-ds-base/389-ds-base-1.3.6.8.ebuild @@ -0,0 +1,124 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +WANT_AUTOMAKE="1.13" + +inherit user eutils multilib flag-o-matic autotools + +DESCRIPTION="389 Directory Server (core librares and daemons )" +HOMEPAGE="http://www.port389.org/" +SRC_URI="http://www.port389.org/sources/${P}.tar.bz2" + +LICENSE="GPL-3+" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="autobind auto-dn-suffix debug doc +pam-passthru +dna +ldapi +bitwise presence kerberos selinux" + +# Pinned to db:4.8 as it is the current stable, can change to a later db version < 6 when they stabilize. +# The --with-db-inc line in econf will need to be updated as well when changing db version. +COMMON_DEPEND=" + sys-libs/db:4.8 + >=dev-libs/cyrus-sasl-2.1.19 + >=net-analyzer/net-snmp-5.1.2 + >=dev-libs/icu-3.4:= + >=dev-libs/nss-3.22[utils] + dev-libs/nspr + >=dev-libs/svrcore-4.1.2 + dev-libs/openssl:0= + dev-libs/libpcre:3 + >=dev-perl/perl-mozldap-1.5.3 + dev-perl/NetAddr-IP + net-nds/openldap + sys-libs/pam + sys-libs/zlib + kerberos? ( >=app-crypt/mit-krb5-1.7-r100[openldap] )" + +DEPEND="${COMMON_DEPEND} + virtual/pkgconfig + doc? ( app-doc/doxygen )" + +RDEPEND="${COMMON_DEPEND} + selinux? ( sec-policy/selinux-dirsrv ) + virtual/perl-Time-Local + virtual/perl-MIME-Base64" + +pkg_setup() { + enewgroup dirsrv + enewuser dirsrv -1 -1 -1 dirsrv +} + +src_prepare() { + # as per 389 documentation, when 64bit, export USE_64 + use amd64 && export USE_64=1 + + eautoreconf + + append-lfs-flags +} + +src_configure() { + econf \ + $(use_enable debug) \ + $(use_enable pam-passthru) \ + $(use_enable ldapi) \ + $(use_enable autobind) \ + $(use_enable dna) \ + $(use_enable bitwise) \ + $(use_enable presence) \ + $(use_with kerberos) \ + $(use_enable auto-dn-suffix) \ + --with-initddir=no \ + --enable-maintainer-mode \ + --with-fhs \ + --with-openldap \ + --sbindir=/usr/sbin \ + --bindir=/usr/bin \ + --with-db-inc=/usr/include/db4.8 + +} + +src_compile() { + default + if use doc; then + doxygen slapi.doxy || die "cannot run doxygen" + fi +} + +src_install () { + # -j1 is a temporary workaround for bug #605432 + emake -j1 DESTDIR="${D}" install + + # Install gentoo style init script + # Get these merged upstream + newinitd "${FILESDIR}"/389-ds.initd-r1 389-ds + newinitd "${FILESDIR}"/389-ds-snmp.initd 389-ds-snmp + + # cope with libraries being in /usr/lib/dirsrv + dodir /etc/env.d + echo "LDPATH=/usr/$(get_libdir)/dirsrv" > "${D}"/etc/env.d/08dirsrv + + if use doc; then + cd "${S}" || die + docinto html/ + dodoc -r docs/html/. + fi +} + +pkg_postinst() { + echo + elog "If you are planning to use 389-ds-snmp (ldap-agent)," + elog "make sure to properly configure: /etc/dirsrv/config/ldap-agent.conf" + elog "adding proper 'server' entries, and adding the lines below to" + elog " => /etc/snmp/snmpd.conf" + elog + elog "master agentx" + elog "agentXSocket /var/agentx/master" + elog + elog "To start 389 Directory Server (LDAP service) at boot:" + elog + elog " rc-update add 389-ds default" + elog + echo +} diff --git a/net-nds/389-ds-base/Manifest b/net-nds/389-ds-base/Manifest index 1eeb746f3cd5..ce78b11dbb26 100644 --- a/net-nds/389-ds-base/Manifest +++ b/net-nds/389-ds-base/Manifest @@ -1,2 +1,4 @@ DIST 389-ds-base-1.3.4.14.tar.bz2 3433905 SHA256 4408e61c52dc56d8e0ffee530dde70c2af00aa86b385cc40b389ef8bcce55aaa SHA512 1043b3e3437d1d24d1eec54c5c5ca39692151d05b8eb035224db78e68a1f4011bd2e0916f54609387903e2bbe9345f954be5c0a578f90a107958f74604908d6c WHIRLPOOL f2bf87c450c870ad1b886000f49f5d1b6def760c9b1634cffe4871da755932d43cb9253bebe12092032359097a7786e9d29fc64d4326fb3a079a79163a2ccc01 DIST 389-ds-base-1.3.5.17.tar.bz2 3587553 SHA256 522420b6decc162ed5d57ca913753b48e4bd7137fa0eb1bbc3e21e45923b1819 SHA512 5b96b19cea7dc80c64eaade31127d04c228f7e4dc1999ec19b341cf080ee4570757c84e8dae151c2cb3bcebe1398d50238d74ca362ce07fceafcb66fba590833 WHIRLPOOL 87728a559a7d71fd025af4ec8cb25bc10384acf1b515184f33f76ddc7cd0eb29562c4c3dbb70652f44f42734578acb1f7fc2deadc0947f4fe8f57a24bcbff39c +DIST 389-ds-base-1.3.5.19.tar.bz2 3588794 SHA256 ad55aadd4155cabdb7cc66dbca3bbe43faf865750da01032c9a1f8ed3a2136e4 SHA512 897f59fe23a9d5a784df7a255dc300805c8f00b754d4976f8637a61954ffe2de59da09ee700dc5047b406196deb28e9647ec50c0b06c0d34371a418c126c8b7d WHIRLPOOL 23438cc16c408f633198ee83f9929b01701ab28fef1938ec7c3ea4781815186493be28659c2356b7ef7818457238915e36f3664694a258e55a5e9615c828f803 +DIST 389-ds-base-1.3.6.8.tar.bz2 3440164 SHA256 447997455d0b9cf97c9bb86f23066d119c73c3a12b473fa45b4f1a8299d50e8a SHA512 b08a87bffbdf8e4c6bf6b4f87394aa0a12b8b44fcadec2f97c146b3a21ff89f5f547080aacb0ecda9b91aca83f8bf093b64c2569b2d8be84ffe22439be446234 WHIRLPOOL c11b4eaae32fbd35781f058d3699c16e47a004e5f6f05459dd4d8d4013d92f707e45cad4432e8bc9a6e4ce5808bf188b9ed8be76690524219508fbede71f695c -- cgit v1.2.3-65-gdbad