diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2007-11-06 00:42:30 +0000 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2007-11-06 00:42:30 +0000 |
commit | 818d89280df177f55d7b512d6879e3cbd7d3686a (patch) | |
tree | 0f22234af5c71c8a7e929a0683a0be27bcf714f9 | |
parent | Removing sed that tried to force static linking with libpcre and closing bug ... (diff) | |
download | gentoo-2-818d89280df177f55d7b512d6879e3cbd7d3686a.tar.gz gentoo-2-818d89280df177f55d7b512d6879e3cbd7d3686a.tar.bz2 gentoo-2-818d89280df177f55d7b512d6879e3cbd7d3686a.zip |
Lock down perms on ietd.conf and initiation.allow/deny per security bug #198209.
(Portage version: 2.1.3.16)
-rw-r--r-- | sys-block/iscsitarget/ChangeLog | 9 | ||||
-rw-r--r-- | sys-block/iscsitarget/files/digest-iscsitarget-0.4.15-r1 | 3 | ||||
-rw-r--r-- | sys-block/iscsitarget/iscsitarget-0.4.15-r1.ebuild | 63 |
3 files changed, 74 insertions, 1 deletions
diff --git a/sys-block/iscsitarget/ChangeLog b/sys-block/iscsitarget/ChangeLog index f21c28848401..2ec67117d146 100644 --- a/sys-block/iscsitarget/ChangeLog +++ b/sys-block/iscsitarget/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-block/iscsitarget # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-block/iscsitarget/ChangeLog,v 1.6 2007/05/28 07:50:33 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-block/iscsitarget/ChangeLog,v 1.7 2007/11/06 00:42:29 robbat2 Exp $ + +*iscsitarget-0.4.15-r1 (06 Nov 2007) + + 06 Nov 2007; Robin H. Johnson <robbat2@gentoo.org> + +iscsitarget-0.4.15-r1.ebuild: + Lock down perms on ietd.conf and initiation.allow/deny per security bug + #198209. *iscsitarget-0.4.15 (28 May 2007) diff --git a/sys-block/iscsitarget/files/digest-iscsitarget-0.4.15-r1 b/sys-block/iscsitarget/files/digest-iscsitarget-0.4.15-r1 new file mode 100644 index 000000000000..43fcafc237a8 --- /dev/null +++ b/sys-block/iscsitarget/files/digest-iscsitarget-0.4.15-r1 @@ -0,0 +1,3 @@ +MD5 81390e388d87e3cc17383ef5f4322c28 iscsitarget-0.4.15.tar.gz 102922 +RMD160 d7d787f1fcbdb124d17eaaa62eaa47c21b6e5dd2 iscsitarget-0.4.15.tar.gz 102922 +SHA256 da8eb570f9abb6e50c515321747407e9945f5a83bab774c42ed41809234505cb iscsitarget-0.4.15.tar.gz 102922 diff --git a/sys-block/iscsitarget/iscsitarget-0.4.15-r1.ebuild b/sys-block/iscsitarget/iscsitarget-0.4.15-r1.ebuild new file mode 100644 index 000000000000..e24d76bb5197 --- /dev/null +++ b/sys-block/iscsitarget/iscsitarget-0.4.15-r1.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-block/iscsitarget/iscsitarget-0.4.15-r1.ebuild,v 1.1 2007/11/06 00:42:29 robbat2 Exp $ + +inherit linux-mod eutils + +DESCRIPTION="Open Source iSCSI target with professional features" +HOMEPAGE="http://iscsitarget.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~amd64 ~ppc" +IUSE="" + +RDEPEND="dev-libs/openssl" +DEPEND="${RDEPEND} + virtual/linux-sources" +MODULE_NAMES="iscsi_trgt(kernel/iscsi:${S}/kernel)" +CONFIG_CHECK="CRYPTO_CRC32C" +ERROR_CFG="iscsitarget needs support for CRC32C in your kernel." + +src_unpack() { + unpack ${A} + EPATCH_OPTS="-d ${S} -p0" \ + epatch ${FILESDIR}/${PN}-0.4.13-usrbuildfix.patch + convert_to_m ${S}/Makefile +} + +src_compile() { + einfo "Building userspace" + CFLAGS="" emake usr OPTFLAGS="${CFLAGS}" || die "failed to build userspace" + + einfo "Building kernel modules" + unset ARCH + emake KSRC="${KERNEL_DIR}" kernel || die "failed to build module" +} + +src_install() { + einfo "Installing userspace" + dosbin usr/ietd usr/ietadm || die "dosbin failed" + insinto /etc + doins etc/ietd.conf etc/initiators.{allow,deny} || die "doins failed" + # Upstream's provided Gentoo init script is out of date compared to + # their Debian init script. And isn't that nice. + #newinitd etc/initd/initd.gentoo ietd || die + newinitd ${FILESDIR}/ietd-init.d ietd || die "newinitd failed" + newconfd ${FILESDIR}/ietd-conf.d ietd || die "newconfd failed" + + # Lock down perms, per bug 198209 + fperms 0640 /etc/ietd.conf /etc/initiators.{allow,deny} + + doman doc/manpages/*.[1-9] || die "manpages failed" + dodoc ChangeLog README || die "docs failed" + + einfo "Installing kernel module" + unset ARCH + linux-mod_src_install || die "modules failed" +} + +pkg_postinst() { + chmod 0640 ${ROOT}/etc/ietd.conf ${ROOT}/etc/initiators.{allow,deny} +} |