From 28b5bbf3fee0627993658e096eadab71c2779912 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 12 Apr 2011 10:53:36 +0000 Subject: Tue Apr 12 10:53:36 UTC 2011 --- core/mdadm/PKGBUILD | 10 ++-- core/syslog-ng/PKGBUILD | 23 +++++++-- core/syslog-ng/cap_syslog.patch | 101 ++++++++++++++++++++++++++++++++++++++++ core/syslog-ng/syslog-ng.rc | 2 +- 4 files changed, 127 insertions(+), 9 deletions(-) create mode 100644 core/syslog-ng/cap_syslog.patch (limited to 'core') diff --git a/core/mdadm/PKGBUILD b/core/mdadm/PKGBUILD index 94c209616..d6c56b553 100644 --- a/core/mdadm/PKGBUILD +++ b/core/mdadm/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 116698 2011-03-25 08:21:55Z tpowa $ +# $Id: PKGBUILD 117346 2011-03-31 06:36:59Z tpowa $ # Maintainer: Tobias Powalowski # Contributor: Judd Vinet pkgname=mdadm -pkgver=3.1.5 +pkgver=3.2.1 pkgrel=1 pkgdesc="A tool for managing/monitoring Linux md device arrays, also known as Software RAID" arch=(i686 x86_64) @@ -19,7 +19,7 @@ source=(ftp://ftp.kernel.org/pub/linux/utils/raid/mdadm/mdadm-$pkgver.tar.bz2 mdadm_hook) install=mdadm.install replaces=('raidtools') -md5sums=('a7575707a5f2d1ed6d408446eabcb19b' +md5sums=('d1e2549202bd79d9e99f1498d1109530' '7bff0e506fb6017510c8ec4a01896952' '00cbed931db4f15b6ce49e3e7d433966' '865c3d39e5f5dae58388160b563981f1' @@ -28,6 +28,10 @@ md5sums=('a7575707a5f2d1ed6d408446eabcb19b' build() { cd $srcdir/$pkgname-$pkgver make CXFLAGS="$CFLAGS" +} + +package() { + cd $srcdir/$pkgname-$pkgver make INSTALL=/bin/install DESTDIR=$pkgdir install install -D -m644 ../mdadm.conf $pkgdir/etc/mdadm.conf install -D -m755 ../mdadm $pkgdir/etc/rc.d/mdadm diff --git a/core/syslog-ng/PKGBUILD b/core/syslog-ng/PKGBUILD index 3f55ee147..e9ca12719 100644 --- a/core/syslog-ng/PKGBUILD +++ b/core/syslog-ng/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 109435 2011-02-09 17:44:22Z eric $ +# $Id: PKGBUILD 114715 2011-03-15 15:44:12Z tpowa $ # Maintainer: Aaron Griffin # Contributor: Judd Vinet pkgname=syslog-ng pkgver=3.2.2 -pkgrel=1 +pkgrel=2 pkgdesc="Next-generation syslogd with advanced networking and filtering capabilities" arch=('i686' 'x86_64') license=('GPL2') @@ -19,14 +19,17 @@ backup=('etc/syslog-ng/modules.conf' 'etc/syslog-ng/scl.conf' 'etc/syslog-ng/sys source=(http://www.balabit.com/downloads/files/syslog-ng/sources/${pkgver}/source/${pkgname}_${pkgver}.tar.gz syslog-ng.conf syslog-ng.logrotate - syslog-ng.rc) + syslog-ng.rc + cap_syslog.patch) md5sums=('ed8ebe559d52a63fb61e3e2db566643f' '344dddfff946300f5576b13a7e8ea19f'\ - '735636090be4582885974542d2a75855' '9bd98250cfa49e13fa3fa731b6040549') + '735636090be4582885974542d2a75855' 'b90f8f1ba0433e5a1518ac30f882560a') sha1sums=('3a340f8e72b460cc0bc1ec1d4c86b74678912dd6' 'b9eb8c61f7cccda543fc5c97fe1d40a8d15e713f'\ - 'ac997b25d7d8e69e66782d3771a0e12aff55ae7f' '65ba6f0b92b8acc8ec97bb381762f5fbef4d1beb') + 'ac997b25d7d8e69e66782d3771a0e12aff55ae7f' '253e59f4182fba46aea56bebc4b79a199fae32bc') build() { cd "$srcdir/$pkgname-$pkgver" + # fix #22555 for kernels >=2.6.38 + patch -Np1 -i ../cap_syslog.patch ./configure --prefix=/usr --sysconfdir=/etc/syslog-ng \ --libexecdir=/usr/lib --localstatedir=/var/lib/syslog-ng \ --enable-tcp-wrapper \ @@ -43,3 +46,13 @@ package() { install -Dm644 "$srcdir/syslog-ng.logrotate" "$pkgdir/etc/logrotate.d/syslog-ng" install -Dm755 "$srcdir/syslog-ng.rc" "$pkgdir/etc/rc.d/syslog-ng" } +md5sums=('ed8ebe559d52a63fb61e3e2db566643f' + '344dddfff946300f5576b13a7e8ea19f' + '735636090be4582885974542d2a75855' + 'b90f8f1ba0433e5a1518ac30f882560a' + '46e5dcff71f820d497898331a3f608fe') +sha1sums=('3a340f8e72b460cc0bc1ec1d4c86b74678912dd6' + 'b9eb8c61f7cccda543fc5c97fe1d40a8d15e713f' + 'ac997b25d7d8e69e66782d3771a0e12aff55ae7f' + '253e59f4182fba46aea56bebc4b79a199fae32bc' + 'f093a09626a528d23f0f2aeece018cab15a735a9') diff --git a/core/syslog-ng/cap_syslog.patch b/core/syslog-ng/cap_syslog.patch new file mode 100644 index 000000000..b6e6db6e4 --- /dev/null +++ b/core/syslog-ng/cap_syslog.patch @@ -0,0 +1,101 @@ +diff --git a/lib/gprocess.h b/lib/gprocess.h +index cda35b0..5c449f7 100644 +--- a/lib/gprocess.h ++++ b/lib/gprocess.h +@@ -28,9 +28,14 @@ + #include "syslog-ng.h" + + #include ++#include + + #if ENABLE_LINUX_CAPS + # include ++# ++# ifndef CAP_SYSLOG ++# define CAP_SYSLOG 34 ++# endif + #endif + + typedef enum +@@ -78,5 +83,8 @@ void g_process_finish(void); + + void g_process_add_option_group(GOptionContext *ctx); + ++extern int kernel_version; ++extern void get_kernel_version(void); ++#define LINUX_VERSION(x,y,z) (0x10000*(x) + 0x100*(y) + z) + + #endif +diff --git a/modules/affile/affile.c b/modules/affile/affile.c +index e145324..886fa72 100644 +--- a/modules/affile/affile.c ++++ b/modules/affile/affile.c +@@ -59,7 +59,12 @@ affile_open_file(gchar *name, gint flags, + if (privileged) + { + g_process_cap_modify(CAP_DAC_READ_SEARCH, TRUE); +- g_process_cap_modify(CAP_SYS_ADMIN, TRUE); ++ if (!kernel_version) ++ get_kernel_version(); ++ if (kernel_version < LINUX_VERSION(2, 6, 38)) ++ g_process_cap_modify(CAP_SYS_ADMIN, TRUE); ++ else ++ g_process_cap_modify(CAP_SYSLOG, TRUE); + } + else + { +diff --git a/syslog-ng/main.c b/syslog-ng/main.c +index 9880c1f..ee5031b 100644 +--- a/syslog-ng/main.c ++++ b/syslog-ng/main.c +@@ -67,6 +67,7 @@ static gboolean syntax_only = FALSE; + static gboolean display_version = FALSE; + static gchar *ctlfilename = PATH_CONTROL_SOCKET; + static gchar *preprocess_into = NULL; ++int kernel_version; + + static volatile sig_atomic_t sig_hup_received = FALSE; + static volatile sig_atomic_t sig_term_received = FALSE; +@@ -363,6 +364,20 @@ version(void) + ON_OFF_STR(ENABLE_PACCT_MODULE)); + } + ++void ++get_kernel_version(void) { ++ static struct utsname uts; ++ int x = 0, y = 0, z = 0; ++ ++ if (uname(&uts) == -1) { ++ fprintf(stderr, "Unable to retrieve kernel version.\n"); ++ exit(1); ++ } ++ ++ sscanf(uts.release, "%d.%d.%d", &x, &y, &z); ++ kernel_version = LINUX_VERSION(x, y, z); ++} ++ + int + main(int argc, char *argv[]) + { +@@ -379,9 +394,20 @@ main(int argc, char *argv[]) + * indicate readability. Enabling/disabling cap_sys_admin on every poll + * invocation seems to be too expensive. So I enable it for now. */ + +- g_process_set_caps("cap_net_bind_service,cap_net_broadcast,cap_net_raw," ++ if (!kernel_version) ++ get_kernel_version(); ++ if (kernel_version < LINUX_VERSION(2, 6, 34)) ++ g_process_set_caps("cap_net_bind_service,cap_net_broadcast,cap_net_raw," + "cap_dac_read_search,cap_dac_override,cap_chown,cap_fowner=p " + "cap_sys_admin=ep"); ++ else if (kernel_version < LINUX_VERSION(2, 6, 38)) ++ g_process_set_caps("cap_net_bind_service,cap_net_broadcast,cap_net_raw," ++ "cap_dac_read_search,cap_dac_override,cap_chown,cap_fowner," ++ "cap_sys_admin=p"); ++ else ++ g_process_set_caps("cap_net_bind_service,cap_net_broadcast,cap_net_raw," ++ "cap_dac_read_search,cap_dac_override,cap_chown,cap_fowner," ++ "cap_syslog=p"); + ctx = g_option_context_new("syslog-ng"); + g_process_add_option_group(ctx); + msg_add_option_group(ctx); diff --git a/core/syslog-ng/syslog-ng.rc b/core/syslog-ng/syslog-ng.rc index f9d14c7f6..fbd41fc7b 100755 --- a/core/syslog-ng/syslog-ng.rc +++ b/core/syslog-ng/syslog-ng.rc @@ -22,7 +22,7 @@ case "$1" in stat_fail else rm -f /var/run/syslog-ng.pid -# Removing stale syslog-ng.persist file. It's new location, as of 2.0.6-1, is /var/lib/syslog-ng/ +# Removing stale syslog-ng.persist file. Its new location, as of 2.0.6-1, is /var/lib/syslog-ng/ rm -f /var/syslog-ng.persist rm_daemon syslog-ng stat_done -- cgit v1.2.3-54-g00ecf