From 686d7bee8a1ede727f19dc3f036f88843aea4ee0 Mon Sep 17 00:00:00 2001 From: Stephan Raue Date: Fri, 1 Jul 2011 23:36:10 +0200 Subject: [PATCH 1/8] nfs-utils: dont install portmap, dont install init script anymore, dont create RPC user Signed-off-by: Stephan Raue --- packages/network/nfs-utils/init.d/05_nfsutils | 35 ------------------- packages/network/nfs-utils/install | 3 -- packages/network/nfs-utils/meta | 2 +- 3 files changed, 1 insertion(+), 39 deletions(-) delete mode 100644 packages/network/nfs-utils/init.d/05_nfsutils diff --git a/packages/network/nfs-utils/init.d/05_nfsutils b/packages/network/nfs-utils/init.d/05_nfsutils deleted file mode 100644 index 48aeaf3924..0000000000 --- a/packages/network/nfs-utils/init.d/05_nfsutils +++ /dev/null @@ -1,35 +0,0 @@ -################################################################################ -# Copyright (C) 2009-2010 OpenELEC.tv -# http://www.openelec.tv -# -# This Program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This Program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with OpenELEC.tv; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. -# http://www.gnu.org/copyleft/gpl.html -################################################################################ - -# create directories needed for nfs-utils -# -# runlevels: openelec, textmode - -( - progress "create directories needed for nfs-utils" - - install -m 755 -o rpcuser -g rpcuser -d /var/lib/nfs - install -m 755 -o rpcuser -g rpcuser -d /var/lib/nfs/sm - install -m 755 -o rpcuser -g rpcuser -d /var/lib/nfs/sm.bak - touch /var/lib/nfs/etab && chown rpcuser:rpcuser /var/lib/nfs/etab - touch /var/lib/nfs/rmtab && chown rpcuser:rpcuser /var/lib/nfs/rmtab - touch /var/lib/nfs/state && chown rpcuser:rpcuser /var/lib/nfs/state - touch /var/lib/nfs/xtab && chown rpcuser:rpcuser /var/lib/nfs/xtab -)& diff --git a/packages/network/nfs-utils/install b/packages/network/nfs-utils/install index e5dd29e39c..acde9ddb41 100755 --- a/packages/network/nfs-utils/install +++ b/packages/network/nfs-utils/install @@ -22,9 +22,6 @@ . config/options $1 -add_user rpcuser x 29 29 "RPC Service User" "/var/lib/nfs" "/bin/sh" -add_group rpcuser 29 - mkdir -p $INSTALL/sbin cp $PKG_BUILD/utils/mount/mount.nfs $INSTALL/sbin/ ln -sf mount.nfs $INSTALL/sbin/mount.nfs4 diff --git a/packages/network/nfs-utils/meta b/packages/network/nfs-utils/meta index 22eb91f855..924dad4891 100644 --- a/packages/network/nfs-utils/meta +++ b/packages/network/nfs-utils/meta @@ -25,7 +25,7 @@ PKG_ARCH="any" PKG_LICENSE="OSS" PKG_SITE="http://nfs.sourceforge.net/" PKG_URL="$SOURCEFORGE_SRC/nfs/nfs-utils/$PKG_VERSION/$PKG_NAME-$PKG_VERSION.tar.bz2" -PKG_DEPENDS="libevent libnfsidmap libtirpc portmap util-linux" +PKG_DEPENDS="libevent libnfsidmap libtirpc util-linux" PKG_BUILD_DEPENDS="toolchain libevent libnfsidmap libtirpc util-linux" PKG_PRIORITY="optional" PKG_SECTION="network" From 5c8ed25a0effa162d050000ef6b056dac2e2a723 Mon Sep 17 00:00:00 2001 From: Stephan Raue Date: Fri, 1 Jul 2011 23:36:40 +0200 Subject: [PATCH 2/8] portmap: remove package 'portmap' Signed-off-by: Stephan Raue --- packages/network/portmap/build | 31 -- packages/network/portmap/init.d/54_portmap | 28 -- packages/network/portmap/install | 30 -- packages/network/portmap/meta | 36 -- .../portmap/patches/portmap-4-001_linux.patch | 27 -- .../patches/portmap-4-002_malloc.patch | 330 ------------------ .../patches/portmap-4-003_cleanup.patch | 85 ----- .../patches/portmap-4-004_rpc_user.patch | 72 ---- .../patches/portmap-4-005_sigpipe.patch | 12 - .../portmap/patches/portmap-4-006_errno.patch | 18 - .../portmap/patches/portmap-4-007_pie.patch | 42 --- .../patches/portmap-4-008_loopback.patch | 51 --- .../portmap/patches/portmap-4-009_pic.patch | 16 - 13 files changed, 778 deletions(-) delete mode 100755 packages/network/portmap/build delete mode 100644 packages/network/portmap/init.d/54_portmap delete mode 100755 packages/network/portmap/install delete mode 100644 packages/network/portmap/meta delete mode 100644 packages/network/portmap/patches/portmap-4-001_linux.patch delete mode 100644 packages/network/portmap/patches/portmap-4-002_malloc.patch delete mode 100644 packages/network/portmap/patches/portmap-4-003_cleanup.patch delete mode 100644 packages/network/portmap/patches/portmap-4-004_rpc_user.patch delete mode 100644 packages/network/portmap/patches/portmap-4-005_sigpipe.patch delete mode 100644 packages/network/portmap/patches/portmap-4-006_errno.patch delete mode 100644 packages/network/portmap/patches/portmap-4-007_pie.patch delete mode 100644 packages/network/portmap/patches/portmap-4-008_loopback.patch delete mode 100644 packages/network/portmap/patches/portmap-4-009_pic.patch diff --git a/packages/network/portmap/build b/packages/network/portmap/build deleted file mode 100755 index 5efb4d6557..0000000000 --- a/packages/network/portmap/build +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh - -################################################################################ -# This file is part of OpenELEC - http://www.openelec.tv -# Copyright (C) 2009-2011 Stephan Raue (stephan@openelec.tv) -# -# This Program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This Program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with OpenELEC.tv; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. -# http://www.gnu.org/copyleft/gpl.html -################################################################################ - -. config/options $1 - -cd $PKG_BUILD -make FACILITY=LOG_AUTH \ - ZOMBIES='-DIGNORE_SIGCHLD -Dlint' \ - LIBS="-lnsl" \ - AUX="" \ - HOSTS_ACCESS="" \ - diff --git a/packages/network/portmap/init.d/54_portmap b/packages/network/portmap/init.d/54_portmap deleted file mode 100644 index 08ee2a7b26..0000000000 --- a/packages/network/portmap/init.d/54_portmap +++ /dev/null @@ -1,28 +0,0 @@ -################################################################################ -# Copyright (C) 2009-2010 OpenELEC.tv -# http://www.openelec.tv -# -# This Program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This Program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with OpenELEC.tv; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. -# http://www.gnu.org/copyleft/gpl.html -################################################################################ - -# starting portmap -# -# runlevels: openelec, textmode - -( - progress "starting portmap" - portmap -)& \ No newline at end of file diff --git a/packages/network/portmap/install b/packages/network/portmap/install deleted file mode 100755 index 5afa135c98..0000000000 --- a/packages/network/portmap/install +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh - -################################################################################ -# This file is part of OpenELEC - http://www.openelec.tv -# Copyright (C) 2009-2011 Stephan Raue (stephan@openelec.tv) -# -# This Program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This Program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with OpenELEC.tv; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. -# http://www.gnu.org/copyleft/gpl.html -################################################################################ - -. config/options $1 - -mkdir -p $INSTALL/sbin - cp $PKG_BUILD/portmap $INSTALL/sbin/ - -mkdir -p $INSTALL/usr/sbin - cp $PKG_BUILD/pmap_set $INSTALL/usr/sbin/ - cp $PKG_BUILD/pmap_dump $INSTALL/usr/sbin/ diff --git a/packages/network/portmap/meta b/packages/network/portmap/meta deleted file mode 100644 index c8e8eab2d4..0000000000 --- a/packages/network/portmap/meta +++ /dev/null @@ -1,36 +0,0 @@ -################################################################################ -# This file is part of OpenELEC - http://www.openelec.tv -# Copyright (C) 2009-2011 Stephan Raue (stephan@openelec.tv) -# -# This Program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This Program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with OpenELEC.tv; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. -# http://www.gnu.org/copyleft/gpl.html -################################################################################ - -PKG_NAME="portmap" -PKG_VERSION="4" -PKG_REV="1" -PKG_ARCH="any" -PKG_LICENSE="OSS" -PKG_SITE="ftp://ftp.porcupine.org/pub/security/" -PKG_URL="ftp://ftp.porcupine.org/pub/security/${PKG_NAME}_${PKG_VERSION}.tar.gz" -PKG_DEPENDS="" -PKG_BUILD_DEPENDS="toolchain" -PKG_PRIORITY="optional" -PKG_SECTION="network" -PKG_SHORTDESC="portmap: RPC portmapper" -PKG_LONGDESC="This is an RPC portmapper that prevents theft of NIS (YP), NFS, and other sensitive information via the portmapper. As an option, the program supports access control in the style of the tcp wrapper (log_tcp) package." -PKG_IS_ADDON="no" - -PKG_AUTORECONF="no" diff --git a/packages/network/portmap/patches/portmap-4-001_linux.patch b/packages/network/portmap/patches/portmap-4-001_linux.patch deleted file mode 100644 index c29b3d570f..0000000000 --- a/packages/network/portmap/patches/portmap-4-001_linux.patch +++ /dev/null @@ -1,27 +0,0 @@ ---- portmap_4/Makefile.orig Fri May 31 09:50:40 1996 -+++ portmap_4/Makefile Fri Aug 9 17:40:43 1996 -@@ -67,9 +67,9 @@ - - SHELL = /bin/sh - --COPT = -Dconst= -Dperror=xperror $(HOSTS_ACCESS) $(CHECK_PORT) \ -+COPT = -Dconst= $(HOSTS_ACCESS) $(CHECK_PORT) \ - $(SYS) -DFACILITY=$(FACILITY) $(ULONG) $(ZOMBIES) $(SA_LEN) --CFLAGS = $(COPT) -O $(NSARCHS) $(SETPGRP) -+CFLAGS = $(COPT) $(RPM_OPT_FLAGS) $(NSARCHS) $(SETPGRP) - OBJECTS = portmap.o pmap_check.o from_local.o $(AUX) - - all: portmap pmap_dump pmap_set ---- portmap_4/Makefile.bad 1996-05-31 09:50:40.000000000 -0400 -+++ portmap_4/Makefile 2002-12-12 09:54:00.000000000 -0500 -@@ -74,8 +74,8 @@ - - all: portmap pmap_dump pmap_set - --portmap: $(OBJECTS) $(WRAP_DIR)/libwrap.a -- $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(WRAP_DIR)/libwrap.a $(LIBS) -+portmap: $(OBJECTS) -+ $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(LIBS) - - pmap_dump: pmap_dump.c - $(CC) $(CFLAGS) -o $@ $? $(LIBS) diff --git a/packages/network/portmap/patches/portmap-4-002_malloc.patch b/packages/network/portmap/patches/portmap-4-002_malloc.patch deleted file mode 100644 index 3b971ffbd9..0000000000 --- a/packages/network/portmap/patches/portmap-4-002_malloc.patch +++ /dev/null @@ -1,330 +0,0 @@ -diff -urN portmap_4/daemon.c portmap_4.new/daemon.c ---- portmap_4/daemon.c Thu Jun 11 13:53:12 1992 -+++ portmap_4.new/daemon.c Mon Nov 29 18:37:28 1999 -@@ -35,7 +35,9 @@ - static char sccsid[] = "@(#)daemon.c 5.3 (Berkeley) 12/28/90"; - #endif /* LIBC_SCCS and not lint */ - -+#include - #include -+#include - - /* From unistd.h */ - #define STDIN_FILENO 0 -@@ -44,7 +46,7 @@ - - /* From paths.h */ - #define _PATH_DEVNULL "/dev/null" -- -+int - daemon(nochdir, noclose) - int nochdir, noclose; - { -diff -urN portmap_4/from_local.c portmap_4.new/from_local.c ---- portmap_4/from_local.c Fri May 31 06:52:58 1996 -+++ portmap_4.new/from_local.c Tue Nov 30 01:21:27 1999 -@@ -46,11 +46,14 @@ - #include - #include - #include -+#include - #include - #include - #include - #include - #include -+#include -+#include - - #ifndef TRUE - #define TRUE 1 -@@ -95,7 +98,7 @@ - } - - /* find_local - find all IP addresses for this host */ -- -+int - find_local() - { - struct ifconf ifc; -@@ -153,7 +156,7 @@ - } - - /* from_local - determine whether request comes from the local system */ -- -+int - from_local(addr) - struct sockaddr_in *addr; - { -diff -urN portmap_4/pmap_check.c portmap_4.new/pmap_check.c ---- portmap_4/pmap_check.c Sun Nov 21 11:59:01 1993 -+++ portmap_4.new/pmap_check.c Tue Nov 30 01:19:37 1999 -@@ -34,7 +34,7 @@ - #ifndef lint - static char sccsid[] = "@(#) pmap_check.c 1.6 93/11/21 20:58:59"; - #endif -- -+#include - #include - #include - #include -@@ -66,6 +66,9 @@ - - /* A handful of macros for "readability". */ - -+/* coming from libwrap.a (tcp_wrappers) */ -+extern int hosts_ctl(char *daemon, char *name, char *addr, char *user); -+ - #define good_client(a) hosts_ctl("portmap", "", inet_ntoa(a->sin_addr), "") - - #define legal_port(a,p) \ -@@ -104,6 +107,7 @@ - - /* check_default - additional checks for NULL, DUMP, GETPORT and unknown */ - -+int - check_default(addr, proc, prog) - struct sockaddr_in *addr; - u_long proc; -@@ -121,7 +125,7 @@ - } - - /* check_privileged_port - additional checks for privileged-port updates */ -- -+int - check_privileged_port(addr, proc, prog, port) - struct sockaddr_in *addr; - u_long proc; -@@ -138,7 +142,7 @@ - } - - /* check_setunset - additional checks for update requests */ -- -+int - check_setunset(addr, proc, prog, port) - struct sockaddr_in *addr; - u_long proc; -@@ -160,7 +164,7 @@ - } - - /* check_callit - additional checks for forwarded requests */ -- -+int - check_callit(addr, proc, prog, aproc) - struct sockaddr_in *addr; - u_long proc; -@@ -213,13 +217,13 @@ - }; - struct proc_map *procp; - static struct proc_map procmap[] = { -- PMAPPROC_CALLIT, "callit", -- PMAPPROC_DUMP, "dump", -- PMAPPROC_GETPORT, "getport", -- PMAPPROC_NULL, "null", -- PMAPPROC_SET, "set", -- PMAPPROC_UNSET, "unset", -- 0, 0, -+ { PMAPPROC_CALLIT, "callit"}, -+ { PMAPPROC_DUMP, "dump"}, -+ { PMAPPROC_GETPORT, "getport"}, -+ { PMAPPROC_NULL, "null"}, -+ { PMAPPROC_SET, "set"}, -+ { PMAPPROC_UNSET, "unset"}, -+ { 0, 0}, - }; - - /* -@@ -233,7 +237,7 @@ - - if (prognum == 0) { - progname = ""; -- } else if (rpc = getrpcbynumber((int) prognum)) { -+ } else if ((rpc = getrpcbynumber((int) prognum))) { - progname = rpc->r_name; - } else { - sprintf(progname = progbuf, "%lu", prognum); -diff -urN portmap_4/pmap_dump.c portmap_4.new/pmap_dump.c ---- portmap_4/pmap_dump.c Thu Jun 11 13:53:16 1992 -+++ portmap_4.new/pmap_dump.c Tue Nov 30 01:22:07 1999 -@@ -22,7 +22,7 @@ - #include - - static char *protoname(); -- -+int - main(argc, argv) - int argc; - char **argv; -diff -urN portmap_4/pmap_set.c portmap_4.new/pmap_set.c ---- portmap_4/pmap_set.c Thu Jun 11 13:53:17 1992 -+++ portmap_4.new/pmap_set.c Tue Nov 30 01:23:49 1999 -@@ -17,6 +17,9 @@ - #include - #include - -+int parse_line(char *buf, u_long *, u_long *, int *, unsigned *); -+ -+int - main(argc, argv) - int argc; - char **argv; -@@ -42,7 +45,7 @@ - } - - /* parse_line - convert line to numbers */ -- -+int - parse_line(buf, prog, vers, prot, port) - char *buf; - u_long *prog; -diff -urN portmap_4/portmap.c portmap_4.new/portmap.c ---- portmap_4/portmap.c Fri May 31 06:52:59 1996 -+++ portmap_4.new/portmap.c Tue Nov 30 01:01:32 1999 -@@ -83,6 +83,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -128,6 +129,7 @@ - - #include "pmap_check.h" - -+int - main(argc, argv) - int argc; - char **argv; -@@ -229,6 +231,7 @@ - svc_run(); - syslog(LOG_ERR, "run_svc returned unexpectedly"); - abort(); -+ /* never reached */ - } - - #ifndef lint -@@ -290,7 +293,7 @@ - */ - /* remote host authorization check */ - check_default(svc_getcaller(xprt), rqstp->rq_proc, (u_long) 0); -- if (!svc_sendreply(xprt, xdr_void, (caddr_t)0) && debugging) { -+ if (!svc_sendreply(xprt, (xdrproc_t)xdr_void, (caddr_t)0) && debugging) { - abort(); - } - break; -@@ -299,7 +302,7 @@ - /* - * Set a program,version to port mapping - */ -- if (!svc_getargs(xprt, xdr_pmap, ®)) -+ if (!svc_getargs(xprt, (xdrproc_t)xdr_pmap, (caddr_t)®)) - svcerr_decode(xprt); - else { - /* reject non-local requests, protect priv. ports */ -@@ -341,7 +344,7 @@ - ans = 1; - } - done: -- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) && -+ if ((!svc_sendreply(xprt, (xdrproc_t)xdr_int, (caddr_t)&ans)) && - debugging) { - (void) fprintf(stderr, "svc_sendreply\n"); - abort(); -@@ -353,7 +356,7 @@ - /* - * Remove a program,version to port mapping. - */ -- if (!svc_getargs(xprt, xdr_pmap, ®)) -+ if (!svc_getargs(xprt, (xdrproc_t)xdr_pmap, (caddr_t)®)) - svcerr_decode(xprt); - else { - ans = 0; -@@ -387,7 +390,7 @@ - prevpml->pml_next = pml; - free(t); - } -- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) && -+ if ((!svc_sendreply(xprt, (xdrproc_t)xdr_int, (caddr_t)&ans)) && - debugging) { - (void) fprintf(stderr, "svc_sendreply\n"); - abort(); -@@ -399,7 +402,7 @@ - /* - * Lookup the mapping for a program,version and return its port - */ -- if (!svc_getargs(xprt, xdr_pmap, ®)) -+ if (!svc_getargs(xprt, (xdrproc_t)xdr_pmap, (caddr_t)®)) - svcerr_decode(xprt); - else { - /* remote host authorization check */ -@@ -414,7 +417,7 @@ - port = fnd->pml_map.pm_port; - else - port = 0; -- if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&port)) && -+ if ((!svc_sendreply(xprt, (xdrproc_t)xdr_int, (caddr_t)&port)) && - debugging) { - (void) fprintf(stderr, "svc_sendreply\n"); - abort(); -@@ -426,7 +429,7 @@ - /* - * Return the current set of mapped program,version - */ -- if (!svc_getargs(xprt, xdr_void, NULL)) -+ if (!svc_getargs(xprt, (xdrproc_t)xdr_void, NULL)) - svcerr_decode(xprt); - else { - /* remote host authorization check */ -@@ -437,7 +440,7 @@ - } else { - p = pmaplist; - } -- if ((!svc_sendreply(xprt, xdr_pmaplist, -+ if ((!svc_sendreply(xprt, (xdrproc_t)xdr_pmaplist, - (caddr_t)&p)) && debugging) { - (void) fprintf(stderr, "svc_sendreply\n"); - abort(); -@@ -481,7 +484,7 @@ - struct encap_parms *epp; - { - -- return (xdr_bytes(xdrs, &(epp->args), &(epp->arglen), ARGSIZE)); -+ return (xdr_bytes(xdrs, &(epp->args), (u_int *)&(epp->arglen), ARGSIZE)); - } - - struct rmtcallargs { -@@ -585,7 +588,7 @@ - timeout.tv_sec = 5; - timeout.tv_usec = 0; - a.rmt_args.args = buf; -- if (!svc_getargs(xprt, xdr_rmtcall_args, &a)) -+ if (!svc_getargs(xprt, (xdrproc_t)xdr_rmtcall_args, (caddr_t)&a)) - return; - /* host and service access control */ - if (!check_callit(svc_getcaller(xprt), -@@ -614,9 +617,9 @@ - au->aup_uid, au->aup_gid, au->aup_len, au->aup_gids); - } - a.rmt_port = (u_long)port; -- if (clnt_call(client, a.rmt_proc, xdr_opaque_parms, &a, -- xdr_len_opaque_parms, &a, timeout) == RPC_SUCCESS) { -- svc_sendreply(xprt, xdr_rmtcall_result, (caddr_t)&a); -+ if (clnt_call(client, a.rmt_proc, (xdrproc_t)xdr_opaque_parms, (caddr_t)&a, -+ (xdrproc_t)xdr_len_opaque_parms, (caddr_t)&a, timeout) == RPC_SUCCESS) { -+ svc_sendreply(xprt, (xdrproc_t)xdr_rmtcall_result, (caddr_t)&a); - } - AUTH_DESTROY(client->cl_auth); - clnt_destroy(client); - -+--------------------------------------------------------------------+ -| Ste'phane ERANIAN | Email eranian@hpl.hp.com | -| Hewlett-Packard Laboratories | | -| 1501, Page Mill Road MS 1U-15 | | -| Palo Alto, CA 94303-096 | | -| USA | | -| Tel : (650) 857-7174 | | -| Fax : (650) 857-5548 | | -+--------------------------------------------------------------------+ - - diff --git a/packages/network/portmap/patches/portmap-4-003_cleanup.patch b/packages/network/portmap/patches/portmap-4-003_cleanup.patch deleted file mode 100644 index f6b16b1095..0000000000 --- a/packages/network/portmap/patches/portmap-4-003_cleanup.patch +++ /dev/null @@ -1,85 +0,0 @@ -Some cleanup for my last patch. - - --- -H.J. Lu (hjl@gnu.org) --- ---- portmap_4/pmap_check.c.hostname Wed May 10 10:23:35 2000 -+++ portmap_4/pmap_check.c Wed May 10 11:03:22 2000 -@@ -35,6 +35,7 @@ - static char sccsid[] = "@(#) pmap_check.c 1.6 93/11/21 20:58:59"; - #endif - #include -+#include - #include - #include - #include -@@ -69,8 +70,6 @@ int deny_severity = LOG_WARNING; - /* coming from libwrap.a (tcp_wrappers) */ - extern int hosts_ctl(char *daemon, char *name, char *addr, char *user); - --#define good_client(a) hosts_ctl("portmap", "", inet_ntoa(a->sin_addr), "") -- - #define legal_port(a,p) \ - (ntohs((a)->sin_port) < IPPORT_RESERVED || (p) >= IPPORT_RESERVED) - -@@ -88,6 +87,59 @@ extern int hosts_ctl(char *daemon, char - - #define log_client(addr, proc, prog) \ - logit(allow_severity, addr, proc, prog, "") -+ -+#ifdef HOSTS_ACCESS -+static int -+good_client(addr) -+struct sockaddr_in *addr; -+{ -+ struct hostent *hp; -+ char **sp; -+ char *tmpname; -+ -+ /* Check the IP address first. */ -+ if (hosts_ctl("portmap", "", inet_ntoa(addr->sin_addr), "")) -+ return 1; -+ -+ /* Check the hostname. */ -+ hp = gethostbyaddr ((const char *) &(addr->sin_addr), -+ sizeof (addr->sin_addr), AF_INET); -+ -+ if (!hp) -+ return 0; -+ -+ /* must make sure the hostent is authorative. */ -+ tmpname = alloca (strlen (hp->h_name) + 1); -+ strcpy (tmpname, hp->h_name); -+ hp = gethostbyname(tmpname); -+ if (hp) { -+ /* now make sure the "addr->sin_addr" is on the list */ -+ for (sp = hp->h_addr_list ; *sp ; sp++) { -+ if (memcmp(*sp, &(addr->sin_addr), hp->h_length)==0) -+ break; -+ } -+ if (!*sp) -+ /* it was a FAKE. */ -+ return 0; -+ } -+ else -+ /* never heard of it. misconfigured DNS? */ -+ return 0; -+ -+ /* Check the official name first. */ -+ if (hosts_ctl("portmap", "", hp->h_name, "")) -+ return 1; -+ -+ /* Check aliases. */ -+ for (sp = hp->h_aliases; *sp ; sp++) { -+ if (hosts_ctl("portmap", "", *sp, "")) -+ return 1; -+ } -+ -+ /* No match */ -+ return 0; -+} -+#endif - - /* check_startup - additional startup code */ - diff --git a/packages/network/portmap/patches/portmap-4-004_rpc_user.patch b/packages/network/portmap/patches/portmap-4-004_rpc_user.patch deleted file mode 100644 index 5826696952..0000000000 --- a/packages/network/portmap/patches/portmap-4-004_rpc_user.patch +++ /dev/null @@ -1,72 +0,0 @@ ---- portmap_4/daemon.c.rpcuser Wed Feb 28 18:42:17 2001 -+++ portmap_4/daemon.c Wed Feb 28 18:42:17 2001 -@@ -35,6 +35,7 @@ - static char sccsid[] = "@(#)daemon.c 5.3 (Berkeley) 12/28/90"; - #endif /* LIBC_SCCS and not lint */ - -+#include - #include - #include - #include ---- portmap_4/pmap_check.c.rpcuser Wed Feb 28 18:42:17 2001 -+++ portmap_4/pmap_check.c Wed Feb 28 18:50:28 2001 -@@ -40,6 +40,8 @@ - #include - #include - #include -+#include -+#include - #include - #ifdef SYSV40 - #include -@@ -149,11 +151,47 @@ - /* - * Give up root privileges so that we can never allocate a privileged - * port when forwarding an rpc request. -+ * -+ * Fix 8/3/00 Philipp Knirsch: First lookup our rpc user. If we find it, -+ * switch to that uid, otherwise simply resue the old bin user and print -+ * out a warning in syslog. - */ -- if (setuid(1) == -1) { -- syslog(LOG_ERR, "setuid(1) failed: %m"); -- exit(1); -+ -+ struct passwd *pwent; -+ -+ pwent = getpwnam("rpc"); -+ if (pwent == NULL) { -+ syslog(LOG_WARNING, "user rpc not found, reverting to user bin"); -+ if (setgid(1) == -1) { -+ syslog(LOG_ERR, "setgid(1) failed: %m"); -+ exit(1); -+ } -+ if (setuid(1) == -1) { -+ syslog(LOG_ERR, "setuid(1) failed: %m"); -+ exit(1); -+ } - } -+ else { -+ if (setgroups(0,NULL) == -1) { -+ syslog(LOG_WARNING,"setgroups() to clear group memberships failed: %m"); -+ } -+ -+ if (setgid(pwent->pw_gid) == -1) { -+ syslog(LOG_WARNING, "setgid() to rpc group failed: %m"); -+ if (setgid(1) == -1) { -+ syslog(LOG_ERR, "setgid(1) failed: %m"); -+ exit(1); -+ } -+ } -+ if (setuid(pwent->pw_uid) == -1) { -+ syslog(LOG_WARNING, "setuid() to rpc user failed: %m"); -+ if (setuid(1) == -1) { -+ syslog(LOG_ERR, "setuid(1) failed: %m"); -+ exit(1); -+ } -+ } -+ } -+ - (void) signal(SIGINT, toggle_verboselog); - } - diff --git a/packages/network/portmap/patches/portmap-4-005_sigpipe.patch b/packages/network/portmap/patches/portmap-4-005_sigpipe.patch deleted file mode 100644 index dba7cf4bb1..0000000000 --- a/packages/network/portmap/patches/portmap-4-005_sigpipe.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- portmap_4/portmap.c.sigpipe Sun Feb 11 17:45:11 2001 -+++ portmap_4/portmap.c Sun Feb 11 17:45:51 2001 -@@ -228,6 +228,9 @@ - #else - (void)signal(SIGCHLD, reap); - #endif -+ /* Dying on SIGPIPE doesn't help anyone */ -+ (void)signal(SIGPIPE, SIG_IGN); -+ - svc_run(); - syslog(LOG_ERR, "run_svc returned unexpectedly"); - abort(); diff --git a/packages/network/portmap/patches/portmap-4-006_errno.patch b/packages/network/portmap/patches/portmap-4-006_errno.patch deleted file mode 100644 index bd83ac863e..0000000000 --- a/packages/network/portmap/patches/portmap-4-006_errno.patch +++ /dev/null @@ -1,18 +0,0 @@ ---- portmap_4/portmap.c.old 1996-05-31 09:52:59.000000000 -0400 -+++ portmap_4/portmap.c 2002-12-13 11:44:16.000000000 -0500 -@@ -94,6 +94,7 @@ - #ifdef SYSV40 - #include - #endif -+#include - - extern char *strerror(); - #include -@@ -124,7 +125,6 @@ - static void callit(); - struct pmaplist *pmaplist; - int debugging = 0; --extern int errno; - - #include "pmap_check.h" - diff --git a/packages/network/portmap/patches/portmap-4-007_pie.patch b/packages/network/portmap/patches/portmap-4-007_pie.patch deleted file mode 100644 index ee22eb769e..0000000000 --- a/packages/network/portmap/patches/portmap-4-007_pie.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- portmap_4/Makefile.pie 2003-10-28 20:18:32.000000000 -0800 -+++ portmap_4/Makefile 2003-10-28 20:18:32.000000000 -0800 -@@ -74,8 +74,11 @@ - - all: portmap pmap_dump pmap_set - -+$(OBJECTS): %.o: %.c -+ $(CC) $(CFLAGS) -fpie -c $< -+ - portmap: $(OBJECTS) -- $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(LIBS) -+ $(CC) $(CFLAGS) -o $@ -pie $(OBJECTS) $(LIBS) - - pmap_dump: pmap_dump.c - $(CC) $(CFLAGS) -o $@ $? $(LIBS) ---- portmap_4/pmap_check.h.pie 2003-10-28 20:26:34.000000000 -0800 -+++ portmap_4/pmap_check.h 2003-10-28 20:26:49.000000000 -0800 -@@ -6,6 +6,6 @@ - extern int check_setunset(); - extern int check_privileged_port(); - extern int check_callit(); --extern int verboselog; --extern int allow_severity; --extern int deny_severity; -+extern int verboselog __attribute__ ((visibility ("hidden"))); -+extern int allow_severity __attribute__ ((visibility ("hidden"))); -+extern int deny_severity __attribute__ ((visibility ("hidden"))); ---- portmap_4/pmap_check.c.pie 2003-10-28 20:27:38.000000000 -0800 -+++ portmap_4/pmap_check.c 2003-10-28 20:27:40.000000000 -0800 -@@ -63,9 +63,9 @@ - - static void logit(); - static void toggle_verboselog(); --int verboselog = 0; --int allow_severity = LOG_INFO; --int deny_severity = LOG_WARNING; -+int verboselog __attribute ((visibility ("hidden"))) = 0; -+int allow_severity __attribute ((visibility ("hidden"))) = LOG_INFO; -+int deny_severity __attribute ((visibility ("hidden"))) = LOG_WARNING; - - /* A handful of macros for "readability". */ - diff --git a/packages/network/portmap/patches/portmap-4-008_loopback.patch b/packages/network/portmap/patches/portmap-4-008_loopback.patch deleted file mode 100644 index 5234e7ef56..0000000000 --- a/packages/network/portmap/patches/portmap-4-008_loopback.patch +++ /dev/null @@ -1,51 +0,0 @@ ---- portmap_4/portmap.c.orig 2004-08-12 10:48:13.405000000 -0400 -+++ portmap_4/portmap.c 2004-08-12 10:58:13.666000000 -0400 -@@ -126,6 +126,7 @@ - static void callit(); - struct pmaplist *pmaplist; - int debugging = 0; -+int localhost_only = 0; - - #include "pmap_check.h" - -@@ -140,13 +141,17 @@ - int len = sizeof(struct sockaddr_in); - register struct pmaplist *pml; - -- while ((c = getopt(argc, argv, "dv")) != EOF) { -+ while ((c = getopt(argc, argv, "dlv")) != EOF) { - switch (c) { - - case 'd': - debugging = 1; - break; - -+ case 'l': -+ localhost_only = 1; -+ break; -+ - case 'v': - verboselog = 1; - break; -@@ -154,6 +159,7 @@ - default: - (void) fprintf(stderr, "usage: %s [-dv]\n", argv[0]); - (void) fprintf(stderr, "-d: debugging mode\n"); -+ (void) fprintf(stderr, "-l: listen on localhost only\n"); - (void) fprintf(stderr, "-v: verbose logging\n"); - exit(1); - } -@@ -176,7 +182,12 @@ - exit(1); - } - -- addr.sin_addr.s_addr = 0; -+ if (localhost_only) { -+ addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); -+ syslog(LOG_NOTICE, "Only binding to LOOPBACK address!"); -+ } else { -+ addr.sin_addr.s_addr = 0; -+ } - addr.sin_family = AF_INET; - addr.sin_port = htons(PMAPPORT); - if (bind(sock, (struct sockaddr *)&addr, len) != 0) { diff --git a/packages/network/portmap/patches/portmap-4-009_pic.patch b/packages/network/portmap/patches/portmap-4-009_pic.patch deleted file mode 100644 index b66c432d1d..0000000000 --- a/packages/network/portmap/patches/portmap-4-009_pic.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff -Naur portmap_4-old/Makefile portmap_4-new/Makefile ---- portmap_4-old/Makefile 2008-12-24 11:02:07.000000000 -0800 -+++ portmap_4-new/Makefile 2008-12-24 11:02:52.000000000 -0800 -@@ -75,10 +75,10 @@ - all: portmap pmap_dump pmap_set - - $(OBJECTS): %.o: %.c -- $(CC) $(CFLAGS) -fpie -c $< -+ $(CC) $(CFLAGS) -fpic -c $< - - portmap: $(OBJECTS) -- $(CC) $(CFLAGS) -o $@ -pie $(OBJECTS) $(LIBS) -+ $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(LIBS) - - pmap_dump: pmap_dump.c - $(CC) $(CFLAGS) -o $@ $? $(LIBS) From 377005727008614ebd0001c3f4f54cfd9d419804 Mon Sep 17 00:00:00 2001 From: Stephan Raue Date: Fri, 1 Jul 2011 23:37:11 +0200 Subject: [PATCH 3/8] libevent: update to libevent-2.0.12-stable Signed-off-by: Stephan Raue --- packages/devel/libevent/meta | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/devel/libevent/meta b/packages/devel/libevent/meta index 14572571fa..1bea224424 100644 --- a/packages/devel/libevent/meta +++ b/packages/devel/libevent/meta @@ -19,7 +19,7 @@ ################################################################################ PKG_NAME="libevent" -PKG_VERSION="2.0.10-stable" +PKG_VERSION="2.0.12-stable" PKG_REV="1" PKG_ARCH="any" PKG_LICENSE="BSD" From ca82e333ab347180965e5b271dbfccc07546f67a Mon Sep 17 00:00:00 2001 From: Stephan Raue Date: Sat, 2 Jul 2011 00:47:42 +0200 Subject: [PATCH 4/8] eglibc: install /etc/rpc Signed-off-by: Stephan Raue --- packages/toolchain/devel/eglibc/install | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packages/toolchain/devel/eglibc/install b/packages/toolchain/devel/eglibc/install index d5e89e6ff8..97d5936204 100755 --- a/packages/toolchain/devel/eglibc/install +++ b/packages/toolchain/devel/eglibc/install @@ -53,4 +53,5 @@ mkdir -p $INSTALL/bin # cp $PKG_BUILD/objdir-$1/iconvdata/*.so $INSTALL/usr/lib/gconv mkdir -p $INSTALL/etc - cp $PKG_DIR/config/nsswitch.conf $INSTALL/etc + cp $PKG_DIR/config/nsswitch.conf $INSTALL/etc + cp $PKG_BUILD/sunrpc/etc.rpc $INSTALL/etc/rpc From fa1ea21e787d1fefe570788fe7f34ad5171f754e Mon Sep 17 00:00:00 2001 From: Stephan Raue Date: Sat, 2 Jul 2011 00:48:39 +0200 Subject: [PATCH 5/8] nfs-utils: add libcap support, remove mountconfig support Signed-off-by: Stephan Raue --- packages/network/nfs-utils/build | 4 ++-- packages/network/nfs-utils/meta | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/network/nfs-utils/build b/packages/network/nfs-utils/build index 471068ff4c..ce9b03bdf4 100755 --- a/packages/network/nfs-utils/build +++ b/packages/network/nfs-utils/build @@ -46,10 +46,10 @@ libblkid_is_recent="yes" \ --enable-tirpc \ --with-tirpcinclude="$SYSROOT_PREFIX/usr/include/tirpc" \ --enable-ipv6 \ - --enable-mountconfig \ + --disable-mountconfig \ --without-tcp-wrappers \ --without-krb5 \ - --disable-caps \ + --enable-caps \ --enable-largefile \ --with-mountfile=/etc/nfsmounts.conf \ --with-gnu-ld diff --git a/packages/network/nfs-utils/meta b/packages/network/nfs-utils/meta index 924dad4891..0be8d2fe20 100644 --- a/packages/network/nfs-utils/meta +++ b/packages/network/nfs-utils/meta @@ -25,8 +25,8 @@ PKG_ARCH="any" PKG_LICENSE="OSS" PKG_SITE="http://nfs.sourceforge.net/" PKG_URL="$SOURCEFORGE_SRC/nfs/nfs-utils/$PKG_VERSION/$PKG_NAME-$PKG_VERSION.tar.bz2" -PKG_DEPENDS="libevent libnfsidmap libtirpc util-linux" -PKG_BUILD_DEPENDS="toolchain libevent libnfsidmap libtirpc util-linux" +PKG_DEPENDS="libevent libnfsidmap libtirpc libcap util-linux" +PKG_BUILD_DEPENDS="toolchain libevent libnfsidmap libtirpc libcap util-linux" PKG_PRIORITY="optional" PKG_SECTION="network" PKG_SHORTDESC="nfs-utils: Linux NFS client and server utilities" From 808a98466e282d096e095944e80aa189047ba7cd Mon Sep 17 00:00:00 2001 From: Stephan Raue Date: Sat, 2 Jul 2011 00:49:28 +0200 Subject: [PATCH 6/8] netmount: add options support, enable nolock nfs-mounts per default Signed-off-by: Stephan Raue --- packages/network/netmount/config/netmount.conf.sample | 2 +- packages/network/netmount/scripts/netmount | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/network/netmount/config/netmount.conf.sample b/packages/network/netmount/config/netmount.conf.sample index 97de6a75bb..3152daa75a 100644 --- a/packages/network/netmount/config/netmount.conf.sample +++ b/packages/network/netmount/config/netmount.conf.sample @@ -40,4 +40,4 @@ # afp | 192.168.1.44/videos | /storage/mount/videos | : # cifs | //192.168.1.44/videos | /storage/mount/videos | username=user,pass=secret # cifs | //192.168.1.44/tv shows | /storage/mount/tvshows | username=user,pass=secret -# nfs | 192.168.1.44:/videos | /storage/mount/videos +# nfs | 192.168.1.44:/videos | /storage/mount/videos | diff --git a/packages/network/netmount/scripts/netmount b/packages/network/netmount/scripts/netmount index b1201c1638..4cf1fbbd77 100755 --- a/packages/network/netmount/scripts/netmount +++ b/packages/network/netmount/scripts/netmount @@ -46,7 +46,7 @@ IFS=" mount.cifs "$SHARE" "$MOUNTPOINT" -o "$OPTIONS" & ;; nfs) - mount.nfs "$SHARE" "$MOUNTPOINT" & + mount.nfs "$SHARE" "$MOUNTPOINT" -o nolock,"$OPTIONS" & ;; esac done From 87ca2922956d58e5b45f84e8825231d8b70a703f Mon Sep 17 00:00:00 2001 From: Stephan Raue Date: Sat, 2 Jul 2011 01:00:33 +0200 Subject: [PATCH 7/8] nfs-utils: remove libcap support Signed-off-by: Stephan Raue --- packages/network/nfs-utils/build | 2 +- packages/network/nfs-utils/meta | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/network/nfs-utils/build b/packages/network/nfs-utils/build index ce9b03bdf4..8351dff2a2 100755 --- a/packages/network/nfs-utils/build +++ b/packages/network/nfs-utils/build @@ -49,7 +49,7 @@ libblkid_is_recent="yes" \ --disable-mountconfig \ --without-tcp-wrappers \ --without-krb5 \ - --enable-caps \ + --disable-caps \ --enable-largefile \ --with-mountfile=/etc/nfsmounts.conf \ --with-gnu-ld diff --git a/packages/network/nfs-utils/meta b/packages/network/nfs-utils/meta index 0be8d2fe20..924dad4891 100644 --- a/packages/network/nfs-utils/meta +++ b/packages/network/nfs-utils/meta @@ -25,8 +25,8 @@ PKG_ARCH="any" PKG_LICENSE="OSS" PKG_SITE="http://nfs.sourceforge.net/" PKG_URL="$SOURCEFORGE_SRC/nfs/nfs-utils/$PKG_VERSION/$PKG_NAME-$PKG_VERSION.tar.bz2" -PKG_DEPENDS="libevent libnfsidmap libtirpc libcap util-linux" -PKG_BUILD_DEPENDS="toolchain libevent libnfsidmap libtirpc libcap util-linux" +PKG_DEPENDS="libevent libnfsidmap libtirpc util-linux" +PKG_BUILD_DEPENDS="toolchain libevent libnfsidmap libtirpc util-linux" PKG_PRIORITY="optional" PKG_SECTION="network" PKG_SHORTDESC="nfs-utils: Linux NFS client and server utilities" From 623404193ee2df4e8af6e069f17779f496db84fb Mon Sep 17 00:00:00 2001 From: Stephan Raue Date: Sat, 2 Jul 2011 11:23:58 +0200 Subject: [PATCH 8/8] samba: rework samb.conf a bit to not show printer errors, thanks to chewitt Signed-off-by: Stephan Raue --- packages/network/samba/config/smb.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/network/samba/config/smb.conf b/packages/network/samba/config/smb.conf index d52f351f78..f301ecc96e 100644 --- a/packages/network/samba/config/smb.conf +++ b/packages/network/samba/config/smb.conf @@ -32,6 +32,8 @@ wins support = yes syslog only = yes name resolve order = lmhosts wins bcast host + printcap name = /dev/null + load printers = no [printers] comment = All Printers @@ -40,8 +42,6 @@ guest ok = no writable = no printable = yes - printcap name = /dev/null - load printers = no # Using the following configurations as a template allows you to add # writable shares of disks and paths under /storage