diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2018-11-15 19:47:53 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-11-16 08:59:44 +0100 |
commit | 3a6358fa3e26f0d5263d575ff8a3065cab653365 (patch) | |
tree | 756136fab3c6d182620e48144550a5bf9bb4c943 /source/n/rpcbind | |
parent | 7b3da2adfbd73893fbd0c4ca25ecb28704220178 (diff) | |
download | current-3a6358fa3e26f0d5263d575ff8a3065cab653365.tar.gz |
Thu Nov 15 19:47:53 UTC 201820181115194753
d/python-setuptools-40.6.2-x86_64-1.txz: Upgraded.
l/python-requests-2.20.1-x86_64-1.txz: Upgraded.
n/cifs-utils-6.8-x86_64-1.txz: Upgraded.
n/getmail-5.8-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.3-x86_64-1.txz: Upgraded.
n/rpcbind-1.2.5-x86_64-1.txz: Upgraded.
x/mesa-18.2.5-x86_64-1.txz: Upgraded.
Diffstat (limited to 'source/n/rpcbind')
6 files changed, 6 insertions, 519 deletions
diff --git a/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch b/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch deleted file mode 100644 index 060614cc..00000000 --- a/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch +++ /dev/null @@ -1,218 +0,0 @@ -From 7ea36eeece56b59f98e469934e4c20b4da043346 Mon Sep 17 00:00:00 2001 -From: Doran Moppert <dmoppert@redhat.com> -Date: Thu, 11 May 2017 11:42:54 -0400 -Subject: [PATCH 2/6] rpcbind: pair all svc_getargs() calls with svc_freeargs() - to avoid memory leak - -This patch is to address CVE-2017-8779 "rpcbomb" in rpcbind, discussed -at [1], [2], [3]. The last link suggests this issue is actually a bug -in rpcbind, which led me here. - -The leak caused by the reproducer at [4] appears to come from -rpcb_service_4(), in the case where svc_getargs() returns false and the -function had an early return, rather than passing through the cleanup -path at done:, as would otherwise occur. - -It also addresses a couple of other locations where the same fault seems -to exist, though I haven't been able to exercise those. I hope someone -more intimate with rpc(3) can confirm my understanding is correct, and -that I haven't introduced any new bugs. - -Without this patch, using the reproducer (and variants) repeatedly -against rpcbind with a numBytes argument of 1_000_000_000, /proc/$(pidof -rpcbind)/status reports VmSize increase of 976564 kB each call, and -VmRSS increase of around 260 kB every 33 calls - the specific numbers -are probably an artifact of my rhel/glibc version. With the patch, -there is a small (~50 kB) VmSize increase with the first message, but -thereafter both VmSize and VmRSS remain steady. - -[1]: http://seclists.org/oss-sec/2017/q2/209 -[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1448124 -[3]: https://sourceware.org/ml/libc-alpha/2017-05/msg00129.html -[4]: https://github.com/guidovranken/rpcbomb/ - -Signed-off-by: Doran Moppert <dmoppert@redhat.com> -Signed-off-by: Steve Dickson <steved@redhat.com> ---- - src/pmap_svc.c | 56 +++++++++++++++++++++++++++++++++++++++++++++--------- - src/rpcb_svc.c | 2 +- - src/rpcb_svc_4.c | 2 +- - src/rpcb_svc_com.c | 8 ++++++++ - 4 files changed, 57 insertions(+), 11 deletions(-) - -diff --git a/src/pmap_svc.c b/src/pmap_svc.c -index 4c744fe..e926cdc 100644 ---- a/src/pmap_svc.c -+++ b/src/pmap_svc.c -@@ -175,6 +175,7 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long - long ans; - uid_t uid; - char uidbuf[32]; -+ int rc = TRUE; - - /* - * Can't use getpwnam here. We might end up calling ourselves -@@ -194,7 +195,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long - - if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { - svcerr_decode(xprt); -- return (FALSE); -+ rc = FALSE; -+ goto done; - } - #ifdef RPCBIND_DEBUG - if (debugging) -@@ -205,7 +207,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long - - if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) { - svcerr_weakauth(xprt); -- return (FALSE); -+ rc = (FALSE); -+ goto done; - } - - rpcbreg.r_prog = reg.pm_prog; -@@ -258,7 +261,16 @@ done_change: - rpcbs_set(RPCBVERS_2_STAT, ans); - else - rpcbs_unset(RPCBVERS_2_STAT, ans); -- return (TRUE); -+done: -+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { -+ if (debugging) { -+ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); -+ if (doabort) { -+ rpcbind_abort(); -+ } -+ } -+ } -+ return (rc); - } - - /* ARGSUSED */ -@@ -272,15 +284,18 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) - #ifdef RPCBIND_DEBUG - char *uaddr; - #endif -+ int rc = TRUE; - - if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { - svcerr_decode(xprt); -- return (FALSE); -+ rc = FALSE; -+ goto done; - } - - if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) { - svcerr_weakauth(xprt); -- return FALSE; -+ rc = FALSE; -+ goto done; - } - - #ifdef RPCBIND_DEBUG -@@ -330,21 +345,34 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) - pmap_ipprot2netid(reg.pm_prot) ?: "<unknown>", - port ? udptrans : ""); - -- return (TRUE); -+done: -+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { -+ if (debugging) { -+ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); -+ if (doabort) { -+ rpcbind_abort(); -+ } -+ } -+ } -+ return (rc); - } - - /* ARGSUSED */ - static bool_t - pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) - { -+ int rc = TRUE; -+ - if (!svc_getargs(xprt, (xdrproc_t)xdr_void, NULL)) { - svcerr_decode(xprt); -- return (FALSE); -+ rc = FALSE; -+ goto done; - } - - if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) { - svcerr_weakauth(xprt); -- return FALSE; -+ rc = FALSE; -+ goto done; - } - - if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist_ptr, -@@ -354,7 +382,17 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) - rpcbind_abort(); - } - } -- return (TRUE); -+ -+done: -+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) { -+ if (debugging) { -+ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); -+ if (doabort) { -+ rpcbind_abort(); -+ } -+ } -+ } -+ return (rc); - } - - int pmap_netid2ipprot(const char *netid) -diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c -index 709e3fb..091f530 100644 ---- a/src/rpcb_svc.c -+++ b/src/rpcb_svc.c -@@ -166,7 +166,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp) - svcerr_decode(transp); - if (debugging) - (void) xlog(LOG_DEBUG, "rpcbind: could not decode"); -- return; -+ goto done; - } - - if (rqstp->rq_proc == RPCBPROC_SET -diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c -index 5094879..eebbbbe 100644 ---- a/src/rpcb_svc_4.c -+++ b/src/rpcb_svc_4.c -@@ -218,7 +218,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp) - svcerr_decode(transp); - if (debugging) - (void) xlog(LOG_DEBUG, "rpcbind: could not decode\n"); -- return; -+ goto done; - } - - if (rqstp->rq_proc == RPCBPROC_SET -diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c -index 5862c26..cb63afd 100644 ---- a/src/rpcb_svc_com.c -+++ b/src/rpcb_svc_com.c -@@ -927,6 +927,14 @@ error: - if (call_msg.rm_xid != 0) - (void) free_slot_by_xid(call_msg.rm_xid); - out: -+ if (!svc_freeargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) { -+ if (debugging) { -+ (void) xlog(LOG_DEBUG, "unable to free arguments\n"); -+ if (doabort) { -+ rpcbind_abort(); -+ } -+ } -+ } - if (local_uaddr) - free(local_uaddr); - if (buf_alloc) --- -2.13.0 - diff --git a/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch b/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch deleted file mode 100644 index 6cf885ac..00000000 --- a/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch +++ /dev/null @@ -1,29 +0,0 @@ -From c49a7ea639eb700823e174fd605bbbe183e229aa Mon Sep 17 00:00:00 2001 -From: Steve Dickson <steved@redhat.com> -Date: Wed, 17 May 2017 10:52:25 -0400 -Subject: [PATCH 3/6] pmapproc_dump: Fixed typo in memory leak patch - -commit 7ea36eee introduce a typo that caused -NIS (aka ypbind) to fail. - -Signed-off-by: Steve Dickson <steved@redhat.com> ---- - src/pmap_svc.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/pmap_svc.c b/src/pmap_svc.c -index e926cdc..26c31d0 100644 ---- a/src/pmap_svc.c -+++ b/src/pmap_svc.c -@@ -384,7 +384,7 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) - } - - done: -- if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) { -+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) { - if (debugging) { - (void) xlog(LOG_DEBUG, "unable to free arguments\n"); - if (doabort) { --- -2.13.0 - diff --git a/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch b/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch deleted file mode 100644 index f7c30794..00000000 --- a/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch +++ /dev/null @@ -1,69 +0,0 @@ -From c0e38c9fd1b2c6785af90c86b26a07724c2488e8 Mon Sep 17 00:00:00 2001 -From: Nick Alcock <nick.alcock@oracle.com> -Date: Thu, 25 May 2017 12:45:35 -0400 -Subject: [PATCH 4/6] rpcbind: fix building without --enable-debug - -All if (debugging) stanzas and their accompanying xlog()s and aborts -should be within #ifdef RPCBIND_DEBUG. - -Fixes a compilation failure due to non-inclusion of <syslog.h> in the -non-debugging case. - -Signed-off-by: Nick Alcock <nick.alcock@oracle.com> -Signed-off-by: Steve Dickson <steved@redhat.com> ---- - src/pmap_svc.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/pmap_svc.c b/src/pmap_svc.c -index 26c31d0..a53dd5f 100644 ---- a/src/pmap_svc.c -+++ b/src/pmap_svc.c -@@ -263,12 +263,14 @@ done_change: - rpcbs_unset(RPCBVERS_2_STAT, ans); - done: - if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { -+#ifdef RPCBIND_DEBUG - if (debugging) { - (void) xlog(LOG_DEBUG, "unable to free arguments\n"); - if (doabort) { - rpcbind_abort(); - } - } -+#endif - } - return (rc); - } -@@ -347,12 +349,14 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) - - done: - if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)®)) { -+#ifdef RPCBIND_DEBUG - if (debugging) { - (void) xlog(LOG_DEBUG, "unable to free arguments\n"); - if (doabort) { - rpcbind_abort(); - } - } -+#endif - } - return (rc); - } -@@ -385,12 +389,14 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt) - - done: - if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) { -+#ifdef RPCBIND_DEBUG - if (debugging) { - (void) xlog(LOG_DEBUG, "unable to free arguments\n"); - if (doabort) { - rpcbind_abort(); - } - } -+#endif - } - return (rc); - } --- -2.13.0 - diff --git a/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch b/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch deleted file mode 100644 index ff42c9e4..00000000 --- a/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 7c7590ad536c0e24bef790cb1e65702fc54db566 Mon Sep 17 00:00:00 2001 -From: Steve Dickson <steved@redhat.com> -Date: Tue, 30 May 2017 11:27:22 -0400 -Subject: [PATCH 5/6] rpcbproc_callit_com: Stop freeing a static pointer - -commit 7ea36ee introduced a svc_freeargs() call -that ended up freeing static pointer. - -It turns out the allocations for the rmt_args -is not necessary . The xdr routines (xdr_bytes) will -handle the memory management and the largest -possible message size is UDPMSGSIZE (due to UDP only) -which is smaller than RPC_BUF_MAX - -Signed-off-by: Steve Dickson <steved@redhat.com> ---- - src/rpcb_svc_com.c | 39 ++++++--------------------------------- - 1 file changed, 6 insertions(+), 33 deletions(-) - -diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c -index cb63afd..1fc2229 100644 ---- a/src/rpcb_svc_com.c -+++ b/src/rpcb_svc_com.c -@@ -612,9 +612,9 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, - struct netconfig *nconf; - struct netbuf *caller; - struct r_rmtcall_args a; -- char *buf_alloc = NULL, *outbufp; -+ char *outbufp; - char *outbuf_alloc = NULL; -- char buf[RPC_BUF_MAX], outbuf[RPC_BUF_MAX]; -+ char outbuf[RPC_BUF_MAX]; - struct netbuf *na = (struct netbuf *) NULL; - struct rpc_msg call_msg; - int outlen; -@@ -635,36 +635,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, - } - if (si.si_socktype != SOCK_DGRAM) - return; /* Only datagram type accepted */ -- sendsz = __rpc_get_t_size(si.si_af, si.si_proto, UDPMSGSIZE); -- if (sendsz == 0) { /* data transfer not supported */ -- if (reply_type == RPCBPROC_INDIRECT) -- svcerr_systemerr(transp); -- return; -- } -- /* -- * Should be multiple of 4 for XDR. -- */ -- sendsz = ((sendsz + 3) / 4) * 4; -- if (sendsz > RPC_BUF_MAX) { --#ifdef notyet -- buf_alloc = alloca(sendsz); /* not in IDR2? */ --#else -- buf_alloc = malloc(sendsz); --#endif /* notyet */ -- if (buf_alloc == NULL) { -- if (debugging) -- xlog(LOG_DEBUG, -- "rpcbproc_callit_com: No Memory!\n"); -- if (reply_type == RPCBPROC_INDIRECT) -- svcerr_systemerr(transp); -- return; -- } -- a.rmt_args.args = buf_alloc; -- } else { -- a.rmt_args.args = buf; -- } -+ sendsz = UDPMSGSIZE; - - call_msg.rm_xid = 0; /* For error checking purposes */ -+ memset(&a, 0, sizeof(a)); /* Zero out the input buffer */ - if (!svc_getargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) { - if (reply_type == RPCBPROC_INDIRECT) - svcerr_decode(transp); -@@ -704,7 +678,8 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, - if (rbl == (rpcblist_ptr)NULL) { - #ifdef RPCBIND_DEBUG - if (debugging) -- xlog(LOG_DEBUG, "not found\n"); -+ xlog(LOG_DEBUG, "prog %lu vers %lu: not found\n", -+ a.rmt_prog, a.rmt_vers); - #endif - if (reply_type == RPCBPROC_INDIRECT) - svcerr_noprog(transp); -@@ -937,8 +912,6 @@ out: - } - if (local_uaddr) - free(local_uaddr); -- if (buf_alloc) -- free(buf_alloc); - if (outbuf_alloc) - free(outbuf_alloc); - if (na) { --- -2.13.2 - diff --git a/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch b/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch deleted file mode 100644 index 1a0aa6cf..00000000 --- a/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 1e2ddd4ebd7a9266e6070f275fa35752752fdfd6 Mon Sep 17 00:00:00 2001 -From: Steve Dickson <steved@redhat.com> -Date: Tue, 30 May 2017 11:29:58 -0400 -Subject: [PATCH 6/6] rpcbproc_callit_com: No need to allocate output buffer - -Now that sendz is a fixed size (UDPMSGSIZE) which -is small then RPC_BUF_MAX, no need to check the -sendz size. - -Signed-off-by: Steve Dickson <steved@redhat.com> ---- - src/rpcb_svc_com.c | 33 +++++---------------------------- - 1 file changed, 5 insertions(+), 28 deletions(-) - -diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c -index 1fc2229..d36b090 100644 ---- a/src/rpcb_svc_com.c -+++ b/src/rpcb_svc_com.c -@@ -612,8 +612,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, - struct netconfig *nconf; - struct netbuf *caller; - struct r_rmtcall_args a; -- char *outbufp; -- char *outbuf_alloc = NULL; - char outbuf[RPC_BUF_MAX]; - struct netbuf *na = (struct netbuf *) NULL; - struct rpc_msg call_msg; -@@ -674,7 +672,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, - - rpcbs_rmtcall(versnum - 2, reply_type, a.rmt_prog, a.rmt_vers, - a.rmt_proc, transp->xp_netid, rbl); -- - if (rbl == (rpcblist_ptr)NULL) { - #ifdef RPCBIND_DEBUG - if (debugging) -@@ -793,24 +790,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, - call_msg.rm_call.cb_rpcvers = RPC_MSG_VERSION; - call_msg.rm_call.cb_prog = a.rmt_prog; - call_msg.rm_call.cb_vers = a.rmt_vers; -- if (sendsz > RPC_BUF_MAX) { --#ifdef notyet -- outbuf_alloc = alloca(sendsz); /* not in IDR2? */ --#else -- outbuf_alloc = malloc(sendsz); --#endif /* notyet */ -- if (outbuf_alloc == NULL) { -- if (reply_type == RPCBPROC_INDIRECT) -- svcerr_systemerr(transp); -- if (debugging) -- xlog(LOG_DEBUG, -- "rpcbproc_callit_com: No memory!\n"); -- goto error; -- } -- xdrmem_create(&outxdr, outbuf_alloc, sendsz, XDR_ENCODE); -- } else { -- xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE); -- } -+ -+ memset(outbuf, '\0', sendsz); /* Zero out the output buffer */ -+ xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE); -+ - if (!xdr_callhdr(&outxdr, &call_msg)) { - if (reply_type == RPCBPROC_INDIRECT) - svcerr_systemerr(transp); -@@ -875,10 +858,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, - goto error; - } - outlen = (int) XDR_GETPOS(&outxdr); -- if (outbuf_alloc) -- outbufp = outbuf_alloc; -- else -- outbufp = outbuf; - - na = uaddr2taddr(nconf, local_uaddr); - if (!na) { -@@ -887,7 +866,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, - goto error; - } - -- if (sendto(fd, outbufp, outlen, 0, (struct sockaddr *)na->buf, na->len) -+ if (sendto(fd, outbuf, outlen, 0, (struct sockaddr *)na->buf, na->len) - != outlen) { - if (debugging) - xlog(LOG_DEBUG, -@@ -912,8 +891,6 @@ out: - } - if (local_uaddr) - free(local_uaddr); -- if (outbuf_alloc) -- free(outbuf_alloc); - if (na) { - free(na->buf); - free(na); --- -2.13.2 - diff --git a/source/n/rpcbind/rpcbind.SlackBuild b/source/n/rpcbind/rpcbind.SlackBuild index e28a2ad8..27480223 100755 --- a/source/n/rpcbind/rpcbind.SlackBuild +++ b/source/n/rpcbind/rpcbind.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=rpcbind VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-4} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -84,19 +84,10 @@ rm -rf $PKGNAM-$VERSION tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1 cd $PKGNAM-$VERSION || exit 1 -# CVE-2017-8779 -zcat $CWD/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/0004-rpcbind-fix-building-without-enable-debug.patch.gz | patch -p1 --verbose || exit 1 - -# Fixes from git master -zcat $CWD/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch.gz | patch -p1 --verbose || exit 1 - +# Local patches: zcat $CWD/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch | patch -p1 --verbose || exit 1 zcat $CWD/rpcbind.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1 - # This is needed after the libwrap patch above: autoreconf -vif || exit 1 ./autogen.sh @@ -128,6 +119,10 @@ CFLAGS="$SLKCFLAGS" \ make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 +# Move rpcbind to /sbin: +mv $PKG/usr/sbin/rpcbind $PKG/sbin/rpcbind +rmdir $PKG/usr/sbin + # Make state directory (not really needed as rpcbind does this on startup) mkdir -p $PKG/var/run/rpcbind chown rpc:root $PKG/var/run/rpcbind |