diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2020-05-05 20:21:27 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2020-05-06 08:59:52 +0200 |
commit | 33be03fb136ca11ba09834a19984c9f956049b6d (patch) | |
tree | 32d6c154c5931510d0fefd7e74d6eb67eb71ce27 /source/xap | |
parent | df4c9b091989c5fbea58f5b42abbb5e6c545a931 (diff) | |
download | current-33be03fb136ca11ba09834a19984c9f956049b6d.tar.gz |
Tue May 5 20:21:27 UTC 202020200505202127
a/hwdata-0.335-noarch-1.txz: Upgraded.
ap/tmux-3.1b-x86_64-1.txz: Upgraded.
l/libcap-2.34-x86_64-1.txz: Upgraded.
n/mutt-1.14.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.3-x86_64-3.txz: Rebuilt.
Added /var/lib/nfs/nfsdcltrack database directory for nfsdcltrack.
Thanks to upnort.
x/xterm-356-x86_64-1.txz: Upgraded.
xap/NetworkManager-openvpn-1.8.12-x86_64-1.txz: Added.
Thanks to Robby Workman.
xap/mozilla-firefox-68.8.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.8.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-17/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395
(* Security fix *)
xap/mozilla-thunderbird-68.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.8.0/releasenotes/
(* Security fix *)
testing/packages/PAM/libcap-2.34-x86_64-1_pam.txz: Upgraded.
Diffstat (limited to 'source/xap')
3 files changed, 168 insertions, 0 deletions
diff --git a/source/xap/NetworkManager-openvpn/NetworkManager-openvpn.SlackBuild b/source/xap/NetworkManager-openvpn/NetworkManager-openvpn.SlackBuild new file mode 100755 index 00000000..206a7c73 --- /dev/null +++ b/source/xap/NetworkManager-openvpn/NetworkManager-openvpn.SlackBuild @@ -0,0 +1,136 @@ +#!/bin/bash + +# Copyright 2010-2017 Robby Workman, Tuscaloosa, Alabama, USA +# Copyright 2020 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=NetworkManager-openvpn +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i586 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \+ -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \+ + +# Run as nobody:nogroup: +zcat $CWD/openvpn.nobody.nogroup.diff.gz | patch -p1 --verbose || exit 1 + +# Configure, build, and install: +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --mandir=/usr/man \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Create the chroot directory +# From src/nm-openvpn-service-defines.h +# /* User name and group to run nm-openvpn-service under */ +# #define NM_OPENVPN_USER "nm-openvpn" +# #define NM_OPENVPN_GROUP "nm-openvpn" +# #define NM_OPENVPN_CHROOT LOCALSTATEDIR "/lib/openvpn/chroot" +mkdir -p $PKG/var/lib/openvpn/chroot + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + AUTHORS* COPYING* ChangeLog* NEWS* README* \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/xap/NetworkManager-openvpn/openvpn.nobody.nogroup.diff b/source/xap/NetworkManager-openvpn/openvpn.nobody.nogroup.diff new file mode 100644 index 00000000..dcb47eae --- /dev/null +++ b/source/xap/NetworkManager-openvpn/openvpn.nobody.nogroup.diff @@ -0,0 +1,13 @@ +--- ./shared/nm-service-defines.h.orig 2020-03-06 06:38:55.000000000 -0600 ++++ ./shared/nm-service-defines.h 2020-05-03 20:12:26.997028745 -0500 +@@ -126,8 +126,8 @@ + #define NM_OPENVPN_VERIFY_X509_NAME_TYPE_SUBJECT "subject" + + /* User name and group to run nm-openvpn-service under */ +-#define NM_OPENVPN_USER "nm-openvpn" +-#define NM_OPENVPN_GROUP "nm-openvpn" ++#define NM_OPENVPN_USER "nobody" ++#define NM_OPENVPN_GROUP "nogroup" + #define NM_OPENVPN_CHROOT LOCALSTATEDIR "/lib/openvpn/chroot" + + #endif /* __NM_SERVICE_DEFINES_H__ */ diff --git a/source/xap/NetworkManager-openvpn/slack-desc b/source/xap/NetworkManager-openvpn/slack-desc new file mode 100644 index 00000000..c045ad60 --- /dev/null +++ b/source/xap/NetworkManager-openvpn/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +NetworkManager-openvpn: NetworkManager-openvpn (OpenVPN Support for NetworkManager) +NetworkManager-openvpn: +NetworkManager-openvpn: NetworkManager attempts to keep an active network connection available +NetworkManager-openvpn: at all times. This applet provides OpenVPN Support for NetworkManager. +NetworkManager-openvpn: +NetworkManager-openvpn: Homepage: https://github.com/GNOME/NetworkManager-openvpn +NetworkManager-openvpn: +NetworkManager-openvpn: +NetworkManager-openvpn: +NetworkManager-openvpn: +NetworkManager-openvpn: |