commit: f7460605d72e92bee40f1186a930bc863b618cce
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Fri May 22 10:54:44 2015 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Fri May 22 10:54:44 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-dev.git/commit/?id=f7460605
net-misc/radvd: see bug #549942.
Package-Manager: portage-2.2.18
RepoMan-Options: --force
Manifest-Sign-Key: 0xF52D4BBA
net-misc/radvd/files/radvd-1.9.1.init | 71 ++++++++++++++++++
.../radvd/files/radvd-2.10-musl-libc-fix.patch | 87 ++++++++++++++++++++++
net-misc/radvd/files/radvd.conf | 11 +++
net-misc/radvd/files/radvd.service | 15 ++++
net-misc/radvd/files/radvd.tmpfilesd | 1 +
net-misc/radvd/metadata.xml | 12 +++
net-misc/radvd/radvd-2.10-r99.ebuild | 72 ++++++++++++++++++
net-misc/radvd/radvd-2.11-r99.ebuild | 73 ++++++++++++++++++
8 files changed, 342 insertions(+)
diff --git a/net-misc/radvd/files/radvd-1.9.1.init
b/net-misc/radvd/files/radvd-1.9.1.init
new file mode 100644
index 0000000..c44d861
--- /dev/null
+++ b/net-misc/radvd/files/radvd-1.9.1.init
@@ -0,0 +1,71 @@
+#!/sbin/runscript
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/radvd/files/radvd-1.9.1.init,v 1.2
2014/02/18 03:33:37 prometheanfire Exp $
+
+CONFIGFILE=/etc/radvd.conf
+PIDFILE=/var/run/radvd/radvd.pid
+SYSCTL_FORWARD=net.ipv6.conf.all.forwarding
+
+extra_started_commands="reload"
+
+depend() {
+ need net
+}
+
+checkconfig() {
+ if [ ! -f "${CONFIGFILE}" ]; then
+ eerror "Configuration file ${CONFIGFILE} not found"
+ return 1
+ fi
+
+ if ! /usr/sbin/radvd -c -C "${CONFIGFILE}" ; then
+ eerror "Configuration file ${CONFIGFILE} failed test"
+ return 1
+ fi
+
+ checkpath -d -o radvd:radvd ${PIDFILE%/*}
+}
+
+start() {
+ if [ "${FORWARD}" != "no" ]; then
+ ebegin "Enabling IPv6 forwarding"
+ sysctl -w "${SYSCTL_FORWARD}=1" >/dev/null
+ eend $?
+ fi
+
+ checkconfig || return 1
+
+ ebegin "Starting IPv6 Router Advertisement Daemon"
+ start-stop-daemon --start --exec /usr/sbin/radvd \
+ --pidfile "${PIDFILE}" \
+ -- -C "${CONFIGFILE}" -p "${PIDFILE}" -u radvd ${OPTIONS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping IPv6 Router Advertisement Daemon"
+ start-stop-daemon --stop --exec /usr/sbin/radvd --pidfile "${PIDFILE}"
+ eend $?
+
+ if [ "${FORWARD}" != "no" ]; then
+ ebegin "Disabling IPv6 forwarding"
+ sysctl -w "${SYSCTL_FORWARD}=0" > /dev/null
+ eend $?
+ fi
+}
+
+reload() {
+ if [ "${FORWARD}" != "no" ]; then
+ ebegin "Enabling IPv6 forwarding"
+ sysctl -w "${SYSCTL_FORWARD}=1" >/dev/null
+ eend $?
+ fi
+
+ checkconfig || return 1
+
+ ebegin "Reloading IPv6 Router Advertisement Daemon"
+ start-stop-daemon --signal HUP \
+ --exec /usr/sbin/radvd --pidfile "${PIDFILE}"
+ eend $?
+}
diff --git a/net-misc/radvd/files/radvd-2.10-musl-libc-fix.patch
b/net-misc/radvd/files/radvd-2.10-musl-libc-fix.patch
new file mode 100644
index 0000000..c44f284
--- /dev/null
+++ b/net-misc/radvd/files/radvd-2.10-musl-libc-fix.patch
@@ -0,0 +1,87 @@
+From 1d8973e13d89802eee0b648451e2b97ac65cf9e0 Mon Sep 17 00:00:00 2001
+From: Reuben Hawkins <[email protected]>
+Date: Sat, 16 May 2015 09:27:38 -0700
+Subject: [PATCH] device-linux.c: IEEE 802.15.4 musl libc fix
+
+The ARPHRD_IEEE802154 macro's definition and name have been recently
+moved around from kernel header to glibc headers. Include linux/if_arp.h
+if available and then use either ARPHRD_IEEE802154_MONITOR or
ARPHRD_IEEE802154_PHY,
+whichever comes first.
+---
+ configure.ac | 1 +
+ device-linux.c | 8 ++++++++
+ includes.h | 6 ++++++
+ 3 files changed, 15 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index 0c1efd6..4bd4c9d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -156,6 +156,7 @@ AC_HEADER_STDC
+ AC_CHECK_HEADERS( \
+ getopt.h \
+ ifaddrs.h \
++ linux/if_arp.h \
+ machine/limits.h \
+ machine/param.h \
+ net/if_arp.h \
+diff --git a/device-linux.c b/device-linux.c
+index fa7d978..de83f2e 100644
+--- a/device-linux.c
++++ b/device-linux.c
+@@ -79,10 +79,12 @@ int update_device_info(int sock, struct Interface *iface)
+ iface->sllao.if_maxmtu = -1;
+ break;
+ #endif /* ARPHDR_ARCNET */
++#ifdef ARPHRD_IEEE802154
+ case ARPHRD_IEEE802154:
+ iface->sllao.if_hwaddr_len = 64;
+ iface->sllao.if_prefix_len = 64;
+ break;
++#endif
+ default:
+ iface->sllao.if_hwaddr_len = -1;
+ iface->sllao.if_prefix_len = -1;
+@@ -371,9 +373,15 @@ static char const *hwstr(unsigned short sa_family)
+ case ARPHRD_IEEE802154:
+ rc = "ARPHRD_IEEE802154";
+ break;
++#if ARPHRD_IEEE802154_MONITOR
++ case ARPHRD_IEEE802154_MONITOR:
++ rc = "ARPHRD_IEEE802154_MONITOR";
++ break;
++#elif ARPHRD_IEEE802154_PHY
+ case ARPHRD_IEEE802154_PHY:
+ rc = "ARPHRD_IEEE802154_PHY";
+ break;
++#endif
+ case ARPHRD_VOID:
+ rc = "ARPHRD_VOID";
+ break;
+diff --git a/includes.h b/includes.h
+index 39a36d2..d2449c4 100644
+--- a/includes.h
++++ b/includes.h
+@@ -81,9 +81,11 @@
+ #ifdef HAVE_NET_IF_DL_H
+ #include <net/if_dl.h>
+ #endif
++
+ #ifdef HAVE_NET_IF_TYPES_H
+ #include <net/if_types.h>
+ #endif
++
+ #if defined(HAVE_NET_IF_ARP_H) && !defined(ARPHRD_ETHER)
+ #include <net/if_arp.h>
+ #endif /* defined(HAVE_NET_IF_ARP_H) &&
!defined(ARPHRD_ETHER) */
+@@ -100,3 +102,7 @@
+ #include <ifaddrs.h>
+ #endif
+
++#ifdef HAVE_LINUX_IF_ARP_H
++#include <linux/if_arp.h>
++#endif
++
+--
+2.3.6
+
diff --git a/net-misc/radvd/files/radvd.conf b/net-misc/radvd/files/radvd.conf
new file mode 100644
index 0000000..e025c68
--- /dev/null
+++ b/net-misc/radvd/files/radvd.conf
@@ -0,0 +1,11 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/radvd/files/radvd.conf,v 1.1
2006/07/19 13:02:36 uberlord Exp $
+
+# Extra options to pass to radvd
+OPTIONS=""
+
+# Set this to "no" to tell the init script NOT to set up IPv6 forwarding
+# using /proc/sys/net/ipv6/conf/all/forwarding
+# Only change this if you know what you're doing!
+FORWARD="yes"
diff --git a/net-misc/radvd/files/radvd.service
b/net-misc/radvd/files/radvd.service
new file mode 100644
index 0000000..d9095f6
--- /dev/null
+++ b/net-misc/radvd/files/radvd.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Router advertisement daemon for IPv6
+Documentation=man:radvd(8)
+After=network.target
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/radvd --username radvd --logmethod stderr --debug 0
+ExecReload=/usr/sbin/radvd --configtest ; \
+ /bin/kill -HUP $MAINPID
+CPUSchedulingPolicy=idle
+PIDFile=/run/radvd/radvd.pid
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-misc/radvd/files/radvd.tmpfilesd
b/net-misc/radvd/files/radvd.tmpfilesd
new file mode 100644
index 0000000..26f203d
--- /dev/null
+++ b/net-misc/radvd/files/radvd.tmpfilesd
@@ -0,0 +1 @@
+d /run/radvd 0755 radvd radvd
diff --git a/net-misc/radvd/metadata.xml b/net-misc/radvd/metadata.xml
new file mode 100644
index 0000000..74f40b3
--- /dev/null
+++ b/net-misc/radvd/metadata.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";>
+<pkgmetadata>
+ <maintainer>
+ <email>[email protected]</email>
+ <name>Michael Weber</name>
+ </maintainer>
+ <maintainer>
+ <email>[email protected]</email>
+ <name>Matthew Thode</name>
+ </maintainer>
+</pkgmetadata>
diff --git a/net-misc/radvd/radvd-2.10-r99.ebuild
b/net-misc/radvd/radvd-2.10-r99.ebuild
new file mode 100644
index 0000000..fa4e771
--- /dev/null
+++ b/net-misc/radvd/radvd-2.10-r99.ebuild
@@ -0,0 +1,72 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/radvd/radvd-2.10.ebuild,v 1.5
2015/05/21 13:29:04 ago Exp $
+
+EAPI=4
+
+inherit systemd user eutils readme.gentoo
+
+DESCRIPTION="Linux IPv6 Router Advertisement Daemon"
+HOMEPAGE="http://v6web.litech.org/radvd/";
+SRC_URI="http://v6web.litech.org/radvd/dist/${P}.tar.gz";
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="amd64 ~arm hppa ppc ~sparc x86 ~x86-fbsd"
+IUSE="kernel_FreeBSD selinux"
+
+CDEPEND="dev-libs/libdaemon"
+DEPEND="${CDEPEND}
+ dev-libs/check
+ sys-devel/bison
+ sys-devel/flex
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-radvd )
+"
+DOCS=( CHANGES README TODO radvd.conf.example )
+
+pkg_setup() {
+ enewgroup radvd
+ enewuser radvd -1 -1 /dev/null radvd
+
+ # force ownership of radvd user and group (bug #19647)
+ [[ -d ${ROOT}/var/run/radvd ]] && chown radvd:radvd
"${ROOT}"/var/run/radvd
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-2.10-musl-libc-fix.patch
+}
+
+src_configure() {
+ econf --with-pidfile=/var/run/radvd/radvd.pid \
+ --disable-silent-rules
+}
+
+src_install() {
+ default
+
+ dohtml INTRO.html
+
+ newinitd "${FILESDIR}"/${PN}-1.9.1.init ${PN}
+ newconfd "${FILESDIR}"/${PN}.conf ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfilesd ${PN}.conf
+
+ if use kernel_FreeBSD ; then
+ sed -i -e \
+
's/^SYSCTL_FORWARD=.*$/SYSCTL_FORWARD=net.inet6.ip6.forwarding/g' \
+ "${D}"/etc/init.d/${PN} || die
+ fi
+
+ readme.gentoo_create_doc
+}
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="Please create a configuratoion ${ROOT}etc/radvd.conf.
+See ${ROOT}usr/share/doc/${PF} for an example.
+
+grsecurity users should allow a specific group to read /proc
+and add the radvd user to that group, otherwise radvd may
+segfault on startup."
diff --git a/net-misc/radvd/radvd-2.11-r99.ebuild
b/net-misc/radvd/radvd-2.11-r99.ebuild
new file mode 100644
index 0000000..b66e624
--- /dev/null
+++ b/net-misc/radvd/radvd-2.11-r99.ebuild
@@ -0,0 +1,73 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/radvd/radvd-2.11.ebuild,v 1.1
2015/04/24 01:35:16 xmw Exp $
+
+EAPI=4
+
+inherit systemd user eutils readme.gentoo
+
+DESCRIPTION="Linux IPv6 Router Advertisement Daemon"
+HOMEPAGE="http://v6web.litech.org/radvd/";
+SRC_URI="http://v6web.litech.org/radvd/dist/${P}.tar.gz";
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~hppa ~ppc ~sparc ~x86 ~x86-fbsd"
+IUSE="kernel_FreeBSD selinux test"
+
+CDEPEND="dev-libs/libdaemon"
+DEPEND="${CDEPEND}
+ sys-devel/bison
+ sys-devel/flex
+ virtual/pkgconfig
+ test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-radvd )
+"
+DOCS=( CHANGES README TODO radvd.conf.example )
+
+pkg_setup() {
+ enewgroup radvd
+ enewuser radvd -1 -1 /dev/null radvd
+
+ # force ownership of radvd user and group (bug #19647)
+ [[ -d ${ROOT}/var/run/radvd ]] && chown radvd:radvd
"${ROOT}"/var/run/radvd
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-2.10-musl-libc-fix.patch
+}
+
+src_configure() {
+ econf --with-pidfile=/var/run/radvd/radvd.pid \
+ --disable-silent-rules \
+ $(use_with test check)
+}
+
+src_install() {
+ default
+
+ dohtml INTRO.html
+
+ newinitd "${FILESDIR}"/${PN}-1.9.1.init ${PN}
+ newconfd "${FILESDIR}"/${PN}.conf ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfilesd ${PN}.conf
+
+ if use kernel_FreeBSD ; then
+ sed -i -e \
+
's/^SYSCTL_FORWARD=.*$/SYSCTL_FORWARD=net.inet6.ip6.forwarding/g' \
+ "${D}"/etc/init.d/${PN} || die
+ fi
+
+ readme.gentoo_create_doc
+}
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="Please create a configuratoion ${ROOT}etc/radvd.conf.
+See ${ROOT}usr/share/doc/${PF} for an example.
+
+grsecurity users should allow a specific group to read /proc
+and add the radvd user to that group, otherwise radvd may
+segfault on startup."
