commit: d83590e94a84d6f90c7a4b3bb0377b5734c892ca
Author: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
AuthorDate: Sat Sep 22 17:29:31 2018 +0000
Commit: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
CommitDate: Sat Sep 22 17:29:31 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d83590e9
net-im/openfire: set ownership at src_install() phase, bug #630914
As Michael explains in bug #630914 the code below is prone to
chown-ing files not belonging to package:
```
pkg_postinst() {
...
chown -R jabber:jabber "${ROOT}"/opt/openfire
}
```
Move chown to src_install() to contain the damage to builder.
Reported-by: Michael Orlitzky
Bug: https://bugs.gentoo.org/630914
Package-Manager: Portage-2.3.49, Repoman-2.3.10
net-im/openfire/openfire-4.2.3-r1.ebuild | 96 ++++++++++++++++++++++++++++++++
1 file changed, 96 insertions(+)
diff --git a/net-im/openfire/openfire-4.2.3-r1.ebuild
b/net-im/openfire/openfire-4.2.3-r1.ebuild
new file mode 100644
index 00000000000..ea631de1f71
--- /dev/null
+++ b/net-im/openfire/openfire-4.2.3-r1.ebuild
@@ -0,0 +1,96 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit eutils java-pkg-2 java-ant-2 systemd
+
+MY_P=${PN}_src_${PV//./_}
+DESCRIPTION="Openfire (formerly wildfire) real time collaboration (RTC) server"
+HOMEPAGE="http://www.igniterealtime.org/projects/openfire/";
+SRC_URI="http://www.igniterealtime.org/builds/openfire/${MY_P}.tar.gz";
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="doc"
+
+RDEPEND=">=virtual/jre-1.7"
+DEPEND="net-im/jabber-base
+ ~dev-java/ant-contrib-1.0_beta2
+ >=virtual/jdk-1.7"
+
+S=${WORKDIR}/${PN}_src
+
+pkg_setup() {
+ java-pkg-2_pkg_setup
+}
+
+src_compile() {
+ # Jikes doesn't support -source 1.5
+ java-pkg_filter-compiler jikes
+
+ ANT_TASKS="ant-contrib"
+ eant -f build/build.xml openfire plugins $(use_doc)
+
+ # delete nativeAuth prebuilt libs:
+ # uses outdated unmaintained libshaj, does not support amd64
+ rm -rfv target/openfire/resources/nativeAuth || die
+}
+
+src_install() {
+ dodir /opt/openfire
+
+ newinitd "${FILESDIR}"/openfire-initd openfire
+ newconfd "${FILESDIR}"/openfire-confd openfire
+ systemd_dounit "${FILESDIR}"/${PN}.service
+
+ dodir /opt/openfire/conf
+ insinto /opt/openfire/conf
+ newins target/openfire/conf/openfire.xml openfire.xml.sample
+ newins target/openfire/conf/security.xml security.xml.sample
+
+ dodir /opt/openfire/logs
+ keepdir /opt/openfire/logs
+
+ dodir /opt/openfire/lib
+ insinto /opt/openfire/lib
+ doins target/openfire/lib/*
+
+ dodir /opt/openfire/plugins
+ insinto /opt/openfire/plugins
+ doins -r target/openfire/plugins/*
+
+ dodir /opt/openfire/resources
+ insinto /opt/openfire/resources
+ doins -r target/openfire/resources/*
+
+ if use doc; then
+ dohtml -r documentation/docs/*
+ fi
+ dodoc documentation/dist/*
+
+ #Protect ssl key on upgrade
+ dodir /etc/env.d/
+ echo 'CONFIG_PROTECT="/opt/openfire/resources/security/"' >
"${D}"/etc/env.d/98openfire
+
+ fowners -R jabber:jabber /opt/openfire
+}
+
+pkg_postinst() {
+ local src
+ local dst
+
+ # http://community.igniterealtime.org/thread/52289
+ for dst in "${ROOT%/}"/opt/openfire/conf/{openfire,security}.xml
+ do
+ src="${dst}".sample
+ if [[ -f "${dst}" ]]; then
+ einfo "Leaving old '${dst}'"
+ else
+ einfo "Created default '${dst}'. Please edit."
+ cp -v "${src}" "${dst}" || ewarn "cp '${dst}' failed"
+ chmod -v 0600 "${dst}" || ewarn "chmod '${dst}' failed"
+ fi
+ done
+}
