[gentoo-commits] repo/gentoo:master commit in: sci-misc/boinc/, sci-misc/boinc/files/

Sun, 24 Apr 2022 13:14:45 -0700 

commit:     7a0414526e4942bf4767aaa2c9a9cfa5fd7f605a
Author:     Florian Schmaus <flow <AT> gentoo <DOT> org>
AuthorDate: Sun Apr 24 19:43:52 2022 +0000
Commit:     Florian Schmaus <flow <AT> gentoo <DOT> org>
CommitDate: Sun Apr 24 20:10:43 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a041452

sci-misc/boinc: fix dep, openrc: ALLOW_REMOTE_RPC=no, GROUP=(id -gn $USER)

Replace the deprecated virtual/jpeg with media-libs/libjpeg-turbo.

Use 'boinc' user's primary group per default. This syncs the behavior of
the openrc-run script with the systemd service file. We can now also
drop acct-group/boinc, since nothing in sci-misc/boinc depends on it.

Also set ALLOW_REMOTE_RPC=no, instead of yes, if absent. Allowing remote
RPCs, if not explicitly enabled by the user, that is, per default, is
not sensible from a security perspective.
Note that the shipped boinc.conf already sets ALLOW_REMOTE_RPC=no.

Signed-off-by: Florian Schmaus <flow <AT> gentoo.org>

 sci-misc/boinc/{boinc-7.18.1.ebuild => boinc-7.18.1-r1.ebuild} | 3 +--
 sci-misc/boinc/boinc-9999.ebuild                               | 3 +--
 sci-misc/boinc/files/boinc.conf                                | 4 +++-
 sci-misc/boinc/files/boinc.init.in                             | 6 +++---
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/sci-misc/boinc/boinc-7.18.1.ebuild 
b/sci-misc/boinc/boinc-7.18.1-r1.ebuild
similarity index 99%
rename from sci-misc/boinc/boinc-7.18.1.ebuild
rename to sci-misc/boinc/boinc-7.18.1-r1.ebuild
index 2d86dc42372a..3395522f0874 100644
--- a/sci-misc/boinc/boinc-7.18.1.ebuild
+++ b/sci-misc/boinc/boinc-7.18.1-r1.ebuild
@@ -30,7 +30,6 @@ REQUIRED_USE="^^ ( curl_ssl_gnutls curl_ssl_openssl ) "
 # libcurl must not be using an ssl backend boinc does not support.
 # If the libcurl ssl backend changes, boinc should be recompiled.
 DEPEND="
-       acct-group/boinc
        acct-user/boinc
        >=app-misc/ca-certificates-20080809
        cuda? (
@@ -43,6 +42,7 @@ DEPEND="
        X? (
                dev-db/sqlite:3
                media-libs/freeglut
+               media-libs/libjpeg-turbo:=
                x11-libs/gtk+:3
                x11-libs/libICE
                >=x11-libs/libnotify-0.7
@@ -50,7 +50,6 @@ DEPEND="
                x11-libs/libXi
                x11-libs/libXmu
                x11-libs/wxGTK:${WX_GTK_VER}[X,opengl,webkit]
-               virtual/jpeg
        )
 "
 BDEPEND="app-text/docbook-xml-dtd:4.4

diff --git a/sci-misc/boinc/boinc-9999.ebuild b/sci-misc/boinc/boinc-9999.ebuild
index 21a46ecfa659..78012a2d9c57 100644
--- a/sci-misc/boinc/boinc-9999.ebuild
+++ b/sci-misc/boinc/boinc-9999.ebuild
@@ -32,7 +32,6 @@ REQUIRED_USE="^^ ( curl_ssl_gnutls curl_ssl_openssl ) "
 # libcurl must not be using an ssl backend boinc does not support.
 # If the libcurl ssl backend changes, boinc should be recompiled.
 DEPEND="
-       acct-group/boinc
        acct-user/boinc
        >=app-misc/ca-certificates-20080809
        cuda? (
@@ -45,6 +44,7 @@ DEPEND="
        X? (
                dev-db/sqlite:3
                media-libs/freeglut
+               media-libs/libjpeg-turbo:=
                x11-libs/gtk+:3
                x11-libs/libICE
                >=x11-libs/libnotify-0.7
@@ -52,7 +52,6 @@ DEPEND="
                x11-libs/libXi
                x11-libs/libXmu
                x11-libs/wxGTK:${WX_GTK_VER}[X,opengl,webkit]
-               virtual/jpeg
        )
 "
 BDEPEND="app-text/docbook-xml-dtd:4.4

diff --git a/sci-misc/boinc/files/boinc.conf b/sci-misc/boinc/files/boinc.conf
index 22fcca0d3001..856be30a2402 100644
--- a/sci-misc/boinc/files/boinc.conf
+++ b/sci-misc/boinc/files/boinc.conf
@@ -2,7 +2,9 @@
 
 # Owner of BOINC process (must be existing)
 USER="boinc"
-GROUP="boinc"
+# Group of the BOINC process. Defaults to the user's primary group if
+# not set.
+#GROUP="boinc"
 
 # Directory with runtime data: Work units, project binaries, user info etc.
 RUNTIMEDIR="/var/lib/boinc"

diff --git a/sci-misc/boinc/files/boinc.init.in 
b/sci-misc/boinc/files/boinc.init.in
index 763b69694444..9ac9b11a930d 100644
--- a/sci-misc/boinc/files/boinc.init.in
+++ b/sci-misc/boinc/files/boinc.init.in
@@ -1,5 +1,5 @@
 #!/sbin/openrc-run
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2022 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 extra_started_commands="attach resume suspend"
@@ -91,12 +91,12 @@ opencl_check() {
 env_check() {
        # Make sure the configuration is sane
        : ${USER:="boinc"}
-       : ${GROUP:="boinc"}
+       : ${GROUP:="$(id -ng ${USER})"}
        : ${RUNTIMEDIR:="/var/lib/boinc"}
        : ${BOINCBIN:="$(which boinc_client)"}
        : ${BOINC_PIDFILE:="/var/run/boinc_client.pid"}
        : ${BOINCCMD:="$(which /usr/bin/boinccmd)"}
-       : ${ALLOW_REMOTE_RPC:="yes"}
+       : ${ALLOW_REMOTE_RPC:="no"}
        : ${NICELEVEL:="19"}
        # ARGS is not checked, it could have been explicitly set
        # to be empty by the user.

Reply via email to