[arch-commits] Commit in pound/trunk (5 files)
Date: Friday, November 6, 2020 @ 14:46:59 Author: dvzrv Revision: 744354 upgpkg: pound 3.0-1: Upgrade to 3.0. Replace old .cfg configuration with new default .yaml configuration. Add patch to set the runtime dir to /run/pound. Switch to https for upstream url. Apply all available hardening options to the service file. Added: pound/trunk/pound-3.0-runtime_dir.patch pound/trunk/pound.yaml Modified: pound/trunk/PKGBUILD pound/trunk/pound.service Deleted: pound/trunk/pound.cfg -+ PKGBUILD| 71 +- pound-3.0-runtime_dir.patch | 66 + pound.cfg | 85 -- pound.service | 28 ++- pound.yaml | 161 ++ 5 files changed, 287 insertions(+), 124 deletions(-) Modified: PKGBUILD === --- PKGBUILD2020-11-06 14:30:34 UTC (rev 744353) +++ PKGBUILD2020-11-06 14:46:59 UTC (rev 744354) @@ -5,63 +5,66 @@ _name=Pound pkgname=pound -pkgver=2.8 -pkgrel=3 +pkgver=3.0 +pkgrel=1 pkgdesc="A reverse proxy, load balancer, and SSL wrapper" arch=('x86_64') -url="http://www.apsis.ch/pound/index_html; +url="https://www.apsis.ch/pound.html; license=('GPL3') -depends=('gcc-libs' 'glibc' 'pcre' 'openssl-1.0') -makedepends=('gperftools') -backup=('etc/pound/pound.cfg') -# switch to https://github.com/graygnuorg/pound for openssl +depends=('gcc-libs' 'glibc' 'libyaml' 'nanomsg' 'pcre') +makedepends=('cmake' 'gperftools' 'mbedtls' 'uthash') +backup=("etc/${pkgname}/${pkgname}.yaml") source=("http://www.apsis.ch/${pkgname}/${_name}-${pkgver}.tgz; "${_name}-${pkgver}.tgz.asc::http://www.apsis.ch/${pkgname}/${_name}-${pkgver}.asc; +"${pkgname}-3.0-runtime_dir.patch" "${pkgname}.service" -"${pkgname}.cfg") -sha512sums=('cf0b865b17d3628e273626e07733f1320e4768702c0f64c8ef0f78d46667f770b223bdc7dca88016a95e5ebd23ae646f95a9b2f4a54a5a80001a10047f07eacc' +"${pkgname}.yaml") +sha512sums=('28426fa2d66efa310fce43fc57b87b6cd9d646573161ab880b139feec856710306002af623f023907bb77f8b37979cf2332dc3e16cde48c6d349d813c6ac47e2' 'SKIP' - 'c4b47825e3f394db9e8e784f6342d7912081c7de94638e51d27c6a7de0b13fd9665f5540412c8ddaf3157040f9b83d234e01d93ad3a61be45955aaf3afc6f543' - '32d33474a115dfc9d5ccc094ffdb3c367108a48976cf3e58442642dab08167cd0a1808eefa1879e3c38b607d2a6a1cd28142dbd690244368760daba1f95526f6') -b2sums=('2e4526fb78bb8bf1206a60318fef23925f2eb3b2d72c56895e6cc839e944ad8a58820be8c6c54ff2f12cd8e34ee8500dc8f7555c968fe4cd42ae7cc51ef6feec' + '25db5c13750c2770ae5a91d850f2f00e888474a05b2464c6f03ebe4dc628c86edf8df640daa96e9dcb7240de43537a731671376f20e0dfb599ef5fc2eaf6c053' + '887ebace94fb6974b34e096c3f9d85e7e45186f816f8a0b4218ffecf2bf041702bc5d40547ca5883691e1d5f959e28b8ce3aac0f12c877760c0e80d8319f57e9' + '329fb0064f9720cc41332894d3e96e098ffd789d13bcb3b35d67dd9f7b4c0667d1b4cf1d93df9427b4e867d5f0b5857be412ae8d34abed5aa3c2774a499b3292') +b2sums=('8834d2d57c81bf792d803bc2aef7ad5d17243539ea3fddab777ab3dbd7f903a2f771762ee8d4818c63b7c6380c253dc7c7465e10225f884c2bb968af3dfab831' 'SKIP' - '41fade7a7dc90d4de479b95748f272be4d4ed1e0226539b1dacb20caeef20b30f66b62afc401b4e5fb43b9cbfe107d22dad88a772469f4963ecb564357cd4f2a' - '1dc6854854fcc1e0ce32249f6dbfe89b9ccb5ebe614bc700252090a1bb1e072d763859f42bdc1e3a8aa5ddded271cecb5d4c82ef0a90ed98c113ca019cbb255b') + 'eba66845b02eff8cea9353f1617f9fcbce040609ea22a1061d98a69c109fed1aaaf6fb338cde1c969153df383def7ae5e3231f281140d32702acfb8c628fa0e4' + '886e7218d0098f86edfde32b0d8ccdf47f7a8d6a3417144bbd9279cac14d51065fe72b312844ff6a24be6d16183a3b4a44b0d012c1d08808d07ea96d660ff69f' + 'a7ebb7714abf8bc7c2c0f627f6fdcc226a293277a98455bd52340536754ef3a5aef75340b8535402c78a9a754f78d4793c1d7b0c15b0b8d393fd3760a6398858') validpgpkeys=('8BB562A0F1DB703FB7EB1E95AB72C62A8691DD02') # Robert Segall prepare() { mv -v "${_name}-${pkgver}" "${pkgname}-${pkgver}" cd "${pkgname}-${pkgver}" - # use openssl-1.0 to generate dhparam - sed -e 's/openssl/openssl-1.0/' -i Makefile.in + # set runtime dir to /run/pound + patch -Np1 -i "../${pkgname}-3.0-runtime_dir.patch" + # remove vendored uthash so we build with the packaged version + rm -v include/ut{hash,array}.h } build() { cd "${pkgname}-${pkgver}" - # use openssl-1.0 - CPPFLAGS+=" -I/usr/include/openssl-1.0" \ - LDFLAGS+=" -L/usr/lib/openssl-1.0" \ - ./configure --prefix=/usr \ - --sysconfdir=/etc/pound \ - --bindir=/usr/bin \ - --sbindir=/usr/bin \ - --with-ssl='/usr/lib/openssl-1.0' \ - --with-owner=root \ - --with-group=root - make + cmake -DCMAKE_INSTALL_PREFIX=/usr \ +-DCMAKE_BUILD_TYPE='None' \ +-Wno-dev \ +-B build \ +-S . +
[arch-commits] Commit in pound/trunk (5 files)
Date: Saturday, March 17, 2018 @ 19:08:18 Author: dvzrv Revision: 308968 upgpkg: pound 2.7-6 Updating maintainer. Adding pgp verification of source. Removing runit. Fixing build() and package() to use root for ownership of files. Installing various docs. Switching to user/group pound in configuration and moving Control socket to /run/pound/ directory. Adding Documentation, After and Wants to service. Using DynamicUser and RuntimeDirectory. Adding CapabilityBoundSet/AmbientCapabilities to allow bind to ports below 1024 (CAP_NET_BIND_SERVICE). Modified: pound/trunk/PKGBUILD pound/trunk/pound.cfg pound/trunk/pound.service Deleted: pound/trunk/ChangeLog pound/trunk/pound.runit ---+ ChangeLog | 22 -- PKGBUILD | 68 pound.cfg |6 ++-- pound.runit | 23 -- pound.service | 11 - 5 files changed, 53 insertions(+), 77 deletions(-) Deleted: ChangeLog === --- ChangeLog 2018-03-17 18:57:31 UTC (rev 308967) +++ ChangeLog 2018-03-17 19:08:18 UTC (rev 308968) @@ -1,22 +0,0 @@ - -2009-03-22 Douglas Soares de Andrade- - * Updated for i686: 2.4.4 - * Fixed an issue with the rc.d pound script - -2008-06-22 Mateusz Herych - - * Adding for x86_64 community - 2.4.3 - -2008-06-22 Douglas Soares de Andrade - - * Adding for i686 community - 2.4.3 - -2008-05-22 Mateusz Herych - - * Adding to community for x86_64 - -2008-05-21 Douglas Soares de Andrade - - * Adding to community for i686 - Modified: PKGBUILD === --- PKGBUILD2018-03-17 18:57:31 UTC (rev 308967) +++ PKGBUILD2018-03-17 19:08:18 UTC (rev 308968) @@ -1,48 +1,60 @@ # $Id$ -# Maintainer: Sergej Pupykin -# Maintainer: Douglas Soares de Andrade +# Maintainer: David Runge +# Contributor: Sergej Pupykin +# Contributor: Douglas Soares de Andrade # Contributor: Roberto Alsina +_name=Pound pkgname=pound pkgver=2.7 -pkgrel=5 +pkgrel=6 pkgdesc="A reverse proxy, load balancer, and SSL wrapper" arch=('x86_64') url="http://www.apsis.ch/pound/index_html; -license=('GPL') -depends=('pcre' 'openssl-1.0') -backup=(etc/pound/pound.cfg) -source=(http://www.apsis.ch/pound/Pound-$pkgver.tgz - pound.runit - pound.service - pound.cfg) -md5sums=('ec8298aa3e4aee3ffbecdc0639d7f14a' - '2a555ee5871a849cb1f6e6ba2ff054df' - 'c0d0726a96dfda0e83843362e401b3dc' - '8937808acd22c6391ebe4340af8df854') +license=('GPL3') +depends=('gperftools' 'pcre' 'openssl-1.0') +backup=('etc/pound/pound.cfg') +# switch to https://github.com/graygnuorg/pound for openssl +source=("http://www.apsis.ch/${pkgname}/${_name}-${pkgver}.tgz; + "${_name}-${pkgver}.tgz.asc::http://www.apsis.ch/${pkgname}/${_name}-${pkgver}.asc; +"${pkgname}.service" +"${pkgname}.cfg") +sha512sums=('3edfb948715ff7e38b7665cc083eb5619daf4c2ddda4efca2bcf5d8c1ee158fa5275b16bbaea4cf51bf3f8c022ba2197d5f67d57732404a448ae00e62aa1' +'SKIP' + '7111df07cb3500c378afb19abbd1ef5f97a566101cd68712a1d6c8015f23463fc06347ec8cb189f2774c954343b8b8815416be1a4acd3ec31f20f03e90cdf603' + '32d33474a115dfc9d5ccc094ffdb3c367108a48976cf3e58442642dab08167cd0a1808eefa1879e3c38b607d2a6a1cd28142dbd690244368760daba1f95526f6') prepare() { - cd "$srcdir"/Pound-$pkgver - sed -i -e 's/openssl/openssl-1.0/' Makefile.in + cp -av "${_name}-${pkgver}" "${pkgname}-${pkgver}" + cd "${pkgname}-${pkgver}" + # use openssl-1.0 to generate dhparam + sed -e 's/openssl/openssl-1.0/' -i Makefile.in } build() { - cd "$srcdir"/Pound-$pkgver + cd "${pkgname}-${pkgver}" CPPFLAGS+=" -I/usr/include/openssl-1.0" \ LDFLAGS+=" -L/usr/lib/openssl-1.0" \ - ./configure --prefix=/usr --sysconfdir=/etc/pound --sbindir=/usr/bin + ./configure --prefix=/usr \ + --sysconfdir=/etc/pound \ + --bindir=/usr/bin \ + --sbindir=/usr/bin \ + --with-ssl='/usr/lib/openssl-1.0' \ + --with-owner=root \ + --with-group=root make } package() { - cd "$srcdir"/Pound-$pkgver - install -d "$pkgdir"/usr/sbin - make DESTDIR="$pkgdir" install - chown root.root -R "$pkgdir"/usr - install -d "$pkgdir"/etc/sv - install -d "$pkgdir"/etc/sv/pound - install -m0755 "$srcdir"/pound.runit "$pkgdir"/etc/sv/pound/run - install -D -m0644 "$srcdir"/pound.cfg "$pkgdir"/etc/pound/pound.cfg - install -Dm0644 "$srcdir"/$pkgname.service "$pkgdir"/usr/lib/systemd/system/$pkgname.service - rmdir "$pkgdir"/usr/sbin + cd