subject:"\[arch\-commits\] Commit in matterbridge\/trunk \(PKGBUILD matterbridge.service\)"

[arch-commits] Commit in matterbridge/trunk (PKGBUILD matterbridge.service)

2020-04-09 Thread Bruno Pagani via arch-commits

Date: Thursday, April 9, 2020 @ 22:04:57
  Author: archange
Revision: 613057

upgpkg: matterbridge 1.17.2-1

Also enhance security of matterbridge.service

Modified:
  matterbridge/trunk/PKGBUILD
  matterbridge/trunk/matterbridge.service

--+
 PKGBUILD |6 +++---
 matterbridge.service |   27 ++-
 2 files changed, 21 insertions(+), 12 deletions(-)

Modified: PKGBUILD
===
--- PKGBUILD2020-04-09 21:55:15 UTC (rev 613056)
+++ PKGBUILD2020-04-09 22:04:57 UTC (rev 613057)
@@ -1,7 +1,7 @@
 # Maintainer: Bruno Pagani 
 
 pkgname=matterbridge
-pkgver=1.17.1
+pkgver=1.17.2
 pkgrel=1
 pkgdesc="Multi-protocols (IRC/XMPP/Mattermost/Slack/Matrix/etc) bridge"
 arch=(x86_64)
@@ -13,9 +13,9 @@
 source=(${pkgname}-${pkgver}.tar.gz::"${url}/archive/v${pkgver}.tar.gz"
 
${pkgname}-${pkgver}.tar.gz.asc::"${url}/releases/download/v${pkgver}/v${pkgver}.tar.gz.asc"
 matterbridge.service)
-sha256sums=('66c70c51e30ec5a6f21ffa084d86a3ade3575f82a1e33dc5ef167fba57d0c075'
+sha256sums=('5580fadac3c5ded1c458ab12e93483338b0b076c868b0ceea9786112bca3621e'
 'SKIP'
-'89e52388054d3c83199ccbfe8f2dc02a6ae02ec1a2d024460b11464324a1fb9b')
+'2b2953aab3dd943750e2095497d733949963d994d826548e3d046ec4975b68df')
 validpgpkeys=(CC7D978417C1AEA1E4CDD7240E41AB4BF4C610B4) # wim 
 
 prepare() {

Modified: matterbridge.service
===
--- matterbridge.service2020-04-09 21:55:15 UTC (rev 613056)
+++ matterbridge.service2020-04-09 22:04:57 UTC (rev 613057)
@@ -8,20 +8,29 @@
 ExecStart=/usr/bin/matterbridge -conf /etc/matterbridge.toml
 Type=simple
 CapabilityBoundingSet=
-NoNewPrivileges=True
+AmbientCapabilities=
+NoNewPrivileges=true
+#SecureBits=
+ProtectSystem=strict
+ProtectHome=true
+PrivateTmp=true
+PrivateDevices=true
+PrivateNetwork=false
 PrivateUsers=true
-PrivateDevices=true
-PrivateTmp=true
-ProtectHome=true
-ProtectSystem=strict
-ProtectControlGroups=yes
+ProtectHostname=true
+ProtectClock=true
 ProtectKernelTunables=true
-ProtectKernelModules=yes
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+RestrictNamespaces=true
+MemoryDenyWriteExecute=true
 LockPersonality=true
-MemoryDenyWriteExecute=true
 RestrictRealtime=true
+RestrictSUIDSGID=true
+SystemCallFilter=@system-service
 SystemCallArchitectures=native
-SystemCallFilter=@system-service
 
 [Install]
 WantedBy=multi-user.target

[arch-commits] Commit in matterbridge/trunk (PKGBUILD matterbridge.service)

2019-01-31 Thread Bruno Pagani via arch-commits

Date: Thursday, January 31, 2019 @ 15:20:00
  Author: archange
Revision: 428740

upgpkg: matterbridge 1.13.0-1

Modified:
  matterbridge/trunk/PKGBUILD
  matterbridge/trunk/matterbridge.service

--+
 PKGBUILD |   12 +---
 matterbridge.service |   19 +--
 2 files changed, 26 insertions(+), 5 deletions(-)

Modified: PKGBUILD
===
--- PKGBUILD2019-01-31 15:19:32 UTC (rev 428739)
+++ PKGBUILD2019-01-31 15:20:00 UTC (rev 428740)
@@ -1,7 +1,7 @@
 # Maintainer: Bruno Pagani 
 
 pkgname=matterbridge
-pkgver=1.12.3
+pkgver=1.13.0
 pkgrel=1
 pkgdesc="Multi-protocols (IRC/XMPP/Mattermost/Slack/Matrix/etc) bridge"
 arch=('x86_64')
@@ -13,11 +13,17 @@
 source=(${pkgname}-${pkgver}.tar.gz::"${url}/archive/v${pkgver}.tar.gz"
 
${pkgname}-${pkgver}.tar.gz.asc::"${url}/releases/download/v${pkgver}/v${pkgver}.tar.gz.asc"
 'matterbridge.service')
-sha256sums=('240a76ea0c6d1cd4e671edf2684a606d052236e1140ce3c45582831f01d3ae12'
+sha256sums=('6f66b562035d2cf1f9bb9fe2cacb36327326bb483673c4ddf8a2c7438b2487c9'
 'SKIP'
-'afb424b918f7108f5efae39afbed5d23d9a2c36710c6e0adbb96c7e5c7835aa3')
+'89e52388054d3c83199ccbfe8f2dc02a6ae02ec1a2d024460b11464324a1fb9b')
 validpgpkeys=('CC7D978417C1AEA1E4CDD7240E41AB4BF4C610B4') # wim 
 
+prepare() {
+  cd ${pkgname}-${pkgver}
+  # https://github.com/golang/go/issues/29278
+  sed -i 
's:9PfxPUmasKzeJor9uQTaXLT6WUG/r+vSTmvXxvv3JO4:Y3vG4kINVWNQN8Y6Jdur8uLat7fSLV5n5yLE8n+JbF4:'
 go.sum
+}
+
 build() {
   cd ${pkgname}-${pkgver}
   go build -v \

Modified: matterbridge.service
===
--- matterbridge.service2019-01-31 15:19:32 UTC (rev 428739)
+++ matterbridge.service2019-01-31 15:20:00 UTC (rev 428740)
@@ -3,10 +3,25 @@
 After=network.target
 
 [Service]
-User=nobody
-Group=nobody
+User=matterbridge
+DynamicUser=yes
 ExecStart=/usr/bin/matterbridge -conf /etc/matterbridge.toml
 Type=simple
+CapabilityBoundingSet=
+NoNewPrivileges=True
+PrivateUsers=true
+PrivateDevices=true
+PrivateTmp=true
+ProtectHome=true
+ProtectSystem=strict
+ProtectControlGroups=yes
+ProtectKernelTunables=true
+ProtectKernelModules=yes
+LockPersonality=true
+MemoryDenyWriteExecute=true
+RestrictRealtime=true
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
 
 [Install]
 WantedBy=multi-user.target

[arch-commits] Commit in matterbridge/trunk (PKGBUILD matterbridge.service)

[arch-commits] Commit in matterbridge/trunk (PKGBUILD matterbridge.service)

2 matches

Site Navigation

Mail list logo

Footer information