diff options
| author |   Stefan Knoblich <stkn@gentoo.org> | 2005-05-11 23:27:57 +0000 |
|---|---|---|
| committer | Stefan Knoblich <stkn@gentoo.org> | 2005-05-11 23:27:57 +0000 |
| commit | b1b2e43708254a0a25c420b93c37ce7241e32e5e (patch) | |
| tree | 4a0d0ccc8aacb2e5fbda0798e08dad01e677993b | |
| parent | Stable on alpha + ia64, bug 92035. (diff) | |
| download | gentoo-2-b1b2e43708254a0a25c420b93c37ce7241e32e5e.tar.gz gentoo-2-b1b2e43708254a0a25c420b93c37ce7241e32e5e.tar.bz2 gentoo-2-b1b2e43708254a0a25c420b93c37ce7241e32e5e.zip | |
More non-root fixes (this time for addmailbox and astgenkey), bristuff update and other minor changes
(Portage version: 2.0.51.19)
| -rw-r--r-- | net-misc/asterisk/ChangeLog | 7 | ||||
| -rw-r--r-- | net-misc/asterisk/asterisk-1.0.7-r1.ebuild | 92 | ||||
| -rw-r--r-- | net-misc/asterisk/files/1.0.0/asterisk-1.0.7-scripts.diff | 43 | ||||
| -rw-r--r-- | net-misc/asterisk/files/digest-asterisk-1.0.7-r1 | 2 |
4 files changed, 100 insertions, 44 deletions
diff --git a/net-misc/asterisk/ChangeLog b/net-misc/asterisk/ChangeLog index de45f749bfef..cb544f272476 100644 --- a/net-misc/asterisk/ChangeLog +++ b/net-misc/asterisk/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-misc/asterisk # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/ChangeLog,v 1.52 2005/05/11 12:47:06 stkn Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/ChangeLog,v 1.53 2005/05/11 23:27:57 stkn Exp $ + + 12 May 2005; Stefan Knoblich <stkn@gentoo.org> + +files/1.0.0/asterisk-1.0.7-scripts.diff, asterisk-1.0.7-r1.ebuild: + Added non-root changes to addmailbox and astgenkey, fixed warning + countdown and bristuff update. 11 May 2005; Stefan Knoblich <stkn@gentoo.org> files/1.0.0/asterisk.confd.sec: diff --git a/net-misc/asterisk/asterisk-1.0.7-r1.ebuild b/net-misc/asterisk/asterisk-1.0.7-r1.ebuild index b54df9e2f31d..c2a380cbb114 100644 --- a/net-misc/asterisk/asterisk-1.0.7-r1.ebuild +++ b/net-misc/asterisk/asterisk-1.0.7-r1.ebuild @@ -1,13 +1,13 @@ # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/asterisk-1.0.7-r1.ebuild,v 1.3 2005/05/11 11:57:33 stkn Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/asterisk-1.0.7-r1.ebuild,v 1.4 2005/05/11 23:27:57 stkn Exp $ IUSE="alsa doc gtk mmx mysql pri zaptel uclibc debug postgres vmdbmysql vmdbpostgres bri hardened speex resperl" inherit eutils perl-module ADDONS_VERSION="1.0.7" -BRI_VERSION="0.2.0-RC8c" +BRI_VERSION="0.2.0-RC8d" DESCRIPTION="Asterisk: A Modular Open Source PBX System" HOMEPAGE="http://www.asterisk.org/" @@ -43,6 +43,46 @@ DEPEND="dev-libs/newt >=net-misc/zaptel-1.0.7-r1 )" pkg_setup() { + local n + + # + # Warning about security changes... + # + ewarn "****************** Important changes warning! *********************" + ewarn + ewarn "- Asterisk runs as user asterisk, group asterisk by default" + ewarn + ewarn "- Permissions of /etc/asterisk have been changed to root:asterisk" + ewarn " 750 (directories) / 640 (files)" + ewarn + ewarn "- Permissions of /var/{log,lib,run,spool}/asterisk have been changed" + ewarn " to asterisk:asterisk 750 (directories) / 640 (files)" + ewarn + ewarn "- Asterisk's unix socket and pidfile are now in /var/run/astrisk" + ewarn + ewarn "- More information at the end of this emerge" + ewarn + ewarn " http://bugs.gentoo.org/show_bug.cgi?id=88732" + ewarn " http://www.voip-info.org/wiki-Asterisk+non-root" + ewarn + eerror "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" + eerror "! NEW PERMISSIONS WILL BE AUTOMATICALLY SET DURING INSTALLATION !" + eerror "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" + echo + einfo "Press Ctrl+C to abort" + echo + ebeep + + n=20 + while [[ $n -gt 0 ]]; do + echo -en " Waiting $n seconds...\r" + sleep 1 + (( n-- )) + done + + # + # Regular checks + # einfo "Running some pre-flight checks..." if use resperl; then # res_perl pre-flight check... @@ -75,40 +115,6 @@ pkg_setup() { die "Libpri without bri support detected" fi fi - - # - # Warning about security changes... - # - ewarn "****************** Important changes warning! *********************" - echo - ewarn "- Asterisk runs as user asterisk, group asterisk by default" - echo - ewarn "- Permissions of /etc/asterisk have been changed to root:asterisk" - ewarn " 750 (directories) / 640 (files)" - echo - ewarn "- Permissions of /var/{log,lib,run,spool}/asterisk have been changed" - ewarn " to asterisk:asterisk 750 (directories) / 640 (files)" - echo - ewarn "- Asterisk's unix socket and pidfile are now in /var/run/astrisk" - echo - ewarn "- More information at the end of this emerge" - echo - ewarn " http://bugs.gentoo.org/show_bug.cgi?id=88732" - ewarn " http://www.voip-info.org/wiki-Asterisk+non-root" - echo - eerror "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - eerror "! NEW PERMISSIONS WILL BE AUTOMATICALLY SET DURING INSTALLATION !" - eerror "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" - echo - einfo "Press Ctrl+C to abort" - echo - - n=30 - while [[ $n -lt 0 ]]; do - echo -en " Waiting $n seconds...\r" - sleep 1 - (( $n-- )) - done } src_unpack() { @@ -258,6 +264,8 @@ src_unpack() { cd ${S} sed -i -e "s:^\(ASTVARRUNDIR=\).*:\1\$(INSTALL_PREFIX)/var/run/asterisk:" \ Makefile + + epatch ${FILESDIR}/1.0.0/${P}-scripts.diff } src_compile() { @@ -396,25 +404,25 @@ pkg_postinst() { # Warning about security changes... # ewarn "*********************** Important changes **************************" - echo + ewarn ewarn "- Asterisk runs as user asterisk, group asterisk by default" ewarn " Use usermod -G to make the asterisk user a member of additional" ewarn " groups if necessary." - echo + ewarn ewarn "- Permissions of /etc/asterisk have been changed to root:asterisk" ewarn " 750 (rwxr-x--- directories) / 640 (rw-r----- files)" - echo + ewarn ewarn "- Permissions of /var/{log,lib,run,spool}/asterisk have been changed" ewarn " to asterisk:asterisk 750 / 640" - echo + ewarn ewarn "- Asterisk's unix socket and pidfile are now in /var/run/astrisk" - echo + ewarn ewarn "- Asterisk cannot set the IP ToS bits when run as user," ewarn " use something like this to make iptables set them for you:" ewarn " \"iptables -A OUTPUT -t mangle -p udp -m udp --dport 5060 -j DSCP --set-dscp 0x28\"" ewarn " \"iptables -A OUTPUT -t mangle -p udp -m udp --sport 10000:20000 -j DSCP --set-dscp 0x28\"" ewarn " (taken from voip-info.org comments (see below), thanks andrewid)" - echo + ewarn ewarn "For more details:" ewarn " http://bugs.gentoo.org/show_bug.cgi?id=88732" ewarn " http://www.voip-info.org/wiki-Asterisk+non-root" diff --git a/net-misc/asterisk/files/1.0.0/asterisk-1.0.7-scripts.diff b/net-misc/asterisk/files/1.0.0/asterisk-1.0.7-scripts.diff new file mode 100644 index 000000000000..c002294c0e6b --- /dev/null +++ b/net-misc/asterisk/files/1.0.0/asterisk-1.0.7-scripts.diff @@ -0,0 +1,43 @@ +--- asterisk-1.0.7/contrib/scripts/addmailbox.orig 2005-05-11 23:17:10.000000000 +0200 ++++ asterisk-1.0.7/contrib/scripts/addmailbox 2005-05-11 23:21:57.000000000 +0200 +@@ -21,14 +21,14 @@ + echo + echo "New Voicemail context.." + echo "Creating Voicemail context directory..." +- mkdir -p ${VMHOME}/${context} ++ mkdir -m 750 -p ${VMHOME}/${context} + fi + + echo + echo "Creating Voicemail directory..." +-mkdir -p ${VMHOME}/${context}/${mailbox} ++mkdir -m 750 -p ${VMHOME}/${context}/${mailbox} + echo "Creating INBOX..." +-mkdir -p ${VMHOME}/${context}/${mailbox}/INBOX ++mkdir -m 750 -p ${VMHOME}/${context}/${mailbox}/INBOX + echo "Creating Default greetings..." + cat ${SNDHOME}/vm-theperson.gsm > ${VMHOME}/${context}/${mailbox}/unavail.gsm + cat ${SNDHOME}/vm-theperson.gsm > ${VMHOME}/${context}/${mailbox}/busy.gsm +@@ -41,5 +41,8 @@ + done + cat ${SNDHOME}/vm-isunavail.gsm >> ${VMHOME}/${context}/${mailbox}/unavail.gsm + cat ${SNDHOME}/vm-isonphone.gsm >> ${VMHOME}/${context}/${mailbox}/busy.gsm ++echo "Changing permissions..." ++chmod -R asterisk:asterisk ${VMHOME}/${context} ++chmod u=rwX,g=rX,o= ${VMHOME}/${context}/${mailbox}/*.gsm + echo "Complete." + +--- asterisk-1.0.7/contrib/scripts/astgenkey.orig 2005-05-11 23:28:37.000000000 +0200 ++++ asterisk-1.0.7/contrib/scripts/astgenkey 2005-05-11 23:30:12.000000000 +0200 +@@ -55,7 +55,11 @@ + echo "Key creation successful." + echo "Public key: ${KEY}.pub" + echo "Private key: ${KEY}.key" ++ echo "Changing permissions..." + fi ++ chown root:asterisk ${KEY}.pub ${KEY}.key ++ chmod u=rw,g=r,o= ${KEY}.pub ${KEY}.key + else + echo "Unknown error creating keys." + fi ++ diff --git a/net-misc/asterisk/files/digest-asterisk-1.0.7-r1 b/net-misc/asterisk/files/digest-asterisk-1.0.7-r1 index d5bb8c0a31c2..5c27f77b16f1 100644 --- a/net-misc/asterisk/files/digest-asterisk-1.0.7-r1 +++ b/net-misc/asterisk/files/digest-asterisk-1.0.7-r1 @@ -1,3 +1,3 @@ MD5 4cc3c1e4a1b12e0e4c748326ad153291 asterisk-1.0.7.tar.gz 9591705 MD5 e2a94a7c2e97de18b3cdc4dd42709c11 asterisk-addons-1.0.7.tar.gz 73646 -MD5 9142faa67742b1af6cfc2c72f26d4d52 bristuff-0.2.0-RC8c.tar.gz 137557 +MD5 d1c1511b436a994fc95022fe6e9703d4 bristuff-0.2.0-RC8d.tar.gz 137500 |