diff options
author | Lars Wendler <polynomial-c@gentoo.org> | 2020-04-02 21:33:58 +0200 |
---|---|---|
committer | Lars Wendler <polynomial-c@gentoo.org> | 2020-04-02 21:40:27 +0200 |
commit | 22810df27703dd8d270c4072cc14e4f6e4241c39 (patch) | |
tree | 190bee6d2df218eea1fc83fd458294cdfcca1420 | |
parent | net-misc/dhcpcd: Removed old (diff) | |
download | gentoo-22810df27703dd8d270c4072cc14e4f6e4241c39.tar.gz gentoo-22810df27703dd8d270c4072cc14e4f6e4241c39.tar.bz2 gentoo-22810df27703dd8d270c4072cc14e4f6e4241c39.zip |
net-misc/dhcpcd: Added privsep support to live ebuild
Package-Manager: Portage-2.3.96, Repoman-2.3.22
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
-rw-r--r-- | net-misc/dhcpcd/dhcpcd-9999.ebuild | 32 | ||||
-rw-r--r-- | net-misc/dhcpcd/metadata.xml | 3 |
2 files changed, 33 insertions, 2 deletions
diff --git a/net-misc/dhcpcd/dhcpcd-9999.ebuild b/net-misc/dhcpcd/dhcpcd-9999.ebuild index 573ee2cc7867..9656eabee928 100644 --- a/net-misc/dhcpcd/dhcpcd-9999.ebuild +++ b/net-misc/dhcpcd/dhcpcd-9999.ebuild @@ -21,11 +21,17 @@ DESCRIPTION="A fully featured, yet light weight RFC2131 compliant DHCP client" HOMEPAGE="https://roy.marples.name/projects/dhcpcd" LICENSE="BSD-2" SLOT="0" -IUSE="debug elibc_glibc +embedded ipv6 kernel_linux +udev" +IUSE="debug elibc_glibc +embedded ipv6 kernel_linux +privsep +udev" COMMON_DEPEND="udev? ( virtual/udev )" DEPEND="${COMMON_DEPEND}" -RDEPEND="${COMMON_DEPEND}" +RDEPEND=" + ${COMMON_DEPEND} + privsep? ( + acct-group/dhcpcd + acct-user/dhcpcd + ) +" src_configure() { local myeconfargs=( @@ -37,8 +43,10 @@ src_configure() { $(use_enable debug) $(use_enable embedded) $(use_enable ipv6) + $(use_enable privsep) $(usex elibc_glibc '--with-hook=yp.conf' '') $(usex kernel_linux '--rundir=${EPREFIX}/run' '') + $(usex privsep '--privsepuser=dhcpcd' '') $(usex udev '' '--without-dev --without-udev') CC="$(tc-getCC)" ) @@ -105,6 +113,26 @@ pkg_postinst() { cp "${lease}" "${dbdir}/${new_lease}" done + # dhcpcd-9 introduced privesep support in a chroot + if use privsep ; then + local dhcpcd_libdir="/var/lib/dhcpcd" + local chroot_base="${EROOT}/var/chroot/dhcpcd" + local chroot_dir="${chroot_base}${dhcpcd_libdir}" + local chroot_retval=0 + # Set up proper chroot. + if [[ ! -e "${chroot_dir}" ]] ; then + mkdir -p "${chroot_dir}" || chroot_retval=1 + cp -a "${EROOT}${dhcpcd_libdir}" "${chroot_dir}" || chroot_retval=1 + chown -R dhcpcd:dhcpcd "${chroot_dir}" || chroot_retval=1 + elif [[ ! -d "${chroot_dir}" ]] ; then + ewarn "${chroot_dir} is not a directory!" + ewarn "Did not set up ${PN} chroot!" + fi + if [[ "${chroot_retval}" -ne 0 ]] ; then + ewarn "There were issues setting up ${PN} chroot." + fi + fi + # Warn about removing stale files if [[ -n "${old_files[@]}" ]] ; then elog diff --git a/net-misc/dhcpcd/metadata.xml b/net-misc/dhcpcd/metadata.xml index 783090038eda..48f8ca1c55a8 100644 --- a/net-misc/dhcpcd/metadata.xml +++ b/net-misc/dhcpcd/metadata.xml @@ -16,5 +16,8 @@ <flag name="embedded"> Embed the definitions of dhcp options in the dhcpcd executable </flag> + <flag name="privsep"> + Enable support for privilege separation through chroot + </flag> </use> </pkgmetadata> |