diff options
| -rw-r--r-- | user/apache-httpd/APKBUILD | 5 | ||||
| -rw-r--r-- | user/apache-httpd/conf/httpd.conf | 8 | ||||
| -rw-r--r-- | user/nmap/APKBUILD | 18 | ||||
| -rw-r--r-- | user/nmap/nmap-7.80-fix_addrset.patch | 74 | ||||
| -rw-r--r-- | user/transmission/APKBUILD | 109 | ||||
| -rw-r--r-- | user/transmission/transmission-daemon.confd | 14 | ||||
| -rw-r--r-- | user/transmission/transmission-daemon.initd | 73 | ||||
| -rw-r--r-- | user/transmission/transmission-daemon.post-upgrade | 10 | ||||
| -rw-r--r-- | user/transmission/transmission-daemon.pre-install | 6 | ||||
| -rw-r--r-- | user/transmission/transmission.post-install | 12 |
10 files changed, 322 insertions, 7 deletions
diff --git a/user/apache-httpd/APKBUILD b/user/apache-httpd/APKBUILD index fddd11a12..e0e522f16 100644 --- a/user/apache-httpd/APKBUILD +++ b/user/apache-httpd/APKBUILD @@ -3,7 +3,7 @@ pkgname=apache-httpd _pkgreal=httpd pkgver=2.4.41 -pkgrel=0 +pkgrel=1 pkgdesc="Open-source HTTP server" url="https://httpd.apache.org" arch="all" @@ -70,6 +70,7 @@ build() { --enable-layout=Adelie \ --enable-so \ --with-mpm=event \ + --enable-mpms-shared="event prefork" \ --enable-mods-shared=reallyall \ --enable-ssl \ --disable-lua \ @@ -147,7 +148,7 @@ c8bc2bb06ae51b0956e0ee673e80c444551c9b33dfcbb845106477c46d9e52786a8896022e1f0010 336e81fa0d08f8fbe6243d52bd59b12cf2e925deb49b29d7a22953c5d40a951b6b753f51e5a396752cb0bbaf1cf25b1358902f375fb65639d00e62db7ae55ff2 apache-httpd.confd 5762d53f39ce7ecd730e05ddf6c063ede65cd75b9e7d67217784c80366646491ef9474306e8eb119c8fb5b4358407b07636a4e9cd82325d8df4e3e00dabc3459 apache-httpd.initd 18e8859c7d99c4483792a5fd20127873aad8fa396cafbdb6f2c4253451ffe7a1093a3859ce719375e0769739c93704c88897bd087c63e1ef585e26dcc1f5dd9b apache-httpd.logrotate -cba279f31c12c3516bacf74856493c5a62a94017b3911d457b33e350af646b3e97632b15e396992e5115532c88c81fdd680a951ca0c71eb8a207f39d6c027c41 httpd.conf +d83681930c96fcecd2f7913044cebb7d8d9994fe1cb187a5cf58727935707cc43721d2f487f8adbccbbcf2ec6091d945d94ccb4eda1722c0ea341af3435d5f12 httpd.conf 83d57c57b809340bb07291c340ded5903ae55c0bba7c48e4eb0d27529ce4ecb6e235378ad770c69c8be2762b5346fa5bec94b6c585510719c37fe6addb33f998 alias.conf 7def0982bda42d5fe3a1812128be455fe0a47161f7fd0facd9ff85056f043a19f520bdb1c01b9f3fb25ddd66aa6224fb4b183f107bccd56719e0c7a88ad70bd9 http2.conf 9745ec511331b2ec399bf7895bc935f9c8526fd81d47cb17e42c1f5c010bbbea0b5ef2f2f4b12984dc8c77f410132010c3e73347a49ebe5feb0c1a763fe73a82 host.conf diff --git a/user/apache-httpd/conf/httpd.conf b/user/apache-httpd/conf/httpd.conf index 7fe8adfdf..bada89139 100644 --- a/user/apache-httpd/conf/httpd.conf +++ b/user/apache-httpd/conf/httpd.conf @@ -11,6 +11,14 @@ ServerTokens Prod # What IP/port to listen on. By default, listens to port 80 on all IPs. Listen 80 +# Only ONE of the following modules should be uncommented to select the +# Multi-Processing Module that Apache should use to handle connections. +# Read More: https://httpd.apache.org/docs/2.4/mpm.html +# Adélie Linux enables mpm_event by default, as it performs better +# than mpm_prefork for most use cases. +LoadModule mpm_event_module /usr/libexec/apache2/mod_mpm_event.so +#LoadModule mpm_prefork_module /usr/libexec/apache2/mod_mpm_prefork.so + # The rest of these modules are required for basic operations. LoadModule log_config_module /usr/libexec/apache2/mod_log_config.so LoadModule mime_module /usr/libexec/apache2/mod_mime.so diff --git a/user/nmap/APKBUILD b/user/nmap/APKBUILD index d8bdea9a9..3b256aaa3 100644 --- a/user/nmap/APKBUILD +++ b/user/nmap/APKBUILD @@ -1,14 +1,13 @@ # Maintainer: Dan Theisen <djt@hxx.in> pkgname=nmap -pkgver=7.70 -pkgrel=1 +pkgver=7.80 +pkgrel=0 pkgdesc="A network exploration tool and security/port scanner" url="https://nmap.org/" arch="all" license="GPL-2.0-only" depends="" makedepends="linux-headers openssl-dev libpcap-dev pcre-dev zlib-dev libssh2-dev lua5.3-dev" -options="!checkroot" subpackages=" $pkgname-doc $pkgname-scripts::noarch @@ -17,7 +16,12 @@ subpackages=" $pkgname-ncat $pkgname-ncat-doc:ncat_doc netcat::noarch" -source="https://nmap.org/dist/$pkgname-$pkgver.tar.bz2" +source="https://nmap.org/dist/$pkgname-$pkgver.tar.bz2 + nmap-7.80-fix_addrset.patch" + +# secfixes: +# 7.80-r0: +# - CVE-2018-15173 prepare() { default_prepare @@ -26,6 +30,9 @@ prepare() { build() { # zenmap and ndiff require python 2 + export CFLAGS=-g3 + export CPPFLAGS=-g3 + export CXXFLAGS=-g3 ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -99,4 +106,5 @@ netcat() { ln -s ncat "$subpkgdir"/usr/bin/nc } -sha512sums="084c148b022ff6550e269d976d0077f7932a10e2ef218236fe13aa3a70b4eb6506df03329868fc68cb3ce78e4360b200f5a7a491d3145028fed679ef1c9ecae5 nmap-7.70.tar.bz2" +sha512sums="d4384d3ebf4f3abf3588eed5433f733874ecdceb9342a718dc36db19634b0cc819d73399974eb0a9a9c9dd9e5c88473e07644ec91db28b0c072552b54430be6b nmap-7.80.tar.bz2 +e079c07716bc847b44cb5ba0c1f71fe7d95e786c7a18dad7927ca29e6f2e20fce3674d939335db038e509755945d1db05a1746b508ada3df011fafb890ab9033 nmap-7.80-fix_addrset.patch" diff --git a/user/nmap/nmap-7.80-fix_addrset.patch b/user/nmap/nmap-7.80-fix_addrset.patch new file mode 100644 index 000000000..3fa009c84 --- /dev/null +++ b/user/nmap/nmap-7.80-fix_addrset.patch @@ -0,0 +1,74 @@ +diff --git a/nbase/nbase_addrset.c b/nbase/nbase_addrset.c +index 6f91bc1b2a..849044e4e3 100644 +--- a/nbase/nbase_addrset.c ++++ b/nbase/nbase_addrset.c +@@ -477,30 +477,32 @@ static int sockaddr_to_addr(const struct sockaddr *sa, u32 *addr) + + static int sockaddr_to_mask (const struct sockaddr *sa, int bits, u32 *mask) + { +- s8 i; +- int unmasked_bits = 0; ++ int i, k; + if (bits >= 0) { + if (sa->sa_family == AF_INET) { +- unmasked_bits = 32 - bits; ++ bits += 96; + } + #ifdef HAVE_IPV6 + else if (sa->sa_family == AF_INET6) { +- unmasked_bits = 128 - bits; ++ ; /* do nothing */ + } + #endif + else { + return 0; + } + } ++ else ++ bits = 128; ++ k = bits / 32; + for (i=0; i < 4; i++) { +- if (unmasked_bits <= 32 * (3 - i)) { ++ if (i < k) { + mask[i] = 0xffffffff; + } +- else if (unmasked_bits >= 32 * (4 - i)) { ++ else if (i > k) { + mask[i] = 0; + } + else { +- mask[i] = ~((1 << (unmasked_bits - (32 * (4 - i)))) - 1); ++ mask[i] = 0xfffffffe << (31 - bits % 32); + } + } + return 1; +diff --git a/ncat/test/test-addrset.sh b/ncat/test/test-addrset.sh +index 7f54023c52..285c7b675a 100755 +--- a/ncat/test/test-addrset.sh ++++ b/ncat/test/test-addrset.sh +@@ -208,6 +208,25 @@ test_addrset "1:2::0003/120" "1:2::3 1:2::0 1:2::ff" <<EOF + 1:3::3 + EOF + ++# IPv6 CIDR netmask. ++test_addrset "1:2::3:4:5/95" "1:2::3:4:5 1:2::2:0:0 1:2::3:ffff:ffff" <<EOF ++1:2::3:4:5 ++1:2::1:ffff:ffff ++1:2::2:0:0 ++1:2::3:ffff:ffff ++1:2::4:0:0 ++1:3::3 ++EOF ++ ++# IPv6 CIDR netmask. ++test_addrset "11::2/15" "11::2:3:4:5 10::1 11:ffff:ffff:ffff:ffff:ffff:ffff:ffff" <<EOF ++11::2:3:4:5 ++9:ffff:ffff:ffff:ffff:ffff:ffff:ffff ++10::1 ++11:ffff:ffff:ffff:ffff:ffff:ffff:ffff ++12::0 ++EOF ++ + # /128 netmask. + test_addrset "1:2::0003/128" "1:2::3" <<EOF + 1:2::3 diff --git a/user/transmission/APKBUILD b/user/transmission/APKBUILD new file mode 100644 index 000000000..d7eb95544 --- /dev/null +++ b/user/transmission/APKBUILD @@ -0,0 +1,109 @@ +# Contributor: Carlo Landmeter <clandmeter@gmail.com> +# Maintainer: Dan Theisen <djt@hxx.in> +pkgname=transmission +pkgver=2.94 +pkgrel=0 +pkgdesc="Lightweight GTK BitTorrent client" +url="https://transmissionbt.com/" +arch="all" +license="GPL-2.0+ AND MIT" +depends="" +makedepends="bsd-compat-headers curl-dev dbus-glib-dev gtk+3.0-dev intltool + libevent-dev libnotify-dev openssl-dev qt5-qtbase-dev" +install="transmission.post-install transmission-daemon.pre-install transmission-daemon.post-upgrade" +pkgusers="transmission" +pkggroups="transmission" +source="https://github.com/transmission/$pkgname-releases/raw/master/$pkgname-$pkgver.tar.xz + transmission-daemon.initd + transmission-daemon.confd + " +subpackages="$pkgname-qt $pkgname-gtk $pkgname-cli $pkgname-daemon $pkgname-doc $pkgname-lang" + +build() { + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --infodir=/usr/share/info \ + --localstatedir=/var \ + --enable-utp \ + --with-inotify \ + --enable-cli + make + + # build for Qt + cd qt + qmake qtr.pro + make + +} + +check() { + msg "Checking for Transmission Core and GTK" + make check + + # check for Qt - this historically has no tests + msg "Checking for Transmission Qt" + cd qt + make check +} + +package() { + make DESTDIR="$pkgdir" install + + # install for Qt + cd "$builddir"/qt + make INSTALL_ROOT="$pkgdir/usr" install +} + +qt() { + pkgdesc="Lightweight BitTorrent client (Qt GUI interface)" + depends="$pkgname=$pkgver-r$pkgrel" + + mkdir -p "$subpkgdir"/usr/bin + mv "$pkgdir"/usr/bin/transmission-qt "$subpkgdir"/usr/bin +} + +gtk() { + pkgdesc="Lightweight BitTorrent client (Qt GUI interface)" + depends="$pkgname=$pkgver-r$pkgrel" + + mkdir -p "$subpkgdir"/usr/bin + mv "$pkgdir"/usr/bin/transmission-gtk "$subpkgdir"/usr/bin +} + +daemon() { + pkgdesc="Lightweight BitTorrent client (daemon and Web interface)" + + install -d "$subpkgdir"/usr/share \ + "$subpkgdir"/usr/bin + install -d -o transmission -g transmission \ + "$subpkgdir"/var/lib/transmission \ + "$subpkgdir"/var/log/transmission + mv "$pkgdir"/usr/bin/transmission-daemon \ + "$subpkgdir"/usr/bin/ + mv "$pkgdir"/usr/share/transmission \ + "$subpkgdir"/usr/share/ + install -D -m755 "$srcdir"/transmission-daemon.initd \ + "$subpkgdir"/etc/init.d/transmission-daemon + install -D -m644 "$srcdir"/transmission-daemon.confd \ + "$subpkgdir"/etc/conf.d/transmission-daemon +} + +cli() { + pkgdesc="Lightweight BitTorrent client (CLI and remote)" + + install -d "$subpkgdir"/usr/bin + mv "$pkgdir"/usr/bin/transmission-cli \ + "$pkgdir"/usr/bin/transmission-create \ + "$pkgdir"/usr/bin/transmission-edit \ + "$pkgdir"/usr/bin/transmission-show \ + "$pkgdir"/usr/bin/transmission-remote \ + "$subpkgdir"/usr/bin/ +} + +sha512sums="ee411743940f2897aa0bbc351ce79f11d860075d2e9e399d60301eae8cfc453e20426ef553fc62ee43019a07c052d512f5d7972cc4411fb57b1312c2c1558da7 transmission-2.94.tar.xz +d31275fba7eb322510f9667e66a186d626889a6e3143be2923aae87b9c35c5cf0c508639f1cb8c1b88b1e465bc082d80bb1101385ebde736a34d4eeeae0f6e15 transmission-daemon.initd +a3b9ac2b7bbe30e33060c8b6a693dc7072d3c6ac44f92ddd567969d8f57a0bfc1a561e781ae167703ccb4b2fd5b0e6d8f8a66c5ba14fe01d8d89a501d4501474 transmission-daemon.confd" diff --git a/user/transmission/transmission-daemon.confd b/user/transmission/transmission-daemon.confd new file mode 100644 index 000000000..fcf37c791 --- /dev/null +++ b/user/transmission/transmission-daemon.confd @@ -0,0 +1,14 @@ +# This is the transmission-daemon configuration file. For other options and +# better explanation, take a look at transmission-daemon manual page Note: it's +# better to configure some settings (like username/password) in +# /var/transmission/config/settings.json to avoid other users see it with `ps` + +TRANSMISSION_OPTIONS="--encryption-preferred" + +# Run daemon as another user (username or username:groupname) +# If you change this setting, chown -R /var/transmission/config <and download directory, check web settings> +#runas_user=transmission + +# Location of logfile (should be writeable for runas_user user) +# Set logfile=syslog to use syslog for logging +#logfile=/var/log/transmission/transmission.log diff --git a/user/transmission/transmission-daemon.initd b/user/transmission/transmission-daemon.initd new file mode 100644 index 000000000..0c9e36644 --- /dev/null +++ b/user/transmission/transmission-daemon.initd @@ -0,0 +1,73 @@ +#!/sbin/openrc-run +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-p2p/transmission/files/transmission-daemon.initd.8,v 1.2 2011/12/04 10:35:07 swegener Exp $ + +extra_started_commands="reload" +description="Transmission is a fast, easy and free bittorrent client" +description_start="Start transmission-daemon server and web interface" +description_stop="Stop transmission-daemon server and web interface" +description_reload="Reload transmission-daemon settings" + +rundir=${rundir:-/var/run/transmission} +pidfile=${pidfile:-${rundir}/transmission.pid} +config_dir=${config_dir:-/var/lib/transmission/config} +download_dir=${download_dir:-/var/lib/transmission/downloads} +logfile=${logfile:-/var/log/transmission/transmission.log} +runas_user=${runas_user:-transmission:transmission} + +SSD_OPTIONS="" + +# compatibility for upgraders +TRANSMISSION_OPTIONS=${TRANSMISSION_OPTIONS:-$TD_OPTS} + +depend() { + need net + after firewall +} + +check_config() { + if [ ! -d "${rundir}" ]; then + mkdir "${rundir}" + if [ -n "${runas_user}" ]; then + chown -R ${runas_user} "${rundir}" + fi + fi + + # In case no config directory option passed use default + if ! $(echo ${TRANSMISSION_OPTIONS} | grep -q -e '\B-g' -e '\B--config-dir'); then + TRANSMISSION_OPTIONS="${TRANSMISSION_OPTIONS} --config-dir ${config_dir}" + # put download dir location on first run (and take it from config later) + if [ ! -f ${config_dir}/settings.json ]; then + TRANSMISSION_OPTIONS="${TRANSMISSION_OPTIONS} --download-dir ${download_dir}" + fi + fi + + if [ -n "${runas_user}" ]; then + SSD_OPTIONS="${SSD_OPTIONS} --user ${runas_user}" + fi +} + +start() { + check_config + + ebegin "Starting transmission daemon" + start-stop-daemon --start --quiet --pidfile ${pidfile} ${SSD_OPTIONS} \ + --exec /usr/bin/transmission-daemon -- --pid-file ${pidfile} \ + $(test ${logfile} != "syslog" && echo --logfile ${logfile}) \ + ${TRANSMISSION_OPTIONS} + eend $? +} + +stop() { + ebegin "Stopping transmission daemon" + start-stop-daemon --stop --quiet --retry TERM/45/QUIT/15 --pidfile ${pidfile} + eend $? +} + +reload() { + ebegin "Reloading transmission configuration" + start-stop-daemon --signal HUP --pidfile ${pidfile} + eend $? +} + diff --git a/user/transmission/transmission-daemon.post-upgrade b/user/transmission/transmission-daemon.post-upgrade new file mode 100644 index 000000000..e0aaa8e02 --- /dev/null +++ b/user/transmission/transmission-daemon.post-upgrade @@ -0,0 +1,10 @@ +#!/bin/sh + +dir=/var/lib/transmission + +# rename config and create compat symlink +if [ -e "$dir"/.config ] && ! [ -e "$dir"/config ]; then + mv "$dir"/.config "$dir"/config + ln -s config "$dir"/.config +fi + diff --git a/user/transmission/transmission-daemon.pre-install b/user/transmission/transmission-daemon.pre-install new file mode 100644 index 000000000..2e26d48d7 --- /dev/null +++ b/user/transmission/transmission-daemon.pre-install @@ -0,0 +1,6 @@ +#!/bin/sh + +addgroup -S transmission 2>/dev/null +adduser -S -D -h /var/lib/transmission -s /sbin/nologin -G transmission -g transmission transmission 2>/dev/null + +exit 0 diff --git a/user/transmission/transmission.post-install b/user/transmission/transmission.post-install new file mode 100644 index 000000000..6002c7430 --- /dev/null +++ b/user/transmission/transmission.post-install @@ -0,0 +1,12 @@ +#!/bin/sh + +pkgname=transmission + +if ! apk list $pkgname-qt $pkgname-gtk $pkgname-daemon | grep "[installed]"; then + echo "############################################################################" + echo "# WARNING: It doesn't look like you installed a GUI or Daemon! #" + echo "# transmission is just a shared package with assets. To install a GUI, you #" + echo "# can install either transmission-qt or transmission-gtk. To install the #" + echo "# daemon please install transmission-daemon. #" + echo "############################################################################" +fi |