From 5c620e978b63c54067156fbce424034923f1358c Mon Sep 17 00:00:00 2001
From: Max Rees <maxcrees@me.com>
Date: Sat, 15 Sep 2018 23:01:33 -0400
Subject: user/fuse3: new package

---
 user/fuse3/APKBUILD           | 77 +++++++++++++++++++++++++++++++++++++++++++
 user/fuse3/fix-realpath.patch | 28 ++++++++++++++++
 user/fuse3/fuse.initd         | 35 ++++++++++++++++++++
 3 files changed, 140 insertions(+)
 create mode 100644 user/fuse3/APKBUILD
 create mode 100644 user/fuse3/fix-realpath.patch
 create mode 100644 user/fuse3/fuse.initd

(limited to 'user')

diff --git a/user/fuse3/APKBUILD b/user/fuse3/APKBUILD
new file mode 100644
index 000000000..dd03d34e2
--- /dev/null
+++ b/user/fuse3/APKBUILD
@@ -0,0 +1,77 @@
+# Contributor: Natanael Copa <ncopa@alpinelinux.org>
+# Maintainer: Max Rees <maxcrees@me.com>
+pkgname=fuse3
+_pkgname=fuse
+pkgver=3.2.6
+pkgrel=0
+pkgdesc="The reference implementation of the Linux FUSE (Filesystem in Userspace) interface"
+url="https://github.com/libfuse/libfuse"
+arch="all"
+options="suid !check"  # Requires fuse kernel module to be loaded
+license="GPL-2.0-only AND LGPL-2.1-only AND BSD-2-Clause"
+depends="fuse-common"
+makedepends="linux-headers meson eudev-dev python3 py3-six py3-pluggy
+	py3-attrs py3-py"
+#checkdepends="py3-pytest debianutils-which"
+subpackages="$pkgname-dev $pkgname-doc
+	$_pkgname-common:common:noarch $_pkgname-openrc:openrc:noarch"
+source="https://github.com/libfuse/libfuse/releases/download/fuse-$pkgver/fuse-$pkgver.tar.xz
+	fix-realpath.patch
+	fuse.initd"
+builddir="$srcdir/$_pkgname-$pkgver"
+
+# secfixes:
+#   3.2.5-r0:
+#     - CVE-2018-10906
+
+build() {
+	cd "$builddir"
+	meson \
+		--prefix=/usr \
+		--sysconfdir=/etc \
+		--mandir=/usr/share/man \
+		--localstatedir=/var \
+		--buildtype=release \
+		. output
+	ninja -C output
+}
+
+check() {
+	cd "$builddir"/output
+	python3 -m pytest test/
+}
+
+package() {
+	cd "$builddir"
+	DESTDIR="$pkgdir" ninja -C output install
+	rm -r "$pkgdir"/dev "$pkgdir"/etc/init.d
+
+	install -Dm755 "$srcdir"/fuse.initd "$pkgdir"/etc/init.d/fuse
+	install -d "$pkgdir"/etc
+	cat >"$pkgdir"/etc/fuse.conf << EOF
+# Set the maximum number of FUSE mounts allowed to non-root users.
+# The default is 1000.
+#
+#mount_max = 1000
+
+# Allow non-root users to specify the 'allow_other' or 'allow_root'
+# mount options.
+#
+#user_allow_other
+EOF
+}
+
+common() {
+	pkgdesc="Common files for fuse2 and fuse3"
+	mkdir -p "$subpkgdir"/etc
+	mv "$pkgdir"/etc/fuse.conf "$subpkgdir"/etc
+}
+
+openrc() {
+	default_openrc
+	install_if="openrc fuse-common=$pkgver-r$pkgrel"
+}
+
+sha512sums="3a1ef77ab4c79a24aad0b259e17f568a30a5faf53ac17eb25d05f30dc7423f0081583f5b3c284ca9196a01885843e97c323a84231272b7e2b55c8e73848a61b8  fuse-3.2.6.tar.xz
+1a9e1d1e8a7b0778ffde328e4322c73b5d57ec98d52767c846d755cce861ab27989823a75b6c5f994432ddb77fa351dfa4a8f948c9467c5f7d5f471e4608358b  fix-realpath.patch
+7f6a503ef23cfa8b809c544375c2d83ad56525269b48ad1a7dff0ce36f4bf2f2a3fafed9dc70a71ff6281b261db5f01829e16c06f041921a5d8c8d715a04a8c1  fuse.initd"
diff --git a/user/fuse3/fix-realpath.patch b/user/fuse3/fix-realpath.patch
new file mode 100644
index 000000000..375bedc96
--- /dev/null
+++ b/user/fuse3/fix-realpath.patch
@@ -0,0 +1,28 @@
+--- fuse-3.1.0.orig/util/fusermount.c
++++ fuse-3.1.0/util/fusermount.c
+@@ -1200,19 +1200,16 @@
+ 
+ 	origmnt = argv[optind];
+ 
+-	drop_privs();
+ 	mnt = fuse_mnt_resolve_path(progname, origmnt);
+-	if (mnt != NULL) {
+-		res = chdir("/");
+-		if (res == -1) {
+-			fprintf(stderr, "%s: failed to chdir to '/'\n", progname);
+-			goto err_out;
+-		}
+-	}
+-	restore_privs();
+ 	if (mnt == NULL)
+ 		exit(1);
+ 
++	res = chdir("/");
++	if (res == -1) {
++		fprintf(stderr, "%s: failed to chdir to '/'\n", progname);
++		exit(1);
++	}
++
+ 	umask(033);
+ 	if (unmount)
+ 		goto do_unmount;
diff --git a/user/fuse3/fuse.initd b/user/fuse3/fuse.initd
new file mode 100644
index 000000000..6c99929c2
--- /dev/null
+++ b/user/fuse3/fuse.initd
@@ -0,0 +1,35 @@
+#!/sbin/openrc-run
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+MOUNTPOINT=/sys/fs/fuse/connections
+
+depend() {
+	need localmount
+}
+
+start() {
+
+	ebegin "Starting fuse"
+	if ! grep -qw fuse /proc/filesystems; then
+		modprobe fuse >/dev/null 2>&1 || eerror $? "Error loading fuse module"
+	fi
+	if grep -qw fusectl /proc/filesystems && \
+	   ! grep -qw $MOUNTPOINT /proc/mounts; then
+		mount -t fusectl none $MOUNTPOINT >/dev/null 2>&1 || \
+			eerror $? "Error mounting control filesystem"
+	fi
+	eend ${?}
+	
+}
+
+stop() {
+
+	ebegin "Stopping fuse"
+	if grep -qw $MOUNTPOINT /proc/mounts; then
+		umount $MOUNTPOINT >/dev/null 2>&1 || \
+			eerror $? "Error unmounting control filesystem"
+	fi
+	eend ${?}
+	
+}
-- 
cgit v1.2.3-60-g2f50