diff --git a/.gitignore b/.gitignore index e4eb807..cc8f29e 100644 --- a/.gitignore +++ b/.gitignore @@ -10,6 +10,3 @@ ypserv-2.23.tar.bz2 /ypserv-2.32.1.tar.bz2 /ypserv-ypserv-4.0.tar.gz /ypserv-5bfba76.tar.gz -/ypserv-326857e.tar.gz -/v4.1.tar.gz -/v4.2.tar.gz diff --git a/sources b/sources index 25f6116..d03d59e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v4.2.tar.gz) = dd25170de44294d6556db1f757468d4db4484965230cad11295137c6546443a2e4e0303ac417783d0308b2af0d40201955bf3db675c43db33ad87f6f9bc90246 +SHA512 (ypserv-5bfba76.tar.gz) = 5d1db94d6c607fb2fead26fd887b3d3fd064c772a677b543454264e1f34b7c54b9fd9c60b369ed2b2c5598649aff8f2d4555cc0e3f6ea81222943575ee694430 diff --git a/ypserv-2.21-path.patch b/ypserv-2.21-path.patch new file mode 100644 index 0000000..e0e65c0 --- /dev/null +++ b/ypserv-2.21-path.patch @@ -0,0 +1,12 @@ +diff -up ypserv-2.26/scripts/Makefile.am.path ypserv-2.26/scripts/Makefile.am +--- ypserv-2.26/scripts/Makefile.am.path 2012-01-12 15:46:16.868219281 +0100 ++++ ypserv-2.26/scripts/Makefile.am 2012-01-12 15:46:34.786218054 +0100 +@@ -8,7 +8,7 @@ CLEANFILES = *~ ${SCRIPTS} + + EXTRA_DIST = ${MANS} ${XMLS} + +-varypdir = /var/yp ++varypdir = $(prefix)/../var/yp + + man_MANS = pwupdate.8 ypinit.8 + XMLS = pwupdate.8.xml ypinit.8.xml diff --git a/ypserv-2.24-manfix.patch b/ypserv-2.24-manfix.patch new file mode 100644 index 0000000..4cf2454 --- /dev/null +++ b/ypserv-2.24-manfix.patch @@ -0,0 +1,64 @@ +diff -up ypserv-2.32/rpc.ypxfrd/rpc.ypxfrd.8.manfix ypserv-2.32/rpc.ypxfrd/rpc.ypxfrd.8 +--- ypserv-2.32/rpc.ypxfrd/rpc.ypxfrd.8.manfix 2013-04-10 10:30:53.000000000 +0200 ++++ ypserv-2.32/rpc.ypxfrd/rpc.ypxfrd.8 2013-11-18 09:47:11.982160697 +0100 +@@ -47,6 +47,16 @@ could be started by inetd\. But since it + \fBypserv\fR + from + \fB/etc/init\.d/ypxfrd\fR\. ++ ++It is possible to pass ++\fBOPTIONS\fR ++to ++\fBrpc.ypxfrd\fR ++using the environment variable ++YPXFRD_ARGS ++and this variable can be set in ++\fB/etc/sysconfig/network\&.\fR ++ + .SH "OPTIONS" + .PP + \fB\-\-debug\fR +@@ -114,6 +124,12 @@ Configuration file for options and acces + .RS 4 + Configuration file for access rights + .RE ++.PP ++\fI/etc/sysconfig/network\fR ++.RS 4 ++Setting additional arguments to ++\fBrpc\.ypxfrd\fR\&. ++.RE + .SH "SEE ALSO" + .PP + +diff -up ypserv-2.32/ypserv/ypserv.8.manfix ypserv-2.32/ypserv/ypserv.8 +--- ypserv-2.32/ypserv/ypserv.8.manfix 2013-11-06 13:56:25.000000000 +0100 ++++ ypserv-2.32/ypserv/ypserv.8 2013-11-18 09:47:11.983160700 +0100 +@@ -65,6 +65,14 @@ may or may not be running on the same no + \fBypserv\fR + parses the file + /etc/ypserv\&.conf\&. ++It is also possible to pass ++\fBOPTIONS\fR ++to ++\fBypserv\fR ++using the environment variable ++YPSERV_ARGS ++and this variable can be set in ++\fB/etc/sysconfig/network\&.\fR + .SH "OPTIONS" + .PP + \fB\-d\fR, \fB\-\-debug \fR[\fIpath\fR] +@@ -151,6 +159,12 @@ configuration file\&. + which hosts are allowed to contact + \fBypserv\fR\&. + .RE ++.PP ++/etc/sysconfig/network ++.RS 4 ++setting additional arguments to ++\fBypserv\fR\&. ++.RE + .SH "SEE ALSO" + .PP + \fBdomainname\fR(1), diff --git a/ypserv-2.29-relro.patch b/ypserv-2.29-relro.patch new file mode 100644 index 0000000..390d497 --- /dev/null +++ b/ypserv-2.29-relro.patch @@ -0,0 +1,48 @@ +diff -up ./rpc.yppasswdd/Makefile.am.relro ./rpc.yppasswdd/Makefile.am +--- ./rpc.yppasswdd/Makefile.am.relro 2013-04-11 11:25:34.000000000 +0200 ++++ ./rpc.yppasswdd/Makefile.am 2013-05-06 18:48:10.888711995 +0200 +@@ -24,6 +24,8 @@ sbin_PROGRAMS = rpc.yppasswdd + + rpc_yppasswdd_SOURCES = update.c yppasswd_xdr.c yppasswdd.c + ++rpc_yppasswdd_LDFLAGS = -Wl,-z,relro,-z,now ++ + rpc_yppasswdd_LDADD = @PIE_LDFLAGS@ $(top_builddir)/lib/libyp.a $(LIBDBM) $(LIBCRYPT) $(LIBSYSTEMD_DAEMON) + rpc_yppasswdd_CFLAGS = @PIE_CFLAGS@ + +diff -up ./rpc.ypxfrd/Makefile.am.relro ./rpc.ypxfrd/Makefile.am +--- ./rpc.ypxfrd/Makefile.am.relro 2013-04-09 16:38:20.000000000 +0200 ++++ ./rpc.ypxfrd/Makefile.am 2013-05-06 18:46:36.455683217 +0200 +@@ -22,6 +22,8 @@ sbin_PROGRAMS = rpc.ypxfrd + + rpc_ypxfrd_SOURCES = ypxfrd.c ypxfrd_server.c ypxfrd_svc.c + ++rpc_ypxfrd_LDFLAGS = -Wl,-z,relro,-z,now ++ + rpc_ypxfrd_LDADD = @PIE_LDFLAGS@ $(top_builddir)/lib/libyp.a @LIBDBM@ $(LIBSYSTEMD_DAEMON) + rpc_ypxfrd_CFLAGS = @PIE_CFLAGS@ + +diff -up ./yppush/Makefile.am.relro ./yppush/Makefile.am +--- ./yppush/Makefile.am.relro 2009-04-02 14:15:35.000000000 +0200 ++++ ./yppush/Makefile.am 2013-05-06 18:46:36.456683217 +0200 +@@ -21,6 +21,8 @@ sbin_PROGRAMS = yppush + + yppush_SOURCES = yppush.c + ++yppush_LDFLAGS = -Wl,-z,relro,-z,now ++ + yppush_LDADD = @PIE_LDFLAGS@ @LIBDBM@ $(top_builddir)/lib/libyp.a + yppush_CFLAGS = @PIE_CFLAGS@ + +diff -up ./ypserv/Makefile.am.relro ./ypserv/Makefile.am +--- ./ypserv/Makefile.am.relro 2013-04-09 16:38:20.000000000 +0200 ++++ ./ypserv/Makefile.am 2013-05-06 18:46:36.457683217 +0200 +@@ -22,6 +22,8 @@ sbin_PROGRAMS = ypserv + + ypserv_SOURCES = ypserv.c server.c ypserv_xdr.c reg_slp.c + ++ypserv_LDFLAGS = -Wl,-z,relro,-z,now ++ + ypserv_LDADD = @PIE_LDFLAGS@ $(top_builddir)/lib/libyp.a @LIBDBM@ @LIBSLP@ $(LIBSYSTEMD_DAEMON) + ypserv_CFLAGS = @PIE_CFLAGS@ + diff --git a/ypserv-4.0-headers.patch b/ypserv-4.0-headers.patch index 499af39..320558d 100644 --- a/ypserv-4.0-headers.patch +++ b/ypserv-4.0-headers.patch @@ -1,5 +1,5 @@ ---- ypserv-4.2/makedbm/makedbm.c.headers 2017-02-21 13:57:23.933293831 +0100 -+++ ypserv-4.2/makedbm/makedbm.c 2017-02-21 13:57:48.141286207 +0100 +--- makedbm/makedbm.c.headers 2017-02-21 13:57:23.933293831 +0100 ++++ makedbm/makedbm.c 2017-02-21 13:57:48.141286207 +0100 @@ -30,6 +30,7 @@ #include #include diff --git a/ypserv-4.0-manfix.patch b/ypserv-4.0-manfix.patch deleted file mode 100644 index 0c60ab5..0000000 --- a/ypserv-4.0-manfix.patch +++ /dev/null @@ -1,65 +0,0 @@ -diff -up ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.ypxfrd/rpc.ypxfrd.8.xml.manfix ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.ypxfrd/rpc.ypxfrd.8.xml ---- ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.ypxfrd/rpc.ypxfrd.8.xml.manfix 2018-06-11 14:52:20.441724121 +0200 -+++ ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.ypxfrd/rpc.ypxfrd.8.xml 2018-06-11 15:07:10.266529912 +0200 -@@ -58,6 +58,12 @@ - since it starts very slowly, it should be started after - ypserv from /etc/init.d/ypxfrd. - -+ -+ It is possible to pass OPTIONS to -+ rpc.ypxfrd using the environment variable -+ YPXFRD_ARGS and this variable can be set in -+ /etc/sysconfig/network. -+ - - - -@@ -155,6 +161,14 @@ - Configuration file for access rights - - -+ -+ /etc/sysconfig/network -+ -+ -+ Setting additional arguments to rpc.ypxfrd -+ -+ -+ - - - -diff -up ypserv-5bfba760283060087aefeb417342bcc66d349b2e/ypserv/ypserv.8.xml.manfix ypserv-5bfba760283060087aefeb417342bcc66d349b2e/ypserv/ypserv.8.xml ---- ypserv-5bfba760283060087aefeb417342bcc66d349b2e/ypserv/ypserv.8.xml.manfix 2018-06-11 15:08:05.639332959 +0200 -+++ ypserv-5bfba760283060087aefeb417342bcc66d349b2e/ypserv/ypserv.8.xml 2018-06-11 15:12:38.261286488 +0200 -@@ -61,7 +61,16 @@ but must be running somewhere - on the network. On startup - ypserv - parses the file --/etc/ypserv.conf. -+/etc/ypserv.conf. -+It is also possible to pass -+OPTIONS -+to -+ypserv -+using the environment variable -+YPSERV_ARGS -+and this variable can be set in -+/etc/sysconfig/network. -+ - - - -@@ -184,6 +193,12 @@ for a map. - which hosts are allowed to contact ypserv. - - -+ -+ /etc/sysconfig/network -+ -+setting additional arguments to ypserv. -+ -+ - - - diff --git a/ypserv-4.0-selinux-context.patch b/ypserv-4.0-selinux-context.patch deleted file mode 100644 index 2591d4e..0000000 --- a/ypserv-4.0-selinux-context.patch +++ /dev/null @@ -1,144 +0,0 @@ -diff -up ypserv-5bfba760283060087aefeb417342bcc66d349b2e/configure.ac.selinux-context ypserv-5bfba760283060087aefeb417342bcc66d349b2e/configure.ac ---- ypserv-5bfba760283060087aefeb417342bcc66d349b2e/configure.ac.selinux-context 2018-06-13 15:08:56.011432773 +0200 -+++ ypserv-5bfba760283060087aefeb417342bcc66d349b2e/configure.ac 2018-06-13 15:08:56.017432861 +0200 -@@ -240,6 +240,26 @@ then - exit - fi - -+AC_ARG_WITH(selinux, -+ [AC_HELP_STRING([--with-selinux@<:@=yes|no@:>@],[Enables SELinux support [no]])], -+ -+ [ if test "$withval" = "yes"; then -+ AC_CHECK_HEADERS([selinux/selinux.h], [], -+ [AC_MSG_ERROR([Missing SELinux header files])]) -+ AC_CHECK_LIB(selinux, setfilecon_raw, [], -+ [AC_MSG_ERROR([Missing or incorrect SELinux library])]) -+ AC_CHECK_LIB(selinux, getfilecon_raw, [], -+ [AC_MSG_ERROR([Missing or incorrect SELinux library])]) -+ AC_CHECK_LIB(selinux, freecon, [], -+ [AC_MSG_ERROR([Missing or incorrect SELinux library])]) -+ fi -+ ],[]) -+ -+AC_SUBST(with_selinux) -+if test "$with_selinux" = "yes"; then -+ AC_DEFINE(WITH_SELINUX, 1, [Define to 1 if SELinux support is enabled]) -+fi -+ - AC_CHECK_LIB(crypt,crypt,LIBCRYPT="-lcrypt",LIBCRYPT="") - AC_CHECK_HEADERS(crypt.h) - AC_SUBST(LIBCRYPT) -diff -up ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.yppasswdd/Makefile.am.selinux-context ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.yppasswdd/Makefile.am ---- ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.yppasswdd/Makefile.am.selinux-context 2016-11-22 16:40:13.000000000 +0100 -+++ ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.yppasswdd/Makefile.am 2018-06-13 15:08:56.017432861 +0200 -@@ -24,7 +24,7 @@ sbin_PROGRAMS = rpc.yppasswdd - - rpc_yppasswdd_SOURCES = update.c yppasswd_xdr.c yppasswdd.c - --rpc_yppasswdd_LDADD = @PIE_LDFLAGS@ $(top_builddir)/lib/libyp.a $(LIBDBM) $(LIBCRYPT) @SYSTEMD_LIBS@ @NSL_LIBS@ @TIRPC_LIBS@ -+rpc_yppasswdd_LDADD = @PIE_LDFLAGS@ $(top_builddir)/lib/libyp.a $(LIBDBM) $(LIBCRYPT) @SYSTEMD_LIBS@ @NSL_LIBS@ @TIRPC_LIBS@ $(LIBSELINUX) - rpc_yppasswdd_CFLAGS = @PIE_CFLAGS@ @SYSTEMD_CFLAGS@ @NSL_CFLAGS@ @TIRPC_CFLAGS@ - - if ENABLE_REGENERATE_MAN -diff -up ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.yppasswdd/update.c.selinux-context ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.yppasswdd/update.c ---- ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.yppasswdd/update.c.selinux-context 2016-11-22 16:40:13.000000000 +0100 -+++ ypserv-5bfba760283060087aefeb417342bcc66d349b2e/rpc.yppasswdd/update.c 2018-07-20 12:01:14.874866767 +0200 -@@ -41,6 +41,10 @@ - #include "yppwd_local.h" - #include "log_msg.h" - -+#ifdef WITH_SELINUX -+#include -+#endif /* WITH_SELINUX */ -+ - #ifndef CHECKROOT - /* Set to 0 if you don't want to check against the root password - of the NIS master server. */ -@@ -460,6 +464,9 @@ update_files (yppasswd *yppw, int *shado - FILE *oldpf = NULL, *newpf = NULL, *oldsf = NULL, *newsf = NULL; - struct stat passwd_stat, shadow_stat; - char *rootpass = "x"; -+#ifdef WITH_SELINUX -+ char *pSelCon = NULL; -+#endif /* WITH_SELINUX */ - - #if CHECKROOT - if ((pw = getpwnam ("root")) != NULL) -@@ -520,6 +527,39 @@ update_files (yppasswd *yppw, int *shado - return 1; - } - -+#ifdef WITH_SELINUX -+ if (is_selinux_enabled() == 1) -+ { -+ /* Get selinux context of the original file */ -+ if (getfilecon_raw(path_passwd, &pSelCon) < 0) -+ { -+ log_msg ("update %.12s (uid=%d) failed", -+ yppw->newpw.pw_name, yppw->newpw.pw_uid); -+ log_msg ("Can't get selinux context %s: %m", path_passwd); -+ freecon(pSelCon); -+ fclose (oldpf); -+ fclose (newpf); -+ unlink (path_passwd_tmp); -+ return 1; -+ } -+ -+ /* Set selinux context for tmp file */ -+ if (setfilecon_raw(path_passwd_tmp, pSelCon)) -+ { -+ log_msg ("update %.12s (uid=%d) failed", -+ yppw->newpw.pw_name, yppw->newpw.pw_uid); -+ log_msg ("Can't set selinux context %s: %m", path_passwd_tmp); -+ freecon(pSelCon); -+ fclose (oldpf); -+ fclose (newpf); -+ unlink (path_passwd_tmp); -+ return 1; -+ } -+ freecon(pSelCon); -+ pSelCon=NULL; -+ } -+# endif /* WITH_SELINUX */ -+ - /* Open the shadow file for reading. */ - if ((oldsf = fopen (path_shadow, "r")) != NULL) - { -@@ -558,6 +598,37 @@ update_files (yppasswd *yppw, int *shado - fclose (oldpf); - return 1; - } -+#ifdef WITH_SELINUX -+ if (is_selinux_enabled() == 1) -+ { -+ if (getfilecon_raw(path_shadow, &pSelCon) < 0) -+ { -+ log_msg ("update %.12s (uid=%d) failed", -+ yppw->newpw.pw_name, yppw->newpw.pw_uid); -+ log_msg ("Can't get selinux context %s: %m", path_shadow); -+ freecon(pSelCon); -+ fclose (newsf); -+ fclose (oldsf); -+ fclose (newpf); -+ fclose (oldpf); -+ return 1; -+ } -+ if (setfilecon_raw(path_shadow_tmp, pSelCon)) -+ { -+ log_msg ("update %.12s (uid=%d) failed", -+ yppw->newpw.pw_name, yppw->newpw.pw_uid); -+ log_msg ("Can't set selinux context %s: %m", path_shadow_tmp); -+ freecon(pSelCon); -+ fclose (newsf); -+ fclose (oldsf); -+ fclose (newpf); -+ fclose (oldpf); -+ return 1; -+ } -+ freecon(pSelCon); -+ pSelCon=NULL; -+ } -+#endif /* WITH_SELINUX */ - } - - /* Loop over all passwd entries */ diff --git a/ypserv-4.2-implicit-int.patch b/ypserv-4.2-implicit-int.patch deleted file mode 100644 index 42c9a10..0000000 --- a/ypserv-4.2-implicit-int.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ruN ypserv-4.2/configure.ac ypserv-4.2.orig/configure.ac ---- ypserv-4.2/configure.ac 2022-12-01 13:22:38.493164313 +0100 -+++ ypserv-4.2.orig/configure.ac 2022-12-01 13:13:06.411943797 +0100 -@@ -99,7 +99,7 @@ - AC_CACHE_CHECK(for -fpie, libc_cv_fpie, [dnl - cat > conftest.c < -Date: Tue, 1 Oct 2024 14:40:26 +0200 -Subject: [PATCH] Fix use of uninitialized variable as an value for sock opt - -Since it is possible to listen to IPv4 via IPv6 socket by default, we -have to disable this feature due to 'Disallow v4-in-v6 to allow -host-based access checks'. This also allows us to use the same port for -IPv4 and IPv6 socket. - -Disabling this feature is done via `setsockopt()` function where we pass -flag that we want to set - `IPV6_V6ONLY` and value. For value, we should -pass pointer to value and size of the value. We were passing pointer to -uninitialized integer as a value. This resulted in undefined behavior. - -Most likely, this undefined behavior resulted in the flag being set to -false. This also resulted in IPv4 and IPv6 not being able to share -the same port. This caused use of two neighboring ports instead of one. -When user then tried to set port in config file and then use port one -above it was not possible as it was already used. ---- - rpc.yppasswdd/yppasswdd.c | 2 +- - rpc.ypxfrd/ypxfrd.c | 2 +- - yppush/yppush.c | 3 ++- - ypserv/ypserv.c | 2 +- - 4 files changed, 5 insertions(+), 4 deletions(-) - -diff --git a/rpc.yppasswdd/yppasswdd.c b/rpc.yppasswdd/yppasswdd.c -index f9609eb..d7f6050 100644 ---- a/rpc.yppasswdd/yppasswdd.c -+++ b/rpc.yppasswdd/yppasswdd.c -@@ -476,7 +476,7 @@ main (int argc, char **argv) - { - /* Disallow v4-in-v6 to allow host-based access checks */ - -- int i; -+ int i = 1; - - if (setsockopt (sock, IPPROTO_IPV6, IPV6_V6ONLY, - &i, sizeof(i)) == -1) -diff --git a/rpc.ypxfrd/ypxfrd.c b/rpc.ypxfrd/ypxfrd.c -index f605c84..469e0e5 100644 ---- a/rpc.ypxfrd/ypxfrd.c -+++ b/rpc.ypxfrd/ypxfrd.c -@@ -385,7 +385,7 @@ main (int argc, char **argv) - { - /* Disallow v4-in-v6 to allow host-based access checks */ - -- int i; -+ int i = 1; - - if (setsockopt (sock, IPPROTO_IPV6, IPV6_V6ONLY, - &i, sizeof(i)) == -1) -diff --git a/yppush/yppush.c b/yppush/yppush.c -index d937b84..a5916be 100644 ---- a/yppush/yppush.c -+++ b/yppush/yppush.c -@@ -430,7 +430,8 @@ yppush_foreach (const char *host) - struct timeval tv = {10, 0}; - u_int transid; - char server[YPMAXPEER + 2]; -- int i, sock; -+ int i = 1; -+ int sock; - struct sigaction sig; - struct netconfig *nconf; - struct sockaddr *sa; -diff --git a/ypserv/ypserv.c b/ypserv/ypserv.c -index d8876e9..e27c2a4 100644 ---- a/ypserv/ypserv.c -+++ b/ypserv/ypserv.c -@@ -497,7 +497,7 @@ main (int argc, char **argv) - if (family == AF_INET6) - { - /* Disallow v4-in-v6 to allow host-based access checks */ -- int i; -+ int i = 1; - - if (setsockopt (sock, IPPROTO_IPV6, IPV6_V6ONLY, - &i, sizeof(i)) == -1) diff --git a/ypserv.spec b/ypserv.spec index 01a095e..911e098 100644 --- a/ypserv.spec +++ b/ypserv.spec @@ -1,12 +1,18 @@ + %global first_tc_version 2.29-2 + +%global commit0 5bfba760283060087aefeb417342bcc66d349b2e +%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) + Summary: The NIS (Network Information Service) server - +Url: http://www.linux-nis.org/nis/ypserv/index.html Name: ypserv -Version: 4.2 -Release: 15%{?dist} -License: GPL-2.0-only -URL: https://www.thkukuk.de/nis/nis/ypserv/ - -Source0: https://github.com/thkukuk/%{name}/archive/v%{version}.tar.gz +Version: 4.0 +Release: 4.20170331git%{shortcommit0}%{?dist} +License: GPLv2 +Group: System Environment/Daemons +#Source0: http://www.linux-nis.org/download/ypserv/ypserv-%{version}.tar.bz2 +#Source0: https://github.com/thkukuk/ypserv/archive/ypserv-%{version}.tar.gz#/ypserv-ypserv-%{version}.tar.gz +Source0: https://github.com/thkukuk/%{name}/archive/%{commit0}.tar.gz#/%{name}-%{shortcommit0}.tar.gz Source1: ypserv.service Source2: yppasswdd.service Source3: ypxfrd.service @@ -22,22 +28,20 @@ Requires(preun): systemd Requires(postun): systemd Patch0: ypserv-2.5-redhat.patch +Patch1: ypserv-2.21-path.patch Patch2: ypserv-2.5-nfsnobody2.patch Patch3: ypserv-2.13-ypxfr-zeroresp.patch Patch4: ypserv-2.13-nonedomain.patch Patch5: ypserv-2.19-slp-warning.patch -Patch6: ypserv-4.0-manfix.patch +Patch6: ypserv-2.24-manfix.patch Patch7: ypserv-2.24-aliases.patch Patch8: ypserv-2.27-confpost.patch +Patch9: ypserv-2.29-relro.patch Patch10: ypserv-2.31-netgrprecur.patch +Patch11: ypserv-2.32-systemdso.patch Patch12: ypserv-4.0-headers.patch -Patch14: ypserv-4.0-selinux-context.patch -Patch15: ypserv-4.2-implicit-int.patch -Patch16: ypserv-4.2-uninitialized-int.patch +Patch13: ypserv-4.0-oldaddr.patch -BuildRequires: make -BuildRequires: libxcrypt-devel -BuildRequires: gcc BuildRequires: tokyocabinet-devel BuildRequires: systemd BuildRequires: autoconf, automake @@ -46,7 +50,6 @@ BuildRequires: libnsl2-devel BuildRequires: libtirpc-devel BuildRequires: docbook-style-xsl BuildRequires: libxslt -BuildRequires: libselinux-devel %description The Network Information Service (NIS) is a system that provides @@ -65,13 +68,23 @@ need to install the yp-tools and ypbind packages on any NIS client machines. %prep -%autosetup -n %{name}-%{version} -p1 -# Delete generated man pages. They will be generated later from source. -rm makedbm/makedbm.8 -rm mknetid/mknetid.8 -rm etc/netgroup.5 -rm etc/ypserv.conf.5 +%setup -n %{name}-%{commit0} + +%patch0 -p1 -b .redhat +#%patch1 -p1 -b .path +%patch2 -p1 -b .nfsnobody +%patch3 -p1 -b .respzero +%patch4 -p1 -b .nonedomain +%patch5 -p1 -b .slp-warning +#%patch6 -p1 -b .manfix +%patch7 -p1 -b .aliases +%patch8 -p1 -b .confpost +#%patch9 -p1 -b .relro +%patch10 -p1 -b .netgrprecur +#%patch11 -p1 -b .systemdso +%patch12 -b .headers +%patch13 -p1 -b .oldaddr autoreconf -i @@ -83,20 +96,19 @@ export CFLAGS="$RPM_OPT_FLAGS -fPIC" export CFLAGS="$RPM_OPT_FLAGS -fpic" %endif -# Fix gcc12 issues (#2047138) -export CFLAGS="$CFLAGS -Wno-format-overflow" %configure \ - --enable-checkroot \ - --enable-fqdn \ - --libexecdir=%{_libdir}/yp \ - --with-dbmliborder=tokyocabinet \ - --localstatedir=%{_localstatedir} \ - --with-selinux + --enable-checkroot \ + --enable-fqdn \ + --libexecdir=%{_libdir}/yp \ + --with-dbmliborder=tokyocabinet \ + -localstatedir=%{_localstatedir} make %install +#make install ROOT=$RPM_BUILD_ROOT +#%make_install libexecdir=$RPM_BUILD_ROOT%{_libdir}/yp INSTALL_PROGRAM=install %make_install mkdir -p $RPM_BUILD_ROOT%{_unitdir} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir} @@ -128,12 +140,12 @@ cat >$RPM_BUILD_ROOT/etc/sysconfig/yppasswdd <=18 + +# After switching from gdbm to Tokyo Cabinet we need to rebuild maps +# during update, but without pushing to slave servers +# In case domainname is not set, but it is defined in +# /etc/sysconfig/network, we do the same work as service yppasswdd +# do before starting. +# The original domainname value is set back in the end. +# The whole work is created before installing new ypserv, so we use old +# utilities and commands are stored into temporary file (that is necessary, +# because we cannot read old maps using new package) +# If old package used gdbm, the prepared script is executed after new package +# is installed. +%global rebuild_maps_script /var/yp/rpm_rebuild_maps +%pre +if [ $1 == 2 ] ; then + # stop ypserv if running and then start it again + ypservactive=0 + if /usr/bin/systemctl is-active ypserv.service>/dev/null 2>&1 ; then + ypservactive=1 + /usr/bin/systemctl stop ypserv.service>/dev/null 2>&1 + fi + # store old domainname and set the correct one + olddomain=`domainname` + [ -f /etc/sysconfig/network ] $$ . /etc/sysconfig/network + DOMAINNAME=`domainname` + if [ "$olddomain" = "(none)" -o "x$olddomain" = "x" ]; then + if [ -n "$NISDOMAIN" ]; then + domainname $NISDOMAIN + fi + fi + + newdomain=`domainname` + if [ "$newdomain" != "(none)" -a "x$newdomain" != "x" ]; then + pushd "/var/yp/$newdomain">/dev/null + echo "" > %rebuild_maps_script + chmod 0600 %rebuild_maps_script + # loop through maps + for map in * ; do + # this server is a master for this map + if %{_libdir}/yp/yphelper -i "$map" >/dev/null 2>&1 ; then + echo "rm -f `pwd`/$map" >> %rebuild_maps_script + # this server is a slave for this map + else + master=`%{_libdir}/yp/makedbm -u $map 2>/dev/null | grep YP_MASTER_NAME | sed -e 's/YP_MASTER_NAME//'` + if [ "x$master" != "x" ] ; then + echo "%{_libdir}/yp/ypxfr -f -h $master -c -d $newdomain $map" >> %rebuild_maps_script + fi + fi + done + echo "make NOPUSH=true -C /var/yp" >> %rebuild_maps_script + fi + /bin/domainname "$olddomain" + # if ypserv was running before, start it again + if [ $ypservactive -eq 1 ] ; then + /usr/bin/systemctl start ypserv.service>/dev/null 2>&1 + fi +fi + +%triggerpostun -- ypserv < %{first_tc_version} +if [ -e %rebuild_maps_script ] ; then + bash %rebuild_maps_script >/dev/null 2>&1 || : + rm -f %rebuild_maps_script >/dev/null 2>&1 +fi + +%endif + %files %doc AUTHORS README INSTALL ChangeLog TODO NEWS COPYING %doc etc/ypserv.conf etc/securenets etc/README.etc @@ -167,111 +246,6 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env %{_includedir}/rpcsvc %changelog -* Fri Jul 25 2025 Fedora Release Engineering - 4.2-15 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild - -* Sat Feb 01 2025 Björn Esser - 4.2-14 -- Add explicit BR: libxcrypt-devel - -* Sun Jan 19 2025 Fedora Release Engineering - 4.2-13 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild - -* Tue Jan 14 2025 Ales Nezbeda - 4.2-12 -- Fix uninitialized int causing different ports for IPv4 and IPv6 - -* Sat Jul 20 2024 Fedora Release Engineering - 4.2-11 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild - -* Tue Jan 30 2024 Ondrej Sloup - 4.2-10 -- Don't hard code _FORTIFY_SOURCE=2 -- Update license tag to the SPDX format (GPL-2.0-only) - -* Sat Jan 27 2024 Fedora Release Engineering - 4.2-9 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Sat Jul 22 2023 Fedora Release Engineering - 4.2-8 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Sat Jan 21 2023 Fedora Release Engineering - 4.2-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Thu Dec 01 2022 Timm Bäder - 4.2-6 -- Get rid of an implicit int during configure time -- See https://fedoraproject.org/wiki/Changes/PortingToModernC - -* Sat Jul 23 2022 Fedora Release Engineering - 4.2-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Tue Feb 01 2022 Marek Kulik - 4.2-4 -- Fix gcc12 compilation issues -- Resolves: #2047138 - -* Sat Jan 22 2022 Fedora Release Engineering - 4.2-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - -* Fri Nov 12 2021 Björn Esser - 4.2-2 -- Rebuild(libnsl2) - -* Tue Sep 28 2021 Marek Kulik - 4.2-1 -- Update to new upstream version 4.2 - -* Fri Jul 23 2021 Fedora Release Engineering - 4.1-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - -* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 4.1-6 -- Rebuilt for updated systemd-rpm-macros - See https://pagure.io/fesco/issue/2583. - -* Thu Jan 28 2021 Fedora Release Engineering - 4.1-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Wed Jul 29 2020 Fedora Release Engineering - 4.1-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Fri Jan 31 2020 Fedora Release Engineering - 4.1-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Sat Jul 27 2019 Fedora Release Engineering - 4.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Tue Mar 19 2019 Matej Mužila - 4.1-1 -- Update to new upstream version 4.1 - -* Sun Feb 03 2019 Fedora Release Engineering - 4.0-15.20180831git326857e -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Mon Jan 14 2019 Björn Esser - 4.0-14.20180831git326857e -- Rebuilt for libcrypt.so.2 (#1666033) - -* Fri Aug 31 2018 Petr Kubat - 4.0-13.20180831git326857e -- Rebase ypserv to latest upstream commit - -* Fri Jul 20 2018 Matej Mužila - 4.0-12.20170331git5bfba76 -- rpc.yppasswd: presserve selinux context of shadow and passwd -- Resolves: #1255583 - -* Sat Jul 14 2018 Fedora Release Engineering - 4.0-11.20170331git5bfba76 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Tue Jun 12 2018 Matej Mužila - 4.0-10.20170331git5bfba76 -- Remove trailing whitespaces from spec - -* Tue Jun 12 2018 Matej Mužila - 4.0-9.20170331git5bfba76 -- Drop map rebuild (gdbm -> tokyocabinet) support - -* Mon Jun 11 2018 Matej Mužila - 4.0-8.20170331git5bfba76 -- Clean spec - -* Mon Jun 11 2018 Matej Mužila - 4.0-7.20170331git5bfba76 -- Remove no longer needed relro patch -- Fix man pages - -* Fri Feb 09 2018 Fedora Release Engineering - 4.0-6.20170331git5bfba76 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - -* Sat Jan 20 2018 Björn Esser - 4.0-5.20170331git5bfba76 -- Rebuilt for switch to libxcrypt - * Thu Aug 03 2017 Fedora Release Engineering - 4.0-4.20170331git5bfba76 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild @@ -335,7 +309,7 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env * Mon May 06 2013 Honza Horak - 2.31-1 - Update to new upstream version - + * Mon Feb 04 2013 Honza Horak - 2.29-8 - Stop ypserv daemon temporary when reading info about maps @@ -394,18 +368,18 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env Resolves: #809120 * Wed Feb 01 2012 Honza Horak - 2.27-1 -- Update to new upstream version, which fixes several bugs +- Update to new upstream version, which fixes several bugs (removing patches that aren't needed any more) * Thu Jan 12 2012 Honza Horak - 2.26-10 -- Added ypserv-pre-setdomain to respect NISDOMAIN environment variable +- Added ypserv-pre-setdomain to respect NISDOMAIN environment variable and set domainname if empty - Added autoreconf call (thus .path patch modified to keep impact) - Patch .aliases fixed Resolves: #699826 * Mon Dec 12 2011 Honza Horak - 2.26-9 -- Rebuild against compat_gdbm, because gdbm has changed license +- Rebuild against compat_gdbm, because gdbm has changed license to GPLv3+ and it is not compatible with ypserv GPLv2 * Mon Nov 28 2011 Honza Horak - 2.26-8 @@ -426,12 +400,12 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env - Rebuild with new gdbm-1.9.1 * Fri Sep 30 2011 Honza Horak - 2.26-4 -- Added passwd.adjunct support in yppasswdd to recognize +- Added passwd.adjunct support in yppasswdd to recognize password format correctly when changing password using yppasswd Resolves: #699667 * Wed Aug 31 2011 Honza Horak - 2.26-3 -- fixed hiding the change request when external script is used +- fixed hiding the change request when external script is used in rpc.yppasswdd * Wed Aug 03 2011 Honza Horak - 2.26-2 @@ -442,7 +416,7 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env Simplified systemd snippets in spec file * Tue Jun 14 2011 Honza Horak - 2.25-3 -- Adjust yppush man page and add a comment how to assign options +- Adjust yppush man page and add a comment how to assign options to yppush (#712239) * Tue May 10 2011 Honza Horak - 2.25-2 @@ -450,10 +424,10 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env (#696903) * Tue May 10 2011 Honza Horak - 2.25-1 -- Update to new upstream version, which contains .staticanal patch +- Update to new upstream version, which contains .staticanal patch * Fri May 06 2011 Honza Horak - 2.24-4 -- Change default aliases file location to /etc/aliases to correspond +- Change default aliases file location to /etc/aliases to correspond with default MTAs' config (#699826) * Tue Apr 26 2011 Honza Horak - 2.24-3 @@ -485,12 +459,12 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env merged by the upstream * Thu Jan 28 2010 Karel Klic - 2.21-4 -- Removed ypserv-2.21-iface.patch, because upstream refused to - merge it three times over 7 years. "Since this is - not supported by RPC (means portmapper still shows ypserv - for the other subnets and portmapper can forward requests - from other subnets via loopback), this will give quite some - unexpected behaviors and makes it pretty difficult to debug +- Removed ypserv-2.21-iface.patch, because upstream refused to + merge it three times over 7 years. "Since this is + not supported by RPC (means portmapper still shows ypserv + for the other subnets and portmapper can forward requests + from other subnets via loopback), this will give quite some + unexpected behaviors and makes it pretty difficult to debug such scenarios." * Wed Jan 27 2010 Karel Klic - 2.21-3 @@ -561,7 +535,7 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env (bz #197646) * Wed Sep 13 2006 Steve Dickson - 2.19-3 -- Added range checks to port values given on command line +- Added range checks to port values given on command line (bz 205354) * Tue Jul 25 2006 Steve Dickson - 2.19-2 @@ -681,7 +655,7 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env - Added patch to fix yppush timeout errors (#62429) * Wed Mar 27 2002 Alex Larsson 2.2-6 -- Make yppasswdd source /etc/sysconf/yppasswd for options (#52253) +- Make yppasswdd source /etc/sysconf/yppasswd for options (#52253) * Mon Mar 25 2002 Alex Larsson 2.2-5 - Add patch that fixes generation of services.byname. (#41851) @@ -802,7 +776,7 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_libexecdir}/rpc.yppasswdd.env * Fri Mar 26 1999 Cristian Gafton - version 1.3.6.91 -* Sun Mar 21 1999 Cristian Gafton +* Sun Mar 21 1999 Cristian Gafton - auto rebuild in the new build environment (release 4) * Mon Feb 8 1999 Bill Nottingham