3 files changed, 59 insertions, 117 deletions
diff --git a/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch b/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch
deleted file mode 100644
index d7367caf78..0000000000
--- a/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 6e51d529988cfc0bb357751fd767e9f1478e2b81 Mon Sep 17 00:00:00 2001
-From: Alex Kiernan <alex.kiernan@gmail.com>
-Date: Thu, 13 Feb 2020 06:08:45 +0000
-Subject: [PATCH] rarpd: rdisc: Drop PrivateUsers
-Neither rarpd nor rdisc can gain the necessary capabilities with
-PrivateUsers enabled.
-Upstream-Status: Pending
-Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
- systemd/rarpd.service.in | 1 -
- systemd/rdisc.service.in | 3 ++-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-diff --git a/systemd/rarpd.service.in b/systemd/rarpd.service.in
-index e600c10c93e6..f5d7621a7ce8 100644
--- a/systemd/rarpd.service.in
-+++ b/systemd/rarpd.service.in
-@@ -12,7 +12,6 @@ AmbientCapabilities=CAP_NET_RAW
- DynamicUser=yes
- PrivateTmp=yes
- PrivateDevices=yes
-PrivateUsers=yes
- ProtectSystem=strict
- ProtectHome=yes
- ProtectControlGroups=yes
-diff --git a/systemd/rdisc.service.in b/systemd/rdisc.service.in
-index 4e2a1ec9d0e5..a71b87d36b37 100644
--- a/systemd/rdisc.service.in
-+++ b/systemd/rdisc.service.in
-@@ -8,9 +8,10 @@ After=network.target
- EnvironmentFile=-/etc/sysconfig/rdisc
- ExecStart=@sbindir@/rdisc -f -t $OPTIONS $SEND_ADDRESS $RECEIVE_ADDRESS
- 
-+CapabilityBoundingSet=CAP_NET_RAW
- AmbientCapabilities=CAP_NET_RAW
- PrivateTmp=yes
-PrivateUsers=yes
-+DynamicUser=yes
- ProtectSystem=strict
- ProtectHome=yes
- ProtectControlGroups=yes
-- 
-2.17.1
diff --git a/meta/recipes-extended/iputils/iputils_20240117.bb b/meta/recipes-extended/iputils/iputils_20240117.bb
new file mode 100644
index 0000000000..3880689742
--- /dev/null
+++ b/meta/recipes-extended/iputils/iputils_20240117.bb
@@ -0,0 +1,59 @@
+SUMMARY = "Network monitoring tools"
+DESCRIPTION = "Utilities for the IP protocol, including \
+tracepath, tracepath6, ping, ping6 and arping."
+HOMEPAGE = "https://github.com/iputils/iputils"
+SECTION = "console/network"
+LICENSE = "BSD-3-Clause & GPL-2.0-or-later"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=627cc07ec86a45951d43e30658bbd819"
+DEPENDS = "gnutls"
+SRC_URI = "git://github.com/iputils/iputils;branch=master;protocol=https"
+SRCREV = "8372f355bdf7a9b0c79338dd8ef8464c00a5c4e2"
+S = "${WORKDIR}/git"
+UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>20\d+)"
+CVE_STATUS[CVE-2000-1213] = "fixed-version: Fixed in 2000-10-10, but the versioning of iputils breaks the version order."
+CVE_STATUS[CVE-2000-1214] = "fixed-version: Fixed in 2000-10-10, but the versioning of iputils breaks the version order."
+PACKAGECONFIG ??= "libcap"
+PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false -DNO_SETCAP_OR_SUID=true, libcap libcap-native"
+PACKAGECONFIG[libidn] = "-DUSE_IDN=true, -DUSE_IDN=false, libidn2"
+PACKAGECONFIG[gettext] = "-DUSE_GETTEXT=true, -DUSE_GETTEXT=false, gettext"
+PACKAGECONFIG[docs] = "-DBUILD_HTML_MANS=true -DBUILD_MANS=true,-DBUILD_HTML_MANS=false -DBUILD_MANS=false, libxslt"
+inherit meson update-alternatives pkgconfig
+EXTRA_OEMESON += "--prefix=${root_prefix}/ -DSKIP_TESTS=true"
+ALTERNATIVE_PRIORITY = "100"
+ALTERNATIVE:${PN}-ping = "ping"
+ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping"
+ALTERNATIVE:${PN}-ping6 = "ping6"
+ALTERNATIVE_LINK_NAME[ping6] = "${base_bindir}/ping6"
+SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff \
+             ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-ping6', '', d)}"
+PACKAGES += "${SPLITPKGS}"
+ALLOW_EMPTY:${PN} = "1"
+RDEPENDS:${PN} += "${SPLITPKGS}"
+FILES:${PN} = ""
+FILES:${PN}-ping = "${base_bindir}/ping.${BPN}"
+FILES:${PN}-ping6 = "${base_bindir}/ping6.${BPN}"
+FILES:${PN}-arping = "${base_bindir}/arping"
+FILES:${PN}-tracepath = "${base_bindir}/tracepath"
+FILES:${PN}-clockdiff = "${base_bindir}/clockdiff"
+do_install:append() {
+        if ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'true', 'false', d)}; then
+                ln -sf ping ${D}/${base_bindir}/ping6
+        fi
+}
diff --git a/meta/recipes-extended/iputils/iputils_s20200821.bb b/meta/recipes-extended/iputils/iputils_s20200821.bb
deleted file mode 100644
index e43abf2629..0000000000
--- a/meta/recipes-extended/iputils/iputils_s20200821.bb
+++ /dev/null
@@ -1,71 +0,0 @@
-SUMMARY = "Network monitoring tools"
-DESCRIPTION = "Utilities for the IP protocol, including traceroute6, \
-tracepath, tracepath6, ping, ping6 and arping."
-HOMEPAGE = "https://github.com/iputils/iputils"
-SECTION = "console/network"
-LICENSE = "BSD & GPLv2+"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390"
-DEPENDS = "gnutls"
-SRC_URI = "git://github.com/iputils/iputils \
-           file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \
-           "
-SRCREV = "23c3782ae0c7f9c6ae59dbed8ad9204f8758542b"
-S = "${WORKDIR}/git"
-UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>s\d+)"
-# Fixed in 2000-10-10, but the versioning of iputils
-# breaks the version order.
-CVE_CHECK_WHITELIST += "CVE-2000-1213 CVE-2000-1214"
-PACKAGECONFIG ??= "libcap rarpd \
-                   ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ninfod traceroute6', '', d)} \
-                   ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
-PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false -DNO_SETCAP_OR_SUID=true, libcap libcap-native"
-PACKAGECONFIG[libidn] = "-DUSE_IDN=true, -DUSE_IDN=false, libidn2"
-PACKAGECONFIG[gettext] = "-DUSE_GETTEXT=true, -DUSE_GETTEXT=false, gettext"
-PACKAGECONFIG[ninfod] = "-DBUILD_NINFOD=true,-DBUILD_NINFOD=false,"
-PACKAGECONFIG[rarpd] = "-DBUILD_RARPD=true,-DBUILD_RARPD=false,"
-PACKAGECONFIG[systemd] = "-Dsystemdunitdir=${systemd_unitdir}/system,,systemd"
-PACKAGECONFIG[tftpd] = "-DBUILD_TFTPD=true, -DBUILD_TFTPD=false,"
-PACKAGECONFIG[traceroute6] = "-DBUILD_TRACEROUTE6=true,-DBUILD_TRACEROUTE6=false,"
-PACKAGECONFIG[docs] = "-DBUILD_HTML_MANS=true -DBUILD_MANS=true,-DBUILD_HTML_MANS=false -DBUILD_MANS=false, libxslt"
-inherit meson systemd update-alternatives
-EXTRA_OEMESON += "--prefix=${root_prefix}/"
-ALTERNATIVE_PRIORITY = "100"
-ALTERNATIVE_${PN}-ping = "ping"
-ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping"
-SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff ${PN}-rdisc \
-             ${@bb.utils.contains('PACKAGECONFIG', 'rarpd', '${PN}-rarpd', '', d)} \
-             ${@bb.utils.contains('PACKAGECONFIG', 'tftpd', '${PN}-tftpd', '', d)} \
-             ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-traceroute6 ${PN}-ninfod', '', d)}"
-PACKAGES += "${SPLITPKGS}"
-ALLOW_EMPTY_${PN} = "1"
-RDEPENDS_${PN} += "${SPLITPKGS}"
-FILES_${PN} = ""
-FILES_${PN}-ping = "${base_bindir}/ping.${BPN}"
-FILES_${PN}-arping = "${base_bindir}/arping"
-FILES_${PN}-tracepath = "${base_bindir}/tracepath"
-FILES_${PN}-traceroute6 = "${base_bindir}/traceroute6"
-FILES_${PN}-clockdiff = "${base_bindir}/clockdiff"
-FILES_${PN}-tftpd = "${base_bindir}/tftpd ${sysconfdir}/xinetd.d/tftp"
-FILES_${PN}-rarpd = "${base_sbindir}/rarpd  ${systemd_unitdir}/system/rarpd@.service"
-FILES_${PN}-rdisc = "${base_sbindir}/rdisc"
-FILES_${PN}-ninfod = "${base_sbindir}/ninfod ${sysconfdir}/init.d/ninfod.sh"
-SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-ninfod', '', d)} \
-                    ${PN}-rdisc"
-SYSTEMD_SERVICE_${PN}-ninfod = "ninfod.service"
-SYSTEMD_SERVICE_${PN}-rdisc = "rdisc.service"

diff --git a/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch b/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch deleted file mode 100644 index d7367caf78..0000000000 --- a/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch +++ /dev/null
@@ -1,46 +0,0 @@
1	From 6e51d529988cfc0bb357751fd767e9f1478e2b81 Mon Sep 17 00:00:00 2001
2	From: Alex Kiernan <alex.kiernan@gmail.com>
3	Date: Thu, 13 Feb 2020 06:08:45 +0000
4	Subject: [PATCH] rarpd: rdisc: Drop PrivateUsers
5
6	Neither rarpd nor rdisc can gain the necessary capabilities with
7	PrivateUsers enabled.
8
9	Upstream-Status: Pending
10	Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
11	---
12	systemd/rarpd.service.in \| 1 -
13	systemd/rdisc.service.in \| 3 ++-
14	2 files changed, 2 insertions(+), 2 deletions(-)
15
16	diff --git a/systemd/rarpd.service.in b/systemd/rarpd.service.in
17	index e600c10c93e6..f5d7621a7ce8 100644
18	--- a/systemd/rarpd.service.in
19	+++ b/systemd/rarpd.service.in
20	@@ -12,7 +12,6 @@ AmbientCapabilities=CAP_NET_RAW
21	DynamicUser=yes
22	PrivateTmp=yes
23	PrivateDevices=yes
24	-PrivateUsers=yes
25	ProtectSystem=strict
26	ProtectHome=yes
27	ProtectControlGroups=yes
28	diff --git a/systemd/rdisc.service.in b/systemd/rdisc.service.in
29	index 4e2a1ec9d0e5..a71b87d36b37 100644
30	--- a/systemd/rdisc.service.in
31	+++ b/systemd/rdisc.service.in
32	@@ -8,9 +8,10 @@ After=network.target
33	EnvironmentFile=-/etc/sysconfig/rdisc
34	ExecStart=@sbindir@/rdisc -f -t $OPTIONS $SEND_ADDRESS $RECEIVE_ADDRESS
35
36	+CapabilityBoundingSet=CAP_NET_RAW
37	AmbientCapabilities=CAP_NET_RAW
38	PrivateTmp=yes
39	-PrivateUsers=yes
40	+DynamicUser=yes
41	ProtectSystem=strict
42	ProtectHome=yes
43	ProtectControlGroups=yes
44	--
45	2.17.1
46


diff --git a/meta/recipes-extended/iputils/iputils_20240117.bb b/meta/recipes-extended/iputils/iputils_20240117.bb new file mode 100644 index 0000000000..3880689742 --- /dev/null +++ b/meta/recipes-extended/iputils/iputils_20240117.bb
@@ -0,0 +1,59 @@
		1	SUMMARY = "Network monitoring tools"
		2	DESCRIPTION = "Utilities for the IP protocol, including \
		3	tracepath, tracepath6, ping, ping6 and arping."
		4	HOMEPAGE = "https://github.com/iputils/iputils"
		5	SECTION = "console/network"
		6
		7	LICENSE = "BSD-3-Clause & GPL-2.0-or-later"
		8
		9	LIC_FILES_CHKSUM = "file://LICENSE;md5=627cc07ec86a45951d43e30658bbd819"
		10
		11	DEPENDS = "gnutls"
		12
		13	SRC_URI = "git://github.com/iputils/iputils;branch=master;protocol=https"
		14	SRCREV = "8372f355bdf7a9b0c79338dd8ef8464c00a5c4e2"
		15
		16	S = "${WORKDIR}/git"
		17
		18	UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>20\d+)"
		19
		20	CVE_STATUS[CVE-2000-1213] = "fixed-version: Fixed in 2000-10-10, but the versioning of iputils breaks the version order."
		21	CVE_STATUS[CVE-2000-1214] = "fixed-version: Fixed in 2000-10-10, but the versioning of iputils breaks the version order."
		22
		23	PACKAGECONFIG ??= "libcap"
		24	PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false -DNO_SETCAP_OR_SUID=true, libcap libcap-native"
		25	PACKAGECONFIG[libidn] = "-DUSE_IDN=true, -DUSE_IDN=false, libidn2"
		26	PACKAGECONFIG[gettext] = "-DUSE_GETTEXT=true, -DUSE_GETTEXT=false, gettext"
		27	PACKAGECONFIG[docs] = "-DBUILD_HTML_MANS=true -DBUILD_MANS=true,-DBUILD_HTML_MANS=false -DBUILD_MANS=false, libxslt"
		28
		29	inherit meson update-alternatives pkgconfig
		30
		31	EXTRA_OEMESON += "--prefix=${root_prefix}/ -DSKIP_TESTS=true"
		32
		33	ALTERNATIVE_PRIORITY = "100"
		34
		35	ALTERNATIVE:${PN}-ping = "ping"
		36	ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping"
		37
		38	ALTERNATIVE:${PN}-ping6 = "ping6"
		39	ALTERNATIVE_LINK_NAME[ping6] = "${base_bindir}/ping6"
		40
		41	SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff \
		42	${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-ping6', '', d)}"
		43	PACKAGES += "${SPLITPKGS}"
		44
		45	ALLOW_EMPTY:${PN} = "1"
		46	RDEPENDS:${PN} += "${SPLITPKGS}"
		47
		48	FILES:${PN} = ""
		49	FILES:${PN}-ping = "${base_bindir}/ping.${BPN}"
		50	FILES:${PN}-ping6 = "${base_bindir}/ping6.${BPN}"
		51	FILES:${PN}-arping = "${base_bindir}/arping"
		52	FILES:${PN}-tracepath = "${base_bindir}/tracepath"
		53	FILES:${PN}-clockdiff = "${base_bindir}/clockdiff"
		54
		55	do_install:append() {
		56	if ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'true', 'false', d)}; then
		57	ln -sf ping ${D}/${base_bindir}/ping6
		58	fi
		59	}


diff --git a/meta/recipes-extended/iputils/iputils_s20200821.bb b/meta/recipes-extended/iputils/iputils_s20200821.bb deleted file mode 100644 index e43abf2629..0000000000 --- a/meta/recipes-extended/iputils/iputils_s20200821.bb +++ /dev/null
@@ -1,71 +0,0 @@
1	SUMMARY = "Network monitoring tools"
2	DESCRIPTION = "Utilities for the IP protocol, including traceroute6, \
3	tracepath, tracepath6, ping, ping6 and arping."
4	HOMEPAGE = "https://github.com/iputils/iputils"
5	SECTION = "console/network"
6
7	LICENSE = "BSD & GPLv2+"
8
9	LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390"
10
11	DEPENDS = "gnutls"
12
13	SRC_URI = "git://github.com/iputils/iputils \
14	file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \
15	"
16	SRCREV = "23c3782ae0c7f9c6ae59dbed8ad9204f8758542b"
17
18	S = "${WORKDIR}/git"
19
20	UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>s\d+)"
21
22	# Fixed in 2000-10-10, but the versioning of iputils
23	# breaks the version order.
24	CVE_CHECK_WHITELIST += "CVE-2000-1213 CVE-2000-1214"
25
26	PACKAGECONFIG ??= "libcap rarpd \
27	${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ninfod traceroute6', '', d)} \
28	${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
29	PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false -DNO_SETCAP_OR_SUID=true, libcap libcap-native"
30	PACKAGECONFIG[libidn] = "-DUSE_IDN=true, -DUSE_IDN=false, libidn2"
31	PACKAGECONFIG[gettext] = "-DUSE_GETTEXT=true, -DUSE_GETTEXT=false, gettext"
32	PACKAGECONFIG[ninfod] = "-DBUILD_NINFOD=true,-DBUILD_NINFOD=false,"
33	PACKAGECONFIG[rarpd] = "-DBUILD_RARPD=true,-DBUILD_RARPD=false,"
34	PACKAGECONFIG[systemd] = "-Dsystemdunitdir=${systemd_unitdir}/system,,systemd"
35	PACKAGECONFIG[tftpd] = "-DBUILD_TFTPD=true, -DBUILD_TFTPD=false,"
36	PACKAGECONFIG[traceroute6] = "-DBUILD_TRACEROUTE6=true,-DBUILD_TRACEROUTE6=false,"
37	PACKAGECONFIG[docs] = "-DBUILD_HTML_MANS=true -DBUILD_MANS=true,-DBUILD_HTML_MANS=false -DBUILD_MANS=false, libxslt"
38
39	inherit meson systemd update-alternatives
40
41	EXTRA_OEMESON += "--prefix=${root_prefix}/"
42
43	ALTERNATIVE_PRIORITY = "100"
44
45	ALTERNATIVE_${PN}-ping = "ping"
46	ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping"
47
48	SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff ${PN}-rdisc \
49	${@bb.utils.contains('PACKAGECONFIG', 'rarpd', '${PN}-rarpd', '', d)} \
50	${@bb.utils.contains('PACKAGECONFIG', 'tftpd', '${PN}-tftpd', '', d)} \
51	${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-traceroute6 ${PN}-ninfod', '', d)}"
52	PACKAGES += "${SPLITPKGS}"
53
54	ALLOW_EMPTY_${PN} = "1"
55	RDEPENDS_${PN} += "${SPLITPKGS}"
56
57	FILES_${PN} = ""
58	FILES_${PN}-ping = "${base_bindir}/ping.${BPN}"
59	FILES_${PN}-arping = "${base_bindir}/arping"
60	FILES_${PN}-tracepath = "${base_bindir}/tracepath"
61	FILES_${PN}-traceroute6 = "${base_bindir}/traceroute6"
62	FILES_${PN}-clockdiff = "${base_bindir}/clockdiff"
63	FILES_${PN}-tftpd = "${base_bindir}/tftpd ${sysconfdir}/xinetd.d/tftp"
64	FILES_${PN}-rarpd = "${base_sbindir}/rarpd ${systemd_unitdir}/system/rarpd@.service"
65	FILES_${PN}-rdisc = "${base_sbindir}/rdisc"
66	FILES_${PN}-ninfod = "${base_sbindir}/ninfod ${sysconfdir}/init.d/ninfod.sh"
67
68	SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-ninfod', '', d)} \
69	${PN}-rdisc"
70	SYSTEMD_SERVICE_${PN}-ninfod = "ninfod.service"
71	SYSTEMD_SERVICE_${PN}-rdisc = "rdisc.service"