From 1abf09d4cff8b9e40ea6c1826cfeae8e0ce18f1b Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 30 May 2022 14:40:47 +0800 Subject: logrotate: upgrade 3.19.0 -> 3.20.1 Changelog: ========= drop world-readable permission on state file even when ACLs are enabled (#446) fix potential DoS from unprivileged users via the state file (CVE-2022-1348) fix a misleading debug message with copytruncate and rotate 0 (#443) add support for unsigned time_t (#438) do not lock state file /dev/null (#433) (From OE-Core rev: 391fdcf742c4669c1c4654f9b022b3d277aa0038) Signed-off-by: Wang Mingyu Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie --- .../recipes-extended/logrotate/logrotate_3.19.0.bb | 91 ---------------------- .../recipes-extended/logrotate/logrotate_3.20.1.bb | 91 ++++++++++++++++++++++ 2 files changed, 91 insertions(+), 91 deletions(-) delete mode 100644 meta/recipes-extended/logrotate/logrotate_3.19.0.bb create mode 100644 meta/recipes-extended/logrotate/logrotate_3.20.1.bb diff --git a/meta/recipes-extended/logrotate/logrotate_3.19.0.bb b/meta/recipes-extended/logrotate/logrotate_3.19.0.bb deleted file mode 100644 index 2a60d9b31f..0000000000 --- a/meta/recipes-extended/logrotate/logrotate_3.19.0.bb +++ /dev/null @@ -1,91 +0,0 @@ -SUMMARY = "Rotates, compresses, removes and mails system log files" -SECTION = "console/utils" -HOMEPAGE = "https://github.com/logrotate/logrotate/" -DESCRIPTION = "The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files." -LICENSE = "GPL-2.0-only" - -# TODO: Document coreutils dependency. Why not RDEPENDS? Why not busybox? - -DEPENDS="coreutils popt" - -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" - -UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases" -UPSTREAM_CHECK_REGEX = "logrotate-(?P\d+(\.\d+)+).tar" - -SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz" - -SRC_URI[sha256sum] = "ddd5274d684c5c99ca724e8069329f343ebe376e07493d537d9effdc501214ba" - -# These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used -CVE_CHECK_IGNORE += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550" - -PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}" - -PACKAGECONFIG[acl] = ",,acl" -PACKAGECONFIG[selinux] = ",,libselinux" - -CONFFILES:${PN} += "${localstatedir}/lib/logrotate.status \ - ${sysconfdir}/logrotate.conf \ - ${sysconfdir}/logrotate.d/btmp \ - ${sysconfdir}/logrotate.d/wtmp" - -# If RPM_OPT_FLAGS is unset, it adds -g itself rather than obeying our -# optimization variables, so use it rather than EXTRA_CFLAGS. -EXTRA_OEMAKE = "\ - LFS= \ - OS_NAME='${OS_NAME}' \ - 'CC=${CC}' \ - 'RPM_OPT_FLAGS=${CFLAGS}' \ - 'EXTRA_LDFLAGS=${LDFLAGS}' \ - ${@bb.utils.contains('PACKAGECONFIG', 'acl', 'WITH_ACL=yes', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'selinux', 'WITH_SELINUX=yes', '', d)} \ -" - -# OS_NAME in the makefile defaults to `uname -s`. The behavior for -# freebsd/netbsd is questionable, so leave it as Linux, which only sets -# INSTALL=install and BASEDIR=/usr. -OS_NAME = "Linux" - -inherit autotools systemd - -SYSTEMD_SERVICE:${PN} = "\ - ${BPN}.service \ - ${BPN}.timer \ -" - -LOGROTATE_OPTIONS ?= "" - -LOGROTATE_SYSTEMD_TIMER_BASIS ?= "daily" -LOGROTATE_SYSTEMD_TIMER_ACCURACY ?= "12h" -LOGROTATE_SYSTEMD_TIMER_PERSISTENT ?= "true" - -do_install(){ - oe_runmake install DESTDIR=${D} PREFIX=${D} MANDIR=${mandir} - mkdir -p ${D}${sysconfdir}/logrotate.d - mkdir -p ${D}${localstatedir}/lib - install -p -m 644 ${S}/examples/logrotate.conf ${D}${sysconfdir}/logrotate.conf - install -p -m 644 ${S}/examples/btmp ${D}${sysconfdir}/logrotate.d/btmp - install -p -m 644 ${S}/examples/wtmp ${D}${sysconfdir}/logrotate.d/wtmp - touch ${D}${localstatedir}/lib/logrotate.status - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${S}/examples/logrotate.service ${D}${systemd_system_unitdir}/logrotate.service - install -m 0644 ${S}/examples/logrotate.timer ${D}${systemd_system_unitdir}/logrotate.timer - [ -z "${LOGROTATE_OPTIONS}" ] || - sed -ri \ - -e 's|(ExecStart=.*/logrotate.*)$|\1 ${LOGROTATE_OPTIONS}|g' \ - ${D}${systemd_system_unitdir}/logrotate.service - sed -ri \ - -e 's|(OnCalendar=).*$|\1${LOGROTATE_SYSTEMD_TIMER_BASIS}|g' \ - -e 's|(AccuracySec=).*$|\1${LOGROTATE_SYSTEMD_TIMER_ACCURACY}|g' \ - -e 's|(Persistent=).*$|\1${LOGROTATE_SYSTEMD_TIMER_PERSISTENT}|g' \ - ${D}${systemd_system_unitdir}/logrotate.timer - fi - - if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then - mkdir -p ${D}${sysconfdir}/cron.daily - install -p -m 0755 ${S}/examples/logrotate.cron ${D}${sysconfdir}/cron.daily/logrotate - fi -} diff --git a/meta/recipes-extended/logrotate/logrotate_3.20.1.bb b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb new file mode 100644 index 0000000000..35977535aa --- /dev/null +++ b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb @@ -0,0 +1,91 @@ +SUMMARY = "Rotates, compresses, removes and mails system log files" +SECTION = "console/utils" +HOMEPAGE = "https://github.com/logrotate/logrotate/" +DESCRIPTION = "The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files." +LICENSE = "GPL-2.0-only" + +# TODO: Document coreutils dependency. Why not RDEPENDS? Why not busybox? + +DEPENDS="coreutils popt" + +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" + +UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases" +UPSTREAM_CHECK_REGEX = "logrotate-(?P\d+(\.\d+)+).tar" + +SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz" + +SRC_URI[sha256sum] = "742f6d6e18eceffa49a4bacd933686d3e42931cfccfb694d7f6369b704e5d094" + +# These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used +CVE_CHECK_IGNORE += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550" + +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}" + +PACKAGECONFIG[acl] = ",,acl" +PACKAGECONFIG[selinux] = ",,libselinux" + +CONFFILES:${PN} += "${localstatedir}/lib/logrotate.status \ + ${sysconfdir}/logrotate.conf \ + ${sysconfdir}/logrotate.d/btmp \ + ${sysconfdir}/logrotate.d/wtmp" + +# If RPM_OPT_FLAGS is unset, it adds -g itself rather than obeying our +# optimization variables, so use it rather than EXTRA_CFLAGS. +EXTRA_OEMAKE = "\ + LFS= \ + OS_NAME='${OS_NAME}' \ + 'CC=${CC}' \ + 'RPM_OPT_FLAGS=${CFLAGS}' \ + 'EXTRA_LDFLAGS=${LDFLAGS}' \ + ${@bb.utils.contains('PACKAGECONFIG', 'acl', 'WITH_ACL=yes', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'selinux', 'WITH_SELINUX=yes', '', d)} \ +" + +# OS_NAME in the makefile defaults to `uname -s`. The behavior for +# freebsd/netbsd is questionable, so leave it as Linux, which only sets +# INSTALL=install and BASEDIR=/usr. +OS_NAME = "Linux" + +inherit autotools systemd + +SYSTEMD_SERVICE:${PN} = "\ + ${BPN}.service \ + ${BPN}.timer \ +" + +LOGROTATE_OPTIONS ?= "" + +LOGROTATE_SYSTEMD_TIMER_BASIS ?= "daily" +LOGROTATE_SYSTEMD_TIMER_ACCURACY ?= "12h" +LOGROTATE_SYSTEMD_TIMER_PERSISTENT ?= "true" + +do_install(){ + oe_runmake install DESTDIR=${D} PREFIX=${D} MANDIR=${mandir} + mkdir -p ${D}${sysconfdir}/logrotate.d + mkdir -p ${D}${localstatedir}/lib + install -p -m 644 ${S}/examples/logrotate.conf ${D}${sysconfdir}/logrotate.conf + install -p -m 644 ${S}/examples/btmp ${D}${sysconfdir}/logrotate.d/btmp + install -p -m 644 ${S}/examples/wtmp ${D}${sysconfdir}/logrotate.d/wtmp + touch ${D}${localstatedir}/lib/logrotate.status + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${S}/examples/logrotate.service ${D}${systemd_system_unitdir}/logrotate.service + install -m 0644 ${S}/examples/logrotate.timer ${D}${systemd_system_unitdir}/logrotate.timer + [ -z "${LOGROTATE_OPTIONS}" ] || + sed -ri \ + -e 's|(ExecStart=.*/logrotate.*)$|\1 ${LOGROTATE_OPTIONS}|g' \ + ${D}${systemd_system_unitdir}/logrotate.service + sed -ri \ + -e 's|(OnCalendar=).*$|\1${LOGROTATE_SYSTEMD_TIMER_BASIS}|g' \ + -e 's|(AccuracySec=).*$|\1${LOGROTATE_SYSTEMD_TIMER_ACCURACY}|g' \ + -e 's|(Persistent=).*$|\1${LOGROTATE_SYSTEMD_TIMER_PERSISTENT}|g' \ + ${D}${systemd_system_unitdir}/logrotate.timer + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + mkdir -p ${D}${sysconfdir}/cron.daily + install -p -m 0755 ${S}/examples/logrotate.cron ${D}${sysconfdir}/cron.daily/logrotate + fi +} -- cgit v1.2.3-54-g00ecf