[gentoo-commits] repo/gentoo:master commit in: media-tv/plex-media-server/

Sun, 12 Feb 2017 11:06:46 -0800 

commit:     7074326a1d2480b2f0c20d0562eb009f5325d2cc
Author:     Jonathan Vasquez <fearedbliss <AT> gentoo <DOT> org>
AuthorDate: Sun Feb 12 19:06:03 2017 +0000
Commit:     Jonathan Vasquez <fearedbliss <AT> gentoo <DOT> org>
CommitDate: Sun Feb 12 19:06:24 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7074326a

media-tv/plex-media-server: adding pax marking, wrt bug #609154

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 ...-1.3.4.ebuild => plex-media-server-1.3.4-r1.ebuild} | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/media-tv/plex-media-server/plex-media-server-1.3.4.ebuild 
b/media-tv/plex-media-server/plex-media-server-1.3.4-r1.ebuild
similarity index 86%
rename from media-tv/plex-media-server/plex-media-server-1.3.4.ebuild
rename to media-tv/plex-media-server/plex-media-server-1.3.4-r1.ebuild
index 99b6ac28a6..bfa0613bc9 100644
--- a/media-tv/plex-media-server/plex-media-server-1.3.4.ebuild
+++ b/media-tv/plex-media-server/plex-media-server-1.3.4-r1.ebuild
@@ -4,7 +4,7 @@
 
 EAPI=6
 
-inherit eutils user systemd unpacker
+inherit eutils user systemd unpacker pax-utils
 
 MINOR1="3285"
 MINOR2="b46e0ea"
@@ -25,9 +25,8 @@ LICENSE="Plex"
 RESTRICT="mirror bindist strip"
 KEYWORDS="-* ~amd64"
 
-DEPEND="
-       net-dns/avahi
-       sys-apps/fix-gnustack"
+DEPEND="sys-apps/fix-gnustack"
+RDEPEND="net-dns/avahi"
 
 QA_DESKTOP_FILE="usr/share/applications/plexmediamanager.desktop"
 QA_PREBUILT="*"
@@ -37,6 +36,7 @@ QA_MULTILIB_PATHS=(
 )
 
 EXECSTACKED_BINS=( "${ED%/}/usr/lib/plexmediaserver/libgnsdk_dsp.so*" )
+BINS_TO_PAX_MARK=( "${ED%/}/usr/lib/plexmediaserver/Plex Script Host" )
 
 S="${WORKDIR}"
 
@@ -85,6 +85,7 @@ src_install() {
        systemd_newunit "${INIT}" "${INIT_NAME}"
 
        _remove_execstack_markings
+       _add_pax_markings
 }
 
 pkg_postinst() {
@@ -105,10 +106,17 @@ _handle_multilib() {
        doenvd "${T}"/66plex
 }
 
-# Remove execstack flag from library so that it works in hardened setups.
+# Remove execstack flags from some libraries/executables so that it works in 
hardened setups.
 _remove_execstack_markings() {
        for f in "${EXECSTACKED_BINS[@]}"; do
                # Unquoting 'f' so that expansion works.
                fix-gnustack -f ${f} > /dev/null
        done
 }
+
+# Add pax markings to some binaries so that they work on hardened setup.
+_add_pax_markings() {
+       for f in "${BINS_TO_PAX_MARK[@]}"; do
+               pax-mark m "${f}"
+       done
+}

Reply via email to