commit: c309a1e0e20fd3af6f21f91db6ad67eddc3a488c Author: Tomas Mozes <hydrapolic <AT> gmail <DOT> com> AuthorDate: Tue Sep 26 11:26:27 2017 +0000 Commit: Alexys Jacob <ultrabug <AT> gentoo <DOT> org> CommitDate: Fri Oct 13 08:33:13 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c309a1e0
dev-db/mongodb: prevent privilege escalation (bug #631000) Package-Manager: Portage-2.3.10, Repoman-2.3.3 Closes: https://github.com/gentoo/gentoo/pull/5763 dev-db/mongodb/files/mongodb.confd-r3 | 11 +++++++++++ dev-db/mongodb/files/mongodb.initd-r3 | 18 ++++++++++++++++++ dev-db/mongodb/files/mongos.confd-r3 | 11 +++++++++++ dev-db/mongodb/files/mongos.initd-r3 | 18 ++++++++++++++++++ dev-db/mongodb/mongodb-3.0.15.ebuild | 8 ++++---- dev-db/mongodb/mongodb-3.2.16.ebuild | 8 ++++---- dev-db/mongodb/mongodb-3.4.9.ebuild | 8 ++++---- 7 files changed, 70 insertions(+), 12 deletions(-) diff --git a/dev-db/mongodb/files/mongodb.confd-r3 b/dev-db/mongodb/files/mongodb.confd-r3 new file mode 100644 index 00000000000..e515d1ddc73 --- /dev/null +++ b/dev-db/mongodb/files/mongodb.confd-r3 @@ -0,0 +1,11 @@ +# !! IMPORTANT !! +# +# This file is ONLY used to override some of the init script configuration. +# +# You should NOT use this file to configure your mongodb instance, +# see the /etc/mongodb.conf file instead. +# +# Available init script modifiers : +# - config_file : the configuration file to use (default : /etc/mongodb.conf) +# - user : the user used to run your mongodb instance (default : mongodb) +# - group : the group used to run your mongodb instance (default : mongodb) diff --git a/dev-db/mongodb/files/mongodb.initd-r3 b/dev-db/mongodb/files/mongodb.initd-r3 new file mode 100644 index 00000000000..778ef748240 --- /dev/null +++ b/dev-db/mongodb/files/mongodb.initd-r3 @@ -0,0 +1,18 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +: ${config_file:="/etc/${RC_SVCNAME}.conf"} +: ${user:=mongodb} +: ${group:=mongodb} + +command="/usr/bin/mongod" +command_args="--config ${config_file}" +command_background="true" +pidfile="/run/${RC_SVCNAME}.pid" +command_user="${user}:${group}" +required_files="${config_file}" + +depend() { + use net +} diff --git a/dev-db/mongodb/files/mongos.confd-r3 b/dev-db/mongodb/files/mongos.confd-r3 new file mode 100644 index 00000000000..7f297dfd3e4 --- /dev/null +++ b/dev-db/mongodb/files/mongos.confd-r3 @@ -0,0 +1,11 @@ +# !! IMPORTANT !! +# +# This file is ONLY used to override some of the init script configuration. +# +# You should NOT use this file to configure your mongos instance, +# see the /etc/mongos.conf file instead. +# +# Available init script modifiers : +# - config_file : the configuration file to use (default : /etc/mongos.conf) +# - user : the user used to run your mongodb instance (default : mongodb) +# - group : the group used to run your mongodb instance (default : mongodb) diff --git a/dev-db/mongodb/files/mongos.initd-r3 b/dev-db/mongodb/files/mongos.initd-r3 new file mode 100644 index 00000000000..cf5844ae30a --- /dev/null +++ b/dev-db/mongodb/files/mongos.initd-r3 @@ -0,0 +1,18 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +: ${config_file:="/etc/${RC_SVCNAME}.conf"} +: ${user:=mongodb} +: ${group:=mongodb} + +command="/usr/bin/mongos" +command_args="--config ${config_file}" +command_background="true" +pidfile="/run/${RC_SVCNAME}.pid" +command_user="${user}:${group}" +required_files="${config_file}" + +depend() { + use net +} diff --git a/dev-db/mongodb/mongodb-3.0.15.ebuild b/dev-db/mongodb/mongodb-3.0.15.ebuild index 848080d0799..08741ca2af6 100644 --- a/dev-db/mongodb/mongodb-3.0.15.ebuild +++ b/dev-db/mongodb/mongodb-3.0.15.ebuild @@ -111,10 +111,10 @@ src_install() { doman debian/mongo*.1 dodoc README docs/building.md - newinitd "${FILESDIR}/${PN}.initd-r2" ${PN} - newconfd "${FILESDIR}/${PN}.confd-r2" ${PN} - newinitd "${FILESDIR}/${PN/db/s}.initd-r2" ${PN/db/s} - newconfd "${FILESDIR}/${PN/db/s}.confd-r2" ${PN/db/s} + newinitd "${FILESDIR}/${PN}.initd-r3" ${PN} + newconfd "${FILESDIR}/${PN}.confd-r3" ${PN} + newinitd "${FILESDIR}/${PN/db/s}.initd-r3" ${PN/db/s} + newconfd "${FILESDIR}/${PN/db/s}.confd-r3" ${PN/db/s} insinto /etc newins "${FILESDIR}/${PN}.conf-r3" ${PN}.conf diff --git a/dev-db/mongodb/mongodb-3.2.16.ebuild b/dev-db/mongodb/mongodb-3.2.16.ebuild index f18602bddd9..76293455988 100644 --- a/dev-db/mongodb/mongodb-3.2.16.ebuild +++ b/dev-db/mongodb/mongodb-3.2.16.ebuild @@ -129,10 +129,10 @@ src_install() { doman debian/mongo*.1 dodoc README docs/building.md - newinitd "${FILESDIR}/${PN}.initd-r2" ${PN} - newconfd "${FILESDIR}/${PN}.confd-r2" ${PN} - newinitd "${FILESDIR}/${PN/db/s}.initd-r2" ${PN/db/s} - newconfd "${FILESDIR}/${PN/db/s}.confd-r2" ${PN/db/s} + newinitd "${FILESDIR}/${PN}.initd-r3" ${PN} + newconfd "${FILESDIR}/${PN}.confd-r3" ${PN} + newinitd "${FILESDIR}/${PN/db/s}.initd-r3" ${PN/db/s} + newconfd "${FILESDIR}/${PN/db/s}.confd-r3" ${PN/db/s} insinto /etc newins "${FILESDIR}/${PN}.conf-r3" ${PN}.conf diff --git a/dev-db/mongodb/mongodb-3.4.9.ebuild b/dev-db/mongodb/mongodb-3.4.9.ebuild index 8b70cd5e8e2..1e193228dcc 100644 --- a/dev-db/mongodb/mongodb-3.4.9.ebuild +++ b/dev-db/mongodb/mongodb-3.4.9.ebuild @@ -134,10 +134,10 @@ src_install() { doman debian/mongo*.1 dodoc README docs/building.md - newinitd "${FILESDIR}/${PN}.initd-r2" ${PN} - newconfd "${FILESDIR}/${PN}.confd-r2" ${PN} - newinitd "${FILESDIR}/${PN/db/s}.initd-r2" ${PN/db/s} - newconfd "${FILESDIR}/${PN/db/s}.confd-r2" ${PN/db/s} + newinitd "${FILESDIR}/${PN}.initd-r3" ${PN} + newconfd "${FILESDIR}/${PN}.confd-r3" ${PN} + newinitd "${FILESDIR}/${PN/db/s}.initd-r3" ${PN/db/s} + newconfd "${FILESDIR}/${PN/db/s}.confd-r3" ${PN/db/s} insinto /etc newins "${FILESDIR}/${PN}.conf-r3" ${PN}.conf
