[arch-commits] Commit in bird/trunk (PKGBUILD bird.service)
Sébastien Luttringer
seblu at archlinux.org
Tue Apr 13 13:04:46 UTC 2021
Date: Tuesday, April 13, 2021 @ 13:04:46
Author: seblu
Revision: 412397
upgpkg: bird 2.0.8-2
- Use DESTDIR to install into the package directory.
- Use the default config
- Move runtime directory from /var/run to /run/bird
- Drop -fcommon CFLAG
- Improve security of the systemd service, see FS#64874
Modified:
bird/trunk/PKGBUILD
bird/trunk/bird.service
--------------+
PKGBUILD | 23 ++++++-----------------
bird.service | 11 +++++++++++
2 files changed, 17 insertions(+), 17 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-04-13 11:33:09 UTC (rev 412396)
+++ PKGBUILD 2021-04-13 13:04:46 UTC (rev 412397)
@@ -2,7 +2,7 @@
pkgname=bird
pkgver=2.0.8
-pkgrel=1
+pkgrel=2
pkgdesc='RIP, OSPF, BGP, MPLS, BFD, Babel routing daemon'
arch=('x86_64')
url='https://bird.network.cz/'
@@ -10,10 +10,11 @@
backup=('etc/bird.conf')
depends=('glibc' 'readline' 'ncurses' 'libssh')
replaces=('bird6')
+options=(!emptydirs)
source=("https://bird.network.cz/download/$pkgname-$pkgver.tar.gz"
'bird.service')
-sha512sums=('5f8ad63b1dcdcfdfd4c98f55601dda3a07dea3099fc51b52a340650ca475bd943ee6aac31a1e7735b7596b279e338697c65728754b97108ae687a05f566c94e2'
- '7321e51fea464914241b21a40be8de2251b650ff470730b6e460a4476ef10c17be3b2eb9e2ac96a9a956de5cc8e3b92417f9c920ae24ab9b06e58b887dd9e49e')
+sha256sums=('19d2de83ee25a307b9e5b9e58797dd68766d439bcee33e3ac617ed502370e7f6'
+ 'bb6d98a63dfff649143e01ebac8dc20d5850232d906169adfc69871fa9c9542f')
prepare() {
cd $pkgname-$pkgver
@@ -30,12 +31,12 @@
build() {
cd $pkgbase-$pkgver
- CFLAGS+=' -fcommon' # https://wiki.gentoo.org/wiki/Gcc_10_porting_notes/fno_common
./configure \
--prefix=/usr \
--sbindir=/usr/bin \
--sysconfdir=/etc \
--localstatedir=/var \
+ --runstatedir=/run/$pkgname \
--docdir=/usr/share/doc/$pkgname
make
}
@@ -43,22 +44,10 @@
package () {
cd $pkgbase-$pkgver
- make \
- prefix="$pkgdir/usr" \
- sysconfdir="$pkgdir/etc" \
- sbindir="$pkgdir/usr/bin" \
- localstatedir="$pkgdir/var" \
- docdir="$pkgdir/usr/share/doc/$pkgname" \
- install
+ make DESTDIR="$pkgdir" install
- # no /var inside pkg
- rm -r "$pkgdir/var"
-
# systemd
install -D -m 644 "$srcdir/bird.service" "$pkgdir/usr/lib/systemd/system/bird.service"
-
- # overwrite invalid default config file (see FS#57096)
- install -D -m 644 doc/bird.conf.example2 "$pkgdir/etc/bird.conf"
}
# vim:set ts=2 sw=2 et:
Modified: bird.service
===================================================================
--- bird.service 2021-04-13 11:33:09 UTC (rev 412396)
+++ bird.service 2021-04-13 13:04:46 UTC (rev 412397)
@@ -7,6 +7,17 @@
ExecStart=/usr/bin/bird
ExecReload=/usr/bin/birdc configure
ExecStop=/usr/bin/birdc down
+RuntimeDirectory=bird
+RuntimeDirectoryMode=0750
+DynamicUser=true
+User=bird
+ProtectSystem=strict
+ProtectHome=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+PrivateTmp=true
+PrivateDevices=true
+CapabilityBoundingSet=CAP_NET_ADMIN
[Install]
WantedBy=multi-user.target
More information about the arch-commits
mailing list