[gentoo-commits] repo/gentoo:master commit in: net-mail/mailman/

["Hanno Boeck" <hanno@gentoo.org>]

commit:     82341a1768522b9e1508887c246d6c630edbf900
Author:     Hanno <hanno <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 21 11:04:26 2018 +0000
Commit:     Hanno Boeck <hanno <AT> gentoo <DOT> org>
CommitDate: Wed Feb 21 11:04:26 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=82341a17

net-mail/mailman: Version bump.

Fixes XSS (bug #648116, CVE-2018-5950).

Package-Manager: Portage-2.3.24, Repoman-2.3.6

 net-mail/mailman/Manifest              |   1 +
 net-mail/mailman/mailman-2.1.26.ebuild | 167 +++++++++++++++++++++++++++++++++
 2 files changed, 168 insertions(+)

diff --git a/net-mail/mailman/Manifest b/net-mail/mailman/Manifest
index fc43f1e6e9b..dc1840e111e 100644
--- a/net-mail/mailman/Manifest
+++ b/net-mail/mailman/Manifest
@@ -1,2 +1,3 @@
 DIST mailman-2.1.24.tgz 9251009 BLAKE2B a1530e424554b762ef2996cd2423cae15bff18760295d42b50d258451b9ba421509555b70b92bfaca01919d454b94d27c99560e18140c970e3cb119e2f7052b2 SHA512 f62f224abe5eb4804828a4d83389432b34595b8d4533310cda4da58ab10c2e62e0b2419929dcc53c32e2754d8f62fa8ef68877db4c65f6112f08f0e452fd6a38
+DIST mailman-2.1.26.tgz 9264592 BLAKE2B 04aad3d39724a01df313bebbb3b20bee0e991893f1a17342afb18f3fbe8099178260c176a6d3542a7bb82adee417105aac34783683b205bbb1377e65c982d598 SHA512 9662623beaf4653db809a4bd57cb8377ae5894d78ba7576cf2c555620daf2db79b01599e8445ef732f1e023e72deb16f51554a39226d59742ec73f9e6e7895b2
 DIST mailman-3.1.1.tar.gz 749014 BLAKE2B 00cf756de1a6ce5a05f30b033ad7d1ebc5664bb1c6fadb5d602c4e34e373ee7a0df0801e6b68b0816ee819f77caef33bbc4b8490df1c8f01fd2fb35664fd3757 SHA512 b09962ec99ca1ce1eafd40409a00f976dc47d82adb707313f4516400db6439af8597a1c4e30262fb228c102508ede688912480dbb1dcca9721bb0333693f1d85

diff --git a/net-mail/mailman/mailman-2.1.26.ebuild b/net-mail/mailman/mailman-2.1.26.ebuild
new file mode 100644
index 00000000000..daf50c80c71
--- /dev/null
+++ b/net-mail/mailman/mailman-2.1.26.ebuild
@@ -0,0 +1,167 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+PYTHON_COMPAT=( python2_7 )
+
+inherit eutils python-single-r1 multilib systemd user
+
+DESCRIPTION="A python-based mailing list server with an extensive web interface"
+SRC_URI="mirror://sourceforge/${PN}/${P/_p/-}.tgz"
+HOMEPAGE="http://www.list.org/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="selinux"
+REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+
+DEPEND="
+	${PYTHON_DEPS}
+	virtual/mta
+	virtual/cron
+	virtual/httpd-cgi
+	virtual/python-dnspython[${PYTHON_USEDEP}]"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-mailman )
+"
+
+S="${WORKDIR}/${P/_p/-}"
+
+pkg_setup() {
+	python-single-r1_pkg_setup
+	INSTALLDIR=${MAILMAN_PREFIX:-"/usr/$(get_libdir)/mailman"}
+	VAR_PREFIX=${MAILMAN_VAR_PREFIX:-"/var/lib/mailman"}
+	CGIUID=${MAILMAN_CGIUID:-apache}
+	CGIGID=${MAILMAN_CGIGID:-apache}
+	MAILUSR=${MAILMAN_MAILUSR:-mailman}
+	MAILUID=${MAILMAN_MAILUID:-280}
+	MAILGRP=${MAILMAN_MAILGRP:-mailman}
+	MAILGID=${MAILMAN_MAILGID:-280}
+
+	# Bug #58526: switch to enew{group,user}.
+	# need to add mailman here for compile process.
+	# Duplicated at pkg_postinst() for binary install.
+	enewgroup ${MAILGRP} ${MAILGID}
+	enewuser  ${MAILUSR} ${MAILUID} /bin/bash ${INSTALLDIR} mailman,cron
+}
+
+src_prepare() {
+	epatch "${FILESDIR}/${PN}-2.1.14_rc1-directory-check.patch"
+	epatch "${FILESDIR}/${PN}-2.1.9-icons.patch"
+}
+
+src_configure() {
+	econf \
+		--without-permcheck \
+		--prefix="${INSTALLDIR}" \
+		--with-mail-gid=${MAILGID} \
+		--with-cgi-gid=${CGIGID} \
+		--with-cgi-ext="${MAILMAN_CGIEXT}" \
+		--with-var-prefix="${VAR_PREFIX}" \
+		--with-username=${MAILUSR} \
+		--with-groupname=${MAILGRP} \
+		--with-python="${PYTHON}"
+}
+
+src_install () {
+	emake "DESTDIR=${D}" doinstall
+
+	insinto /etc/apache2/modules.d
+	newins "${FILESDIR}/50_mailman.conf-r2" 50_mailman.conf
+	sed \
+		-e "s:/usr/local/mailman/cgi-bin:${INSTALLDIR}/cgi-bin:g" \
+		-e "s:/usr/local/mailman/icons:${INSTALLDIR}/icons:g" \
+		-e "s:/usr/local/mailman/archives:${VAR_PREFIX}/archives:g" \
+		-i "${D}/etc/apache2/modules.d/50_mailman.conf" || die
+
+	newdoc "${FILESDIR}/README.gentoo-r3" README.gentoo
+
+	dodoc ACK* BUGS FAQ NEWS README* TODO UPGRADING INSTALL contrib/mailman.mc \
+		contrib/README.check_perms_grsecurity contrib/virtusertable
+
+	exeinto ${INSTALLDIR}/bin
+	doexe build/contrib/*.py contrib/majordomo2mailman.pl contrib/auto \
+		contrib/mm-handler*
+
+	dodir /etc/mailman
+	mv "${D}/${INSTALLDIR}/Mailman/mm_cfg.py" "${D}/etc/mailman"
+	dosym /etc/mailman/mm_cfg.py ${INSTALLDIR}/Mailman/mm_cfg.py
+
+	# Save the old config for updates from pre-2.1.9-r2
+	# To be removed some distant day
+	for i in /var/mailman /home/mailman /usr/local/mailman ${INSTALLDIR}; do
+		if [ -f ${i}/Mailman/mm_cfg.py ] && ! [ -L ${i}/Mailman/mm_cfg.py ]; then
+			cp ${i}/Mailman/mm_cfg.py "${D}/etc/mailman/mm_cfg.py" || die
+		fi
+	done
+
+	newinitd "${FILESDIR}/mailman.rc" mailman
+	cp "${FILESDIR}/mailman.service" "${T}/mailman.service" || die
+	sed -i "s/^User=.*/User=${MAILUSR}/" "${T}/mailman.service" || die
+	systemd_dounit "${T}/mailman.service"
+
+	keepdir ${VAR_PREFIX}/logs
+	keepdir ${VAR_PREFIX}/locks
+	keepdir ${VAR_PREFIX}/spam
+	keepdir ${VAR_PREFIX}/archives/public
+	keepdir ${VAR_PREFIX}/archives/private
+	keepdir ${VAR_PREFIX}/lists
+	keepdir ${VAR_PREFIX}/qfiles
+
+	chown -R ${MAILUSR}:${MAILGRP} "${D}/${VAR_PREFIX}" "${D}/${INSTALLDIR}" "${D}"/etc/mailman/* || die
+	chown ${CGIUID}:${MAILGRP} "${D}/${VAR_PREFIX}/archives/private" || die
+	chmod 2775 "${D}/${INSTALLDIR}" "${D}/${INSTALLDIR}"/templates/* \
+		"${D}/${INSTALLDIR}"/messages/* "${D}/${VAR_PREFIX}" "${D}/${VAR_PREFIX}"/{logs,lists,spam,locks,archives/public} || die
+	chmod 2770 "${D}/${VAR_PREFIX}/archives/private" || die
+	chmod 2770 "${D}/${VAR_PREFIX}/qfiles" || die
+	chmod 2755 "${D}/${INSTALLDIR}"/cgi-bin/* "${D}/${INSTALLDIR}/mail/mailman" || die
+
+	python_optimize "${D}/${INSTALLDIR}/bin/" \
+		"${D}/${INSTALLDIR}/Mailman/" \
+		"${D}/${INSTALLDIR}/Mailman/*"
+}
+
+pkg_postinst() {
+	enewgroup ${MAILGRP} ${MAILGID}
+	enewuser  ${MAILUSR} ${MAILUID} -1 ${INSTALLDIR} mailman,cron
+	echo
+	elog "Please read /usr/share/doc/${PF}/README.gentoo.bz2 for additional"
+	elog "Setup information, mailman will NOT run unless you follow"
+	elog "those instructions!"
+	echo
+
+	elog "An example Mailman configuration file for Apache has been installed into:"
+	elog "  ${APACHE2_MODULES_CONFDIR}/50_mailman.conf"
+	echo
+	elog "To enable, you will need to add \"-D MAILMAN\" to"
+	elog "/etc/conf.d/apache2."
+	echo
+
+	ewarn "Default-Configuration has changed deeply in 2.1.9-r2. You can configure"
+	ewarn "mailman with the following variables:"
+	ewarn "MAILMAN_PREFIX (default: /usr/$(get_libdir)/mailman)"
+	ewarn "MAILMAN_VAR_PREFIX (default: /var/lib/mailman)"
+	ewarn "MAILMAN_CGIUID (default: apache)"
+	ewarn "MAILMAN_CGIGID (default: apache)"
+	ewarn "MAILMAN_CGIEXT (default: empty)"
+	ewarn "MAILMAN_MAILUSR (default: mailman)"
+	ewarn "MAILMAN_MAILUID (default: 280)"
+	ewarn "MAILMAN_MAILGRP (default: mailman)"
+	ewarn "MAILMAN_MAILGID (default: 280)"
+	ewarn
+	ewarn "Config file is now symlinked in /etc/mailman, so etc-update works."
+	ewarn
+	ewarn "If you're upgrading from below 2.1.9-r2 or changed MAILMAN_PREFIX, you"
+	ewarn "NEED to make a few manual updates to your system:"
+	ewarn
+	ewarn "1.  Update your mailman users's home directory: usermod -d ${INSTALLDIR} mailman"
+	ewarn "2.  Re-import the crontab: su - mailman -c 'crontab cron/crontab.in'"
+	ewarn "3.  Copy your old mm_cfg.py file to /etc/mailman/mm_cfg.py"
+	ewarn
+	ewarn "Additionally if you've modified MAILMAN_VAR_PREFIX (or upgraded from"
+	ewarn "a pre 2.1.9-r2 installation), you should move your old lists/ and"
+	ewarn "archives/ directory to the new location, ensuring that the"
+	ewarn "permissions is correct.  See bug #208789 for a discussion."
+}