pool/mumble
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 186210 from games:tools

Browse Source 
- clean up old macros

- update to 1.2.4: http://mumble.sourceforge.net/1.2.4
  Obsoleted patches:
	0001-fix-build-error-with-capability.h.diff
	0001-fix-user-switching.diff
	0001-open-log-file-early-so-log-dir-can-be-root-owned.diff
	0001-if-service-name-is-empty-don-t-pass-an-empty-string.diff
	0001-remove-CAP_NET_ADMIN.diff
	0001-fix-bonjour-support-using-avahi-compat-lib.diff
	mumble-1.2.3-nohardcodedcas.diff
	0001-Explicitly-remove-file-permissions-for-settings-and-D.diff
- systemd service file

OBS-URL: https://build.opensuse.org/request/show/186210
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mumble?expand=0&rev=22
This commit is contained in:
Stephan Kulow 2013-08-07 18:45:49 +00:00 committed by Git OBS Bridge
commit 07f1c8abcb
15 changed files with 88 additions and 511 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
0001-Explicitly-remove-file-permissions-for-settings-and-D.diff
View File

@ -1,52 +0,0 @@
From cc52dd435e281f008866439b9eb5565729bd1956 Mon Sep 17 00:00:00 2001
From: Thorvald Natvig <slicer@users.sourceforge.net>
Date: Fri, 27 May 2011 16:59:15 -0700
Subject: [PATCH mumble] Explicitly remove file permissions for settings and
DB
---
src/mumble/Database.cpp | 5 +++++
src/mumble/Settings.cpp | 11 +++++++++++
2 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/src/mumble/Database.cpp b/src/mumble/Database.cpp
index 6c4d940..5caed38 100644
--- a/src/mumble/Database.cpp
+++ b/src/mumble/Database.cpp
@@ -92,6 +92,11 @@ Database::Database() {
qWarning("Database: Database is read-only");
}
+ {
+ QFile f(db.databaseName());
+ f.setPermissions(f.permissions() & ~(QFile::ReadGroup | QFile::WriteGroup | QFile::ExeGroup | QFile::ReadOther | QFile::WriteOther | QFile::ExeOther));
+ }
+
QSqlQuery query;
query.exec(QLatin1String("CREATE TABLE IF NOT EXISTS `servers` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `name` TEXT, `hostname` TEXT, `port` INTEGER DEFAULT 64738, `username` TEXT, `password` TEXT)"));
diff --git a/src/mumble/Settings.cpp b/src/mumble/Settings.cpp
index 5ebbc53..df9d7f3 100644
--- a/src/mumble/Settings.cpp
+++ b/src/mumble/Settings.cpp
@@ -698,6 +698,17 @@ void OverlaySettings::save() {
void OverlaySettings::save(QSettings* settings_ptr) {
OverlaySettings def;
+ settings_ptr->setValue(QLatin1String("version"), QLatin1String(MUMTEXT(MUMBLE_VERSION_STRING)));
+ settings_ptr->sync();
+
+#if defined(Q_OS_WIN) || defined(Q_OS_MAC)
+ if (settings_ptr->format() == QSettings::IniFormat)
+#endif
+ {
+ QFile f(settings_ptr->fileName());
+ f.setPermissions(f.permissions() & ~(QFile::ReadGroup | QFile::WriteGroup | QFile::ExeGroup | QFile::ReadOther | QFile::WriteOther | QFile::ExeOther));
+ }
+
SAVELOAD(bEnable, "enable");
SAVELOAD(osShow, "show");
--
1.7.7

47
0001-fix-bonjour-support-using-avahi-compat-lib.diff
View File

@ -1,47 +0,0 @@
From bb366a77262db2f14159a25c624183bffcf2efb8 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Mon, 11 Apr 2011 14:56:25 +0200
Subject: [PATCH mumble] fix bonjour support using avahi compat lib
several reads may be required until the resolved callback fires so don't delete record in the read callback.
---
src/bonjour/bonjourserviceresolver.cpp | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/bonjour/bonjourserviceresolver.cpp b/src/bonjour/bonjourserviceresolver.cpp
index 534095c..3bbdc66 100644
--- a/src/bonjour/bonjourserviceresolver.cpp
+++ b/src/bonjour/bonjourserviceresolver.cpp
@@ -77,7 +77,6 @@ void BonjourServiceResolver::resolveBonjourRecord(const BonjourRecord &record) {
void BonjourServiceResolver::bonjourSocketReadyRead(int sockfd) {
ResolveRecord *rr = qmResolvers.value(sockfd);
- qmResolvers.remove(sockfd);
if (! rr)
return;
@@ -86,7 +85,6 @@ void BonjourServiceResolver::bonjourSocketReadyRead(int sockfd) {
if (err != kDNSServiceErr_NoError)
emit error(rr->record, err);
- delete rr;
}
@@ -95,6 +93,7 @@ void BonjourServiceResolver::bonjourResolveReply(DNSServiceRef, DNSServiceFlags
const char *, const char *hosttarget, quint16 port,
quint16 , const char *, void *context) {
ResolveRecord *rr = static_cast<ResolveRecord *>(context);
+ rr->bsr->qmResolvers.remove(DNSServiceRefSockFD(rr->dnssref));
if (errorCode != kDNSServiceErr_NoError) {
emit rr->bsr->error(rr->record, errorCode);
@@ -102,4 +101,5 @@ void BonjourServiceResolver::bonjourResolveReply(DNSServiceRef, DNSServiceFlags
}
rr->bonjourPort = qFromBigEndian<quint16>(port);
emit rr->bsr->bonjourRecordResolved(rr->record, QString::fromUtf8(hosttarget), rr->bonjourPort);
+ delete rr;
}
--
1.7.3.4

24
0001-fix-build-error-with-capability.h.diff
View File

@ -1,24 +0,0 @@
From 72d7a63286539dee07d962c8f2abf2867efa7d6a Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Thu, 23 Dec 2010 14:03:56 +0100
Subject: [PATCH 1/2] fix build error with capability.h
---
src/murmur/murmur_pch.h | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/murmur/murmur_pch.h b/src/murmur/murmur_pch.h
index daf7884..27c38a1 100644
--- a/src/murmur/murmur_pch.h
+++ b/src/murmur/murmur_pch.h
@@ -56,6 +56,7 @@ extern "C" {
#include <sys/time.h>
#include <sys/resource.h>
#ifdef Q_OS_LINUX
+#include <linux/types.h> // needed to work around evil magic stuff in capability.h
#include <sys/capability.h>
#include <sys/prctl.h>
#endif
--
1.7.1

130
0001-fix-user-switching.diff
View File

@ -1,130 +0,0 @@
From 41006c79225199fb6faaed3bc0228a35e9e51514 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Fri, 24 Dec 2010 18:20:34 +0100
Subject: [PATCH 2/2] fix user switching
- don't keep saved uid 0. That's bad as an attacker that manages to
execute code could switch back to uid 0
- set $HOME as Qt doesn't look at passwd information
- initialize supplementary groups
- use "mumble-server" as fallback if no user is specified
---
src/murmur/Meta.cpp | 19 +++++++++++++------
src/murmur/Meta.h | 4 ++++
src/murmur/UnixMurmur.cpp | 12 ++++++++++--
src/murmur/main.cpp | 4 +++-
src/murmur/murmur_pch.h | 1 +
5 files changed, 31 insertions(+), 9 deletions(-)
diff --git a/src/murmur/Meta.cpp b/src/murmur/Meta.cpp
index 05cd03e..5efc52a 100644
--- a/src/murmur/Meta.cpp
+++ b/src/murmur/Meta.cpp
@@ -264,15 +264,22 @@ void MetaParams::read(QString fname) {
iBanTime = qsSettings->value("autobanTime", iBanTime).toInt();
#ifdef Q_OS_UNIX
- const QString uname = qsSettings->value("uname").toString();
- if (! uname.isEmpty() && (geteuid() == 0)) {
- struct passwd *pw = getpwnam(qPrintable(uname));
+ qsName = qsSettings->value("uname").toString();
+ if (geteuid() == 0) {
+ // TODO: remove this silent fallback to enforce running as non-root
+ bool requested = true;
+ if (qsName.isEmpty()) {
+ // default server user name
+ qsName = "mumble-server";
+ requested = false;
+ }
+ struct passwd *pw = getpwnam(qPrintable(qsName));
if (pw) {
uiUid = pw->pw_uid;
uiGid = pw->pw_gid;
- }
- if (uiUid == 0) {
- qFatal("Cannot find username %s", qPrintable(uname));
+ qsHome = pw->pw_dir;
+ } else if (requested) {
+ qFatal("Cannot find username %s", qPrintable(qsName));
}
endpwent();
}
diff --git a/src/murmur/Meta.h b/src/murmur/Meta.h
index 7924640..1ec2d2b 100644
--- a/src/murmur/Meta.h
+++ b/src/murmur/Meta.h
@@ -96,7 +96,11 @@ struct MetaParams {
QMap<QString, QString> qmConfig;
+#ifdef Q_OS_UNIX
unsigned int uiUid, uiGid;
+ QString qsHome;
+ QString qsName;
+#endif
QSettings *qsSettings;
diff --git a/src/murmur/UnixMurmur.cpp b/src/murmur/UnixMurmur.cpp
index eeeb67c..773701c 100644
--- a/src/murmur/UnixMurmur.cpp
+++ b/src/murmur/UnixMurmur.cpp
@@ -231,14 +231,22 @@ void UnixMurmur::setuid() {
} else
qFatal("Couldn't switch uid/gid.");
#else
- if (setregid(Meta::mp.uiGid, Meta::mp.uiGid) != 0)
+ if (::initgroups(qPrintable(Meta::mp.qsName), Meta::mp.uiGid) != 0)
+ qCritical("Can't initialize supplementary groups");
+ if (::setgid(Meta::mp.uiGid) != 0)
qCritical("Failed to switch to gid %d", Meta::mp.uiGid);
- if (setresuid(Meta::mp.uiUid, Meta::mp.uiUid, 0) != 0) {
+ if (::setuid(Meta::mp.uiUid) != 0) {
qFatal("Failed to become uid %d", Meta::mp.uiUid);
} else {
qCritical("Successfully switched to uid %d", Meta::mp.uiUid);
initialcap();
}
+ if (!Meta::mp.qsHome.isEmpty()) {
+ // QDir::homePath is broken. It only looks at $HOME
+ // instead of getpwuid() so we have to set our home
+ // ourselves
+ ::setenv("HOME", qPrintable(Meta::mp.qsHome), 1);
+ }
#endif
} else if (bRoot) {
qCritical("WARNING: You are running murmurd as root, without setting a uname in the ini file. This might be a security risk.");
diff --git a/src/murmur/main.cpp b/src/murmur/main.cpp
index 7a11250..5a4810d 100644
--- a/src/murmur/main.cpp
+++ b/src/murmur/main.cpp
@@ -272,11 +272,13 @@ int main(int argc, char **argv) {
Meta::mp.read(inifile);
- MumbleSSL::addSystemCA();
#ifdef Q_OS_UNIX
unixhandler.setuid();
#endif
+
+ MumbleSSL::addSystemCA();
+
ServerDB db;
meta = new Meta();
diff --git a/src/murmur/murmur_pch.h b/src/murmur/murmur_pch.h
index 27c38a1..c36d5ae 100644
--- a/src/murmur/murmur_pch.h
+++ b/src/murmur/murmur_pch.h
@@ -61,6 +61,7 @@ extern "C" {
#include <sys/prctl.h>
#endif
#include <pwd.h>
+#include <grp.h>
#ifdef __FreeBSD__
#include <netinet/in_systm.h>
#endif
--
1.7.1

28
0001-if-service-name-is-empty-don-t-pass-an-empty-string.diff
View File

@ -1,28 +0,0 @@
From d2a97b874e55ad156781a2762ff32ae9566de495 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Thu, 24 Mar 2011 09:04:53 +0100
Subject: [PATCH mumble] if service name is empty don't pass an empty string
DNSServiceRegister uses the local host name if the name is NULL but does nothing if it's empty
---
src/bonjour/bonjourserviceregister.cpp | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/bonjour/bonjourserviceregister.cpp b/src/bonjour/bonjourserviceregister.cpp
index a818d8c..5f82779 100644
--- a/src/bonjour/bonjourserviceregister.cpp
+++ b/src/bonjour/bonjourserviceregister.cpp
@@ -53,7 +53,9 @@ void BonjourServiceRegister::registerService(const BonjourRecord &record, quint1
}
#endif
- DNSServiceErrorType err = DNSServiceRegister(&dnssref, 0, 0, record.serviceName.toUtf8().constData(),
+ DNSServiceErrorType err = DNSServiceRegister(&dnssref, 0, 0,
+ record.serviceName.isEmpty() ? 0
+ : record.serviceName.toUtf8().constData(),
record.registeredType.toUtf8().constData(),
record.replyDomain.isEmpty() ? 0
: record.replyDomain.toUtf8().constData(), 0,
--
1.7.3.4

91
0001-open-log-file-early-so-log-dir-can-be-root-owned.diff
View File

@ -1,91 +0,0 @@
From d79587e5570ec036355ada3de76521d981ce9596 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Tue, 8 Mar 2011 16:31:33 +0100
Subject: [PATCH] open log file early so log dir can be root owned
http://article.gmane.org/gmane.comp.security.oss.general/4404
---
src/murmur/UnixMurmur.cpp | 2 +-
src/murmur/main.cpp | 46 ++++++++++++++++++++++++++------------------
2 files changed, 28 insertions(+), 20 deletions(-)
diff --git a/src/murmur/UnixMurmur.cpp b/src/murmur/UnixMurmur.cpp
index 773701c..3dc9c08 100644
--- a/src/murmur/UnixMurmur.cpp
+++ b/src/murmur/UnixMurmur.cpp
@@ -255,7 +255,7 @@ void UnixMurmur::setuid() {
void UnixMurmur::initialcap() {
#ifdef Q_OS_LINUX
- cap_value_t caps[] = {CAP_NET_ADMIN, CAP_SETUID, CAP_SETGID, CAP_SYS_RESOURCE, CAP_DAC_OVERRIDE };
+ cap_value_t caps[] = {CAP_NET_ADMIN, CAP_SETUID, CAP_SETGID, CAP_CHOWN, CAP_SYS_RESOURCE, CAP_DAC_OVERRIDE };
if (! bRoot)
return;
diff --git a/src/murmur/main.cpp b/src/murmur/main.cpp
index 5a4810d..695f8cc 100644
--- a/src/murmur/main.cpp
+++ b/src/murmur/main.cpp
@@ -273,6 +273,33 @@ int main(int argc, char **argv) {
Meta::mp.read(inifile);
+ // need to open log file early so log dir can be root owned:
+ // http://article.gmane.org/gmane.comp.security.oss.general/4404
+ if (detach && ! Meta::mp.qsLogfile.isEmpty()) {
+ qfLog = new QFile(Meta::mp.qsLogfile);
+ if (! qfLog->open(QIODevice::WriteOnly | QIODevice::Append | QIODevice::Text)) {
+ delete qfLog;
+ qfLog = NULL;
+#ifdef Q_OS_UNIX
+ fprintf(stderr, "murmurd: failed to open logfile %s: no logging will be done\n",qPrintable(Meta::mp.qsLogfile));
+#else
+ qWarning("Failed to open logfile %s. Will not detach.",qPrintable(Meta::mp.qsLogfile));
+ detach = false;
+#endif
+ } else {
+ qfLog->setTextModeEnabled(true);
+ QFileInfo qfi(*qfLog);
+ Meta::mp.qsLogfile = qfi.absoluteFilePath();
+#ifdef Q_OS_UNIX
+ if (Meta::mp.uiUid != 0 && fchown(qfLog->handle(), Meta::mp.uiUid, Meta::mp.uiGid) == -1) {
+ qFatal("can't change log file owner to %d %d:%d - %s", qfLog->handle(), Meta::mp.uiUid, Meta::mp.uiGid, strerror(errno));
+ }
+#endif
+ }
+ } else {
+ detach = false;
+ }
+
#ifdef Q_OS_UNIX
unixhandler.setuid();
#endif
@@ -318,25 +345,6 @@ int main(int argc, char **argv) {
}
}
- if (detach && ! Meta::mp.qsLogfile.isEmpty()) {
- qfLog = new QFile(Meta::mp.qsLogfile);
- if (! qfLog->open(QIODevice::WriteOnly | QIODevice::Append | QIODevice::Text)) {
- delete qfLog;
- qfLog = NULL;
-#ifdef Q_OS_UNIX
- fprintf(stderr, "murmurd: failed to open logfile %s: no logging will be done\n",qPrintable(Meta::mp.qsLogfile));
-#else
- qWarning("Failed to open logfile %s. Will not detach.",qPrintable(Meta::mp.qsLogfile));
- detach = false;
-#endif
- } else {
- qfLog->setTextModeEnabled(true);
- QFileInfo qfi(*qfLog);
- Meta::mp.qsLogfile = qfi.absoluteFilePath();
- }
- } else {
- detach = false;
- }
#ifdef Q_OS_UNIX
if (detach) {
if (fork() != 0) {
--
1.7.3.4

26
0001-remove-CAP_NET_ADMIN.diff
View File

@ -1,26 +0,0 @@
From 6b365d33f10a9c4376bed058330d243c514b94a1 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Thu, 24 Mar 2011 14:29:35 +0100
Subject: [PATCH mumble] remove CAP_NET_ADMIN
QoS settings do not need CAP_NET_ADMIN anymore
---
src/murmur/UnixMurmur.cpp | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/murmur/UnixMurmur.cpp b/src/murmur/UnixMurmur.cpp
index 9becf63..9e1c81c 100644
--- a/src/murmur/UnixMurmur.cpp
+++ b/src/murmur/UnixMurmur.cpp
@@ -288,7 +288,7 @@ void UnixMurmur::initialcap() {
void UnixMurmur::finalcap() {
#ifdef Q_OS_LINUX
- cap_value_t caps[] = {CAP_NET_ADMIN, CAP_SYS_RESOURCE};
+ cap_value_t caps[] = {CAP_SYS_RESOURCE};
struct rlimit r;
if (! bRoot)
--
1.7.3.4

49
mumble-1.2.3-nohardcodedcas.diff
View File

@ -1,49 +0,0 @@
From b7fb70c101dd6afff86173f3f5dcb6d99376d11e Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Mon, 13 Feb 2012 14:42:05 +0100
Subject: [PATCH mumble] don't add hardcoded CA's if NO_SYSTEM_CA_OVERRIDE is
defined
actually mumble better should never add hardcoded CA certificates,
you never know which one is next to be shut down
---
src/SSL.cpp | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/SSL.cpp b/src/SSL.cpp
index ab9f0c8..40aaf13 100644
--- a/src/SSL.cpp
+++ b/src/SSL.cpp
@@ -36,6 +36,7 @@
/* CAs we recommend to end users, so support these */
+#if QT_VERSION < 0x040700 && !defined(NO_SYSTEM_CA_OVERRIDE)
static const char *recommended_cas[] = {
/* StartSSL */
"-----BEGIN CERTIFICATE-----\n"
@@ -143,6 +144,7 @@ static const char *recommended_cas[] = {
};
+#endif // NO_SYSTEM_CA_OVERRIDE
void MumbleSSL::addSystemCA() {
@@ -252,7 +254,6 @@ void MumbleSSL::addSystemCA() {
}
}
QSslSocket::setDefaultCaCertificates(ql);
-#endif // NO_SYSTEM_CA_OVERRIDE
for (unsigned int i=0;i<sizeof(recommended_cas)/sizeof(recommended_cas[0]);++i) {
QSslCertificate cert(recommended_cas[i]);
@@ -261,4 +262,5 @@ void MumbleSSL::addSystemCA() {
QSslSocket::addDefaultCaCertificates(QList<QSslCertificate>() << cert);
}
}
+#endif // NO_SYSTEM_CA_OVERRIDE
}
--
1.7.7

3
mumble-1.2.3.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:05895122ae4abec3fb62ef24ed9d167ffd768e7080ed179c8bf3afca96d18a5c
size 3448053

7
mumble-1.2.3.tar.gz.sig
View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAk1gN5sACgkQ8Jse7d66bz4OKACfSpEhcg1nuxOlcBxKi0Zcb08M
sQIAoIYq1K6Ncv/dVjDxt+01HG3tZXuU
=zdmP
-----END PGP SIGNATURE-----

3
mumble-1.2.4.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a1cf8383d99a02719b16c5440e3a5fb5375a8aa060f203bfa5d25bc69f919c9b
size 3200084

11
mumble-1.2.4.tar.gz.sig Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAABAgAGBQJRqmS/AAoJENINBrr6EZMnk4UH/2fmjFLqPVVTxq7WEX4alFly
AHhbLF19tg2iG6m1DuQncclfAVIzhgpcKCle7ponxXNhMTMWtWYlopqDpvCqn84v
wPJ+4MPvDjQ0+Eaz9jHVUo/rX9ieOAcCRTwYAx9MABIDL6ZTBeA8FyCPW+i3bEE6
ossgyH6zUOf7aLkuzai+z5Rmy8Ten7S9niGRiJzpEJ3jgmUEFjrU9te1aclw/5G6
TvbbPQ7mv55PV9FdOqY0lcCRIx53N0D2daRIl6uByCcuTnsgRUT/pkHNbg+QlYPa
niOau+cAca8fwGWJYaqP5nghlhPjrEleSUxPgAFdh/vBXGPbPXETRc0sXkR9NgA=
=hSgS
-----END PGP SIGNATURE-----

20
mumble-server.service Normal file
View File

@ -0,0 +1,20 @@
# This file is part of package mumble-server.
#
# Copyright (c) 2013 Pascal Bleser <pascal.bleser@opensuse.org>
# Author: Pascal Bleser
#
# Description:
#
# Used to start the Mumble server (murmurd)
#
[Unit]
Description=Mumble Server (murmur)
Requires=var-run.mount network.target remote-fs.target syslog.target time-sync.target
After=var-run.mount network.target remote-fs.target syslog.target time-sync.target mysql.target
[Service]
ExecStart=/usr/sbin/murmurd -fg -ini /etc/mumble-server.ini
[Install]
WantedBy=multi-user.target

21
mumble.changes
View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Thu Aug 1 09:23:58 UTC 2013 - lnussel@suse.de
- clean up old macros
-------------------------------------------------------------------
Thu Jun 6 18:19:15 UTC 2013 - pascal.bleser@opensuse.org
- update to 1.2.4: http://mumble.sourceforge.net/1.2.4
Obsoleted patches:
0001-fix-build-error-with-capability.h.diff
0001-fix-user-switching.diff
0001-open-log-file-early-so-log-dir-can-be-root-owned.diff
0001-if-service-name-is-empty-don-t-pass-an-empty-string.diff
0001-remove-CAP_NET_ADMIN.diff
0001-fix-bonjour-support-using-avahi-compat-lib.diff
mumble-1.2.3-nohardcodedcas.diff
0001-Explicitly-remove-file-permissions-for-settings-and-D.diff
- systemd service file
-------------------------------------------------------------------
Wed Nov 28 20:46:55 CET 2012 - sbrabec@suse.cz

87
mumble.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package mumble
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -32,7 +32,7 @@
%bcond_with ice
%endif
%bcond_without mumble11x
%bcond_with mumble11x
%bcond_without bonjour
# mumble must be able to talk to other clients which may use
@ -102,7 +102,7 @@ BuildRequires: qt4-linguist
%if %{with pulseaudio}
BuildRequires: pulseaudio-devel
%endif
Version: 1.2.3%{?snapshot:_%snapshot}
Version: 1.2.4%{?snapshot:_%snapshot}
Release: 0
%if 0%{!?snapshot:1}
Source: http://downloads.sourceforge.net/project/mumble/Mumble/%{version}/mumble-%{version}.tar.gz
@ -111,14 +111,7 @@ Source1: http://downloads.sourceforge.net/project/mumble/Mumble/%{version
Source2: mumble-server.init
Source3: murmur.apparmor
Source4: %{name}.keyring
Patch0: 0001-fix-build-error-with-capability.h.diff
Patch1: 0001-fix-user-switching.diff
Patch2: 0001-open-log-file-early-so-log-dir-can-be-root-owned.diff
Patch3: 0001-if-service-name-is-empty-don-t-pass-an-empty-string.diff
Patch4: 0001-remove-CAP_NET_ADMIN.diff
Patch5: 0001-fix-bonjour-support-using-avahi-compat-lib.diff
Patch6: mumble-1.2.3-nohardcodedcas.diff
Patch7: 0001-Explicitly-remove-file-permissions-for-settings-and-D.diff
Source5: mumble-server.service
Patch50: mumble-1.2.2-buildcompare.diff
# hack, no clue about glx so no idea to fix this properly
Patch99: mumble-1.1.4-sle10glx.diff
@ -176,6 +169,7 @@ PreReq: /usr/sbin/useradd
Conflicts: mumble-server < %version
Provides: mumble-server = %version
%endif
%{?systemd_requires}
%description server
Low-latency, high-quality voice communication for gamers. Includes game
@ -184,19 +178,11 @@ characters, and has echo cancellation so the sound from your loudspeakers
won't be audible to other players.
%prep
%if 0%{?gpg_verify:1}
%gpg_verify %{S:1}
%endif
#if 0%{?gpg_verify:1}
#gpg_verify %{S:1}
#endif
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
#
%patch50 -p1
%if 0%{?suse_version} && 0%{?suse_version} < 1020
%patch99 -p1
@ -303,7 +289,7 @@ make -C src/mumble qt_de.qm
for i in mumble murmur; do
make -C src/$i -f Makefile.Release compiler_pb_make_all
done
make %{?jobs:-j%{jobs}}
make %{?_smp_mflags}
%endif
%install
@ -320,10 +306,6 @@ install -d -m 0755 "%{buildroot}%{_mandir}/man1"
install -m 0644 man/*.1 "%{buildroot}%{_mandir}/man1"
#
install -D -m 0644 icons/mumble.xpm "%{buildroot}%{_datadir}/pixmaps/mumble.xpm"
#install -D -m 0644 icons/mumble.16x16.png "%{buildroot}%{_datadir}/icons/hicolor/16x16/apps/mumble.png"
#install -D -m 0644 icons/mumble.32x32.png "%{buildroot}%{_datadir}/icons/hicolor/32x32/apps/mumble.png"
#install -D -m 0644 icons/mumble.48x48.png "%{buildroot}%{_datadir}/icons/hicolor/48x48/apps/mumble.png"
#install -D -m 0644 icons/mumble.64x64.png "%{buildroot}%{_datadir}/icons/hicolor/64x64/apps/mumble.png"
install -D -m 0644 icons/mumble.svg "%{buildroot}%{_datadir}/icons/hicolor/scalable/apps/mumble.svg"
#
install -d -m0755 "%{buildroot}%{_libdir}/mumble"
@ -339,12 +321,15 @@ install -m 644 release/libcelt0.so.0.*.* "%{buildroot}%{_libdir}/mumble"
install -D -m 0755 release/mumble11x %{buildroot}%{_bindir}/mumble11x
%else
# XXX
/bin/rm "%{buildroot}%{_mandir}"/man1/mumble11x*
/bin/rm -f "%{buildroot}%{_mandir}"/man1/mumble11x*
%endif
#
# server
install -D -m 0755 release/murmurd "%{buildroot}%{_sbindir}/murmurd"
%if 0%{?suse_version} < 1310
install -D -m 0755 %{SOURCE2} %{buildroot}/etc/init.d/mumble-server
ln -s /etc/init.d/mumble-server %{buildroot}%{_sbindir}/rcmumble-server
%endif
install -D -m 0644 %{SOURCE3} %{buildroot}/etc/apparmor.d/usr.sbin.murmurd
%if 0%{?suse_version} < 1220
sed -i -e 's,/usr/bin/grep,/bin/grep,;s,/usr/bin/sed,/bin/sed,' %{buildroot}/etc/apparmor.d/usr.sbin.murmurd
@ -353,7 +338,6 @@ install -d -m 0755 %{buildroot}%{_bindir}
# can be launched as user too but apparmor profile doesn't make
# sense in that case. So use link to avoid the profile.
ln -s %{_sbindir}/murmurd %{buildroot}%{_bindir}/murmurd
ln -s /etc/init.d/mumble-server %{buildroot}%{_sbindir}/rcmumble-server
install -D -m 0644 scripts/murmur.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/mumble-server.conf
install -D -m 0644 scripts/murmur.ini %{buildroot}%{_sysconfdir}/mumble-server.ini
# fix up config file
@ -385,25 +369,15 @@ sed -e '/^Name=/s/$/ 1.1.x/;/^Exec=/s/$/11x/' \
mkdir -p %{buildroot}%{_docdir}/%{name}
cp -a scripts LICENSE README README.Linux %{buildroot}%{_docdir}/%{name}
#
%if 0%{?suse_version} >= 1130
%if 0%{?suse_version} == 1130
mkdir %buildroot/etc/tmpdirs.d/
cat >> %buildroot/etc/tmpdirs.d/50_mumble-server <<EOF
#!/bin/sh
while read t f m o g xxx; do
[ "$t" = d ] || continue
install -d -m $m -o $o -g $g $f
done < /usr/lib/tmpfiles.d/mumble-server.conf
EOF
%endif
mkdir -p %buildroot/usr/lib/tmpfiles.d
cat >> %buildroot/usr/lib/tmpfiles.d/mumble-server.conf <<EOF
d /var/run/mumble-server 0755 mumble-server mumble-server -
EOF
%endif
#
install -D -m 0644 %{SOURCE5} %{buildroot}%{_unitdir}/mumble-server.service
%clean
rm -rf "%{buildroot}"
%{?buildroot:%__rm -rf "%{buildroot}"}
%pre server
getent group mumble-server >/dev/null || groupadd -r mumble-server || :
@ -411,15 +385,24 @@ getent passwd mumble-server >/dev/null || \
/usr/sbin/useradd -r -d /var/lib/mumble-server -s /bin/false -c "Mumble VoIP Server" -g mumble-server mumble-server 2> /dev/null || :
%preun server
%if 0%{?suse_version}
%if 0%{?suse_version} < 1310
%stop_on_removal mumble-server
%endif
%service_del_preun mumble-server.service
%post server
systemd-tmpfiles --create /usr/lib/tmpfiles.d/mumble-server.conf || true
%if 0%{?suse_version} < 1310
%fillup_and_insserv mumble-server
%endif
%service_add_post mumble-server.service
%postun server
%if 0%{?suse_version}
%if 0%{?suse_version} < 1310
%restart_on_update mumble-server
%insserv_cleanup
%endif
%service_del_postun mumble-server.service
%files
%defattr(-, root, root)
@ -446,10 +429,12 @@ getent passwd mumble-server >/dev/null || \
%doc %{_docdir}/%{name}/scripts/murmur.ini
%config %{_sysconfdir}/dbus-1/system.d/mumble-server.conf
%config(noreplace) %{_sysconfdir}/mumble-server.ini
%if 0%{?suse_version} < 1310
/etc/init.d/mumble-server
%{_sbindir}/rcmumble-server
%endif
%dir /etc/apparmor.d
/etc/apparmor.d/usr.sbin.murmurd
%{_sbindir}/rcmumble-server
%{_sbindir}/murmurd
%{_bindir}/murmurd
%{_bindir}/murmur-user-wrapper
@ -457,14 +442,8 @@ getent passwd mumble-server >/dev/null || \
%{_mandir}/man1/murmur-user-wrapper.*
%dir %attr(-,mumble-server,mumble-server) /var/lib/mumble-server
%dir /var/log/mumble-server
%if 0%{?suse_version} < 1130
%dir %attr(-,mumble-server,mumble-server) /var/run/mumble-server
%else
%if 0%{?suse_version} == 1130
%config /etc/tmpdirs.d/50_mumble-server
%endif
%dir /usr/lib/tmpfiles.d
%config /usr/lib/tmpfiles.d/mumble-server.conf
%endif
/usr/lib/tmpfiles.d/mumble-server.conf
%{_unitdir}/mumble-server.service
%changelog