Marcus Meissner
885805a010
- add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path name(s) specified on the command line [bsc#1007188] [CVE-2016-6321] OBS-URL: https://build.opensuse.org/request/show/439571 OBS-URL: https://build.opensuse.org/package/show/Base:System/tar?expand=0&rev=73
188 lines
5.6 KiB
RPMSpec
188 lines
5.6 KiB
RPMSpec
#
|
|
# spec file for package tar
|
|
#
|
|
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
# minimum suse version where the full featured package builds
|
|
%define min_suse_ver 1010
|
|
|
|
Name: tar
|
|
Version: 1.29
|
|
Release: 0
|
|
Summary: GNU implementation of tar ((t)ape (ar)chiver)
|
|
License: GPL-3.0+
|
|
Group: Productivity/Archiving/Backup
|
|
Url: http://www.gnu.org/software/tar/
|
|
Source0: http://ftp.gnu.org/gnu/tar/%{name}-%{version}.tar.bz2
|
|
Source1: http://ftp.gnu.org/gnu/tar/%{name}-%{version}.tar.bz2.sig
|
|
# http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x3602B07F55D0C732
|
|
Source2: tar.keyring
|
|
#
|
|
Patch3: tar-wildcards.patch
|
|
Patch6: tar-backup-spec-fix-paths.patch
|
|
Patch7: tar-1.26-remove_O_NONBLOCK.patch
|
|
Patch10: paxutils-rtapelib_mtget.patch
|
|
# don't print warning about zero blocks
|
|
# the patch is used in Fedora and Debian
|
|
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=235820
|
|
Patch11: tar-ignore_lone_zero_blocks.patch
|
|
# The next patch is disabled because it causes a regression:
|
|
#https://bugzilla.opensuse.org/show_bug.cgi?id=918487
|
|
Patch12: tar-recursive--files-from.patch
|
|
Patch20: add_readme-tests.patch
|
|
# PATCH-FEATURE-UPSTREAM add-return-values-to-backup-scripts.patch -
|
|
# add return values to the backup scripts for better results monitoring.
|
|
# https://savannah.gnu.org/patch/?8953
|
|
Patch21: add-return-values-to-backup-scripts.patch
|
|
# PATCH-FIX-UPSTREAM bnc#1007188 CVE-2016-6321 kstreitova@suse.com -- fix POINTYFEATHER vulnerability
|
|
Patch22: tar-1.29-extract_pathname_bypass.patch
|
|
%if 0%{?suse_version} >= %min_suse_ver
|
|
BuildRequires: automake
|
|
BuildRequires: help2man
|
|
BuildRequires: libacl-devel
|
|
BuildRequires: libattr-devel
|
|
BuildRequires: libselinux-devel
|
|
Recommends: tar-lang = %{version}
|
|
Recommends: xz
|
|
%endif
|
|
Requires(pre): info
|
|
Provides: base:/bin/tar
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
%define _bindir /bin
|
|
|
|
%description
|
|
This package normally also includes the program "rmt", which provides
|
|
remote tape drive control. Since there are compatible versions of 'rmt'
|
|
in either the 'star' package or the 'dump' package, we didn't put 'rmt'
|
|
into this package. If you are planning to use the remote tape features
|
|
provided by tar you have to also install the 'dump' or the 'star'
|
|
package.
|
|
|
|
%package backup-scripts
|
|
Summary: Backup scripts
|
|
Group: Productivity/Archiving/Backup
|
|
Requires: %{name} = %{version}
|
|
|
|
%description backup-scripts
|
|
Shell scripts for system backup/restore
|
|
|
|
%package tests
|
|
Summary: Tests for the package
|
|
Group: Development/Tests
|
|
Requires: %{name} = %{version}
|
|
|
|
%description tests
|
|
Upstream testsuite for the package
|
|
|
|
%{?lang_package}
|
|
|
|
%prep
|
|
%setup -q
|
|
%patch3 -p1
|
|
%patch6 -p1
|
|
%patch7 -p1
|
|
%patch10 -p1
|
|
%patch11 -p1
|
|
#%patch12 -p1
|
|
%patch20 -p1
|
|
%patch21 -p1
|
|
%patch22 -p0
|
|
|
|
%build
|
|
%define my_cflags -W -Wall -Wpointer-arith -Wstrict-prototypes -Wformat-security -Wno-unused-parameter -fPIE
|
|
export CFLAGS="%{optflags} %my_cflags"
|
|
export RSH="/usr/bin/rsh"
|
|
export DEFAULT_ARCHIVE_FORMAT="POSIX"
|
|
autoreconf -fi
|
|
%configure \
|
|
gl_cv_func_linkat_follow="yes" \
|
|
--enable-backup-scripts \
|
|
--disable-silent-rules
|
|
make %{?_smp_mflags} LDFLAGS="-pie"
|
|
cd tests
|
|
make genfile
|
|
mkdir bin
|
|
mv genfile bin
|
|
cd -
|
|
|
|
%check
|
|
%if !0%{?qemu_user_space_build:1}
|
|
# Checks disabled in qemu because of races happening when we emulate
|
|
# multi-threaded programs
|
|
make check
|
|
%endif
|
|
|
|
%install
|
|
%{?make_install} %{!?make_install:make install DESTDIR=%{buildroot}}
|
|
%if 0%{?suse_version} >= %min_suse_ver
|
|
install -d -m 755 %{buildroot}/%{_mandir}/man1
|
|
help2man ./src/tar --name "The GNU version of the tar archiving utility" -p tar \
|
|
| gzip -c > %{buildroot}/%{_mandir}/man1/tar.1.gz
|
|
%endif
|
|
install -d -m 755 %{buildroot}%{_sysconfdir}/backup
|
|
install -D -m 644 scripts/backup-specs %{buildroot}%{_sysconfdir}/backup/backup-specs
|
|
rm -rf %{buildroot}%{_libexecdir}/rmt
|
|
rm -rvf %{buildroot}/%{_mandir}/man8/rmt.8.gz
|
|
rm -rvf %{buildroot}/%{_mandir}/man8
|
|
rm -f %{buildroot}%{_infodir}/dir
|
|
install -d -m 755 %{buildroot}/var/lib/tests
|
|
cp -r tests %{buildroot}/var/lib/tests/tar
|
|
rm %{buildroot}/var/lib/tests/tar/*.{c,h,o}
|
|
rm %{buildroot}/var/lib/tests/tar/package.m4
|
|
rm %{buildroot}/var/lib/tests/tar/{atconfig,atlocal,Makefile}*
|
|
%find_lang %{name}
|
|
|
|
%files backup-scripts
|
|
%defattr(-,root, root)
|
|
%{_sbindir}/backup
|
|
%{_sbindir}/restore
|
|
%{_libexecdir}/backup.sh
|
|
%{_libexecdir}/dump-remind
|
|
%dir %{_sysconfdir}/backup
|
|
%config(noreplace) %{_sysconfdir}/backup/backup-specs
|
|
|
|
%if 0%{?lang_package:1}
|
|
|
|
%files lang -f %{name}.lang
|
|
|
|
%files tests
|
|
%defattr(-,root, root)
|
|
/var/lib/tests
|
|
|
|
%files
|
|
%else
|
|
|
|
%files -f %{name}.lang
|
|
%endif
|
|
%defattr(-, root, root)
|
|
%{_bindir}/tar
|
|
%doc README* ABOUT-NLS AUTHORS COPYING NEWS THANKS ChangeLog TODO
|
|
%{_infodir}/tar.info*
|
|
%if 0%{?suse_version} >= %min_suse_ver
|
|
%{_mandir}/man1/tar.1.gz
|
|
%endif
|
|
|
|
%post
|
|
%install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz
|
|
|
|
%postun
|
|
%install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz
|
|
|
|
%clean
|
|
rm -rf %{buildroot}
|
|
|
|
%changelog
|