SHA256
1
0
forked from pool/tar
tar/tar.spec
Marcus Meissner 885805a010 Accepting request 439571 from home:kstreitova:branches:Base:System
- add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER
  vulnerability - GNU tar archiver can be tricked into extracting 
  files and directories in the given destination, regardless of the 
  path name(s) specified on the command line [bsc#1007188] 
  [CVE-2016-6321]

OBS-URL: https://build.opensuse.org/request/show/439571
OBS-URL: https://build.opensuse.org/package/show/Base:System/tar?expand=0&rev=73
2016-11-10 22:20:00 +00:00

188 lines
5.6 KiB
RPMSpec

#
# spec file for package tar
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# minimum suse version where the full featured package builds
%define min_suse_ver 1010
Name: tar
Version: 1.29
Release: 0
Summary: GNU implementation of tar ((t)ape (ar)chiver)
License: GPL-3.0+
Group: Productivity/Archiving/Backup
Url: http://www.gnu.org/software/tar/
Source0: http://ftp.gnu.org/gnu/tar/%{name}-%{version}.tar.bz2
Source1: http://ftp.gnu.org/gnu/tar/%{name}-%{version}.tar.bz2.sig
# http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x3602B07F55D0C732
Source2: tar.keyring
#
Patch3: tar-wildcards.patch
Patch6: tar-backup-spec-fix-paths.patch
Patch7: tar-1.26-remove_O_NONBLOCK.patch
Patch10: paxutils-rtapelib_mtget.patch
# don't print warning about zero blocks
# the patch is used in Fedora and Debian
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=235820
Patch11: tar-ignore_lone_zero_blocks.patch
# The next patch is disabled because it causes a regression:
#https://bugzilla.opensuse.org/show_bug.cgi?id=918487
Patch12: tar-recursive--files-from.patch
Patch20: add_readme-tests.patch
# PATCH-FEATURE-UPSTREAM add-return-values-to-backup-scripts.patch -
# add return values to the backup scripts for better results monitoring.
# https://savannah.gnu.org/patch/?8953
Patch21: add-return-values-to-backup-scripts.patch
# PATCH-FIX-UPSTREAM bnc#1007188 CVE-2016-6321 kstreitova@suse.com -- fix POINTYFEATHER vulnerability
Patch22: tar-1.29-extract_pathname_bypass.patch
%if 0%{?suse_version} >= %min_suse_ver
BuildRequires: automake
BuildRequires: help2man
BuildRequires: libacl-devel
BuildRequires: libattr-devel
BuildRequires: libselinux-devel
Recommends: tar-lang = %{version}
Recommends: xz
%endif
Requires(pre): info
Provides: base:/bin/tar
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%define _bindir /bin
%description
This package normally also includes the program "rmt", which provides
remote tape drive control. Since there are compatible versions of 'rmt'
in either the 'star' package or the 'dump' package, we didn't put 'rmt'
into this package. If you are planning to use the remote tape features
provided by tar you have to also install the 'dump' or the 'star'
package.
%package backup-scripts
Summary: Backup scripts
Group: Productivity/Archiving/Backup
Requires: %{name} = %{version}
%description backup-scripts
Shell scripts for system backup/restore
%package tests
Summary: Tests for the package
Group: Development/Tests
Requires: %{name} = %{version}
%description tests
Upstream testsuite for the package
%{?lang_package}
%prep
%setup -q
%patch3 -p1
%patch6 -p1
%patch7 -p1
%patch10 -p1
%patch11 -p1
#%patch12 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p0
%build
%define my_cflags -W -Wall -Wpointer-arith -Wstrict-prototypes -Wformat-security -Wno-unused-parameter -fPIE
export CFLAGS="%{optflags} %my_cflags"
export RSH="/usr/bin/rsh"
export DEFAULT_ARCHIVE_FORMAT="POSIX"
autoreconf -fi
%configure \
gl_cv_func_linkat_follow="yes" \
--enable-backup-scripts \
--disable-silent-rules
make %{?_smp_mflags} LDFLAGS="-pie"
cd tests
make genfile
mkdir bin
mv genfile bin
cd -
%check
%if !0%{?qemu_user_space_build:1}
# Checks disabled in qemu because of races happening when we emulate
# multi-threaded programs
make check
%endif
%install
%{?make_install} %{!?make_install:make install DESTDIR=%{buildroot}}
%if 0%{?suse_version} >= %min_suse_ver
install -d -m 755 %{buildroot}/%{_mandir}/man1
help2man ./src/tar --name "The GNU version of the tar archiving utility" -p tar \
| gzip -c > %{buildroot}/%{_mandir}/man1/tar.1.gz
%endif
install -d -m 755 %{buildroot}%{_sysconfdir}/backup
install -D -m 644 scripts/backup-specs %{buildroot}%{_sysconfdir}/backup/backup-specs
rm -rf %{buildroot}%{_libexecdir}/rmt
rm -rvf %{buildroot}/%{_mandir}/man8/rmt.8.gz
rm -rvf %{buildroot}/%{_mandir}/man8
rm -f %{buildroot}%{_infodir}/dir
install -d -m 755 %{buildroot}/var/lib/tests
cp -r tests %{buildroot}/var/lib/tests/tar
rm %{buildroot}/var/lib/tests/tar/*.{c,h,o}
rm %{buildroot}/var/lib/tests/tar/package.m4
rm %{buildroot}/var/lib/tests/tar/{atconfig,atlocal,Makefile}*
%find_lang %{name}
%files backup-scripts
%defattr(-,root, root)
%{_sbindir}/backup
%{_sbindir}/restore
%{_libexecdir}/backup.sh
%{_libexecdir}/dump-remind
%dir %{_sysconfdir}/backup
%config(noreplace) %{_sysconfdir}/backup/backup-specs
%if 0%{?lang_package:1}
%files lang -f %{name}.lang
%files tests
%defattr(-,root, root)
/var/lib/tests
%files
%else
%files -f %{name}.lang
%endif
%defattr(-, root, root)
%{_bindir}/tar
%doc README* ABOUT-NLS AUTHORS COPYING NEWS THANKS ChangeLog TODO
%{_infodir}/tar.info*
%if 0%{?suse_version} >= %min_suse_ver
%{_mandir}/man1/tar.1.gz
%endif
%post
%install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz
%postun
%install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info.gz
%clean
rm -rf %{buildroot}
%changelog