diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2018-01-16 17:34:21 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2018-01-16 17:34:21 +0000 |
| commit | 02e2208f46f4e2c00fb9743cbc47350bdd233bfa (patch) | |
| tree | 132dd60828854db4f65f30f9230f43d9602507ff /net-p2p/transmission | |
| parent | 8be70107efbb417f839292165ee39d07a062046f (diff) | |
gentoo resync : 16.01.2018
Diffstat (limited to 'net-p2p/transmission')
| -rw-r--r-- | net-p2p/transmission/Manifest | 2 | ||||
| -rw-r--r-- | net-p2p/transmission/files/transmission-2.92-pr468.patch | 302 | ||||
| -rw-r--r-- | net-p2p/transmission/transmission-2.92-r3.ebuild | 165 |
3 files changed, 469 insertions, 0 deletions
diff --git a/net-p2p/transmission/Manifest b/net-p2p/transmission/Manifest index eaa69309bd05..c6d7c6626547 100644 --- a/net-p2p/transmission/Manifest +++ b/net-p2p/transmission/Manifest @@ -1,9 +1,11 @@ AUX libsystemd.patch 630 BLAKE2B 1e7d9ac41ebc8971a86f051aaa5e7c4899004e4ae29b62d8b2963a16047cdd9ce7830156510d8e2f00967dcfb538991138f3b5c31bb2c841e5ddabfdb397ab47 SHA512 5babefd3ab0216dd1cf0b08b1ad10c79d034782ce744c9a4df402036ed1529655b9e05c641e876e9629a8366363ad0bf2d5e7581a621f2b0749ff02c6ed742eb AUX transmission-2.92-handshake.patch 1257 BLAKE2B dbbf66458702c1aafcedbc296b12c6aa77973463f83db3aa6e2b8c388fd60e2e33f487021fe3c53c18415f6d8e098eb949cfba963f1b07b15d35140cf8d29a7e SHA512 d4272018ffc7ea9607dae475275d694e678119160225f00135ced711771ddf79af7271c42399bccf701d67ac07052a47f33439ba32bb74838786d3e915c364f6 +AUX transmission-2.92-pr468.patch 11213 BLAKE2B 87aaeefa0bbace9522c18374e5aeb159dc6d40c61c5d7d6cae0eada3c46c66dc29db37493523c12ce443da8470384be39ad64f0763b2d649b5d60c1b6a896482 SHA512 aa0c7e09d302da4811b1bd4c80c61e97c5592e91561872d733cf9de6d386cf039c29a6c57843bc804bca2b5a1a6ef640dacb496bf590e70591aef8c2ef11d9f2 AUX transmission-daemon.confd.4 735 BLAKE2B bc4c06dcf4a12282d36d446537ae8d3a461a9bb84f93b54f7d13be1c430209647bae89054b60f5d8dd434049140f74c1cb4ad04064d03b37ad88a851c28c07fa SHA512 47e78c85857eefb9be6c25d1e789cfb2a276d5816ba911ba1511e764469b2d9998edafe44247aff784113ca28926748bc5fb2b879280b780fd69ffb1e4e40736 AUX transmission-daemon.initd.10 1707 BLAKE2B 57857fa0b628f0c49ebaf13544b366bf9db39c70f31556a21262556ad89657a7f13c84e19f882839e4bc10f2b8afef96aa51f833478e38f215499244ca8b388b SHA512 30d9fe7d06ca3c92ff436e9bbe84729a5b343b52965f8d1d3d43f14f5fa25881dbc9676c5d3d916cff552aad5872ed41c2930e9ce3a5f7c958dbeec0d1ab1ac4 AUX transmission-daemon.service.conf 69 BLAKE2B 6e38a28f54366850ae794896f2954c3af77afead303197c49970873fa604d6b375e71122de8d3645f9fcc8abed4f696ac257bd59ba87ebdc5cdd5839d32c0a7b SHA512 3dc02be596296fc1efbf1bc690be3953709af00c230f55db4d067ff592d87e1a465faa4067bc15d65a8a27fed2cf07d108abb2ed45fc76b47b0642ce2e182946 DIST transmission-2.92.tar.xz 3378116 BLAKE2B 8929a2eab8a1617db44ca8a081fd7de786daef92e891ac86d4690451c0f4fa0d4e1ea03692c59babea6e9aee5dcfef57bd81e5c72a0bb4fe9efbd436ff006104 SHA512 4d99476bee88cedcc4238a0eee64a4089016933cbfc1cfb1cca023ad4ebcfe46375c9e7651a17af4aeaaf1feb19cbd8166aa56ef7992d9e745a7bbcbe8efca11 EBUILD transmission-2.92-r2.ebuild 4347 BLAKE2B ccdce02673646bcc583f0fbd173c10cb2445669e04dd48ac2012298e1d7f663e78fe50ed6e300194e29a08dba3fbea3dc8c1028722f6a9e6a894dd85a696cac8 SHA512 1dc44445ec7bda9aff29c70a0a368cfca377795e14d887e66c9c552f0629142398f13b49c8b1da8b46fa8f5d15f7a9c7c7430e772dfc135e45619c69e35bf332 +EBUILD transmission-2.92-r3.ebuild 4409 BLAKE2B d6a4fa648bffd2a900aa5cf6dd962188aab4e9fe25d83ccce8f24b19389d3e2b5c9c1a552e37304b564be3d1ed69e657048afe850f4a592c73676b270c7fa911 SHA512 5fb59bff0ada74dc9ee9d12e81ebafba842ce2c56d7259640ca78f5b55983792b8763dc1076732f2c539703778e70f918a40055940c9445c3d65721c11dd6bb6 EBUILD transmission-9999.ebuild 3738 BLAKE2B e00cd0e47d5a7a21f1fdfdb46b3f656bb4d1cfc5cee6499cac3728229dfb8fac490076c51e0fb76dba64ecd45492475abb0ad464ebdd81ea5adcba37a6ffe8c1 SHA512 8ea1ae5d27f1db02eef27ddb4e9803c4146fd6d8fbeaff2cdfa749faad0e5df6b2095c42797775be021b50f25325fc31901ef883967c9178c635572781fb2aac MISC metadata.xml 602 BLAKE2B 05300c81bd2c4df76aaaf8381a788016777e259075aa6a3bf9da239b4832dac1281f718f0fd79ece7d5c238440e07d1aabe15b7da40f34674ac30bbd356d0c6b SHA512 0047a936eda032a4521707ea50dcde06dce3837993e70d43a5b033183ba58633ae46e2d2e56de98a56f3480b30e596c7fbae82fd1e2ee9cbebc7983d9551617d diff --git a/net-p2p/transmission/files/transmission-2.92-pr468.patch b/net-p2p/transmission/files/transmission-2.92-pr468.patch new file mode 100644 index 000000000000..a3a0cf160823 --- /dev/null +++ b/net-p2p/transmission/files/transmission-2.92-pr468.patch @@ -0,0 +1,302 @@ +Fix a weakness that allows remote code execution via the Transmission +RPC server using DNS rebinding: + +https://bugs.chromium.org/p/project-zero/issues/detail?id=1447 + +Patch adapted from Tavis Ormandy's patch on the Transmission master +branch to the Transmission 2.92 release by Leo Famulari +<leo@famulari.name>: + +https://github.com/transmission/transmission/pull/468/commits + +From fe2d3c6e75088f3d9b6040ce06da3d530358bc2f Mon Sep 17 00:00:00 2001 +From: Tavis Ormandy <taviso@google.com> +Date: Thu, 11 Jan 2018 10:00:41 -0800 +Subject: [PATCH] mitigate dns rebinding attacks against daemon + +--- + libtransmission/quark.c | 2 + + libtransmission/quark.h | 2 + + libtransmission/rpc-server.c | 116 +++++++++++++++++++++++++++++++++++++---- + libtransmission/rpc-server.h | 4 ++ + libtransmission/session.c | 2 + + libtransmission/transmission.h | 1 + + libtransmission/web.c | 3 ++ + 7 files changed, 121 insertions(+), 9 deletions(-) + +diff --git a/libtransmission/quark.c b/libtransmission/quark.c +index 30cc2bca4..b4fd7aabd 100644 +--- a/libtransmission/quark.c ++++ b/libtransmission/quark.c +@@ -289,6 +289,8 @@ static const struct tr_key_struct my_static[] = + { "rpc-authentication-required", 27 }, + { "rpc-bind-address", 16 }, + { "rpc-enabled", 11 }, ++ { "rpc-host-whitelist", 18 }, ++ { "rpc-host-whitelist-enabled", 26 }, + { "rpc-password", 12 }, + { "rpc-port", 8 }, + { "rpc-url", 7 }, +diff --git a/libtransmission/quark.h b/libtransmission/quark.h +index 7f5212733..17464be8f 100644 +--- a/libtransmission/quark.h ++++ b/libtransmission/quark.h +@@ -291,6 +291,8 @@ enum + TR_KEY_rpc_authentication_required, + TR_KEY_rpc_bind_address, + TR_KEY_rpc_enabled, ++ TR_KEY_rpc_host_whitelist, ++ TR_KEY_rpc_host_whitelist_enabled, + TR_KEY_rpc_password, + TR_KEY_rpc_port, + TR_KEY_rpc_url, +diff --git a/libtransmission/rpc-server.c b/libtransmission/rpc-server.c +index a3485f3fa..292cd5fce 100644 +--- a/libtransmission/rpc-server.c ++++ b/libtransmission/rpc-server.c +@@ -52,6 +52,7 @@ struct tr_rpc_server + bool isEnabled; + bool isPasswordEnabled; + bool isWhitelistEnabled; ++ bool isHostWhitelistEnabled; + tr_port port; + char * url; + struct in_addr bindAddress; +@@ -63,6 +64,7 @@ struct tr_rpc_server + char * password; + char * whitelistStr; + tr_list * whitelist; ++ tr_list * hostWhitelist; + + char * sessionId; + time_t sessionIdExpiresAt; +@@ -588,6 +590,49 @@ isAddressAllowed (const tr_rpc_server * server, const char * address) + return false; + } + ++static bool isHostnameAllowed(tr_rpc_server const* server, struct evhttp_request* req) ++{ ++ /* If password auth is enabled, any hostname is permitted. */ ++ if (server->isPasswordEnabled) ++ { ++ return true; ++ } ++ ++ char const* const host = evhttp_find_header(req->input_headers, "Host"); ++ ++ // If whitelist is disabled, no restrictions. ++ if (!server->isHostWhitelistEnabled) ++ return true; ++ ++ /* No host header, invalid request. */ ++ if (host == NULL) ++ { ++ return false; ++ } ++ ++ /* Host header might include the port. */ ++ char* const hostname = tr_strndup(host, strcspn(host, ":")); ++ ++ /* localhost or ipaddress is always acceptable. */ ++ if (strcmp(hostname, "localhost") == 0 || strcmp(hostname, "localhost.") == 0 || tr_addressIsIP(hostname)) ++ { ++ tr_free(hostname); ++ return true; ++ } ++ ++ /* Otherwise, hostname must be whitelisted. */ ++ for (tr_list* l = server->hostWhitelist; l != NULL; l = l->next) { ++ if (tr_wildmat(hostname, l->data)) ++ { ++ tr_free(hostname); ++ return true; ++ } ++ } ++ ++ tr_free(hostname); ++ return false; ++} ++ + static bool + test_session_id (struct tr_rpc_server * server, struct evhttp_request * req) + { +@@ -663,6 +708,23 @@ handle_request (struct evhttp_request * req, void * arg) + handle_upload (req, server); + } + #ifdef REQUIRE_SESSION_ID ++ else if (!isHostnameAllowed(server, req)) ++ { ++ char* tmp = tr_strdup_printf( ++ "<p>Transmission received your request, but the hostname was unrecognized.</p>" ++ "<p>To fix this, choose one of the following options:" ++ "<ul>" ++ "<li>Enable password authentication, then any hostname is allowed.</li>" ++ "<li>Add the hostname you want to use to the whitelist in settings.</li>" ++ "</ul></p>" ++ "<p>If you're editing settings.json, see the 'rpc-host-whitelist' and 'rpc-host-whitelist-enabled' entries.</p>" ++ "<p>This requirement has been added to help prevent " ++ "<a href=\"https://en.wikipedia.org/wiki/DNS_rebinding\">DNS Rebinding</a> " ++ "attacks.</p>"); ++ send_simple_response(req, 421, tmp); ++ tr_free(tmp); ++ } ++ + else if (!test_session_id (server, req)) + { + const char * sessionId = get_current_session_id (server); +@@ -674,7 +736,7 @@ handle_request (struct evhttp_request * req, void * arg) + "<li> When you get this 409 error message, resend your request with the updated header" + "</ol></p>" + "<p>This requirement has been added to help prevent " +- "<a href=\"http://en.wikipedia.org/wiki/Cross-site_request_forgery\">CSRF</a> " ++ "<a href=\"https://en.wikipedia.org/wiki/Cross-site_request_forgery\">CSRF</a> " + "attacks.</p>" + "<p><code>%s: %s</code></p>", + TR_RPC_SESSION_ID_HEADER, sessionId); +@@ -875,19 +937,14 @@ tr_rpcGetUrl (const tr_rpc_server * server) + return server->url ? server->url : ""; + } + +-void +-tr_rpcSetWhitelist (tr_rpc_server * server, const char * whitelistStr) ++static void ++tr_rpcSetList (char const* whitelistStr, tr_list** list) + { + void * tmp; + const char * walk; + +- /* keep the string */ +- tmp = server->whitelistStr; +- server->whitelistStr = tr_strdup (whitelistStr); +- tr_free (tmp); +- + /* clear out the old whitelist entries */ +- while ((tmp = tr_list_pop_front (&server->whitelist))) ++ while ((tmp = tr_list_pop_front (list)) != NULL) + tr_free (tmp); + + /* build the new whitelist entries */ +@@ -896,7 +953,7 @@ tr_rpcSetWhitelist (tr_rpc_server * server, const char * whitelistStr) + const char * delimiters = " ,;"; + const size_t len = strcspn (walk, delimiters); + char * token = tr_strndup (walk, len); +- tr_list_append (&server->whitelist, token); ++ tr_list_append (list, token); + if (strcspn (token, "+-") < len) + tr_logAddNamedInfo (MY_NAME, "Adding address to whitelist: %s (And it has a '+' or '-'! Are you using an old ACL by mistake?)", token); + else +@@ -909,6 +966,21 @@ tr_rpcSetWhitelist (tr_rpc_server * server, const char * whitelistStr) + } + } + ++void tr_rpcSetHostWhitelist(tr_rpc_server* server, char const* whitelistStr) ++{ ++ tr_rpcSetList(whitelistStr, &server->hostWhitelist); ++} ++ ++void tr_rpcSetWhitelist(tr_rpc_server* server, char const* whitelistStr) ++{ ++ /* keep the string */ ++ char* const tmp = server->whitelistStr; ++ server->whitelistStr = tr_strdup(whitelistStr); ++ tr_free(tmp); ++ ++ tr_rpcSetList(whitelistStr, &server->whitelist); ++} ++ + const char* + tr_rpcGetWhitelist (const tr_rpc_server * server) + { +@@ -930,6 +1002,11 @@ tr_rpcGetWhitelistEnabled (const tr_rpc_server * server) + return server->isWhitelistEnabled; + } + ++void tr_rpcSetHostWhitelistEnabled(tr_rpc_server* server, bool isEnabled) ++{ ++ server->isHostWhitelistEnabled = isEnabled; ++} ++ + /**** + ***** PASSWORD + ****/ +@@ -1063,6 +1140,28 @@ tr_rpcInit (tr_session * session, tr_variant * settings) + else + tr_rpcSetWhitelistEnabled (s, boolVal); + ++ key = TR_KEY_rpc_host_whitelist_enabled; ++ ++ if (!tr_variantDictFindBool(settings, key, &boolVal)) ++ { ++ missing_settings_key(key); ++ } ++ else ++ { ++ tr_rpcSetHostWhitelistEnabled(s, boolVal); ++ } ++ ++ key = TR_KEY_rpc_host_whitelist; ++ ++ if (!tr_variantDictFindStr(settings, key, &str, NULL) && str != NULL) ++ { ++ missing_settings_key(key); ++ } ++ else ++ { ++ tr_rpcSetHostWhitelist(s, str); ++ } ++ + key = TR_KEY_rpc_authentication_required; + if (!tr_variantDictFindBool (settings, key, &boolVal)) + missing_settings_key (key); +diff --git a/libtransmission/rpc-server.h b/libtransmission/rpc-server.h +index e0302c5ea..8c9e6b24e 100644 +--- a/libtransmission/rpc-server.h ++++ b/libtransmission/rpc-server.h +@@ -49,6 +49,10 @@ void tr_rpcSetWhitelist (tr_rpc_server * server, + + const char* tr_rpcGetWhitelist (const tr_rpc_server * server); + ++void tr_rpcSetHostWhitelistEnabled(tr_rpc_server* server, bool isEnabled); ++ ++void tr_rpcSetHostWhitelist(tr_rpc_server* server, char const* whitelist); ++ + void tr_rpcSetPassword (tr_rpc_server * server, + const char * password); + +diff --git a/libtransmission/session.c b/libtransmission/session.c +index 844cadba8..58b717913 100644 +--- a/libtransmission/session.c ++++ b/libtransmission/session.c +@@ -359,6 +359,8 @@ tr_sessionGetDefaultSettings (tr_variant * d) + tr_variantDictAddStr (d, TR_KEY_rpc_username, ""); + tr_variantDictAddStr (d, TR_KEY_rpc_whitelist, TR_DEFAULT_RPC_WHITELIST); + tr_variantDictAddBool (d, TR_KEY_rpc_whitelist_enabled, true); ++ tr_variantDictAddStr(d, TR_KEY_rpc_host_whitelist, TR_DEFAULT_RPC_HOST_WHITELIST); ++ tr_variantDictAddBool(d, TR_KEY_rpc_host_whitelist_enabled, true); + tr_variantDictAddInt (d, TR_KEY_rpc_port, atoi (TR_DEFAULT_RPC_PORT_STR)); + tr_variantDictAddStr (d, TR_KEY_rpc_url, TR_DEFAULT_RPC_URL_STR); + tr_variantDictAddBool (d, TR_KEY_scrape_paused_torrents_enabled, true); +diff --git a/libtransmission/transmission.h b/libtransmission/transmission.h +index 4f76adfd6..e213a8f4e 100644 +--- a/libtransmission/transmission.h ++++ b/libtransmission/transmission.h +@@ -123,6 +123,7 @@ const char* tr_getDefaultDownloadDir (void); + #define TR_DEFAULT_BIND_ADDRESS_IPV4 "0.0.0.0" + #define TR_DEFAULT_BIND_ADDRESS_IPV6 "::" + #define TR_DEFAULT_RPC_WHITELIST "127.0.0.1" ++#define TR_DEFAULT_RPC_HOST_WHITELIST "" + #define TR_DEFAULT_RPC_PORT_STR "9091" + #define TR_DEFAULT_RPC_URL_STR "/transmission/" + #define TR_DEFAULT_PEER_PORT_STR "51413" +diff --git a/libtransmission/web.c b/libtransmission/web.c +index ee495e9fc..c7f062730 100644 +--- a/libtransmission/web.c ++++ b/libtransmission/web.c +@@ -594,6 +594,7 @@ tr_webGetResponseStr (long code) + case 415: return "Unsupported Media Type"; + case 416: return "Requested Range Not Satisfiable"; + case 417: return "Expectation Failed"; ++ case 421: return "Misdirected Request"; + case 500: return "Internal Server Error"; + case 501: return "Not Implemented"; + case 502: return "Bad Gateway"; diff --git a/net-p2p/transmission/transmission-2.92-r3.ebuild b/net-p2p/transmission/transmission-2.92-r3.ebuild new file mode 100644 index 000000000000..839052138da0 --- /dev/null +++ b/net-p2p/transmission/transmission-2.92-r3.ebuild @@ -0,0 +1,165 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit autotools fdo-mime flag-o-matic gnome2-utils qmake-utils systemd user + +DESCRIPTION="A Fast, Easy and Free BitTorrent client" +HOMEPAGE="http://www.transmissionbt.com/" +SRC_URI="http://download.transmissionbt.com/${PN}/files/${P}.tar.xz" + +# web/LICENSE is always GPL-2 whereas COPYING allows either GPL-2 or GPL-3 for the rest +# transmission in licenses/ is for mentioning OpenSSL linking exception +# MIT is in several libtransmission/ headers +LICENSE="|| ( GPL-2 GPL-3 Transmission-OpenSSL-exception ) GPL-2 MIT" +SLOT=0 +IUSE="ayatana gtk libressl lightweight systemd qt5 xfs" +KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~x86 ~x86-fbsd ~amd64-linux" + +RDEPEND=">=dev-libs/libevent-2.0.10:= + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + net-libs/libnatpmp + >=net-libs/miniupnpc-1.7:= + >=net-misc/curl-7.16.3[ssl] + sys-libs/zlib:= + gtk? ( + >=dev-libs/dbus-glib-0.100 + >=dev-libs/glib-2.32:2 + >=x11-libs/gtk+-3.4:3 + ayatana? ( >=dev-libs/libappindicator-0.4.90:3 ) + ) + qt5? ( + dev-qt/qtcore:5 + dev-qt/qtdbus:5 + dev-qt/qtgui:5 + dev-qt/qtnetwork:5 + dev-qt/qtwidgets:5 + ) + systemd? ( >=sys-apps/systemd-209:= )" +DEPEND="${RDEPEND} + >=dev-libs/glib-2.32 + dev-util/intltool + sys-devel/gettext + virtual/os-headers + virtual/pkgconfig + qt5? ( dev-qt/linguist-tools:5 ) + xfs? ( sys-fs/xfsprogs )" + +REQUIRED_USE="ayatana? ( gtk )" + +DOCS=( AUTHORS NEWS qt/README.txt ) + +PATCHES=( + "${FILESDIR}"/libsystemd.patch + "${FILESDIR}"/transmission-2.92-handshake.patch + "${FILESDIR}"/transmission-2.92-pr468.patch +) + +src_prepare() { + sed -i -e '/CFLAGS/s:-ggdb3::' configure.ac || die + + # Trick to avoid automagic dependency + if ! use ayatana ; then + sed -i -e '/^LIBAPPINDICATOR_MINIMUM/s:=.*:=9999:' configure.ac || die + fi + + # http://trac.transmissionbt.com/ticket/4324 + sed -i -e 's|noinst\(_PROGRAMS = $(TESTS)\)|check\1|' libtransmission/Makefile.am || die + + # Prevent m4_copy error when running aclocal + # m4_copy: won't overwrite defined macro: glib_DEFUN + rm m4/glib-gettext.m4 || die + + default + eautoreconf +} + +src_configure() { + export ac_cv_header_xfs_xfs_h=$(usex xfs) + + # https://bugs.gentoo.org/577528 + append-lfs-flags + + econf \ + --enable-external-natpmp \ + $(use_enable lightweight) \ + $(use_with systemd systemd-daemon) \ + $(use_with gtk) + + if use qt5; then + pushd qt >/dev/null || die + eqmake5 qtr.pro + popd >/dev/null || die + fi +} + +src_compile() { + emake + + if use qt5; then + emake -C qt + $(qt5_get_bindir)/lrelease qt/translations/*.ts || die + fi +} + +src_install() { + default + + rm "${ED%/}"/usr/share/transmission/web/LICENSE || die + + newinitd "${FILESDIR}"/transmission-daemon.initd.10 transmission-daemon + newconfd "${FILESDIR}"/transmission-daemon.confd.4 transmission-daemon + systemd_dounit daemon/transmission-daemon.service + systemd_install_serviced "${FILESDIR}"/transmission-daemon.service.conf + + if use qt5; then + pushd qt >/dev/null || die + emake INSTALL_ROOT="${ED%/}"/usr install + + domenu transmission-qt.desktop + + local res + for res in 16 22 24 32 48 64 72 96 128 192 256; do + doicon -s ${res} icons/hicolor/${res}x${res}/transmission-qt.png + done + doicon -s scalable icons/hicolor/scalable/transmission-qt.svg + + insinto /usr/share/qt5/translations + doins translations/*.qm + popd >/dev/null || die + fi +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postinst() { + fdo-mime_desktop_database_update + gnome2_icon_cache_update + + enewgroup transmission + enewuser transmission -1 -1 /var/lib/transmission transmission + + if [[ ! -e "${EROOT%/}"/var/lib/transmission ]]; then + mkdir -p "${EROOT%/}"/var/lib/transmission || die + chown transmission:transmission "${EROOT%/}"/var/lib/transmission || die + fi + + elog "If you use transmission-daemon, please, set 'rpc-username' and" + elog "'rpc-password' (in plain text, transmission-daemon will hash it on" + elog "start) in settings.json file located at /var/lib/transmission/config or" + elog "any other appropriate config directory." + elog + elog "Since µTP is enabled by default, transmission needs large kernel buffers for" + elog "the UDP socket. You can append following lines into /etc/sysctl.conf:" + elog " net.core.rmem_max = 4194304" + elog " net.core.wmem_max = 1048576" + elog "and run sysctl -p" +} + +pkg_postrm() { + fdo-mime_desktop_database_update + gnome2_icon_cache_update +} |