gentoo resync : 18.08.2019

5 files changed, 135 insertions, 11 deletions

diff --git a/sys-apps/firejail-lts/Manifest b/sys-apps/firejail-lts/Manifest
index e2b35f990e6f..b336da95319b 100644
--- a/sys-apps/firejail-lts/Manifest
+++ b/sys-apps/firejail-lts/Manifest
@@ -1,5 +1,9 @@
+AUX firejail-lts-fix-compressed-manpages.patch 604 BLAKE2B 64888a91da1b6c512cfe7923e6db1bad7b414054c1c83842a23cf56b4f3b51878bfbd37cb8bdbbf8c1890a72e37082d834a4d9b51539045030df97a94edf05fa SHA512 c43f5872a50d73febbfba0daeb815b42796ca241faeb3c9262c861b02e5952e5f3c65d84c041275172d87ff831f44dd47c2cd0031901c020090a84e1654ef983
 DIST firejail-0.9.38.10.tar.bz2 159476 BLAKE2B e0ae02cd2b3feaf5d9e3e799d720f5a635ed4e3b6fca7041d0795ea09a3563bfece1cc42c391df65f05cf55199b97ae354092c2c2bb48f108ed2e2be4513fb3b SHA512 61a41655a46031c34f44f7f24e3c5369e3187edc10cb091b0d429ead8d367e79acdaa4bb41573cdf733111ce353fc91efe51cb95e331ad7c2fdb639a60e194fb
 DIST firejail-0.9.38.12.tar.bz2 164962 BLAKE2B c89252548c70e347c6a841a8460501622fb6aa1f264e0458918bf903c94d84f6a9dc5eaaa2ea678e2754c277a3074cfdc3df7c9602ab0a4f4f867348a8c5cc92 SHA512 d0d6e81d9dbf404c653914bbbdad95caa3ce69ee6d5082cd30c60c0ddad02a2f0c2535bf15b6fcf68a0e4a5a738806fdd738407adbd5dd57eb289827f4cc487d
+DIST firejail-lts-0.9.56.2.tar.gz 934289 BLAKE2B ff8b27f57da90cd94d3ec9b83c8398b7c569b09008f61094bd9aca15e996cd7a4d559e87168228271ccba4c9fe8e1ce97fa5045596f950f3ac2d8593b9ea5838 SHA512 75edc0405fa3fd7f2f5d7831f7f4e838ed63bacadd7f9a869a1611908c716a333251b602ff0bd70e3f98627418e84541b26790d34e644f60d97e84e9c33f873a
 EBUILD firejail-lts-0.9.38.10.ebuild 734 BLAKE2B 2d3797be4ba77f171452cc2c8b13f4eb1e3a9ddda7461349c863342d9fbe51dcc6ac4a8118676a311bdd59b6ba34b080ae8fe7d17699713fd607c47ba321ff6c SHA512 182d12ca0dcb10a125f7feebe5ecb3d18887bdac555dd470aef6e11bd60a01a6ff3c33a00b6e4ca1adf5ca3de1e062eab59cb802b8ff6dac8e6726e117401ec4
 EBUILD firejail-lts-0.9.38.12.ebuild 735 BLAKE2B 9cc47a2b6a6538f8b61a3d5b6c4cbf9f4c6f4b505b04a8a7567006a8d54b84cd0288b1801aee72fbef0ab63cab90a6aeb7c92a9e5fe1a8bba738399e5cc77b26 SHA512 e0b340593f6b0afe5e04e4af2c1e7984f145dde6b363edd81c01e21fcaddba4b05165c35226ea3a65b938981ad898c977596652816f40541f871606134224ab9
-MISC metadata.xml 826 BLAKE2B 7986df4f06bf548de16715079b0e8c9fcd43867e7579595188da3be6674b2a8025784d273cbe73ca5c9a5eb2522981393c1d874d8c32e6057f06d2b106e43442 SHA512 03ea8bd5d1ac7b658a50d4900966a1b23c16f9a9f7c8685f2752ad3ecb3d81d973185093cc13ce6d4367ad1370e4081338614bf5aa17dbc66ec516fdaffc7ee1
+EBUILD firejail-lts-0.9.56.2-r1.ebuild 1238 BLAKE2B b0a897e953c6ef24cd1d1822d613ea6b8359baea67b8f3b4ce1f392ca666a4acbe843475124752b680daaf85f820d8f35bb3368ad7a06cee467a2c1dd0f62381 SHA512 d52904049477f591ded912b694263fe0f1776a48653c634072baa03469b7290f8866f452ad42dbb1cd0f7747f3d55e42f844205f5e4ecbc20c03b4b166016904
+EBUILD firejail-lts-0.9.56.2.ebuild 1175 BLAKE2B 2cf26b3011994054a66a9b64f273b32a9f200dd69cf7d4c1a823bfcde3175a48a1ba6e9835f862bd819a74b1ed6b67258ba0e282b76ba5e58d4ec36cea94a848 SHA512 a7e783dfdf09fa22dfc0f14f8f5538a21dfafb7d5ad3bd41ac2dcce460fac807ddb8e03818bcadd41048254f9a810f60a64aa85caf18aeb094f6c4f9aca256f3
+MISC metadata.xml 1400 BLAKE2B 437e79721042570066912df3b69a81848ec3fa969eacf8a9b82140faef658b0607a97114426ec426c68cb26e7e76acd1c4be09c81f8f9e96bc67987f9a637302 SHA512 51128fc3ef400e9f80e2bf2ae87420c8187c33b4944827ed35fcb15d81c2213bde726902e77396f1d93331456e8bc94ab7b1386c80f46385c2a9553ae6a970c1
diff --git a/sys-apps/firejail-lts/files/firejail-lts-fix-compressed-manpages.patch b/sys-apps/firejail-lts/files/firejail-lts-fix-compressed-manpages.patch
new file mode 100644
index 000000000000..313c1c2a9dd3
--- /dev/null
+++ b/sys-apps/firejail-lts/files/firejail-lts-fix-compressed-manpages.patch
@@ -0,0 +1,17 @@
+diff --git a/Makefile.in b/Makefile.in
+index 9dafb56..4117468 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -127,10 +127,9 @@ endif
+ 	install -m 0755 -d $(DESTDIR)/$(mandir)/man5
+ 	for man in $(MANPAGES); do \
+ 		rm -f $$man.gz; \
+-		gzip -9n $$man; \
+ 		case "$$man" in \
+-			*.1) install -c -m 0644 $$man.gz $(DESTDIR)/$(mandir)/man1/; ;; \
+-			*.5) install -c -m 0644 $$man.gz $(DESTDIR)/$(mandir)/man5/; ;; \
++			*.1) install -c -m 0644 $$man $(DESTDIR)/$(mandir)/man1/; ;; \
++			*.5) install -c -m 0644 $$man $(DESTDIR)/$(mandir)/man5/; ;; \
+ 		esac; \
+ 	done
+ 	rm -f $(MANPAGES) $(MANPAGES:%=%.gz)
diff --git a/sys-apps/firejail-lts/firejail-lts-0.9.56.2-r1.ebuild b/sys-apps/firejail-lts/firejail-lts-0.9.56.2-r1.ebuild
new file mode 100644
index 000000000000..831a680daa5e
--- /dev/null
+++ b/sys-apps/firejail-lts/firejail-lts-0.9.56.2-r1.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="Security sandbox for any type of processes; LTS version"
+HOMEPAGE="https://firejail.wordpress.com/"
+
+MY_PN=firejail
+
+SRC_URI="https://github.com/netblue30/${MY_PN}/archive/${PV}-LTS.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE="apparmor +globalcfg +network +seccomp +suid +userns test +whitelist"
+
+DEPEND="!sys-apps/firejail
+		apparmor? ( sys-libs/libapparmor )
+		test? ( dev-tcltk/expect )"
+
+RDEPEND="apparmor? ( sys-libs/libapparmor )"
+
+PATCHES=( "${FILESDIR}/${PN}-fix-compressed-manpages.patch" )
+
+S="${WORKDIR}/${MY_PN}-${PV}-LTS"
+
+src_prepare() {
+	default
+
+	find -type f -name Makefile.in | xargs sed --in-place --regexp-extended \
+		--expression='/^\tinstall .*COPYING /d' \
+		--expression='/CFLAGS/s: (-O2|-ggdb) : :g' || die
+
+	sed --in-place --regexp-extended '/CFLAGS/s: (-O2|-ggdb) : :g' ./src/common.mk.in || die
+}
+
+src_configure() {
+	econf \
+		--docdir="${EPREFIX}/usr/share/doc/${PF}" \
+		$(use_enable apparmor) \
+		$(use_enable globalcfg) \
+		$(use_enable network) \
+		$(use_enable seccomp) \
+		$(use_enable suid) \
+		$(use_enable userns) \
+		$(use_enable whitelist)
+
+}
diff --git a/sys-apps/firejail-lts/firejail-lts-0.9.56.2.ebuild b/sys-apps/firejail-lts/firejail-lts-0.9.56.2.ebuild
new file mode 100644
index 000000000000..58dc1df4e153
--- /dev/null
+++ b/sys-apps/firejail-lts/firejail-lts-0.9.56.2.ebuild
@@ -0,0 +1,47 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="Security sandbox for any type of processes; LTS version"
+HOMEPAGE="https://firejail.wordpress.com/"
+
+MY_PN=firejail
+
+SRC_URI="https://github.com/netblue30/${MY_PN}/archive/${PV}-LTS.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE="apparmor +globalcfg +network +seccomp +suid +userns test +whitelist"
+
+DEPEND="!sys-apps/firejail
+		apparmor? ( sys-libs/libapparmor )
+		test? ( dev-tcltk/expect )"
+
+RDEPEND="apparmor? ( sys-libs/libapparmor )"
+
+S="${WORKDIR}/${MY_PN}-${PV}-LTS"
+
+src_prepare() {
+	default
+
+	find -type f -name Makefile.in | xargs sed --in-place --regexp-extended \
+		--expression='/^\tinstall .*COPYING /d' \
+		--expression='/CFLAGS/s: (-O2|-ggdb) : :g' || die
+
+	sed --in-place --regexp-extended '/CFLAGS/s: (-O2|-ggdb) : :g' ./src/common.mk.in || die
+}
+
+src_configure() {
+	econf \
+		--docdir="${EPREFIX}/usr/share/doc/${PF}" \
+		$(use_enable apparmor) \
+		$(use_enable globalcfg) \
+		$(use_enable network) \
+		$(use_enable seccomp) \
+		$(use_enable suid) \
+		$(use_enable userns) \
+		$(use_enable whitelist)
+
+}
diff --git a/sys-apps/firejail-lts/metadata.xml b/sys-apps/firejail-lts/metadata.xml
index b1d77ccb9cfc..74406c739693 100644
--- a/sys-apps/firejail-lts/metadata.xml
+++ b/sys-apps/firejail-lts/metadata.xml
@@ -1,22 +1,29 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-	<!-- maintainer-needed -->
+	<maintainer type="person">
+		<email>expeditioneer@gentoo.org</email>
+		<name>Dennis Lamm</name>
+	</maintainer>
 	<longdescription lang="en">
-		Firejail is a SUID program that reduces the risk of security breaches
-		by restricting the running environment of untrusted applications using
-		Linux namespaces and seccomp-bpf. It allows a process and all its
-		descendants to have their own private view of the globally shared
-		kernel resources, such as the network stack, process table, mount
-		table.
+		Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of
+		untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to
+		have their own private view of the globally shared kernel resources, such as the network stack, process table,
+		mount table.
 
-		This is long term support branch of firejail. For bleeding edge version
-		see sys-apps/firejail.
+		This is long term support branch of firejail. For the regular version see sys-apps/firejail. 
+		The code base is approximately 40% smaller than the regular version,
+		providing a smaller attack surface for the SUID executable.
 	</longdescription>
 	<upstream>
-		<remote-id type="sourceforge">firejail</remote-id>
+		<remote-id type="github">netblue30/firejail</remote-id>
 	</upstream>
 	<use>
+		<flag name="apparmor">Enable support for custom AppArmor profiles</flag>
+		<flag name="globalcfg">Enable global config file</flag>
+		<flag name="network">Enable networking features</flag>
 		<flag name="seccomp">Enable system call filtering</flag>
+		<flag name="userns">Enable attaching a new user namespace to a sandbox (--noroot option)</flag>
+		<flag name="whitelist">Enable file and directory whitelisting</flag>
 	</use>
 </pkgmetadata>