pkgsrc/sysutils/amanda-common/patches/patch-config_amanda_config_flags.m4

$NetBSD: patch-config_amanda_config_flags.m4,v 1.1 2018/11/23 22:33:13 spz Exp $

fix amanda gcc flags checking

--- ./config/amanda/flags.m4.orig	2016-02-09 22:52:50.000000000 +0000
+++ ./config/amanda/flags.m4
@@ -351,7 +351,7 @@ AC_DEFUN([AMANDA_TEST_GCC_FLAG],
     AC_MSG_CHECKING(for gcc flag $1)
     if test "x$GCC" = "xyes"; then
 	changequote(,)dnl
-	($CC --help={target,optimizers,warnings,undocumented,params,c} 2>&1 || 
+	($CC --help=target --help=optimizers --help=warnings --help=undocumented --help=params --help=c 2>&1 || 
            $CC -v --help 2>&1) | 
          $EGREP -- '[^0-9A-Za-z]$1[^0-9A-Za-z]' 2>&1 > /dev/null
 	changequote([,])dnl
Update to 3.3.9, fixing CVE-2016-10729 and CVE-2016-10730 Upstream release notes: Release Notes for 3.3.9: new --with-security-file configure option It set the default security file. default to /etc/amanda-security.conf security-fix All previous release of amanda allow the 'amanda' user to execute any code as root, and to execute an interactive shell as root. This is a security vulnerability if you do not trust the 'amanda' user. There is no need to upgrade if you trust the 'amanda' user and the account is secure good password. secure xinetd.conf setting. secure .amandahosts setting. The 'amanda' user can read all files in the machine, it is what a backup program do. The set of fix disable the abilities to run unwanted code as root or to write file anywhere in the filesystem. /etc/amanda-security.conf/etc/amanda-security.conf A file that contains security setting. It list all binaries amanda can execute as root. restore_by_amanda_user It tell if the 'amanda' user can do restore as root. It allow the 'amanda' user to write files anywhere in the filesystem. amgtar/amstar/ambsdtar/runtar Disable arguments that can fork program. Verify the realpath (with symbolic link resolved) is in the amanda-security.conf file. Verify the tar/star/bsdtar realpath program is secure owned by root and modifiable only by root. On restore, check the restore_by_amanda_user setting if not run by root. Release Notes for 3.3.8: s3 devices New NEARLINE S3-STORAGE-CLASS for Google storage. New AWS4 STORAGE-API amcryptsimple Works with newer gpg2. amgtar Default SPARSE value is NO if tar < 1.28. Because a bug in tar with some filesystem. amstar support include in backup mode. ampgsql Add FULL-WAL property. Many bugs fix. Release Notes for 3.3.7p1: Fix build in 3.3.7. Release Notes for 3.3.7: amvault new --no-interactivity argument. new --src-labelstr argument. amdump compute crc32 of the streams and write them to the debug files. chg-robot Add a BROKEN-DRIVE-LOADED-SLOT property. Many bugs fix. Release Notes for 3.3.6: ambsdtar new application that use BSD tar to do the backup. Many bugs fix. Release Notes for 3.3.5: amtape faster 'verify' command. fix parsing of config override arguments. amsamba Add REGEX-MATCH property. amvault Print progress status. ndmp device INDIRECT property default to yes. Many bugs fix. Release Notes for 3.3.4: amreport new --format argument new 'json' and 'json_raw' format. amanda.conf new REPORT-FORMAT option. amtape new 'verify' command. amadmin new 'force-level-1' command. ampgsql Add VERBOSE property. S3 device handle DURABLE_REDUCED_AVAILABILITY for google storage. Many bugs fix. Release Notes for 3.3.3: amdump.X log files use timestamp instead of number, amdump and amdump.1 are maintained as symlink. chg-disk Use the changerfile for the statefile. s3 device Support CASTOR storage amanda.conf New REPORT-USE-MEDIA and REPORT-NEXT-MEDIA setting. amfetchdump New --extract, --directory, --data-path and --application-property arguments. It allow to do the extraction on the server. --exact-match argument to many command, and '=' prefix to expression. It diable use of expression for host, disk, level and datestamp on command line argument. All changer scripts. Add LOCK-TIMEOUT property. Many bug fix Release Notes for 3.3.2: amgtar New IGNORE-ZEROS property amsamba Fix use of subdir for restore s3 device New PROXY property New PASSWORD, USERNAME, TENANT_ID, TENANT_NAME properties New STORAGE_API property New S3_MULTI_DELETE property New CLIENT_ID, CLIENT_SECRET and REFRESH_TOKEN properties New CREATE-BUCKET property New PROJECT-ID property New REUSE-CONNECTION property Works with swift and google storage. NDMP device Add INDIRECT property amanda.conf Add 'max-warnings', The maximum number of warning lines in the report. Default 'columspec' changed to: HostName=0:-12:12,Disk=1:-11:11,Level=1:-1:1,OrigKB=1:-7:0,OutKB=1:-7:0, Compress=1:-6:1,DumpTime=1:-7:7,Dumprate=1:-6:1,TapeTime=1:-6:6, TapeRate=1:-6:1 amadmin Add --no-default and --print-source arguments for config and disklist command. amfetchdump Print progress. Add --decrypt, --no-decrypt, --server-decrypt, --client-decrypt, --compress, --no-compress, --server-compress and --client-compress options. fix for compilation with newer glib fix for compilation on cigwin Many bug fix 2018-11-23 23:33:13 +01:00			$NetBSD: patch-config_amanda_config_flags.m4,v 1.1 2018/11/23 22:33:13 spz Exp $

			`fix amanda gcc flags checking`

			`--- ./config/amanda/flags.m4.orig 2016-02-09 22:52:50.000000000 +0000`
			`+++ ./config/amanda/flags.m4`
			`@@ -351,7 +351,7 @@ AC_DEFUN([AMANDA_TEST_GCC_FLAG],`
			`AC_MSG_CHECKING(for gcc flag $1)`
			`if test "x$GCC" = "xyes"; then`
			`changequote(,)dnl`
			`- ($CC --help={target,optimizers,warnings,undocumented,params,c} 2>&1 \|\|`
			`+ ($CC --help=target --help=optimizers --help=warnings --help=undocumented --help=params --help=c 2>&1 \|\|`
			`$CC -v --help 2>&1) \|`
			`$EGREP -- '[^0-9A-Za-z]$1[^0-9A-Za-z]' 2>&1 > /dev/null`
			`changequote([,])dnl`