Update sysutils/py-salt to 2017.7.1

- Includes fix for security vulnerability CVE-2017-12791 - Include patch to fix bug in the freebsdservice module [1] - Add TCP transport option - Clarify the port options for transports only install the runtime dependencies - Add note to pkg-message explaining how to change to non-default transports - Change supported python releases to exclude 2.6 and allow python3 [2] - Only depend on py-enum34 if python version is < 3.4 (included in python >= 3.4) - Reorder Makefile to move OPTIONS after USES/USE/standard variables [3] - Ensure Makefile lists are sorted alphabetically [1] saltstack/salt#36675 (comment) [2] https://docs.saltstack.com/en/latest/topics/releases/2017.7.0.html#python-3 [3] https://www.freebsd.org/doc/en/books/porters-handbook/porting-order.html Changes this release: https://docs.saltstack.com/en/latest/topics/releases/2017.7.0.html https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html PR: 220869 Reported by: Christer Edwards <christer.edwards@gmail.com> (maintainer) Approved by: Christer Edwards <christer.edwards@gmail.com> (maintainer) Security: CVE-2017-12791 Security: https://vuxml.freebsd.org/freebsd/3531141d-a708-477c-954a-2a0549e49ca9.html
freebsd · Aug 22, 2017 · 4404a91 · 4404a91
1 parent 23ee206
commit 4404a91
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 30 deletions.
diff --git a/sysutils/py-salt/Makefile b/sysutils/py-salt/Makefile
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	salt
-PORTVERSION=	2016.11.6
-PORTREVISION=	1
+PORTVERSION=	2017.7.1
 CATEGORIES=	sysutils python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
@@ -14,33 +13,18 @@ COMMENT=	Distributed remote execution and configuration management system
 LICENSE=	APACHE20
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
-RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}yaml>0:devel/py-yaml \
-		${PYTHON_PKGNAMEPREFIX}Jinja2>0:devel/py-Jinja2 \
-		${PYTHON_PKGNAMEPREFIX}msgpack-python>=0.3:devel/py-msgpack-python \
-		${PYTHON_PKGNAMEPREFIX}libcloud>=0.14.0:net/py-libcloud \
-		${PYTHON_PKGNAMEPREFIX}botocore>0:devel/py-botocore \
+RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}Jinja2>0:devel/py-Jinja2 \
 		${PYTHON_PKGNAMEPREFIX}MarkupSafe>0:textproc/py-MarkupSafe \
-		${PYTHON_PKGNAMEPREFIX}requests>=1.0.0:www/py-requests \
-		${PYTHON_PKGNAMEPREFIX}enum34>0:devel/py-enum34 \
-		${PYTHON_PKGNAMEPREFIX}progressbar>0:misc/py-progressbar \
+		${PYTHON_PKGNAMEPREFIX}botocore>0:devel/py-botocore \
 		${PYTHON_PKGNAMEPREFIX}futures>=2.0:devel/py-futures \
-		${PYTHON_PKGNAMEPREFIX}tornado>=4.2.1:www/py-tornado
-
-OPTIONS_DEFINE=	ZEROMQ RAET
-OPTIONS_DEFAULT=	ZEROMQ
-
-ZEROMQ_DESC=	Enable ZeroMQ transport
-RAET_DESC=	Enable RAET transport
-
-ZEROMQ_BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pyzmq>=2.2.0:net/py-pyzmq
-ZEROMQ_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pyzmq>=2.2.0:net/py-pyzmq \
-		${PYTHON_PKGNAMEPREFIX}pycrypto>=2.6.1:security/py-pycrypto
-
-RAET_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}libnacl>=1.0.0:security/py-libnacl \
-		${PYTHON_PKGNAMEPREFIX}ioflo>=1.1.7:devel/py-ioflo \
-		${PYTHON_PKGNAMEPREFIX}raet>=0.6.0:net/py-raet
+		${PYTHON_PKGNAMEPREFIX}libcloud>=0.14.0:net/py-libcloud \
+		${PYTHON_PKGNAMEPREFIX}msgpack-python>=0.3:devel/py-msgpack-python \
+		${PYTHON_PKGNAMEPREFIX}progressbar>0:misc/py-progressbar \
+		${PYTHON_PKGNAMEPREFIX}requests>=1.0.0:www/py-requests \
+		${PYTHON_PKGNAMEPREFIX}tornado>=4.2.1:www/py-tornado \
+		${PYTHON_PKGNAMEPREFIX}yaml>0:devel/py-yaml
 
-USES=		cpe python:2
+USES=		cpe python:2.7+
 CPE_VENDOR=	saltstack
 CPE_PRODUCT=	salt
 USE_PYTHON=	autoplist distutils
@@ -71,6 +55,30 @@ SUB_LIST+=	PYTHON_CMD=${PYTHON_CMD}
 
 SUB_FILES=	pkg-message
 
+OPTIONS_DEFINE=	RAET TCP ZEROMQ
+OPTIONS_DEFAULT=ZEROMQ
+
+RAET_DESC=	Install dependencies required for RAET transport
+TCP_DESC=	Install dependencies required for TCP transport
+ZEROMQ_DESC=	Install dependencies required for ZeroMQ transport
+
+RAET_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}libnacl>=1.0.0:security/py-libnacl \
+			${PYTHON_PKGNAMEPREFIX}ioflo>=1.1.7:devel/py-ioflo \
+			${PYTHON_PKGNAMEPREFIX}raet>=0.6.0:net/py-raet
+
+TCP_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pycrypto>=2.6.1:security/py-pycrypto
+
+ZEROMQ_BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pyzmq>=2.2.0:net/py-pyzmq
+ZEROMQ_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pyzmq>=2.2.0:net/py-pyzmq \
+			${PYTHON_PKGNAMEPREFIX}pycrypto>=2.6.1:security/py-pycrypto
+
+.include <bsd.port.pre.mk>
+
+# Python 2.7-3.3 require enum34, unnecessary for Python 3.4+
+.if ${PYTHON_REL} < 3400
+RUN_DEPENDS+=	${PYTHON_PKGNAMEPREFIX}enum34>0:devel/py-enum34
+.endif
+
 post-patch:
 .for file in conf/minion conf/master doc/man/salt-key.1 \
 	doc/man/salt-cp.1 doc/man/salt-minion.1 doc/man/salt-syndic.1 \
@@ -89,4 +97,4 @@ post-install:
 	${INSTALL_DATA} ${WRKSRC}/conf/master ${STAGEDIR}${ETCDIR}/master.sample
 	${INSTALL_DATA} ${WRKSRC}/conf/minion ${STAGEDIR}${ETCDIR}/minion.sample
 
-.include <bsd.port.mk>
+.include <bsd.port.post.mk>
diff --git a/sysutils/py-salt/distinfo b/sysutils/py-salt/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1499072109
-SHA256 (salt-2016.11.6.tar.gz) = 9031af68d31d0416fe3161526ef122a763afc6182bd63fe48b6c4d0a16a0703a
-SIZE (salt-2016.11.6.tar.gz) = 9410028
+TIMESTAMP = 1503211965
+SHA256 (salt-2017.7.1.tar.gz) = fe868415d0e1162157186f4c5263e9af902b0571870ad2da210e7edf5ff5331d
+SIZE (salt-2017.7.1.tar.gz) = 11408839
diff --git a/sysutils/py-salt/files/patch-salt_modules_freebsdservice.py b/sysutils/py-salt/files/patch-salt_modules_freebsdservice.py
@@ -0,0 +1,18 @@
+--- salt/modules/freebsdservice.py.orig	2017-08-15 15:26:36 UTC
++++ salt/modules/freebsdservice.py
+@@ -16,7 +16,6 @@ import os
+
+ # Import salt libs
+ import salt.utils
+-import salt.utils.decorators as decorators
+ from salt.exceptions import CommandNotFoundError
+
+ __func_alias__ = {
+@@ -39,7 +38,6 @@ def __virtual__():
+     return (False, 'The freebsdservice execution module cannot be loaded: only available on FreeBSD systems.')
+
+
+-@decorators.memoize
+ def _cmd(jail=None):
+     '''
+     Return full path to service command
diff --git a/sysutils/py-salt/files/pkg-message.in b/sysutils/py-salt/files/pkg-message.in
@@ -23,5 +23,14 @@ To configure a Salt Proxy Minion, do the following:
   o sysrc salt_proxy_list=""
   o Update the salt_proxy_list with the proxy minion name(s)
 
+---------------------------------------------------------------------------------------------------
+
+To change the Transport method from the default option of Zeromq to either TCP or RAET:
+
+  o Re-build the port with the desired options enabled to install the correct runtime dependencies
+  o Ensure the master and minions all have salt installed with these same options and dependencies
+  o Add the line 'transport: [tcp|raet]' to both the master and minion configuration files
+  o Restart salt on the master and minions
+
 ===================================================================================================