Sun Jan 29 23:24:10 2017 UTC ()
gstreamer1: don't create a setuid binary by default, make an option for it.

gstreamer has gst-ptp-helper - helper for synchronizing time across
the network. I don't believe this option is useful enough to be a default,
but it poses a security risk.

For more information about PTP in Gstreamer, see the following post:
https://coaxion.net/blog/2015/05/ptp-network-clock-support-in-gstreamer/

bump PKGREVISION


(maya)
diff -r1.27 -r1.28 pkgsrc/multimedia/gstreamer1/Makefile
diff -r1.5 -r1.6 pkgsrc/multimedia/gstreamer1/options.mk
cvs diff -r1.27 -r1.28 pkgsrc/multimedia/gstreamer1/Makefile (expand / switch to unified diff)

--- pkgsrc/multimedia/gstreamer1/Makefile 2016/12/01 11:08:56 1.27
+++ pkgsrc/multimedia/gstreamer1/Makefile 2017/01/29 23:24:10 1.28
@@ -1,17 +1,18 @@ @@ -1,17 +1,18 @@
1# $NetBSD: Makefile,v 1.27 2016/12/01 11:08:56 martin Exp $ 1# $NetBSD: Makefile,v 1.28 2017/01/29 23:24:10 maya Exp $
2 2
3DISTNAME= gstreamer-1.10.0 3DISTNAME= gstreamer-1.10.0
4PKGNAME= ${DISTNAME:S/gstreamer/gstreamer1/} 4PKGNAME= ${DISTNAME:S/gstreamer/gstreamer1/}
 5PKGREVISION= 1
5CATEGORIES= multimedia 6CATEGORIES= multimedia
6MASTER_SITES= http://gstreamer.freedesktop.org/src/gstreamer/ 7MASTER_SITES= http://gstreamer.freedesktop.org/src/gstreamer/
7EXTRACT_SUFX= .tar.xz 8EXTRACT_SUFX= .tar.xz
8 9
9MAINTAINER= pkgsrc-users@NetBSD.org 10MAINTAINER= pkgsrc-users@NetBSD.org
10HOMEPAGE= http://gstreamer.freedesktop.org/ 11HOMEPAGE= http://gstreamer.freedesktop.org/
11COMMENT= Open source multimedia framework 12COMMENT= Open source multimedia framework
12LICENSE= gnu-lgpl-v2 13LICENSE= gnu-lgpl-v2
13 14
14GNU_CONFIGURE= yes 15GNU_CONFIGURE= yes
15USE_LIBTOOL= yes 16USE_LIBTOOL= yes
16USE_TOOLS+= bison flex gmake perl pkg-config 17USE_TOOLS+= bison flex gmake perl pkg-config
17USE_PKGLOCALEDIR= yes 18USE_PKGLOCALEDIR= yes
cvs diff -r1.5 -r1.6 pkgsrc/multimedia/gstreamer1/Attic/options.mk (expand / switch to unified diff)

--- pkgsrc/multimedia/gstreamer1/Attic/options.mk 2016/12/01 11:08:56 1.5
+++ pkgsrc/multimedia/gstreamer1/Attic/options.mk 2017/01/29 23:24:10 1.6
@@ -1,24 +1,34 @@ @@ -1,24 +1,34 @@
1# $NetBSD: options.mk,v 1.5 2016/12/01 11:08:56 martin Exp $ 1# $NetBSD: options.mk,v 1.6 2017/01/29 23:24:10 maya Exp $
2 2
3PKG_OPTIONS_VAR= PKG_OPTIONS.gstreamer 3PKG_OPTIONS_VAR= PKG_OPTIONS.gstreamer
4PKG_SUPPORTED_OPTIONS= gstreamer-gstcheck introspection 4PKG_SUPPORTED_OPTIONS= gstreamer-gstcheck introspection ptp-suid
5PKG_SUGGESTED_OPTIONS= introspection 5PKG_SUGGESTED_OPTIONS= introspection
6 6
7.include "../../mk/bsd.options.mk" 7.include "../../mk/bsd.options.mk"
8 8
9PLIST_VARS+= gstcheck introspection 9PLIST_VARS+= gstcheck introspection
10.if !empty(PKG_OPTIONS:Mgstreamer-gstcheck) 10.if !empty(PKG_OPTIONS:Mgstreamer-gstcheck)
11.include "../../devel/check/buildlink3.mk" 11.include "../../devel/check/buildlink3.mk"
12PLIST.gstcheck= yes 12PLIST.gstcheck= yes
13# don't worry if the "GstABI" check fails -- GstPlugin contains 13# don't worry if the "GstABI" check fails -- GstPlugin contains
14# off_t and time_t which are system dependent 14# off_t and time_t which are system dependent
15TEST_TARGET= check-torture 15TEST_TARGET= check-torture
16.else 16.else
17CONFIGURE_ARGS+=--disable-check 17CONFIGURE_ARGS+=--disable-check
18.endif 18.endif
19.if !empty(PKG_OPTIONS:Mintrospection) 19.if !empty(PKG_OPTIONS:Mintrospection)
20.include "../../devel/gobject-introspection/buildlink3.mk" 20.include "../../devel/gobject-introspection/buildlink3.mk"
21PLIST.introspection=yes 21PLIST.introspection=yes
22.else 22.else
23CONFIGURE_ARGS+=--disable-introspection 23CONFIGURE_ARGS+=--disable-introspection
24.endif 24.endif
 25
 26# PTP network clock requires setuid root for gst-ptp-helper
 27# It's not useful enough to be a default, but left as an option
 28# for those interested in it.
 29.if !empty(PKG_OPTIONS:Mptp-suid)
 30SPECIAL_PERMS+= libexec/gstreamer-1.0/gst-ptp-helper ${SETUID_ROOT_PERMS}
 31CONFIGURE_ARGS+= --with-ptp-helper-permissions=setuid-root
 32.else
 33CONFIGURE_ARGS+= --with-ptp-helper-permissions=none
 34.endif