diff options
| -rw-r--r-- | .SRCINFO | 6 | ||||
| -rw-r--r-- | PKGBUILD | 8 | ||||
| -rw-r--r-- | appgatedriver.service | 29 | ||||
| -rw-r--r-- | appgatedriver.service.patch | 11 |
4 files changed, 18 insertions, 36 deletions
@@ -1,7 +1,7 @@ pkgbase = appgate-sdp-5 pkgdesc = Software Defined Perimeter v5 - GUI client pkgver = 5.1.2 - pkgrel = 1 + pkgrel = 2 url = https://www.cyxtera.com/essential-defense/appgate-sdp/support arch = x86_64 license = custom @@ -19,11 +19,11 @@ pkgbase = appgate-sdp-5 conflicts = appgate-sdp options = staticlibs source = https://bin.appgate-sdp.com/5.1/client/appgate-sdp_5.1.2_amd64.deb - source = appgatedriver.service + source = appgatedriver.service.patch source = nm.py.patch source = set_dns.patch md5sums = cdea9f4f5ff4184b999ae0ed4d0c9b93 - md5sums = 002644116e20b2d79fdb36b7677ab4cf + md5sums = 52c30e4c8d5e6131aa48c9a1919aafd2 md5sums = 4b299aebb57019c6a4f70860da454300 md5sums = aa95ad0ba9304cf72ee43779cd28d9a5 @@ -4,7 +4,7 @@ conflicts=('appgate-sdp-headless' 'appgate-sdp') pkgver=5.1.2 _download_pkgver=$(expr match "$pkgver" '\([[:digit:]]\+\.[[:digit:]]\+\)') _download_pkgname='appgate-sdp' -pkgrel=1 +pkgrel=2 epoch= pkgdesc="Software Defined Perimeter v5 - GUI client" arch=('x86_64') @@ -15,7 +15,7 @@ license=('custom') depends=('gconf' 'libsecret' 'gtk3' 'python' 'nss' 'libxss' 'nodejs' 'dnsmasq' 'python-dbus') optdepends=('gnome-keyring: saves the endpoint certificate between sessions') source=("https://bin.appgate-sdp.com/${_download_pkgver}/client/${_download_pkgname}_${pkgver}_amd64.deb" - "appgatedriver.service" + "appgatedriver.service.patch" "nm.py.patch" "set_dns.patch") @@ -30,7 +30,7 @@ package() { mv -v "$pkgdir/lib/systemd/system" "$pkgdir/usr/lib/systemd/" rm -vrf "$pkgdir/lib" - cp -v "$srcdir/appgatedriver.service" "$pkgdir/usr/lib/systemd/system/appgatedriver.service" + patch "$pkgdir/usr/lib/systemd/system/appgatedriver.service" "$srcdir/appgatedriver.service.patch" patch "$pkgdir/opt/appgate/linux/nm.py" "$srcdir/nm.py.patch" patch "$pkgdir/opt/appgate/linux/set_dns" "$srcdir/set_dns.patch" @@ -41,6 +41,6 @@ package() { } md5sums=('cdea9f4f5ff4184b999ae0ed4d0c9b93' - '002644116e20b2d79fdb36b7677ab4cf' + '52c30e4c8d5e6131aa48c9a1919aafd2' '4b299aebb57019c6a4f70860da454300' 'aa95ad0ba9304cf72ee43779cd28d9a5') diff --git a/appgatedriver.service b/appgatedriver.service deleted file mode 100644 index 902db9a64f22..000000000000 --- a/appgatedriver.service +++ /dev/null @@ -1,29 +0,0 @@ -[Unit] -Description=AppGate driver service - -[Service] -# Remove traces of appgate-resolver, if it wasn't terminated properly -ExecStartPre=/bin/sh -c "test -e /etc/resolv.appgate && (chattr -i /etc/resolv.conf || :; mv /etc/resolv.appgate /etc/resolv.conf) ||:" -ExecStart="/opt/appgate/tun-service" -Type=forking -Restart=always -ProtectHome=true -ProtectKernelTunables=true -ProtectKernelModules=true -ProtectControlGroups=true -PrivateTmp=true -CapabilityBoundingSet=~CAP_SYS_ADMIN -CapabilityBoundingSet=~CAP_WAKE_ALARM -CapabilityBoundingSet=~CAP_SYSLOG -CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG -CapabilityBoundingSet=~CAP_SYS_TIME -CapabilityBoundingSet=~CAP_SYS_RESOURCE -CapabilityBoundingSet=~CAP_SYS_PTRACE -CapabilityBoundingSet=~CAP_SYS_PACCT -CapabilityBoundingSet=~CAP_SYS_MODULE -CapabilityBoundingSet=~CAP_SYS_CHROOT -CapabilityBoundingSet=~CAP_SYS_BOOT -InaccessiblePaths=-/mnt -/srv -/boot -/media - -[Install] -WantedBy=multi-user.target diff --git a/appgatedriver.service.patch b/appgatedriver.service.patch new file mode 100644 index 000000000000..09cd128ef7b6 --- /dev/null +++ b/appgatedriver.service.patch @@ -0,0 +1,11 @@ +--- appgatedriver.service 2020-06-04 17:43:08.184640831 +0100 ++++ appgatedriver.service.new 2020-06-04 17:42:22.764640194 +0100 +@@ -21,7 +21,7 @@ + CapabilityBoundingSet=~CAP_SYS_PACCT + CapabilityBoundingSet=~CAP_SYS_CHROOT + CapabilityBoundingSet=~CAP_SYS_BOOT +-InaccessiblePaths=/mnt /srv /boot /media ++InaccessiblePaths=-/mnt -/srv -/boot -/media + + [Install] + WantedBy=multi-user.target |