Skip to content
Snippets Groups Projects
Select Git revision
  • 4c58991e479ec856cf8aeda34b9a13653d43df83
  • master default protected
2 results

make.sh

Blame
    • make.sh 2.24 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56 
    

    

    

    #!/bin/bash

set -x

# Nastaveni promennych
export DEBIAN_FRONTEND=noninteractive
export DEBEMAIL="Pavel Vondruska <vondruska@cesnet.cz>"

# Nacteni promennych o bezicim systemu vcetne verzi
. /etc/os-release

# Od Debian 11 Bullseye ma debian-security trochu jinou cestu, abychom mohli pouzit heredoc, rozskocime si pres funkci
function get_debian_security() {
    if [ "${VERSION_ID}" -lt "11" ]; then echo "${VERSION_CODENAME}/updates"; else echo "${VERSION_CODENAME}-security"; fi
}

# Vygenerovani sources.list podle verze Debianu
cat > /etc/apt/sources.list << EOSOURCES
deb http://ftp.zcu.cz/pub/linux/debian ${VERSION_CODENAME} main contrib non-free
deb http://ftp.zcu.cz/pub/linux/debian ${VERSION_CODENAME}-updates main contrib non-free
deb http://ftp.zcu.cz/pub/linux/debian-security $(get_debian_security) main contrib non-free

deb-src http://ftp.zcu.cz/pub/linux/debian ${VERSION_CODENAME} main contrib non-free
deb-src http://ftp.zcu.cz/pub/linux/debian ${VERSION_CODENAME}-updates main contrib non-free
deb-src http://ftp.zcu.cz/pub/linux/debian-security $(get_debian_security) main contrib non-free
EOSOURCES

# Instalace buildovacich veci a zavislosti
apt update -qqq
apt install -yqqq git devscripts build-essential wget

dget https://deb.debian.org/debian/pool/main/o/open-vm-tools/open-vm-tools_10.3.10-1+deb10u2.dsc
cd open-vm-tools-10.3.10
mk-build-deps --install --tool='apt-get -o Debug::pkgProblemResolver=yes --yes' debian/control

#wget https://salsa.debian.org/vmware-packaging-team/pkg-open-vm-tools/-/raw/67b16ff62228304dfe96d33a0ba663c2e8d3167d/debian/patches/1125-Properly-check-authorization-on-incoming-guestOps-re.patch -O debian/patches/1125-Properly-check-authorization-on-incoming-guestOps-re.patch
cp -v ../1125-Properly-check-authorization-on-incoming-guestOps-re.patch debian/patches
echo '1125-Properly-check-authorization-on-incoming-guestOps-re.patch' >> debian/patches/series

cat << EOCHL > debian/changelog
open-vm-tools (2:10.3.10-1+deb10u2+dex1) buster; urgency=medium

  * [67b16ff] Properly check authorization on incoming guestOps requests.
    (Closes: #1018012 CVE-2022-31676)

 -- Bernd Zeimetz <bzed@debian.org>  Wed, 24 Aug 2022 10:28:40 +0200

$(cat debian/changelog)
EOCHL

dpkg-buildpackage -uc -us -b

cd ..
mkdir build
mv *.deb build/