add ncpfs with ln hack

do-kernel-build.sh

@@ -9,10 +9,11 @@ BASEDIR=$(dirname $0)
 
 source $BASEDIR/kernel
 
-EMERGE=""
+EMERGE="virtual/linux-sources"
 
 for package in ${PACKAGES}; do
     EMERGE="$EMERGE =${package}-${VER}"
 done
 
 emerge $EMERGE
+eit add $EMERGE

net-fs/ncpfs/ChangeLog

@@ -0,0 +1,127 @@
+# ChangeLog for net-fs/ncpfs
+# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-fs/ncpfs/ChangeLog,v 1.31 2012/06/11 09:20:53 ago Exp $
+
+  11 Jun 2012; Agostino Sarubbo <ago@gentoo.org> ncpfs-2.2.6-r2.ebuild:
+  Stable for amd64, wrt bug #418227
+
+  11 Jun 2012; Agostino Sarubbo <ago@gentoo.org> -ncpfs-2.2.6-r1.ebuild:
+  Remove old
+
+  07 Jun 2012; Brent Baude <ranger@gentoo.org> ncpfs-2.2.6-r2.ebuild:
+  Marking ncpfs-2.2.6-r2 ppc for bug 418227
+
+  05 Jun 2012; Brent Baude <ranger@gentoo.org> ncpfs-2.2.6-r2.ebuild:
+  Marking ncpfs-2.2.6-r2 ppc64 for bug 418227
+
+*ncpfs-2.2.6-r2 (10 Feb 2011)
+
+  10 Feb 2011; Joshua Kinard <kumba@gentoo.org> -ncpfs-2.2.6.ebuild,
+  +ncpfs-2.2.6-r2.ebuild, +files/ncpfs-2.2.6-multiple-vulns.patch,
+  +files/ncpfs-2.2.6-remove-packed-attrib.patch, +files/ipx.confd,
+  +files/ipx.init:
+  Add two patches to ncpfs, one to correct several vulnerabilities (#308071)
+  and another to remove unneeded __attribute((packed)) directives to make the
+  build look a lot cleaner. Also imported an init.d script and companion conf.d
+  file for starting up/shutting down IPX through the init system. The init
+  script should address #238688 in this package. Also fixed #126323 by
+  installing headers for ncpfs into /usr/include. And removed the -r0 ebuild.
+
+  08 Oct 2010; Matti Bickel <mabi@gentoo.org> ncpfs-2.2.6-r1.ebuild:
+  change virtual/php to dev-lang/php (bug #319623)
+
+*ncpfs-2.2.6-r1 (20 Apr 2010)
+
+  20 Apr 2010; Mike Frysinger <vapier@gentoo.org> +ncpfs-2.2.6-r1.ebuild:
+  Clean up ebuild, respect env LDFLAGS, fix multilib pam issues #273486 by
+  Rion, and fix sandbox violations w/ldconfig #273484 by Rion.
+
+  14 May 2008; Diego Pettenò <flameeyes@gentoo.org> ncpfs-2.2.6.ebuild:
+  Depend on virtual/pam as the code builds fine with OpenPAM.
+
+  11 May 2007; Maurice van der Pot <griffon26@gentoo.org>
+  +files/ncpfs-2.2.6-missing-includes.patch, ncpfs-2.2.6.ebuild:
+  Added some includes for missing header files, fixing errors during
+  compilation reported as bug #157462 and bug #178090 by Willard Dawson
+  <willard.dawson@sungard.com> and Marat Radchenko <valder@yandex.ru>
+  respectively.
+
+  28 Nov 2006; Luca Longinotti <chtekk@gentoo.org> -ncpfs-2.2.0.19.ebuild,
+  -ncpfs-2.2.0.19-r1.ebuild, -ncpfs-2.2.0.19-r2.ebuild, -ncpfs-2.2.3.ebuild,
+  -ncpfs-2.2.5.ebuild:
+  Delete vulnerable versions on behalf of DerCorny, fixes bug #140535.
+
+  28 Jan 2006; Mark Loeser <halcy0n@gentoo.org>
+  +files/ncpfs-2.2.6-gcc4.patch, ncpfs-2.2.6.ebuild:
+  Add patch to fix compilation with gcc-4.0; bug #118914
+
+  29 Jan 2005; Markus Rothe <corsair@gentoo.org> ncpfs-2.2.6.ebuild:
+  Stable on ppc64; bug #77414
+
+*ncpfs-2.2.6 (29 Jan 2005)
+
+  29 Jan 2005; Maurice van der Pot <griffon26@gentoo.org>
+  +ncpfs-2.2.6.ebuild:
+  Added new version that fixes security bug #77414.
+  Immediately marked stable on x86.
+
+  15 Dec 2004; Peter Johanson <latexer@gentoo.org> ncpfs-2.2.5.ebuild:
+  Fix syntax for php depends. See bug #74005
+
+  14 Dec 2004; Peter Johanson <latexer@gentoo.org> ncpfs-2.2.5.ebuild:
+  Marking x86 stable. See bug #72820
+
+  11 Dec 2004; Markus Rothe <corsair@gentoo.org> ncpfs-2.2.5.ebuild:
+  Stable on ppc64; bug #72820
+
+  10 Dec 2004; Stuart Herbert <stuart@gentoo.org> ncpfs-2.2.5.ebuild:
+  Fix for typo in virtual DEPEND list; thanks to latexer for spotting it; bug
+  #74005
+
+  09 Dec 2004; Stuart Herbert <stuart@gentoo.org> ncpfs-2.2.5.ebuild:
+  Fix for sandbox violation when the PHP extension is built
+
+*ncpfs-2.2.5 (01 Dec 2004)
+
+  01 Dec 2004; Maurice van der Pot <griffon26@gentoo.org>
+  +ncpfs-2.2.5.ebuild:
+  Added new version that includes fix for security bug #72820.
+
+  05 Sep 2004; Sven Wegener <swegener@gentoo.org> :
+  Fixed ChangeLog header.
+
+  22 Jul 2004; Tom Gall <tgall@gentoo.org> ncpfs-2.2.3.ebuild:
+  stable on ppc64, bug #57586
+
+  09 May 2004; <SeJo@gentoo.org> ncpfs-2.2.3.ebuild:
+  added ~ppc keyword
+
+  26 Apr 2004; Aron Griffis <agriffis@gentoo.org> ncpfs-2.2.0.19-r1.ebuild,
+  ncpfs-2.2.0.19-r2.ebuild, ncpfs-2.2.3.ebuild:
+  Add die following econf for bug 48950
+
+  05 Jan 2004; zhen <zhen@gentoo.org> metadata.xml:
+  adding to net-fs herd
+
+*ncpfs-2.2.3 (17 Jul 2003)
+
+  17 Jul 2003; Peter Johanson <latexer@gentoo.org> ncpfs-2.2.3.ebuild:
+  Bump in ~x86.
+
+*ncpfs-2.2.0.19-r2 (23 Mar 2003)
+
+  23 Mar 2003; Martin Holzer <mholzer@gentoo.org> ncpfs-2.2.0.19-r2.ebuild:
+  Fixed ebuild that mount.* would be installed. Closes #17823.
+
+*ncpfs-2.2.0.19-r1 (20 Oct 2002)
+
+  20 Oct 2002; Seemant Kulleen <seemant@gentoo.org> ncpfs-2.2.0.19-r1.ebuild
+  files/digest-ncpfs-2.2.0.19-r1 :
+
+  Some fixes for NLS and PAM use flags.
+
+*ncpfs-2.2.0.19 (20 Jun 2002)
+
+  20 Jun 2002; J.Alberto S.L. <bass@gentoo.org> ncpfs-2.2.0.19.ebuild:
+  
+  First relase.

net-fs/ncpfs/Manifest

@@ -0,0 +1,11 @@
+AUX ipx.confd 706 SHA256 abfefd5c3f9df2232e5d35f743ff8ce2876e887d39bd823789b54e3a8bd69a0e SHA512 7c15f4aca1dbce2450f2e04741bce5f9d73150607c0f74fabe917f41a4041eaed8bf26262652dccf7660f1634932082c02e889a90b05c679485df718fff970eb WHIRLPOOL b85ae8141a1403fc47e94bab8149e8530cb0a4a8d047fe1dc5ddf77d08ff5693190d359226304141a3586d6953020f9ad56565f8d059cbda0b43c511bbbf1e60
+AUX ipx.init 972 SHA256 2b01a7a68110658f20c883e5045dd854389b37866e97c5f0e978034dc49dc395 SHA512 ce07fe5aa1d8f8f4b0f46454ce3461076bcb938b4f41187c4c214ee7895189995507cd9209551b1a3e4bbaf7f237228ec528d89b1dd91102fd21fb28253084f0 WHIRLPOOL bf5ac8aed0fd62bf30df495bf6d7073f9623848c35620f348d5afa28e9f7ec626bec4983045ab628626392f3391234f6a2e4a31680001a2bbafe4a14876a1595
+AUX ncpfs-2.2.5-php.patch 555 SHA256 ea32f4f6a9ac7c1d43af654982410680ca535a313f2a94efd3ddb295949d864b SHA512 2768cfe218c1fcd9e8458e28af51985a50d60d2538c61cb13f2c8db77fd111abbe8d81b040c82d51bd18fdecfacbc78e488ca7d17f8fd08af62a8b5690b37c19 WHIRLPOOL e19c931b0f440b93c8135f9b995f74852b152642778fd86eff89f081378c8b9ce99773bcedc08cfd54280d9d894d1b2e675f78f78a01bd47f9fcb1e1f9318d4c
+AUX ncpfs-2.2.6-gcc4.patch 1291 SHA256 8fbb8621b178aa8fb38da30639cc32afce0254445fe59c0f56c543da62d6921e SHA512 2bdce56008c2f7819c402ff00643d6602bab89922d01fefd3d42a15720cb569e6920c1ca8feaf8e927b0391ca44466df1fc91de21bcc76f53cbe7cc102e88992 WHIRLPOOL f68ece683be5e085e987891289e7605243bb37d81b357102463a3289a2a57e799ffb022fbf4470d8390540524002a478866b2809abb40aac900e00cc9cd20b9a
+AUX ncpfs-2.2.6-missing-includes.patch 779 SHA256 b724c68cd8e1b8e5ed91dc3f7c24948e76107bda6314c954918adfc058a24911 SHA512 3f51978a009b8c9e20c14500bafb4bf3ecf3b288b43f42aeb11e81ff621014c0c5774bd8d53be06706b2a78d94dae62ee663a3f710fc908d433ba2755788abcb WHIRLPOOL 875e62439a004b98b1bd227c4ad6e305e0e126f8bbc7ab687264813ddfe62102f1a5c41fc608634e3a78e96202bd5bf74ecb2973caf5c7ad6bc67a1b08487fa4
+AUX ncpfs-2.2.6-multiple-vulns.patch 14158 SHA256 50d42cda962cbc5c3e7ad6048ed2ebb465645e640a32552ffa44c7229d8d2a77 SHA512 486bae42500d0712b7023768f0cf60d0b550a11cb554b2733f09ee92a49df031dec2f938b2a355c123e50b71340cbd94dfb38b7a1b455e680ece7efe6aa13925 WHIRLPOOL 1aed769a1dd3d9e3aa6cbc0f9a34eba42c7f99947870ca8b7c655568c93404a3b4fdac4e1e50ea920032118dcc63b64090f8c12e7713c6b56ac8686d01205db0
+AUX ncpfs-2.2.6-remove-packed-attrib.patch 10312 SHA256 f1c587b329224f34f351e08b32333e854539223d337e6bb2fdadf28c2130673b SHA512 efd11c2cf08f3b7b1458b836ee863f31e3ae470986a02a3d2db0ec6fbb7a984e2d33643765d7223b797732d80187412a907a9ca971233eb0f95ed4744ef6f44a WHIRLPOOL 187d2c71547de0de2007f872a53a7c4545a2ace4d258fc93802283278202eb0db7fbef70c7a6f7210e8f037e65399c76fa57def0fe73591d8d24967432be9a4c
+DIST ncpfs-2.2.6.tar.gz 2100545 SHA256 2837046046bcdb46d77a80c1d17dbfd15e878700e879edab4cda9f080e0337f9
+EBUILD ncpfs-2.2.6-r2.ebuild 2007 SHA256 b22ad4f594bd9ee1e3d35d4798fcac14d651e9bc473e8aa7f1eaedd6e3e9392d SHA512 82127c3de392557496cada88581607a4280debba280bf62971146f91be459eb9bd62a9f21ab9e367f375cb13f0338413553a51e3e2d891c149f64f55ea3bc69d WHIRLPOOL 3c8d5cfbfefd3a7c4703b359befff0f97f1b6da338100d6abbb114b37dd0bca9e30d24e0c1d39c74f398ef3fb66c35a47ef49e8b75096c0251b62c9d9cd69be7
+MISC ChangeLog 4769 SHA256 3a113a2b1c50be4a0dbf022b28ad4e717e8de071787a66a910d11b22a54d6cd4 SHA512 232e4913c5c43c9969aa8672ff1bfa665eb00b3874adc95d64e2e1b5b48d64dcc152055aeec40ccb43c225601ddea9e55095749c245a12b52de28d3ae616c3e4 WHIRLPOOL 8f181970775af0e62f6c63b9f623616df550e9c06f6b7e1d836a040c46c30a85010656404fb2340e2b3e9ad2909bb1e20ea540e0224f774e5764260538ec5318
+MISC metadata.xml 290 SHA256 bc04d955fed7a177f63051b016c7f24451c30200e8608b70f8e63e25176a0348 SHA512 52de55e9486be04762f7ddc2dfe231e3c409ec63d3ec39dcf252540add9165a14c968fa90e281575982229791bf4a070f2285d857ca589c63e499e66e1c58d64 WHIRLPOOL a67855c335e629d78f0d54430450565c4dc3ac97184b42bcf0cbe15dfb23bdaca234feeee15773216a5243c18dd141ad9dfcc6dc0b2b95b48944ae549674545d

net-fs/ncpfs/files/ipx.confd

@@ -0,0 +1,28 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-fs/ncpfs/files/ipx.confd,v 1.1 2011/02/10 09:26:38 kumba Exp $
+
+# Config file for /etc/init.d/ipx
+
+# Automatically selecting a primary interface.
+IPX_AUTO_PRIMARY=on
+
+# Automatically creating interfaces.
+IPX_AUTO_INTERFACE=on
+
+# Interface to which IPX sockets are bound.
+IPX_DEVICE=eth0
+
+# The IPX frame type to use.
+# Valid values are: 802.2, 802.3, SNAP, & EtherII.
+IPX_FRAME=802.2
+
+# Create a special kind of IPX interface that does not
+# have a physical device or frame type.
+IPX_INTERNAL_NET=no
+
+# Network number
+IPX_NETNUM=1
+
+# Node number
+IPX_NODENUM=1

net-fs/ncpfs/files/ipx.init

@@ -0,0 +1,42 @@
+#!/sbin/runscript
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-fs/ncpfs/files/ipx.init,v 1.1 2011/02/10 09:26:38 kumba Exp $
+
+#NB: Config is in /etc/conf.d/ipx
+
+depend() {
+	need net netmount
+}
+
+start() {
+	local retval=0
+	
+	ebegin "Bringing IPX up"
+	if [ ${IPX_INTERNAL_NET} = "yes" ]
+	then
+		/usr/bin/ipx_internal_net add ${IPX_NETNUM} ${IPX_NODENUM}
+		retval=$?
+	else
+		/usr/bin/ipx_interface add -p ${IPX_DEVICE} \
+			${IPX_FRAME} ${IPX_NETNUM}
+		retval=$?
+	fi
+	
+	/usr/bin/ipx_configure \
+		--auto_primary=${IPX_AUTO_PRIMARY} \
+		--auto_interface=${IPX_AUTO_INTERFACE}
+	retval=$(( $retval + $? ))
+	eend ${retval} "Failed to bring IPX up"
+}
+
+stop() {
+	local retval=0
+	
+	ebegin "Bringing IPX down"
+	/usr/bin/ipx_configure --auto_primary=off --auto_interface=off
+	retval=$?
+	/usr/bin/ipx_interface delall
+	retval=$(( $retval + $? ))
+	eend ${retval} "Failed to down IPX"
+}

net-fs/ncpfs/files/ncpfs-2.2.5-php.patch

@@ -0,0 +1,16 @@
+--- contrib/php/build/rules.mk.orig	2004-12-09 13:01:04.417854240 +0000
++++ contrib/php/build/rules.mk	2004-12-09 13:01:42.460070944 +0000
+@@ -63,10 +63,10 @@
+ 
+ install-modules:
+ 	@test -d modules && \
+-	$(mkinstalldirs) $(moduledir) && \
+-	echo "installing shared modules into $(moduledir)" && \
++	$(mkinstalldirs) $(DESTDIR)/$(moduledir) && \
++	echo "installing shared modules into $(DESTDIR)/$(moduledir)" && \
+ 	rm -f modules/*.la && \
+-	cp modules/* $(moduledir) || true
++	cp modules/* $(DESTDIR)/$(moduledir) || true
+ 
+ include $(builddir)/.deps
+ 

net-fs/ncpfs/files/ncpfs-2.2.6-gcc4.patch

@@ -0,0 +1,36 @@
+diff -ur ncpfs-2.2.6-orig/lib/ncplib.c ncpfs-2.2.6/lib/ncplib.c
+--- ncpfs-2.2.6-orig/lib/ncplib.c	2006-01-13 16:55:05.000000000 -0500
++++ ncpfs-2.2.6/lib/ncplib.c	2006-01-13 16:56:08.000000000 -0500
+@@ -2421,7 +2421,7 @@
+ 	int i = 1;
+ 	NWCCODE nwerr;
+ 
+-	static int get_argument(int arg_no, const char **target) {
++	int get_argument(int arg_no, const char **target) {
+ 		int count = 1;
+ 
+ 		if (target != NULL) {
+diff -ur ncpfs-2.2.6-orig/util/nwpjmv.c ncpfs-2.2.6/util/nwpjmv.c
+--- ncpfs-2.2.6-orig/util/nwpjmv.c	2006-01-13 16:55:05.000000000 -0500
++++ ncpfs-2.2.6/util/nwpjmv.c	2006-01-13 16:55:50.000000000 -0500
+@@ -131,7 +131,7 @@
+ 	char *s = q->command;
+ 	char *target_end = target + target_size;
+ 
+-	static void add_string(const char *str)
++	void add_string(const char *str)
+ 	{
+ 		int len = strlen(str);
+ 		if (target + len + 1 > target_end)
+diff -ur ncpfs-2.2.6-orig/util/pserver.c ncpfs-2.2.6/util/pserver.c
+--- ncpfs-2.2.6-orig/util/pserver.c	2006-01-13 16:55:05.000000000 -0500
++++ ncpfs-2.2.6/util/pserver.c	2006-01-13 16:55:36.000000000 -0500
+@@ -153,7 +153,7 @@
+ 	char *s = q->command;
+ 	char *target_end = target + target_size;
+ 
+-	static void add_string(const char *str)
++	void add_string(const char *str)
+ 	{
+ 		int len = strlen(str);
+ 		if (target + len + 1 > target_end)

net-fs/ncpfs/files/ncpfs-2.2.6-missing-includes.patch

@@ -0,0 +1,22 @@
+diff -ruN ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c ncpfs-2.2.6-fixed/contrib/pam/pam_ncp_auth.c
+--- ncpfs-2.2.6/contrib/pam/pam_ncp_auth.c	2005-01-27 18:35:59.000000000 +0100
++++ ncpfs-2.2.6-fixed/contrib/pam/pam_ncp_auth.c	2007-05-11 21:38:05.143474750 +0200
+@@ -257,6 +257,7 @@
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <string.h>
++#include <syslog.h>
+ #include <unistd.h>
+ #include <pwd.h>
+ #include <grp.h>
+diff -ruN ncpfs-2.2.6/sutil/ncpm_common.c ncpfs-2.2.6-fixed/sutil/ncpm_common.c
+--- ncpfs-2.2.6/sutil/ncpm_common.c	2005-01-27 18:35:59.000000000 +0100
++++ ncpfs-2.2.6-fixed/sutil/ncpm_common.c	2007-05-11 21:38:29.609003750 +0200
+@@ -82,6 +82,7 @@
+ 
+ #include "ncpm_common.h"
+ 
++#include <stddef.h>
+ #include <stdio.h>
+ #include <string.h>
+ #include <signal.h>

net-fs/ncpfs/files/ncpfs-2.2.6-multiple-vulns.patch

@@ -0,0 +1,557 @@
+From: Dan Rosenberg <dan.j.rosenberg () gmail com>
+Date: Fri, 5 Mar 2010 12:06:01 -0500
+
+============================================
+ ncpfs, Multiple Vulnerabilities
+ March 5, 2010
+ CVE-2010-0788, CVE-2010-0790, CVE-2010-0791
+============================================
+
+==Description==
+
+The ncpmount, ncpumount, and ncplogin utilities, installed as part of the ncpfs
+package, contain several vulnerabilities.
+
+1. ncpmount, ncpumount, and ncplogin are vulnerable to race conditions that
+allow a local attacker to unmount arbitrary mountpoints, causing
+denial-of-service, or mount Netware shares to arbitrary directories,
+potentially leading to root compromise.  This issue was formerly assigned
+CVE-2009-3297, but has since been re-assigned CVE-2010-0788 to avoid overlap
+with related bugs in other packages.
+
+2. ncpumount is vulnerable to an information disclosure vulnerability that
+allows a local attacker to verify the existence of arbitrary files, violating
+directory permissions.  This issue has been assigned CVE-2010-0790.
+
+3. ncpmount, ncpumount, and ncplogin create lockfiles insecurely, allowing a
+local attacker to leave a stale lockfile at /etc/mtab~, causing other mount
+utilities to fail and creating denial-of-service conditions.  This issue has
+been assigned CVE-2010-0791.
+
+==Workaround==
+
+If unprivileged users do not need the ability to mount and unmount Netware
+shares, then the suid bit should be removed from these utilities.
+
+==Solution==
+
+A patch has been released that resolves these issues (attached to this
+advisory).  ncpfs-2.2.6.partial.patch is intended for ncpfs releases that have
+already been patched against the first vulnerability in this report
+(CVE-2010-0788, formerly CVE-2009-3297).  It has been tested against the latest
+ncpfs packages distributed by Fedora, Red Hat, and Mandriva.
+ncpfs-2.2.6.full.patch is intended for ncpfs releases that have not been
+patched against any of these vulnerabilities.  It has been tested against the
+latest ncpfs packages distributed by Debian, Ubuntu, and the upstream release
+(ftp://platan.vc.cvut.cz/pub/linux/ncpfs/).
+
+Users are advised to recompile from source, or request updated packages from
+downstream distributors.
+
+==Credits==
+
+These vulnerabilities were discovered by Dan Rosenberg
+(dan.j.rosenberg () gmail com).
+Thanks to Vitezslav Crhonek for the patch against the first issue.
+
+==References==
+
+CVE identifiers CVE-2010-0788, CVE-2010-0790, and CVE-2010-0791 have been
+assigned to these issues.
+
+http://seclists.org/fulldisclosure/2010/Mar/122
+
+
+diff -ur ncpfs-2.2.6.orig/sutil/ncplogin.c ncpfs-2.2.6/sutil/ncplogin.c
+--- ncpfs-2.2.6.orig/sutil/ncplogin.c	2010-03-03 16:18:59.000000000 -0500
++++ ncpfs-2.2.6/sutil/ncplogin.c	2010-03-03 16:17:41.000000000 -0500
+@@ -934,7 +934,9 @@
+ 	NWDSFreeContext(ctx);
+ 	/* ncpmap, ncplogin must write in /etc/mtab */
+ 	{
++		block_sigs();
+ 		add_mnt_entry(mount_name, mount_point, info.flags);
++		unblock_sigs();
+ 	}
+ 	free(mount_name);
+ 	if (info.echo_mnt_pnt) {
+diff -ur ncpfs-2.2.6.orig/sutil/ncpm_common.c ncpfs-2.2.6/sutil/ncpm_common.c
+--- ncpfs-2.2.6.orig/sutil/ncpm_common.c	2010-03-03 16:18:59.000000000 -0500
++++ ncpfs-2.2.6/sutil/ncpm_common.c	2010-03-03 16:17:41.000000000 -0500
+@@ -360,7 +360,7 @@
+ #endif 
+ 
+ static inline int ncpm_suser(void) {
+-	return setreuid(-1, 0);
++	return setresuid(0, 0, myuid);
+ }
+ 
+ static int ncpm_normal(void) {
+@@ -368,11 +368,31 @@
+ 	int v;
+ 
+ 	e = errno;
+-	v = setreuid(-1, myuid);
++	v = setresuid(myuid, myuid, 0);
+ 	errno = e;
+ 	return v;
+ }
+ 
++void block_sigs(void) {
++
++	sigset_t mask, orig_mask;
++	sigfillset(&mask);
++
++	if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
++		errexit(-1, _("Blocking signals failed.\n"));
++	}
++}
++
++void unblock_sigs(void) {
++
++	sigset_t mask, orig_mask;
++	sigemptyset(&mask);
++
++	if (sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
++		errexit(-1, _("Un-blocking signals failed.\n"));
++	}
++}
++
+ static int proc_ncpm_mount(const char* source, const char* target, const char* filesystem, unsigned long mountflags, const void* data) {
+ 	int v;
+ 	int e;
+@@ -444,7 +464,7 @@
+ 	}
+         datav2.file_mode   = data->file_mode;
+         datav2.dir_mode    = data->dir_mode;
+-	err = proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*) &datav2);
++	err = proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*) &datav2);
+ 	if (err)
+ 		return errno;
+ 	return 0;
+@@ -508,7 +528,7 @@
+ 		exit(0);	/* Should not return from process_connection */
+ 	}
+ 	close(pp[0]);
+-	err=proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*) &datav3);
++	err=proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*) &datav3);
+ 	if (err) {
+ 		err = errno;
+ 		/* Mount unsuccesful so we have to kill daemon */
+@@ -559,7 +579,7 @@
+ 		sprintf(mountopts, "version=%u,flags=%u,owner=%u,uid=%u,gid=%u,mode=%u,dirmode=%u,timeout=%u,retry=%u,wdogpid=%u,ncpfd=%u,infofd=%u",
+ 			NCP_MOUNT_VERSION_V5, ncpflags, data->mounted_uid, data->uid, data->gid, data->file_mode,
+ 			data->dir_mode, data->time_out, data->retry_count, wdog_pid, data->ncp_fd, pp[1]);
+-		err=proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, mountopts);
++		err=proc_ncpm_mount(mount_name, ".", "ncpfs", flags, mountopts);
+ 	} else {
+ 		err=-1;
+ 	}
+@@ -577,7 +597,7 @@
+ 	        datav4.file_mode   = data->file_mode;
+         	datav4.dir_mode    = data->dir_mode;
+ 		datav4.wdog_pid	   = wdog_pid;
+-		err = proc_ncpm_mount(mount_name, data->mount_point, "ncpfs", flags, (void*)&datav4);
++		err = proc_ncpm_mount(mount_name, ".", "ncpfs", flags, (void*)&datav4);
+ 		if (err) {
+ 			err = errno;
+ 			/* Mount unsuccesful so we have to kill daemon */
+@@ -1395,6 +1415,17 @@
+ }
+ #endif /* MOUNT3 */
+ 
++static int check_name(const char *name)
++{
++	char *s;
++	for (s = "\n\t\\"; *s; s++) {
++		if (strchr(name, *s)) {
++			return -1;
++		}
++	}
++	return 0;
++}
++
+ static const struct smntflags {
+ 	unsigned int	flag;
+ 	const char*	name;
+@@ -1416,6 +1447,9 @@
+ 	int fd;
+ 	FILE* mtab;
+ 
++	if (check_name(mount_name) == -1 || check_name(mpnt) == -1)
++		errexit(107, _("Illegal character in mount entry\n"));
++
+ 	ment.mnt_fsname = mount_name;
+ 	ment.mnt_dir = mpnt;
+ 	ment.mnt_type = (char*)"ncpfs";
+diff -ur ncpfs-2.2.6.orig/sutil/ncpm_common.h ncpfs-2.2.6/sutil/ncpm_common.h
+--- ncpfs-2.2.6.orig/sutil/ncpm_common.h	2010-03-03 16:18:59.000000000 -0500
++++ ncpfs-2.2.6/sutil/ncpm_common.h	2010-03-03 16:17:41.000000000 -0500
+@@ -121,6 +121,9 @@
+ int proc_aftermount(const struct ncp_mount_info* info, NWCONN_HANDLE* conn);
+ int proc_ncpm_umount(const char* dir);
+ 
++void block_sigs(void);
++void unblock_sigs(void);
++
+ #define UNUSED(x)	x __attribute__((unused))
+ 
+ #endif	/* __NCPM_COMMON_H__ */
+diff -ur ncpfs-2.2.6.orig/sutil/ncpmount.c ncpfs-2.2.6/sutil/ncpmount.c
+--- ncpfs-2.2.6.orig/sutil/ncpmount.c	2010-03-03 16:18:59.000000000 -0500
++++ ncpfs-2.2.6/sutil/ncpmount.c	2010-03-03 16:17:41.000000000 -0500
+@@ -359,11 +359,17 @@
+ 		usage();
+ 		return -1;
+ 	}
++
+ 	realpath(argv[optind], mount_point);
+ 
+-	if (stat(mount_point, &st) == -1)
++	if (chdir(mount_point))
++	{
++		errexit(31, _("Could not change directory into mount target %s: %s\n"),
++			mount_point, strerror(errno));
++	}
++	if (stat(".", &st) == -1)
+ 	{
+-		errexit(31, _("Could not find mount point %s: %s\n"),
++		errexit(31, _("Mount point %s does not exist: %s\n"),
+ 			mount_point, strerror(errno));
+ 	}
+ 	if (mount_ok(&st) != 0)
+@@ -714,7 +720,9 @@
+ 	ncp_close(conn);
+ 
+ 	if (!opt_n) {
++		block_sigs();
+ 		add_mnt_entry(mount_name, mount_point, info.flags);
++		unblock_sigs();
+ 	}
+ 	return 0;
+ }
+diff -ur ncpfs-2.2.6.orig/sutil/ncpumount.c ncpfs-2.2.6/sutil/ncpumount.c
+--- ncpfs-2.2.6.orig/sutil/ncpumount.c	2010-03-03 16:18:59.000000000 -0500
++++ ncpfs-2.2.6/sutil/ncpumount.c	2010-03-03 16:17:41.000000000 -0500
+@@ -70,13 +70,24 @@
+ #include <mntent.h>
+ #include <pwd.h>
+ 
++#include <sched.h>
++
+ #include "private/libintl.h"
+ 
+ #define _(X) X
+ 
++#ifndef MS_REC
++#define MS_REC 16384
++#endif
++#ifndef MS_SLAVE
++#define MS_SLAVE (1<<19)
++#endif
++
+ static char *progname;
+ static int is_ncplogout = 0;
+ 
++uid_t uid;
++
+ static void
+ usage(void)
+ {
+@@ -117,6 +128,40 @@
+ 	va_end(ap);
+ }
+ 
++/* Mostly copied from ncpm_common.c */
++void block_sigs(void) {
++
++	sigset_t mask, orig_mask;
++	sigfillset(&mask);
++	sigdelset(&mask, SIGALRM); /* Need SIGALRM for ncpumount */
++
++	if(setresuid(0, 0, uid) < 0) {
++		eprintf("Failed to raise privileges.\n");
++		exit(-1);
++	}
++
++	if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
++		eprintf("Blocking signals failed.\n");
++		exit(-1);
++	}
++}
++
++void unblock_sigs(void) {
++
++	sigset_t mask, orig_mask;
++	sigemptyset(&mask);
++
++	if(setresuid(uid, uid, 0) < 0) {
++		eprintf("Failed to drop privileges.\n");
++		exit(-1);
++	}
++
++	if(sigprocmask(SIG_SETMASK, &mask, &orig_mask) < 0) {
++		eprintf("Un-blocking signals failed.\n");
++		exit(-1);
++	}
++}
++
+ static void alarmSignal(int sig) {
+ 	(void)sig;
+ }
+@@ -192,10 +237,13 @@
+ 	if (!numEntries)
+ 		return 0; /* don't waste time ! */
+ 
++	block_sigs();
++
+ 	while ((fd = open(MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) {
+ 		struct timespec tm;
+ 
+ 		if (errno != EEXIST || retries == 0) {
++			unblock_sigs();
+ 			eprintf(_("Can't get %s~ lock file: %s\n"), MOUNTED, strerror(errno));
+ 			return 1;
+ 		}
+@@ -206,6 +254,7 @@
+ 			alarm(0);
+ 			close(fd);
+ 			if (err) {
++				unblock_sigs();
+ 				eprintf(_("Can't lock lock file %s~: %s\n"), MOUNTED, _("Lock timed out"));
+ 				return 1;
+ 			}
+@@ -223,26 +272,205 @@
+ 	err = __clearMtab(mount_points, numEntries);
+ 
+ 	if ((unlink(MOUNTED "~") == -1) && (err == 0)){
++		unblock_sigs();
+ 		eprintf(_("Can't remove %s~"), MOUNTED);
+ 		return 1;
+ 	}
++	unblock_sigs();
+ 	return err;
+ }
+ 
++
++int ncp_mnt_umount(const char *abs_mnt, const char *rel_mnt)
++{
++	if (umount(rel_mnt) != 0) {
++		eprintf(_("Could not umount %s: %s\n"),
++			abs_mnt, strerror(errno));
++		return -1;
++	}
++	return 0;
++}
++
++
++static int check_is_mount_child(void *p)
++{
++	const char **a = p;
++	const char *last = a[0];
++	const char *mnt = a[1];
++	int res;
++	const char *procmounts = "/proc/mounts";
++	int found;
++	FILE *fp;
++	struct mntent *entp;
++
++	res = mount("", "/", "", MS_SLAVE | MS_REC, NULL);
++	if (res == -1) {
++		eprintf(_("Failed to mark mounts slave: %s\n"),
++			strerror(errno));
++		return 1;
++	}
++
++	res = mount(".", "/tmp", "", MS_BIND | MS_REC, NULL);
++	if (res == -1) {
++		eprintf(_("Failed to bind parent to /tmp: %s\n"),
++			strerror(errno));
++		return 1;
++	}
++
++	fp = setmntent(procmounts, "r");
++	if (fp == NULL) {
++		eprintf(_("Failed to open %s: %s\n"),
++			procmounts, strerror(errno));
++		return 1;
++	}
++
++	found = 0;
++	while ((entp = getmntent(fp)) != NULL) {
++		if (strncmp(entp->mnt_dir, "/tmp/", 5) == 0 &&
++		    strcmp(entp->mnt_dir + 5, last) == 0) {
++			found = 1;
++			break;
++		}
++	}
++	endmntent(fp);
++
++	if (!found) {
++		eprintf(_("%s not mounted\n"), mnt);
++		return 1;
++	}
++
++	return 0;
++}
++
++
++static int check_is_mount(const char *last, const char *mnt)
++{
++	char buf[131072];
++	pid_t pid, p;
++	int status;
++	const char *a[2] = { last, mnt };
++
++	pid = clone(check_is_mount_child, buf + 65536, CLONE_NEWNS, (void *) a);
++	if (pid == (pid_t) -1) {
++		eprintf(_("Failed to clone namespace: %s\n"),
++			strerror(errno));
++		return -1;
++	}
++	p = waitpid(pid, &status, __WCLONE);
++	if (p == (pid_t) -1) {
++		eprintf(_("Waitpid failed: %s\n"),
++			strerror(errno));
++		return -1;
++	}
++	if (!WIFEXITED(status)) {
++		eprintf(_("Child terminated abnormally (status %i)\n"),
++			status);
++		return -1;
++	}
++	if (WEXITSTATUS(status) != 0)
++		return -1;
++
++	return 0;
++}
++
++
++static int chdir_to_parent(char *copy, const char **lastp, int *currdir_fd)
++{
++	char *tmp;
++	const char *parent;
++	char buf[PATH_MAX];
++	int res;
++
++	tmp = strrchr(copy, '/');
++	if (tmp == NULL || tmp[1] == '\0') {
++		eprintf(_("Internal error: invalid abs path: <%s>\n"),
++			copy);
++		return -1;
++	}
++	if (tmp != copy) {
++		*tmp = '\0';
++		parent = copy;
++		*lastp = tmp + 1;
++	} else if (tmp[1] != '\0') {
++		*lastp = tmp + 1;
++		parent = "/";
++	} else {
++		*lastp = ".";
++		parent = "/";
++	}
++	*currdir_fd = open(".", O_RDONLY);
++	if (*currdir_fd == -1) {
++		eprintf(_("Failed to open current directory: %s\n"),
++			strerror(errno));
++		return -1;
++	}
++	res = chdir(parent);
++	if (res == -1) {
++		eprintf(_("Failed to chdir to %s: %s\n"),
++			parent, strerror(errno));
++		return -1;
++	}
++	if (getcwd(buf, sizeof(buf)) == NULL) {
++		eprintf(_("Failed to obtain current directory: %s\n"),
++			strerror(errno));
++		return -1;
++	}
++	if (strcmp(buf, parent) != 0) {
++		eprintf(_("Mountpoint moved (%s -> %s)\n"),
++			parent, buf);
++		return -1;
++
++	}
++
++	return 0;
++}
++
++
++static int unmount_ncp(const char *mount_point)
++{
++	int currdir_fd = -1;
++	char *copy;
++	const char *last;
++	int res;
++
++	copy = strdup(mount_point);
++	if (copy == NULL) {
++		eprintf(_("Failed to allocate memory\n"));
++		return -1;
++	}
++	res = chdir_to_parent(copy, &last, &currdir_fd);
++	if (res == -1)
++		goto out;
++	res = check_is_mount(last, mount_point);
++	if (res == -1)
++		goto out;
++	res = ncp_mnt_umount(mount_point, last);
++
++out:
++	free(copy);
++	if (currdir_fd != -1) {
++		fchdir(currdir_fd);
++		close(currdir_fd);
++	}
++
++	return res;
++}
++
+ static int
+ do_umount(const char *mount_point)
+ {
+ 	int fid = open(mount_point, O_RDONLY, 0);
+ 	uid_t mount_uid;
++	int res;
+ 
+ 	if (fid == -1) {
+-		eprintf(_("Could not open %s: %s\n"),
+-			mount_point, strerror(errno));
++		eprintf(_("Invalid or unauthorized mountpoint %s\n"),
++			mount_point);
+ 		return -1;
+ 	}
+ 	if (ncp_get_mount_uid(fid, &mount_uid) != 0) {
+ 		close(fid);
+-		eprintf(_("%s probably not ncp-filesystem\n"),
++		eprintf(_("Invalid or unauthorized mountpoint %s\n"),
+ 			mount_point);
+ 		return -1;
+ 	}
+@@ -253,12 +481,8 @@
+ 		return -1;
+ 	}
+ 	close(fid);
+-	if (umount(mount_point) != 0) {
+-		eprintf(_("Could not umount %s: %s\n"),
+-			mount_point, strerror(errno));
+-		return -1;
+-	}
+-	return 0;
++	res = unmount_ncp(mount_point);
++	return res;
+ }
+ 
+ 
+@@ -409,7 +633,8 @@
+ 	int allConns = 0;
+ 	const char *serverName = NULL;
+ 	const char *treeName = NULL;
+-	uid_t uid = getuid();
++	
++	uid = getuid();
+ 
+ 	progname = strrchr(argv[0], '/');
+ 	if (progname) {

net-fs/ncpfs/files/ncpfs-2.2.6-remove-packed-attrib.patch

@@ -0,0 +1,297 @@
+diff -Naurp ncpfs-2.2.6.orig//include/ncp/ipxlib.h ncpfs-2.2.6//include/ncp/ipxlib.h
+--- ncpfs-2.2.6.orig//include/ncp/ipxlib.h	2005-01-27 12:35:59.000000000 -0500
++++ ncpfs-2.2.6//include/ncp/ipxlib.h	2011-02-10 02:38:18.822076000 -0500
+@@ -64,12 +64,12 @@ struct sap_query
+ struct sap_server_ident
+ {
+ 	u_int16_t	server_type __attribute__((packed));
+-	char		server_name[48] __attribute__((packed));
++	char		server_name[48];
+ 	IPXNet		server_network __attribute__((packed));
+ #ifdef SWIG
+ 	u_int8_t	server_node[6] __attribute__((packed));
+ #else
+-	IPXNode		server_node __attribute__((packed));
++	IPXNode		server_node;
+ #endif
+ 	IPXPort		server_port __attribute__((packed));
+ 	u_int16_t	intermediate_network __attribute__((packed));
+@@ -87,7 +87,7 @@ struct ipx_rt_def {
+ struct ipx_rip_packet
+ {
+ 	u_int16_t		operation __attribute__((packed));
+-	struct ipx_rt_def	rt[1] __attribute__((packed));
++	struct ipx_rt_def	rt[1];
+ };
+ 
+ #ifdef SWIG
+diff -Naurp ncpfs-2.2.6.orig//include/ncp/kernel/ncp.h ncpfs-2.2.6//include/ncp/kernel/ncp.h
+--- ncpfs-2.2.6.orig//include/ncp/kernel/ncp.h	2005-01-27 12:35:59.000000000 -0500
++++ ncpfs-2.2.6//include/ncp/kernel/ncp.h	2011-02-10 02:38:18.822076000 -0500
+@@ -53,12 +53,12 @@
+ 
+ struct ncp_request_header {
+ 	u_int16_t type __attribute__((packed));
+-	u_int8_t  sequence __attribute__((packed));
+-	u_int8_t  conn_low __attribute__((packed));
+-	u_int8_t  task __attribute__((packed));
+-	u_int8_t  conn_high __attribute__((packed));
+-	u_int8_t  function __attribute__((packed));
+-	u_int8_t  data[0] __attribute__((packed));
++	u_int8_t  sequence;
++	u_int8_t  conn_low;
++	u_int8_t  task;
++	u_int8_t  conn_high;
++	u_int8_t  function;
++	u_int8_t  data[0];
+ };
+ 
+ #define NCP_REPLY                (0x3333)
+@@ -66,13 +66,13 @@ struct ncp_request_header {
+ 
+ struct ncp_reply_header {
+ 	u_int16_t type __attribute__((packed));
+-	u_int8_t sequence __attribute__((packed));
+-	u_int8_t conn_low __attribute__((packed));
+-	u_int8_t task __attribute__((packed));
+-	u_int8_t conn_high __attribute__((packed));
+-	u_int8_t completion_code __attribute__((packed));
+-	u_int8_t connection_state __attribute__((packed));
+-	u_int8_t data[0] __attribute__((packed));
++	u_int8_t sequence;
++	u_int8_t conn_low;
++	u_int8_t task;
++	u_int8_t conn_high;
++	u_int8_t completion_code;
++	u_int8_t connection_state;
++	u_int8_t data[0];
+ };
+ 
+ #define NCP_VOLNAME_LEN (16)
+@@ -230,8 +230,8 @@ struct nw_info_struct {
+ 	u_int32_t EAKeyCount __attribute__((packed));
+ 	u_int32_t EAKeySize __attribute__((packed));
+ 	u_int32_t NSCreator __attribute__((packed));
+-	u_int8_t nameLen __attribute__((packed));
+-	u_int8_t entryName[256] __attribute__((packed));
++	u_int8_t nameLen;
++	u_int8_t entryName[256];
+ };
+ #endif
+ 
+@@ -282,13 +282,13 @@ struct nw_file_info {
+ 	int opened;
+ 	int access;
+ 	u_int32_t server_file_handle __attribute__((packed));
+-	u_int8_t open_create_action __attribute__((packed));
+-	u_int8_t file_handle[6] __attribute__((packed));
++	u_int8_t open_create_action;
++	u_int8_t file_handle[6];
+ };
+ #endif
+ 
+ struct nw_search_sequence {
+-	u_int8_t volNumber __attribute__((packed));
++	u_int8_t volNumber;
+ 	u_int32_t dirBase __attribute__((packed));
+ 	u_int32_t sequence __attribute__((packed));
+ };
+diff -Naurp ncpfs-2.2.6.orig//include/ncp/ncp.h ncpfs-2.2.6//include/ncp/ncp.h
+--- ncpfs-2.2.6.orig//include/ncp/ncp.h	2005-01-27 12:35:59.000000000 -0500
++++ ncpfs-2.2.6//include/ncp/ncp.h	2011-02-10 02:38:18.822076000 -0500
+@@ -95,7 +95,7 @@ struct prop_net_address {
+ #ifdef SWIG
+ 	fixedArray node[IPX_NODE_LEN];
+ #else
+-	u_int8_t node[IPX_NODE_LEN] __attribute__((packed));
++	u_int8_t node[IPX_NODE_LEN];
+ #endif
+ 	u_int16_t port __attribute__((packed));
+ };
+@@ -163,20 +163,20 @@ struct nw_queue_job_entry {
+ 	u_int32_t ClientTask __attribute__((packed));
+ 	u_int32_t ClientObjectID __attribute__((packed));
+ 	u_int32_t TargetServerID __attribute__((packed));
+-	u_int8_t TargetExecTime[6] __attribute__((packed));
+-	u_int8_t JobEntryTime[6] __attribute__((packed));
++	u_int8_t TargetExecTime[6];
++	u_int8_t JobEntryTime[6];
+ 	u_int32_t JobNumber __attribute__((packed));
+ 	u_int16_t JobType __attribute__((packed));
+ 	u_int16_t JobPosition __attribute__((packed));
+ 	u_int16_t JobControlFlags __attribute__((packed));
+-	u_int8_t FileNameLen __attribute__((packed));
+-	char JobFileName[13] __attribute__((packed));
++	u_int8_t FileNameLen;
++	char JobFileName[13];
+ 	u_int32_t JobFileHandle __attribute__((packed));
+ 	u_int32_t ServerStation __attribute__((packed));
+ 	u_int32_t ServerTaskNumber __attribute__((packed));
+ 	u_int32_t ServerObjectID __attribute__((packed));
+-	char JobTextDescription[50] __attribute__((packed));
+-	char ClientRecordArea[152] __attribute__((packed));
++	char JobTextDescription[50];
++	char ClientRecordArea[152];
+ };
+ 
+ struct queue_job {
+@@ -217,18 +217,18 @@ struct print_job_record {
+ };
+ #else
+ struct print_job_record {
+-	u_int8_t Version __attribute__((packed));
+-	u_int8_t TabSize __attribute__((packed));
++	u_int8_t Version;
++	u_int8_t TabSize;
+ 	u_int16_t Copies __attribute__((packed));
+ 	u_int16_t CtrlFlags __attribute__((packed));
+ 	u_int16_t Lines __attribute__((packed));
+ 	u_int16_t Rows __attribute__((packed));
+-	char FormName[16] __attribute__((packed));
+-	u_int8_t Reserved[6] __attribute__((packed));
+-	char BannerName[13] __attribute__((packed));
+-	char FnameBanner[13] __attribute__((packed));
+-	char FnameHeader[14] __attribute__((packed));
+-	char Path[80] __attribute__((packed));
++	char FormName[16];
++	u_int8_t Reserved[6];
++	char BannerName[13];
++	char FnameBanner[13];
++	char FnameHeader[14];
++	char Path[80];
+ };
+ #endif
+ 
+diff -Naurp ncpfs-2.2.6.orig//include/ncp/ncplib.h ncpfs-2.2.6//include/ncp/ncplib.h
+--- ncpfs-2.2.6.orig//include/ncp/ncplib.h	2005-01-27 12:35:59.000000000 -0500
++++ ncpfs-2.2.6//include/ncp/ncplib.h	2011-02-10 02:38:18.822076000 -0500
+@@ -462,24 +462,24 @@ struct ncp_file_server_info
+ #else
+ struct ncp_file_server_info
+ {
+-	u_int8_t ServerName[48] __attribute__((packed));
+-	u_int8_t FileServiceVersion __attribute__((packed));
+-	u_int8_t FileServiceSubVersion __attribute__((packed));
++	u_int8_t ServerName[48];
++	u_int8_t FileServiceVersion;
++	u_int8_t FileServiceSubVersion;
+ 	u_int16_t MaximumServiceConnections __attribute__((packed));
+ 	u_int16_t ConnectionsInUse __attribute__((packed));
+ 	u_int16_t NumberMountedVolumes __attribute__((packed));
+-	u_int8_t Revision __attribute__((packed));
+-	u_int8_t SFTLevel __attribute__((packed));
+-	u_int8_t TTSLevel __attribute__((packed));
++	u_int8_t Revision;
++	u_int8_t SFTLevel;
++	u_int8_t TTSLevel;
+ 	u_int16_t MaxConnectionsEverUsed __attribute__((packed));
+-	u_int8_t AccountVersion __attribute__((packed));
+-	u_int8_t VAPVersion __attribute__((packed));
+-	u_int8_t QueueVersion __attribute__((packed));
+-	u_int8_t PrintVersion __attribute__((packed));
+-	u_int8_t VirtualConsoleVersion __attribute__((packed));
+-	u_int8_t RestrictionLevel __attribute__((packed));
+-	u_int8_t InternetBridge __attribute__((packed));
+-	u_int8_t Reserved[60] __attribute__((packed));
++	u_int8_t AccountVersion;
++	u_int8_t VAPVersion;
++	u_int8_t QueueVersion;
++	u_int8_t PrintVersion;
++	u_int8_t VirtualConsoleVersion;
++	u_int8_t RestrictionLevel;
++	u_int8_t InternetBridge;
++	u_int8_t Reserved[60];
+ };
+ #endif
+ 
+@@ -592,7 +592,7 @@ struct ncp_station_addr
+ #ifdef SWIG
+ 	fixedArray Node[6];
+ #else
+-	u_int8_t Node[6] __attribute__((packed));
++	u_int8_t Node[6];
+ #endif
+ 	u_int16_t Socket __attribute__((packed));
+ };
+@@ -602,32 +602,32 @@ struct ncp_prop_login_control
+ #ifdef SWIG
+ 	fixedArray AccountExpireDate[3];
+ #else
+-	u_int8_t AccountExpireDate[3] __attribute__((packed));
++	u_int8_t AccountExpireDate[3];
+ #endif	
+-	u_int8_t Disabled __attribute__((packed));
++	u_int8_t Disabled;
+ #ifdef SWIG
+ 	fixedArray PasswordExpireDate[3];
+ #else	
+-	u_int8_t PasswordExpireDate[3] __attribute__((packed));
++	u_int8_t PasswordExpireDate[3];
+ #endif	
+-	u_int8_t GraceLogins __attribute__((packed));
++	u_int8_t GraceLogins;
+ 	u_int16_t PasswordExpireInterval __attribute__((packed));
+-	u_int8_t MaxGraceLogins __attribute__((packed));
+-	u_int8_t MinPasswordLength __attribute__((packed));
++	u_int8_t MaxGraceLogins;
++	u_int8_t MinPasswordLength;
+ 	u_int16_t MaxConnections __attribute__((packed));
+ #ifdef SWIG
+ 	fixedArray ConnectionTimeMask[42] __attribute__((packed));
+ 	fixedArray LastLogin[6] __attribute__((packed));
+ #else	
+-	u_int8_t ConnectionTimeMask[42] __attribute__((packed));
+-	u_int8_t LastLogin[6] __attribute__((packed));
++	u_int8_t ConnectionTimeMask[42];
++	u_int8_t LastLogin[6];
+ #endif	
+-	u_int8_t RestrictionMask __attribute__((packed));
+-	u_int8_t reserved __attribute__((packed));
++	u_int8_t RestrictionMask;
++	u_int8_t reserved;
+ 	u_int32_t MaxDiskUsage __attribute__((packed));
+ 	u_int16_t BadLoginCount __attribute__((packed));
+ 	u_int32_t BadLoginCountDown __attribute__((packed));
+-	struct ncp_station_addr LastIntruder __attribute__((packed));
++	struct ncp_station_addr LastIntruder;
+ };
+ 
+ NWCCODE NWReadPropertyValue(NWCONN_HANDLE conn, const char *objName,
+diff -Naurp ncpfs-2.2.6.orig//ipx-1.0/ipx_cmd.c ncpfs-2.2.6//ipx-1.0/ipx_cmd.c
+--- ncpfs-2.2.6.orig//ipx-1.0/ipx_cmd.c	2005-01-27 12:35:59.000000000 -0500
++++ ncpfs-2.2.6//ipx-1.0/ipx_cmd.c	2011-02-10 02:40:19.222076002 -0500
+@@ -63,8 +63,8 @@
+ /* we are doing EthernetII... Any objections? */
+ struct {
+ 	u_int16_t	unknown	__attribute__((packed));
+-	u_int8_t	dst[6]	__attribute__((packed));
+-	u_int8_t	src[6]	__attribute__((packed));
++	u_int8_t	dst[6];
++	u_int8_t	src[6];
+ 	u_int16_t	type	__attribute__((packed));
+ 	u_int8_t	ipx[16384];
+ 	} buffer;
+diff -Naurp ncpfs-2.2.6.orig//lib/ncplib.c ncpfs-2.2.6//lib/ncplib.c
+--- ncpfs-2.2.6.orig//lib/ncplib.c	2011-02-10 02:38:05.000000000 -0500
++++ ncpfs-2.2.6//lib/ncplib.c	2011-02-10 02:38:18.822076000 -0500
+@@ -2584,13 +2584,13 @@ ncp_request(struct ncp_conn *conn, int f
+ 
+ struct nw_time_buffer
+ {
+-	u_int8_t year __attribute__((packed));
+-	u_int8_t month __attribute__((packed));
+-	u_int8_t day __attribute__((packed));
+-	u_int8_t hour __attribute__((packed));
+-	u_int8_t minute __attribute__((packed));
+-	u_int8_t second __attribute__((packed));
+-	u_int8_t wday __attribute__((packed));
++	u_int8_t year;
++	u_int8_t month;
++	u_int8_t day;
++	u_int8_t hour;
++	u_int8_t minute;
++	u_int8_t second;
++	u_int8_t wday;
+ };
+ 
+ static time_t

net-fs/ncpfs/metadata.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>net-fs</herd>
+	<longdescription>Provides Access to Netware services using the NCP protocol (Kernel support must be activated!)</longdescription>
+</pkgmetadata>

net-fs/ncpfs/ncpfs-2.2.6-r2.ebuild

@@ -0,0 +1,69 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-fs/ncpfs/ncpfs-2.2.6-r2.ebuild,v 1.4 2012/06/11 09:20:53 ago Exp $
+
+EAPI="2"
+
+inherit eutils pam
+
+DESCRIPTION="Provides Access to Netware services using the NCP protocol"
+HOMEPAGE="ftp://platan.vc.cvut.cz/pub/linux/ncpfs/"
+SRC_URI="ftp://platan.vc.cvut.cz/pub/linux/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ppc ppc64 ~x86"
+IUSE="nls pam php"
+
+DEPEND="nls? ( sys-devel/gettext )
+	pam? ( virtual/pam )
+	php? ( || ( dev-lang/php virtual/httpd-php ) )"
+
+RDEPEND="${DEPEND}"
+
+src_prepare() {
+	# Add patch for PHP extension sandbox violation
+	epatch "${FILESDIR}"/${PN}-2.2.5-php.patch
+	epatch "${FILESDIR}"/${P}-gcc4.patch
+	epatch "${FILESDIR}"/${P}-missing-includes.patch
+
+	# Add a patch to fix multiple vulnerabilities.
+	# CVE-2010-0788, CVE-2010-0790, & CVE-2010-0791.
+	# http://seclists.org/fulldisclosure/2010/Mar/122
+	epatch "${FILESDIR}"/${P}-multiple-vulns.patch
+
+	# Add a patch that removes the __attribute__((packed)); directive
+	# from several struct members in include/ncp/ncplib.h.  This will
+	# cut down on a large number of compile warnings generated by modern
+	# gcc releases.
+	epatch "${FILESDIR}"/${P}-remove-packed-attrib.patch
+
+	# Bug #273484
+	sed -i '/ldconfig/d' lib/Makefile.in
+
+	# Hack to inject LDFLAGS into the build
+	sed -i '/^LIBS/s:=:= @LDFLAGS@:' `find -name Makefile.in` || die
+}
+
+src_configure() {
+	econf \
+		$(use_enable nls) \
+		$(use_enable pam pam "$(getpam_mod_dir)") \
+		$(use_enable php)
+}
+
+src_install() {
+	dodir $(getpam_mod_dir) /usr/sbin /sbin
+
+	# Install the main programs, then the headers.
+	emake DESTDIR="${D}" install || die
+	emake DESTDIR="${D}" install-dev || die
+	ln -sf libncp.so.2.3.0 "${D}"/usr/lib/libncp.so.2.3
+
+	# Install a startup script in /etc/init.d and a conf file in /etc/conf.d
+	newconfd "${FILESDIR}"/ipx.confd ipx
+	newinitd "${FILESDIR}"/ipx.init ipx
+
+	# Docs
+	dodoc FAQ README
+}