yggdrasil: update to 0.3.16.

- partially revert service changes from
  c33aec8e70, now that we ship a util-linux version
  that can always handle -all or +all with setpriv(1).
- remove TODO comment: switching to using a user + adding caps to it
  would break some setups and is no longer necessary. It also isn't the
  recommended setup from upstream.

srcpkgs/yggdrasil/files/yggdrasil/run

@@ -1,13 +1,9 @@
 #!/bin/sh
 modprobe tun
-# limiting caps is temporarily disabled, as it breaks with
+caps='-all,+NET_ADMIN,+NET_RAW'
-# setpriv: libcap-ng is too old for "all" caps
+drop_caps="setpriv --inh-caps $caps --bounding-set $caps"
-# TODO: instead of dropping all caps, start with a
-# non-priv user and manually add needed privileges instead.
-#caps='-all,+NET_ADMIN,+NET_RAW'
-#drop_caps="setpriv --inh-caps $caps --bounding-set $caps"
 if [ -f /etc/yggdrasil.conf ]; then
-	exec yggdrasil -useconffile /etc/yggdrasil.conf 2>&1
+	exec $drop_caps yggdrasil -useconffile /etc/yggdrasil.conf 2>&1
 else
-	exec yggdrasil -autoconf 2>&1
+	exec $drop_caps yggdrasil -autoconf 2>&1
 fi

srcpkgs/yggdrasil/template

@@ -1,6 +1,6 @@
 # Template file for 'yggdrasil'
 pkgname=yggdrasil
-version=0.3.15
+version=0.3.16
 revision=1
 wrksrc="yggdrasil-go-${version}"
 build_style=go
@@ -11,7 +11,7 @@ maintainer="Jan Christian Gruenhage <jan.christian@gruenhage.xyz>"
 license="LGPL-3.0-only"
 homepage="https://yggdrasil-network.github.io/"
 distfiles="https://github.com/yggdrasil-network/yggdrasil-go/archive/v${version}.tar.gz"
-checksum=25ea85399a142aa7a3d6f6886fd4e0d215116c4c8c33453de43999787d735565
+checksum=e03595b78906b171155aaa11c922be3418bd056f8547e4d9f5123b6047316eac
 
 do_build() {
 	PKGNAME=${pkgname} PKGVER=${version} ./build