From 6e9aa54aa0785b630136284d92cd2b784c99862d Mon Sep 17 00:00:00 2001 From: Lars Wendler Date: Tue, 5 May 2020 10:23:58 +0200 Subject: [PATCH] sys-libs/libcap: Bump to version 2.34 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Lars Wendler --- sys-libs/libcap/Manifest | 1 + .../libcap-2.34-build-system-fixes.patch | 214 ++++++++++++++++++ sys-libs/libcap/libcap-2.34.ebuild | 84 +++++++ 3 files changed, 299 insertions(+) create mode 100644 sys-libs/libcap/files/libcap-2.34-build-system-fixes.patch create mode 100644 sys-libs/libcap/libcap-2.34.ebuild diff --git a/sys-libs/libcap/Manifest b/sys-libs/libcap/Manifest index e603b8d4cd14..b7274f8bc9a1 100644 --- a/sys-libs/libcap/Manifest +++ b/sys-libs/libcap/Manifest @@ -2,3 +2,4 @@ DIST libcap-2.26.tar.xz 67172 BLAKE2B 9d1952bd03e1bba5ffa225a5088b8d841c2007219b DIST libcap-2.27.tar.xz 67780 BLAKE2B 7b58d7afdd90281771a302cd9554f067b9e3636b0c052935973d8a0d890490c3933b3513874b788a8c10e37ab5ad9cfa766408c9629b7c8562cb17bfdef87747 SHA512 e32335fd3e0d1564574acc73df7030b5b0fd98875217bffabd76f2765f1a7a6f1369f03df2ee22a1782776838784e342378c10613ea1163d53ae5055ab6a62b6 DIST libcap-2.32.tar.xz 99708 BLAKE2B cbd4676ca9ada4c4dd6dee5137c0bb16f23af5d9a224c81b476c19326f87352fb06e2e123c9431558cd22f91032064ed6de8407d5861728dd141be16957363db SHA512 e2325cf0a1d0509c49336f7e5760e5b339c889cdde8d6c359197aed711423f951ad390a2a3dd4943b03afe152ad8502ea1db9d7ef247148b93e93a3c4895a019 DIST libcap-2.33.tar.xz 111280 BLAKE2B 9a34b6e871c6175da5ef665ab7a5ed8b9889f598875f58a6e0b7aef9b6b2737f2a85bb0a6e259a730a3fcea3b8ebbec793b52ee5dec7d11fcf236dfb2148eb83 SHA512 bb5bdc1318b524ee607026038dff7c1c621f1710fa07f8c341b1f86761cb086d32b93d7a12dbe4256d4440ee984143db8659d2679330e221ce184d7048c142b4 +DIST libcap-2.34.tar.xz 111556 BLAKE2B 083599a899e5cc8942aedc3c932627d8608ea9cdc4eefe716e5fe2fb195276be26373697aa5bb3e84b801ccabb08f78c44f67ed82ea5c383a7c6a4d86f9e06b4 SHA512 6604aeab3de547e16e3c63e35cf41a5aaacf0cb52ffc818c822ada88595437986df731990d4b288eb72f9150de41fb8a93a6a727b936058e88b49b86352c4771 diff --git a/sys-libs/libcap/files/libcap-2.34-build-system-fixes.patch b/sys-libs/libcap/files/libcap-2.34-build-system-fixes.patch new file mode 100644 index 000000000000..126e538633b5 --- /dev/null +++ b/sys-libs/libcap/files/libcap-2.34-build-system-fixes.patch @@ -0,0 +1,214 @@ +From ac790bb368d309d1d2add15bbb59559d53cb05bb Mon Sep 17 00:00:00 2001 +From: Mike Frysinger +Date: Tue, 5 May 2020 09:52:40 +0200 +Subject: [PATCH] build system fixes + +This touches up the homebrewed build system to work much better "out of the +box" for people. Specifically: + - allow toolchain vars to be set via environment + - CC / BUILD_CC / AR / RANLIB + - CFLAGS / CPPFLAGS / LDFLAGS + - split CPPFLAGS out of CFLAGS + - break -fPIC out of global CFLAGS and only use where needed + - use LDLIBS for libraries, not LDFLAGS + +Signed-off-by: Mike Frysinger + +Forward ported from libcap-2.24 to libcap-2.25 +Forward ported from libcap-2.25 to libcap-2.28 +Forward ported from libcap-2.28 to libcap-2.29 +Forward ported from libcap-2.29 to libcap-2.33 +Forward ported from libcap-2.33 to libcap-2.34 + +Signed-off-by: Lars Wendler +--- + Make.Rules | 24 +++++++++++++----------- + Makefile | 1 - + libcap/Makefile | 7 ++++--- + pam_cap/Makefile | 8 +++++--- + progs/Makefile | 2 +- + tests/Makefile | 8 +++++--- + 6 files changed, 28 insertions(+), 22 deletions(-) + +diff --git a/Make.Rules b/Make.Rules +index 0fbfba0..755581d 100644 +--- a/Make.Rules ++++ b/Make.Rules +@@ -47,36 +47,38 @@ MINOR=34 + # Compilation specifics + + KERNEL_HEADERS := $(topdir)/libcap/include/uapi +-IPATH += -fPIC -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include + +-CC := $(CROSS_COMPILE)gcc ++CC ?= $(CROSS_COMPILE)gcc + DEFINES := -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 +-CFLAGS := -O2 $(DEFINES) +-BUILD_CC := $(CC) +-BUILD_CFLAGS := -O2 $(DEFINES) $(IPATH) +-AR := $(CROSS_COMPILE)ar +-RANLIB := $(CROSS_COMPILE)ranlib ++CFLAGS ?= -O2 $(DEFINES) ++BUILD_CC ?= $(CC) ++BUILD_CFLAGS ?= $(CFLAGS) ++AR ?= $(CROSS_COMPILE)ar ++RANLIB ?= $(CROSS_COMPILE)ranlib + DEBUG = -g #-DDEBUG + WARNINGS=-Wall -Wwrite-strings \ + -Wpointer-arith -Wcast-qual -Wcast-align \ + -Wstrict-prototypes -Wmissing-prototypes \ + -Wnested-externs -Winline -Wshadow + LD=$(CC) -Wl,-x -shared +-LDFLAGS := #-g ++LDFLAGS ?= #-g + LIBCAPLIB := -L$(topdir)/libcap -lcap + LIBPSXLIB := -L$(topdir)/libcap -lpsx -lpthread + + BUILD_GPERF := $(shell which gperf >/dev/null 2>/dev/null && echo yes) + +-SYSTEM_HEADERS = /usr/include ++LIBCAP_CPPFLAGS = -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include $(DEFINES) ++CPPFLAGS += $(LIBCAP_CPPFLAGS) ++BUILD_CPPFLAGS += $(LIBCAP_CPPFLAGS) + INCS=$(topdir)/libcap/include/sys/capability.h + LDFLAGS += -L$(topdir)/libcap +-CFLAGS += -Dlinux $(WARNINGS) $(DEBUG) ++CPPFLAGS += -Dlinux ++CFLAGS += $(WARNINGS) $(DEBUG) + PAM_CAP := $(shell if [ -f /usr/include/security/pam_modules.h ]; then echo yes ; else echo no ; fi) + INDENT := $(shell if [ -n "$$(which indent 2>/dev/null)" ]; then echo "| indent -kr" ; fi) + DYNAMIC := $(shell if [ ! -d "$(topdir)/.git" ]; then echo yes; fi) + +-GOLANG := $(shell if [ -n "$(shell go version 2>/dev/null)" ]; then echo yes ; else echo no ; fi) ++GOLANG ?= $(shell if [ -n "$(shell go version 2>/dev/null)" ]; then echo yes ; else echo no ; fi) + ifeq ($(GOLANG),yes) + GOROOT := $(shell go env GOROOT) + GOCGO := $(shell if [ "$(shell go env CGO_ENABLED)" = 1 ]; then echo yes ; else echo no ; fi) +diff --git a/Makefile b/Makefile +index d8cf49c..c0b10a0 100644 +--- a/Makefile ++++ b/Makefile +@@ -16,7 +16,6 @@ endif + ifeq ($(GOLANG),yes) + $(MAKE) -C go $@ + endif +- $(MAKE) -C tests $@ + $(MAKE) -C progs $@ + $(MAKE) -C doc $@ + $(MAKE) -C kdebug $@ +diff --git a/libcap/Makefile b/libcap/Makefile +index c2cb0d1..406dfe5 100644 +--- a/libcap/Makefile ++++ b/libcap/Makefile +@@ -21,6 +21,7 @@ PSXOBJS=$(addsuffix .o, $(PSXFILES)) + MAJLIBNAME=$(LIBNAME).$(VERSION) + MINLIBNAME=$(MAJLIBNAME).$(MINOR) + GPERF_OUTPUT = _caps_output.gperf ++CFLAGS += -fPIC + + all: $(MINLIBNAME) $(STACAPLIBNAME) libcap.pc libpsx.pc $(STAPSXLIBNAME) + +@@ -48,7 +49,7 @@ libpsx.pc: libpsx.pc.in + $< >$@ + + _makenames: _makenames.c cap_names.list.h +- $(BUILD_CC) $(BUILD_CFLAGS) $< -o $@ ++ $(BUILD_CC) $(BUILD_CFLAGS) $(BUILD_CPPFLAGS) $< -o $@ + + cap_names.h: _makenames + ./_makenames > cap_names.h +@@ -75,10 +76,10 @@ $(MINLIBNAME): $(CAPOBJS) + ln -sf $(MAJLIBNAME) $(LIBNAME) + + %.o: %.c $(INCLS) +- $(CC) $(CFLAGS) $(IPATH) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + cap_text.o: cap_text.c $(USE_GPERF_OUTPUT) $(INCLS) +- $(CC) $(CFLAGS) $(IPATH) $(INCLUDE_GPERF_OUTPUT) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) $(INCLUDE_GPERF_OUTPUT) -c $< -o $@ + + cap_test: cap_test.c libcap.h + $(CC) $(CFLAGS) $(IPATH) $< -o $@ +diff --git a/pam_cap/Makefile b/pam_cap/Makefile +index 56604fd..2da4674 100644 +--- a/pam_cap/Makefile ++++ b/pam_cap/Makefile +@@ -3,6 +3,8 @@ + topdir=$(shell pwd)/.. + include ../Make.Rules + ++CFLAGS += -fPIC ++ + all: pam_cap.so + $(MAKE) testlink + +@@ -16,16 +18,16 @@ install: all + # written (and you know why it fails), email me and explain why. Thanks! + + pam_cap.so: pam_cap.o +- $(LD) -o pam_cap.so $< $(LIBCAPLIB) $(LDFLAGS) ++ $(LD) $(CFLAGS) -o pam_cap.so $< $(LIBCAPLIB) $(LDFLAGS) + + pam_cap.o: pam_cap.c +- $(CC) $(CFLAGS) $(IPATH) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + test_pam_cap: test_pam_cap.c pam_cap.c + $(CC) $(CFLAGS) $(IPATH) -o $@ test_pam_cap.c $(LIBCAPLIB) $(LDFLAGS) --static + + testlink: test.c pam_cap.o +- $(CC) $(CFLAGS) -o $@ $+ -lpam -ldl $(LIBCAPLIB) $(LDFLAGS) ++ $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $+ -lpam -ldl $(LIBCAPLIB) $(LDFLAGS) + + test: pam_cap.so + make testlink +diff --git a/progs/Makefile b/progs/Makefile +index 076e44f..fd13351 100644 +--- a/progs/Makefile ++++ b/progs/Makefile +@@ -23,7 +23,7 @@ $(BUILD): %: %.o $(DEPS) + $(CC) $(CFLAGS) -o $@ $< $(LIBCAPLIB) $(LDFLAGS) + + %.o: %.c $(INCS) +- $(CC) $(IPATH) $(CAPSH_SHELL) $(CFLAGS) -c $< -o $@ ++ $(CC) $(CAPSH_SHELL) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + install: all + mkdir -p -m 0755 $(FAKEROOT)$(SBINDIR) +diff --git a/tests/Makefile b/tests/Makefile +index 3fedeca..3645ddd 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -16,6 +16,8 @@ test: run_psx_test run_libcap_psx_test + + sudotest: test run_libcap_launch_test run_libcap_launch_test + ++CFLAGS += -fPIC ++ + install: all + + run_psx_test: psx_test psx_test_wrap +@@ -23,16 +25,16 @@ run_psx_test: psx_test psx_test_wrap + ./psx_test_wrap + + psx_test: psx_test.c $(DEPS) +- $(CC) $(CFLAGS) $(IPATH) -DNOWRAP $< -o $@ $(LIBPSXLIB) ++ $(CC) $(CFLAGS) $(CPPFLAGS) -DNOWRAP $< -o $@ $(LIBPSXLIB) + + psx_test_wrap: psx_test.c $(DEPS) +- $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LIBPSXLIB) -Wl,-wrap,pthread_create ++ $(CC) $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LIBPSXLIB) -Wl,-wrap,pthread_create + + run_libcap_psx_test: libcap_psx_test + ./libcap_psx_test + + libcap_psx_test: libcap_psx_test.c $(DEPS) +- $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LIBCAPLIB) $(LIBPSXLIB) -Wl,-wrap,pthread_create --static ++ $(CC) $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LIBCAPLIB) $(LIBPSXLIB) -Wl,-wrap,pthread_create --static + + run_libcap_launch_test: libcap_launch_test libcap_psx_launch_test noop + sudo ./libcap_launch_test +-- +2.26.2 + diff --git a/sys-libs/libcap/libcap-2.34.ebuild b/sys-libs/libcap/libcap-2.34.ebuild new file mode 100644 index 000000000000..1c62c6a414aa --- /dev/null +++ b/sys-libs/libcap/libcap-2.34.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit multilib multilib-minimal toolchain-funcs pam usr-ldscript + +DESCRIPTION="POSIX 1003.1e capabilities" +HOMEPAGE="https://sites.google.com/site/fullycapable/" +SRC_URI="https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/${P}.tar.xz" + +# it's available under either of the licenses +LICENSE="|| ( GPL-2 BSD )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="pam static-libs" + +# While the build system optionally uses gperf, we don't DEPEND on it because +# the build automatically falls back when it's unavailable. #604802 +RDEPEND=">=sys-apps/attr-2.4.47-r1[${MULTILIB_USEDEP}] + pam? ( sys-libs/pam[${MULTILIB_USEDEP}] )" +DEPEND="${RDEPEND} + sys-kernel/linux-headers" + +# Requires test suite being run as root (via sudo) +RESTRICT="test" + +PATCHES=( + "${FILESDIR}"/${PN}-2.34-build-system-fixes.patch + "${FILESDIR}"/${PN}-2.28-no_perl.patch + "${FILESDIR}"/${PN}-2.25-ignore-RAISE_SETFCAP-install-failures.patch + "${FILESDIR}"/${PN}-2.21-include.patch +) + +src_prepare() { + default + multilib_copy_sources +} + +run_emake() { + local args=( + exec_prefix="${EPREFIX}" + lib_prefix="${EPREFIX}/usr" + lib="$(get_libdir)" + prefix="${EPREFIX}/usr" + PAM_CAP="$(usex pam yes no)" + DYNAMIC=yes + GOLANG=no + ) + emake "${args[@]}" "$@" +} + +multilib_src_compile() { + tc-export AR CC RANLIB + local BUILD_CC + tc-export_build_env BUILD_CC + + run_emake +} + +multilib_src_install() { + # no configure, needs explicit install line #444724#c3 + run_emake DESTDIR="${D}" install + + gen_usr_ldscript -a cap + if ! use static-libs ; then + # Don't remove libpsx.a! + # See https://bugs.gentoo.org/703912 + rm "${ED}"/usr/$(get_libdir)/libcap.a || die + fi + + if [[ -d "${ED}"/usr/$(get_libdir)/security ]] ; then + rm -r "${ED}"/usr/$(get_libdir)/security || die + fi + + if use pam; then + dopammod pam_cap/pam_cap.so + dopamsecurity '' pam_cap/capability.conf + fi +} + +multilib_src_install_all() { + dodoc CHANGELOG README doc/capability.notes +} -- 2.26.2