From: "David Seifert" <soap@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-libs/libcap/files/, sys-libs/libcap/
Date: Sun, 21 Nov 2021 23:37:45 +0000 (UTC) [thread overview]
Message-ID: <1637537855.2fcd58b2c05b0bedd594dbaabd99e7d5f30644de.soap@gentoo> (raw)
commit: 2fcd58b2c05b0bedd594dbaabd99e7d5f30644de
Author: David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Sun Nov 21 23:37:35 2021 +0000
Commit: David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Sun Nov 21 23:37:35 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2fcd58b2
sys-libs/libcap: add 2.61
Signed-off-by: David Seifert <soap <AT> gentoo.org>
sys-libs/libcap/Manifest | 1 +
....61-ignore-RAISE_SETFCAP-install-failures.patch | 24 ++++++
sys-libs/libcap/files/libcap-2.61-no_perl.patch | 62 +++++++++++++++
sys-libs/libcap/libcap-2.61.ebuild | 90 ++++++++++++++++++++++
4 files changed, 177 insertions(+)
diff --git a/sys-libs/libcap/Manifest b/sys-libs/libcap/Manifest
index 4f4e42436180..a96b565578d0 100644
--- a/sys-libs/libcap/Manifest
+++ b/sys-libs/libcap/Manifest
@@ -1,2 +1,3 @@
DIST libcap-2.49.tar.xz 139568 BLAKE2B 5746dcdf2a737e747450bd50a701ee8543277b17b7fbf1304b79f707a088ea74dc6dc79c61ff89b55b718a460a7b0814f960f44d07944a97b832b78f4e14e07f SHA512 2934a2ded1370edeb9603dbf43d8ca23a2eb5d67efc5cec5d4ba96c707a8db2702da8aa9be0cb86c5ff100d37ec96115c7777a7566ad0ab2e0b4a288bbe357d0
DIST libcap-2.60.tar.xz 170744 BLAKE2B 858b5133a5cb2f3b30dab569a6c9f2097034318c90419fa2372e0b28c891160f5e84b54b302b2d98664df8f7c44df78eb3cb4e47b328cecd4c27e7ab223045ae SHA512 f2ff0d81df7251c05decda706ccc6463ce58df6a3c542fe479328dce5416f77aa5c6a09a1ab05a1d1a3638e6dae5c0e546aaa4824843a570700a8927fb7f73e6
+DIST libcap-2.61.tar.xz 173892 BLAKE2B 50874d3510ab2476aaceb775314d98744736aacd7364a23827756caa160c101e8bc890b7c33b5e19df8b30bb6b3b1c2be323e4b6a963f97e9ee557e86b4f13a0 SHA512 40096bf511d1c45e36f5d7f24e49c709528f3f01fcadd47b6ac40a7e8d5f1705b29b4cc56356b030639f67d0641b9f4e7c19449c3c7f4f77a4070c35745b465c
diff --git a/sys-libs/libcap/files/libcap-2.61-ignore-RAISE_SETFCAP-install-failures.patch b/sys-libs/libcap/files/libcap-2.61-ignore-RAISE_SETFCAP-install-failures.patch
new file mode 100644
index 000000000000..25f853b2a982
--- /dev/null
+++ b/sys-libs/libcap/files/libcap-2.61-ignore-RAISE_SETFCAP-install-failures.patch
@@ -0,0 +1,24 @@
+From 8dfcdcfdcb9c462a05566aa8d3c6eca871f0ddbf Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Wed, 10 Feb 2016 09:52:45 +0100
+Subject: [PATCH] ignore RAISE_SETFCAP install failures
+
+While the new RAISE_SETFCAP feature is nifty, its failure to run (often
+due to the fs not supporting it) shouldn't impair the default install.
+
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+
+Forward ported from libcap-2.20 to libcap-2.25
+
+Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
+--- a/progs/Makefile
++++ b/progs/Makefile
+@@ -39,7 +39,7 @@
+ install -m 0755 $$p $(FAKEROOT)$(SBINDIR) ; \
+ done
+ ifeq ($(RAISE_SETFCAP),yes)
+- $(FAKEROOT)$(SBINDIR)/setcap cap_setfcap=i $(FAKEROOT)$(SBINDIR)/setcap
++ -$(FAKEROOT)$(SBINDIR)/setcap cap_setfcap=i $(FAKEROOT)$(SBINDIR)/setcap
+ endif
+
+ test:
diff --git a/sys-libs/libcap/files/libcap-2.61-no_perl.patch b/sys-libs/libcap/files/libcap-2.61-no_perl.patch
new file mode 100644
index 000000000000..deda35db8e31
--- /dev/null
+++ b/sys-libs/libcap/files/libcap-2.61-no_perl.patch
@@ -0,0 +1,62 @@
+From 3f76418eaf73896489129c529fac021e4f3a03c0 Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Wed, 21 Nov 2018 11:00:54 +0100
+Subject: [PATCH] use awk/sed instead of perl for creating header files
+
+More systems should have awk/sed than perl.
+
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+
+Forward ported from libcap-2.22 to libcap-2.26
+and incorporated the gperf-3.1 fix provided by Mike Gilbert
+<floppym@gentoo.org>
+Forward ported from libcap-2.26 to libcap-2.28
+Forward ported from libcap-2.28 to libcap-2.38
+
+Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
+--- a/libcap/Makefile
++++ b/libcap/Makefile
+@@ -20,6 +20,8 @@
+
+ # Always build libcap sources this way:
+ CFLAGS += -fPIC
++AWK = awk
++SED = sed
+
+ # The linker magic needed to build a dynamic library as independently
+ # executable
+@@ -82,17 +84,27 @@
+ ./_makenames > cap_names.h
+
+ $(GPERF_OUTPUT): cap_names.list.h
+- perl -e 'print "struct __cap_token_s { const char *name; int index; };\n%{\nconst struct __cap_token_s *__cap_lookup_name(const char *, size_t);\n%}\n%%\n"; while ($$l = <>) { $$l =~ s/[\{\"]//g; $$l =~ s/\}.*// ; print $$l; }' < $< | gperf --ignore-case --language=ANSI-C --readonly --null-strings --global-table --hash-function-name=__cap_hash_name --lookup-function-name="__cap_lookup_name" -c -t -m20 $(INDENT) > $@
+- sed -e 's/unsigned int len/size_t len/' -i $@
++ (printf "%b" "struct __cap_token_s { const char *name; int index; };\n%%\n"; \
++ $(SED) -e 's:["{}]::g' -e 's:,$$::' $<) | \
++ gperf \
++ --ignore-case \
++ --language=ANSI-C \
++ --includes \
++ --readonly \
++ --null-strings \
++ --global-table \
++ --hash-function-name=__cap_hash_name \
++ --lookup-function-name="__cap_lookup_name" \
++ -c -t -m20 $(INDENT) > $@
+
+-# Intention is that libcap keeps up with torvalds' tree, as reflected
+-# by this maintained version of the kernel header. libcap dynamically
+-# trims the meaning of "all" capabilities down to that of the running
+-# kernel as of 2.30.
+ UAPI_HEADER := $(topdir)/libcap/include/uapi/linux/capability.h
+ cap_names.list.h: Makefile $(UAPI_HEADER)
+ @echo "=> making $@ from $(UAPI_HEADER)"
+- perl -e 'while ($$l=<>) { if ($$l =~ /^\#define[ \t](CAP[_A-Z]+)[ \t]+([0-9]+)\s+$$/) { $$tok=$$1; $$val=$$2; $$tok =~ tr/A-Z/a-z/; print "{\"$$tok\",$$val},\n"; } }' $(UAPI_HEADER) | fgrep -v 0x > $@
++ $(AWK) '($$0 ~ /^#define[[:space:]]+CAP[_A-Z]+[[:space:]]+[0-9]+[[:space:]]*$$/) { printf "{\"%s\",%s},\n", tolower($$2), $$3 }' $(UAPI_HEADER) > $@
++
++cap_names.list.h: $(KERNEL_HEADERS)/linux/capability.h Makefile
++ @echo "=> making $@ from $<"
++ $(AWK) '($$0 ~ /^#define[[:space:]]+CAP[_A-Z]+[[:space:]]+[0-9]+[[:space:]]*$$/) { printf "{\"%s\",%s},\n", tolower($$2), $$3 }' $< > $@
+
+ $(STACAPLIBNAME): $(CAPOBJS)
+ $(AR) rcs $@ $^
diff --git a/sys-libs/libcap/libcap-2.61.ebuild b/sys-libs/libcap/libcap-2.61.ebuild
new file mode 100644
index 000000000000..d7182a35dc5b
--- /dev/null
+++ b/sys-libs/libcap/libcap-2.61.ebuild
@@ -0,0 +1,90 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit multilib-minimal toolchain-funcs pam usr-ldscript
+
+DESCRIPTION="POSIX 1003.1e capabilities"
+HOMEPAGE="https://sites.google.com/site/fullycapable/"
+SRC_URI="https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/${P}.tar.xz"
+
+# it's available under either of the licenses
+LICENSE="|| ( GPL-2 BSD )"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="pam static-libs tools"
+
+# While the build system optionally uses gperf, we don't DEPEND on it because
+# the build automatically falls back when it's unavailable. #604802
+PDEPEND="pam? ( sys-libs/pam[${MULTILIB_USEDEP}] )"
+DEPEND="${PDEPEND}
+ sys-kernel/linux-headers"
+BDEPEND="
+ sys-apps/diffutils
+ tools? ( dev-lang/go )"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.61-no_perl.patch
+ "${FILESDIR}"/${PN}-2.61-ignore-RAISE_SETFCAP-install-failures.patch
+)
+
+QA_FLAGS_IGNORED="sbin/captree" # go binaries don't use LDFLAGS
+
+src_prepare() {
+ default
+ multilib_copy_sources
+}
+
+run_emake() {
+ local args=(
+ AR="$(tc-getAR)"
+ CC="$(tc-getCC)"
+ OBJCOPY="$(tc-getOBJCOPY)"
+ RANLIB="$(tc-getRANLIB)"
+ exec_prefix="${EPREFIX}"
+ lib_prefix="${EPREFIX}/usr"
+ lib="$(get_libdir)"
+ prefix="${EPREFIX}/usr"
+ PAM_CAP="$(usex pam yes no)"
+ DYNAMIC=yes
+ GOLANG="$(multilib_native_usex tools yes no)"
+ )
+ emake "${args[@]}" "$@"
+}
+
+src_configure() {
+ tc-export_build_env BUILD_CC
+ multilib-minimal_src_configure
+}
+
+multilib_src_compile() {
+ run_emake
+}
+
+multilib_src_test() {
+ run_emake test
+}
+
+multilib_src_install() {
+ # no configure, needs explicit install line #444724#c3
+ run_emake DESTDIR="${D}" install
+
+ gen_usr_ldscript -a cap
+ gen_usr_ldscript -a psx
+ if ! use static-libs ; then
+ rm "${ED}"/usr/$(get_libdir)/lib{cap,psx}.a || die
+ fi
+
+ # install pam plugins ourselves
+ rm -rf "${ED}"/usr/$(get_libdir)/security || die
+
+ if use pam ; then
+ dopammod pam_cap/pam_cap.so
+ dopamsecurity '' pam_cap/capability.conf
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc CHANGELOG README doc/capability.notes
+}
next reply other threads:[~2021-11-21 23:37 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-21 23:37 David Seifert [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-12-30 18:12 [gentoo-commits] repo/gentoo:master commit in: sys-libs/libcap/files/, sys-libs/libcap/ David Seifert
2021-11-28 14:02 David Seifert
2021-11-28 14:02 David Seifert
2021-09-11 23:52 Sam James
2021-09-05 9:51 David Seifert
2021-09-04 17:35 David Seifert
2021-08-03 10:27 Lars Wendler
2021-06-06 15:42 David Seifert
2021-05-30 10:54 Lars Wendler
2020-11-04 22:16 Lars Wendler
2020-09-18 10:30 Lars Wendler
2020-08-02 17:14 Lars Wendler
2020-07-20 13:50 Lars Wendler
2020-07-13 9:10 Lars Wendler
2020-07-04 21:45 Lars Wendler
2020-06-04 17:45 Lars Wendler
2020-03-04 10:04 Lars Wendler
2019-12-10 10:29 Lars Wendler
2019-05-03 16:10 Lars Wendler
2017-02-01 14:42 Tony Vroon
2016-03-30 23:48 Mike Frysinger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1637537855.2fcd58b2c05b0bedd594dbaabd99e7d5f30644de.soap@gentoo \
--to=soap@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox