From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 5C5551382C5 for ; Tue, 25 May 2021 14:19:06 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9F918E0729; Tue, 25 May 2021 14:19:05 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 70C2AE0729 for ; Tue, 25 May 2021 14:19:05 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 591F4340CA7 for ; Tue, 25 May 2021 14:19:04 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 0B172A5 for ; Tue, 25 May 2021 14:19:03 +0000 (UTC) From: "Lars Wendler" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Lars Wendler" Message-ID: <1621952337.149cb0b85d203efa4ec6624092355a8946b48106.polynomial-c@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-libs/libcap/, sys-libs/libcap/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-libs/libcap/Manifest sys-libs/libcap/files/libcap-2.50-build-system-fixes.patch sys-libs/libcap/libcap-2.50.ebuild X-VCS-Directories: sys-libs/libcap/files/ sys-libs/libcap/ X-VCS-Committer: polynomial-c X-VCS-Committer-Name: Lars Wendler X-VCS-Revision: 149cb0b85d203efa4ec6624092355a8946b48106 X-VCS-Branch: master Date: Tue, 25 May 2021 14:19:03 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: e479b456-6322-4986-b048-a9844c0de826 X-Archives-Hash: 45f28867393b450ce56ee32d442f0d90 commit: 149cb0b85d203efa4ec6624092355a8946b48106 Author: Lars Wendler gentoo org> AuthorDate: Tue May 25 14:18:26 2021 +0000 Commit: Lars Wendler gentoo org> CommitDate: Tue May 25 14:18:57 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=149cb0b8 sys-libs/libcap: Bump to version 2.50 Signed-off-by: Lars Wendler gentoo.org> sys-libs/libcap/Manifest | 1 + .../files/libcap-2.50-build-system-fixes.patch | 209 +++++++++++++++++++++ sys-libs/libcap/libcap-2.50.ebuild | 89 +++++++++ 3 files changed, 299 insertions(+) diff --git a/sys-libs/libcap/Manifest b/sys-libs/libcap/Manifest index 38190faf3eb..671d87f49eb 100644 --- a/sys-libs/libcap/Manifest +++ b/sys-libs/libcap/Manifest @@ -1,3 +1,4 @@ DIST libcap-2.43.tar.xz 125284 BLAKE2B bde36f8397f4adb74760eb403daa06bee1b8f45ddc253cc3c3ef1f6e95d0e4c76d0f2e6fa3335a8bc451f18ac7128c96230f6aba9ae0320fa4f9d669e7b4f715 SHA512 817add571fb2c54ad2a39974e6545b8fc8d855ecdcf2e00b2cc10e583802c49dfea2d8bca484c89ecd574fdacfc46565b51e3064a4407cf1985defb913240d45 DIST libcap-2.48.tar.xz 132280 BLAKE2B 43ab75b73a5297ec24467fae82378f8c7aba5356afcebfb32a695d664a4b5268526fd90a009596c0f516a626d8f4523a9b49ec3225b6a886da32e62eb5b55ea5 SHA512 3cb1e2b026c0f60d6f225c7255944d45023e59fd065b8f832739fc90d33b3347981675de12dd705c4ecbd647a494a17daf39e1d92599bcd1a83306886edadba1 DIST libcap-2.49.tar.xz 139568 BLAKE2B 5746dcdf2a737e747450bd50a701ee8543277b17b7fbf1304b79f707a088ea74dc6dc79c61ff89b55b718a460a7b0814f960f44d07944a97b832b78f4e14e07f SHA512 2934a2ded1370edeb9603dbf43d8ca23a2eb5d67efc5cec5d4ba96c707a8db2702da8aa9be0cb86c5ff100d37ec96115c7777a7566ad0ab2e0b4a288bbe357d0 +DIST libcap-2.50.tar.xz 143792 BLAKE2B be83dfe1e55a4363936f53afb13edd2c1fd8c9bc27f7946bfda1eb8fb3046d0370997dcf85ba9dab7de10673527b4e8d15f104a75eaf407cba8ed0fc42465790 SHA512 6ac2df1ea9a9154e082c0595d343380ff8abed953b53c635a9297683289f2fa708eff488a42c6053e5ac556a5d90faa8709b3d98a47b2911f05bf80f2663a543 diff --git a/sys-libs/libcap/files/libcap-2.50-build-system-fixes.patch b/sys-libs/libcap/files/libcap-2.50-build-system-fixes.patch new file mode 100644 index 00000000000..45b24421c8a --- /dev/null +++ b/sys-libs/libcap/files/libcap-2.50-build-system-fixes.patch @@ -0,0 +1,209 @@ +From 1f2465ec2b9dccd9823a54938722dc4e5edb8105 Mon Sep 17 00:00:00 2001 +From: Mike Frysinger +Date: Wed, 4 Nov 2020 22:46:20 +0100 +Subject: [PATCH] build system fixes + +This touches up the homebrewed build system to work much better "out of the +box" for people. Specifically: + - allow toolchain vars to be set via environment + - CC / BUILD_CC / AR / RANLIB + - CFLAGS / CPPFLAGS / LDFLAGS + - split CPPFLAGS out of CFLAGS + - break -fPIC out of global CFLAGS and only use where needed + - use LDLIBS for libraries, not LDFLAGS + +Signed-off-by: Mike Frysinger + +Forward ported from libcap-2.24 to libcap-2.25 +Forward ported from libcap-2.25 to libcap-2.28 +Forward ported from libcap-2.28 to libcap-2.29 +Forward ported from libcap-2.29 to libcap-2.33 +Forward ported from libcap-2.33 to libcap-2.34 +Forward ported from libcap-2.34 to libcap-2.37 +Forward ported from libcap-2.37 to libcap-2.39 +Forward ported from libcap-2.39 to libcap-2.42 +Forward ported from libcap-2.42 to libcap-2.44 +Forward ported from libcap-2.44 to libcap-2.45 +Forward ported from libcap-2.45 to libcap-2.48 +Forward ported from libcap-2.48 to libcap-2.50 + +Signed-off-by: Lars Wendler +--- + Make.Rules | 10 ++++++---- + Makefile | 1 - + libcap/Makefile | 7 ++++--- + pam_cap/Makefile | 8 +++++--- + progs/Makefile | 4 ++-- + tests/Makefile | 6 ++++-- + 6 files changed, 21 insertions(+), 15 deletions(-) + +diff --git a/Make.Rules b/Make.Rules +index 98284e2..a797347 100644 +--- a/Make.Rules ++++ b/Make.Rules +@@ -52,7 +52,6 @@ GOMAJOR=1 + # Compilation specifics + + KERNEL_HEADERS := $(topdir)/libcap/include/uapi +-IPATH += -fPIC -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include + + CC := $(CROSS_COMPILE)gcc + DEFINES := -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 +@@ -60,7 +59,7 @@ COPTS ?= -O2 + CFLAGS ?= $(COPTS) $(DEFINES) + BUILD_CC ?= $(CC) + BUILD_COPTS ?= -O2 +-BUILD_CFLAGS ?= $(BUILD_COPTS) $(DEFINES) $(IPATH) ++BUILD_CFLAGS ?= $(CFLAGS) + AR := $(CROSS_COMPILE)ar + RANLIB := $(CROSS_COMPILE)ranlib + DEBUG = -g #-DDEBUG +@@ -76,10 +75,13 @@ LIBPSXLIB := -L$(topdir)/libcap -lpsx $(PSXLINKFLAGS) + + BUILD_GPERF := $(shell which gperf >/dev/null 2>/dev/null && echo yes) + +-SYSTEM_HEADERS = /usr/include ++LIBCAP_CPPFLAGS = -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include $(DEFINES) ++CPPFLAGS += $(LIBCAP_CPPFLAGS) ++BUILD_CPPFLAGS += $(LIBCAP_CPPFLAGS) + INCS=$(topdir)/libcap/include/sys/capability.h + LDFLAGS += -L$(topdir)/libcap +-CFLAGS += -Dlinux $(WARNINGS) $(DEBUG) ++CPPFLAGS += -Dlinux ++CFLAGS += $(WARNINGS) $(DEBUG) + INDENT := $(shell if [ -n "$$(which indent 2>/dev/null)" ]; then echo "| indent -kr" ; fi) + + # SHARED tracks whether or not the SHARED libraries (libcap.so, +diff --git a/Makefile b/Makefile +index bfc2089..2b06c9a 100644 +--- a/Makefile ++++ b/Makefile +@@ -17,7 +17,6 @@ ifeq ($(GOLANG),yes) + $(MAKE) -C go $@ + rm -f cap/go.sum + endif +- $(MAKE) -C tests $@ + $(MAKE) -C progs $@ + $(MAKE) -C doc $@ + $(MAKE) -C kdebug $@ +diff --git a/libcap/Makefile b/libcap/Makefile +index 9563d88..4b42f01 100644 +--- a/libcap/Makefile ++++ b/libcap/Makefile +@@ -25,6 +25,7 @@ MINCAPLIBNAME=$(MAJCAPLIBNAME).$(MINOR) + PSXOBJS=$(addsuffix .o, $(PSXFILES)) + MAJPSXLIBNAME=$(PSXLIBNAME).$(VERSION) + MINPSXLIBNAME=$(MAJPSXLIBNAME).$(MINOR) ++CFLAGS += -fPIC + + all: pcs $(STACAPLIBNAME) + ifeq ($(SHARED),yes) +@@ -66,7 +67,7 @@ libpsx.pc: libpsx.pc.in + $< >$@ + + _makenames: _makenames.c cap_names.list.h +- $(BUILD_CC) $(BUILD_CFLAGS) $< -o $@ ++ $(BUILD_CC) $(BUILD_CFLAGS) $(BUILD_CPPFLAGS) $< -o $@ + + cap_names.h: _makenames + ./_makenames > cap_names.h +@@ -105,10 +106,10 @@ $(PSXLIBNAME) $(MAJPSXLIBNAME) $(MINPSXLIBNAME): $(PSXOBJS) include/sys/psx_sysc + endif + + %.o: %.c $(INCLS) +- $(CC) $(CFLAGS) $(IPATH) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + cap_text.o: cap_text.c $(USE_GPERF_OUTPUT) $(INCLS) +- $(CC) $(CFLAGS) $(IPATH) $(INCLUDE_GPERF_OUTPUT) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) $(INCLUDE_GPERF_OUTPUT) -c $< -o $@ + + cap_test: cap_test.c libcap.h + $(CC) $(CFLAGS) $(IPATH) $< -o $@ +diff --git a/pam_cap/Makefile b/pam_cap/Makefile +index 56604fd..2da4674 100644 +--- a/pam_cap/Makefile ++++ b/pam_cap/Makefile +@@ -3,6 +3,8 @@ + topdir=$(shell pwd)/.. + include ../Make.Rules + ++CFLAGS += -fPIC ++ + all: pam_cap.so + $(MAKE) testlink + +@@ -16,16 +18,16 @@ install: all + # written (and you know why it fails), email me and explain why. Thanks! + + pam_cap.so: pam_cap.o +- $(LD) -o pam_cap.so $< $(LIBCAPLIB) $(LDFLAGS) ++ $(LD) $(CFLAGS) -o pam_cap.so $< $(LIBCAPLIB) $(LDFLAGS) + + pam_cap.o: pam_cap.c +- $(CC) $(CFLAGS) $(IPATH) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + test_pam_cap: test_pam_cap.c pam_cap.c + $(CC) $(CFLAGS) $(IPATH) -o $@ test_pam_cap.c $(LIBCAPLIB) $(LDFLAGS) --static + + testlink: test.c pam_cap.o +- $(CC) $(CFLAGS) -o $@ $+ -lpam -ldl $(LIBCAPLIB) $(LDFLAGS) ++ $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $+ -lpam -ldl $(LIBCAPLIB) $(LDFLAGS) + + test: pam_cap.so + make testlink +diff --git a/progs/Makefile b/progs/Makefile +index 289186e..313dc4d 100644 +--- a/progs/Makefile ++++ b/progs/Makefile +@@ -28,7 +28,7 @@ $(BUILD): %: %.o $(DEPS) + $(CC) $(CFLAGS) -o $@ $< $(LIBCAPLIB) $(LDFLAGS) + + %.o: %.c $(INCS) +- $(CC) $(IPATH) $(CFLAGS) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + install: all + mkdir -p -m 0755 $(FAKEROOT)$(SBINDIR) +@@ -46,7 +46,7 @@ capshdoc.h.cf: capshdoc.h ./mkcapshdoc.sh + diff -u capshdoc.h $@ || (rm $@ ; exit 1) + + capsh: capsh.c capshdoc.h.cf $(DEPS) +- $(CC) $(IPATH) $(CAPSH_SHELL) $(CFLAGS) -o $@ $< $(LIBCAPLIB) $(LDFLAGS) ++ $(CC) $(CAPSH_SHELL) $(CFLAGS) $(CPPFLAGS) -o $@ $< $(LIBCAPLIB) $(LDFLAGS) + + tcapsh-static: capsh.c capshdoc.h.cf $(DEPS) + $(CC) $(IPATH) $(CAPSH_SHELL) $(CFLAGS) -o $@ $< $(LIBCAPLIB) $(LDFLAGS) --static +diff --git a/tests/Makefile b/tests/Makefile +index 3a917c4..07eb2d5 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -13,6 +13,8 @@ ifeq ($(PTHREADS),yes) + $(MAKE) psx_test libcap_psx_test libcap_psx_launch_test + endif + ++CFLAGS += -fPIC ++ + install: all + + ifeq ($(DYNAMIC),yes) +@@ -63,13 +65,13 @@ run_psx_test: psx_test + ./psx_test + + psx_test: psx_test.c $(DEPS) +- $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LINKEXTRA) $(LIBPSXLIB) $(LDFLAGS) ++ $(CC) $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LINKEXTRA) $(LIBPSXLIB) $(LDFLAGS) + + run_libcap_psx_test: libcap_psx_test + ./libcap_psx_test + + libcap_psx_test: libcap_psx_test.c $(DEPS) +- $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LINKEXTRA) $(LIBCAPLIB) $(LIBPSXLIB) $(LDFLAGS) ++ $(CC) $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LINKEXTRA) $(LIBCAPLIB) $(LIBPSXLIB) $(LDFLAGS) + + # privileged + uns_test: uns_test.c $(DEPS) +-- +2.32.0.rc1 + diff --git a/sys-libs/libcap/libcap-2.50.ebuild b/sys-libs/libcap/libcap-2.50.ebuild new file mode 100644 index 00000000000..20f0382faa4 --- /dev/null +++ b/sys-libs/libcap/libcap-2.50.ebuild @@ -0,0 +1,89 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit multilib-minimal toolchain-funcs pam usr-ldscript + +DESCRIPTION="POSIX 1003.1e capabilities" +HOMEPAGE="https://sites.google.com/site/fullycapable/" +SRC_URI="https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/${P}.tar.xz" + +# it's available under either of the licenses +LICENSE="|| ( GPL-2 BSD )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="pam static-libs" + +# While the build system optionally uses gperf, we don't DEPEND on it because +# the build automatically falls back when it's unavailable. #604802 +RDEPEND=">=sys-apps/attr-2.4.47-r1[${MULTILIB_USEDEP}]" +PDEPEND="pam? ( sys-libs/pam[${MULTILIB_USEDEP}] )" +DEPEND="${RDEPEND} + ${PDEPEND} + sys-kernel/linux-headers" + +# Requires test suite being run as root (via sudo) +RESTRICT="test" + +PATCHES=( + "${FILESDIR}"/${PN}-2.50-build-system-fixes.patch + "${FILESDIR}"/${PN}-2.38-no_perl.patch + "${FILESDIR}"/${PN}-2.25-ignore-RAISE_SETFCAP-install-failures.patch + "${FILESDIR}"/${PN}-2.21-include.patch +) + +src_prepare() { + default + multilib_copy_sources +} + +run_emake() { + local args=( + exec_prefix="${EPREFIX}" + lib_prefix="${EPREFIX}/usr" + lib="$(get_libdir)" + prefix="${EPREFIX}/usr" + PAM_CAP="$(usex pam yes no)" + DYNAMIC=yes + GOLANG=no + CC="$(tc-getCC)" + AR="$(tc-getAR)" + RANLIB="$(tc-getRANLIB)" + ) + emake "${args[@]}" "$@" +} + +src_configure() { + tc-export AR CC RANLIB + tc-export_build_env BUILD_CC + multilib-minimal_src_configure +} + +multilib_src_compile() { + run_emake +} + +multilib_src_install() { + # no configure, needs explicit install line #444724#c3 + run_emake DESTDIR="${D}" install + + gen_usr_ldscript -a cap + gen_usr_ldscript -a psx + if ! use static-libs ; then + rm "${ED}"/usr/$(get_libdir)/lib{cap,psx}.a || die + fi + + if [[ -d "${ED}"/usr/$(get_libdir)/security ]] ; then + rm -r "${ED}"/usr/$(get_libdir)/security || die + fi + + if use pam ; then + dopammod pam_cap/pam_cap.so + dopamsecurity '' pam_cap/capability.conf + fi +} + +multilib_src_install_all() { + dodoc CHANGELOG README doc/capability.notes +}