[gentoo-hardened] [musl] A bunch of new compatibles ebuilds for musl

[gentoo-hardened] [musl] A bunch of new compatibles ebuilds for musl

[veovis]

Hi everyone,

I recently saw the hardened musl project so I wanted to play with it for 
my router.

My platform: CHOST="x86_64-gentoo-linux-musl"

There is a list of ebuilds taken from official portage I modified to 
successfully compile for musl without breaking the compatibility with 
other CHOST:
* app-admin/logrotate
* app-misc/screen
* net-analyzer/snort
* net-firewall/arptables
* net-firewall/ebtables
* net-libs/daq
* net-libs/libnetfiler_queue
* net-libs/libnfnetlink
* net-libs/libtirpc
* net-misc/dhcp
* net-misc/iperf
* net-misc/openvpn-2.3.6
* sys-apps/hwinfo
* sys-apps/iproute2
* sys-apps/lm_sensors
* sys-apps/watchdog
* sys-boot/grub:2
* sys-fs/btrfs-progs
* sys-libs/musl
* sys-process/lsof
* www-servers/nginx

I have modified libtirpc so it is the default rpc include files provider 
for musl. glibc and ulibc provides rpc, musl not.

With recent releases of binutils, musl fail to correctly find libraries 
as described here: 
http://git.musl-libc.org/cgit/musl/commit/src/ldso/dynlink.c?id=d8dc2b7c0289b12eeef4feff65e3c918111b0f55

This is the case with /usr/bin/man provided in the current experimental 
stage3 where musl does not found libmandb or libman without the patch or 
without defining LD_LIBRARY_PATH:
localhost kveer # ldd /usr/bin/man
         /lib/ld-musl-x86_64.so.1 (0x317c90c4000)
         libmandb-2.6.6.so => /usr/lib/man-db/libmandb-2.6.6.so 
(0x317c8ca1000)
         libman-2.6.6.so => /usr/lib/man-db/libman-2.6.6.so 
(0x317c8a68000)
         libpipeline.so.1 => /usr/lib/libpipeline.so.1 (0x317c8858000)
         libc.so => /lib/ld-musl-x86_64.so.1 (0x317c90c4000)
         libgdbm.so.4 => /usr/lib/libgdbm.so.4 (0x317c864c000)
         libz.so.1 => /lib/libz.so.1 (0x317c8434000)

Finally, musl does not come with a distinct ldd tool and is missing on 
the stage3. As described by the musl maintener, ldd is available making 
a symbolic link to the main lib:
localhost kveer # ll /usr/bin/ldd
lrwxrwxrwx 1 root root 24 Dec 23 16:11 /usr/bin/ldd -> 
/lib/ld-musl-x86_64.so.1

For now, everything compiles fine but I don't know yet if all is working 
properly.

I put everything on my personal repo here: 
https://github.com/LordVeovis/gentoo (starting from 
176c1d4dd1f7064d0c378e6b37034f7b604e04a2) but let me know how you want 
to proceed for all of this or if my way of patching is incorrect.

Re: [gentoo-hardened] [musl] A bunch of new compatibles ebuilds for musl

[daggs]

> Sent: Tuesday, December 23, 2014 at 5:32 PM
> From: veovis <veovis@kveer.fr>
> To: gentoo-hardened@lists.gentoo.org
> Subject: [gentoo-hardened] [musl] A bunch of new compatibles ebuilds for musl
>
> Hi everyone,
> 
> I recently saw the hardened musl project so I wanted to play with it for 
> my router.
> 
> My platform: CHOST="x86_64-gentoo-linux-musl"
> 
> There is a list of ebuilds taken from official portage I modified to 
> successfully compile for musl without breaking the compatibility with 
> other CHOST:
> * app-admin/logrotate
> * app-misc/screen
> * net-analyzer/snort
> * net-firewall/arptables
> * net-firewall/ebtables
> * net-libs/daq
> * net-libs/libnetfiler_queue
> * net-libs/libnfnetlink
> * net-libs/libtirpc
> * net-misc/dhcp
> * net-misc/iperf
> * net-misc/openvpn-2.3.6
> * sys-apps/hwinfo
> * sys-apps/iproute2
> * sys-apps/lm_sensors
> * sys-apps/watchdog
> * sys-boot/grub:2
> * sys-fs/btrfs-progs
> * sys-libs/musl
> * sys-process/lsof
> * www-servers/nginx
> 
> I have modified libtirpc so it is the default rpc include files provider 
> for musl. glibc and ulibc provides rpc, musl not.
> 
> With recent releases of binutils, musl fail to correctly find libraries 
> as described here: 
> http://git.musl-libc.org/cgit/musl/commit/src/ldso/dynlink.c?id=d8dc2b7c0289b12eeef4feff65e3c918111b0f55
> 
> This is the case with /usr/bin/man provided in the current experimental 
> stage3 where musl does not found libmandb or libman without the patch or 
> without defining LD_LIBRARY_PATH:
> localhost kveer # ldd /usr/bin/man
>          /lib/ld-musl-x86_64.so.1 (0x317c90c4000)
>          libmandb-2.6.6.so => /usr/lib/man-db/libmandb-2.6.6.so 
> (0x317c8ca1000)
>          libman-2.6.6.so => /usr/lib/man-db/libman-2.6.6.so 
> (0x317c8a68000)
>          libpipeline.so.1 => /usr/lib/libpipeline.so.1 (0x317c8858000)
>          libc.so => /lib/ld-musl-x86_64.so.1 (0x317c90c4000)
>          libgdbm.so.4 => /usr/lib/libgdbm.so.4 (0x317c864c000)
>          libz.so.1 => /lib/libz.so.1 (0x317c8434000)
> 
> Finally, musl does not come with a distinct ldd tool and is missing on 
> the stage3. As described by the musl maintener, ldd is available making 
> a symbolic link to the main lib:
> localhost kveer # ll /usr/bin/ldd
> lrwxrwxrwx 1 root root 24 Dec 23 16:11 /usr/bin/ldd -> 
> /lib/ld-musl-x86_64.so.1
> 
> For now, everything compiles fine but I don't know yet if all is working 
> properly.
> 
> I put everything on my personal repo here: 
> https://github.com/LordVeovis/gentoo (starting from 
> 176c1d4dd1f7064d0c378e6b37034f7b604e04a2) but let me know how you want 
> to proceed for all of this or if my way of patching is incorrect.
> 
> 

Greetings,

note that sys-boot/grub:2, net-libs/libtirpc and net-misc/dhcp have already bugs in bugzilla on this matter which either patches or explanations.
might worthwhile to check bugzilla before starting to work on a pkg.

Dagg.

Re: [gentoo-hardened] [musl] A bunch of new compatibles ebuilds for musl

[James Taylor]

[-- Attachment #1: Type: text/plain, Size: 206 bytes --]

On 2014/12/24 18:27, daggs wrote:
>> * www-servers/nginx
Yeah, I even got that fix committed upstream, too (borrowed the patch
from alpine linux).

Probably need to submit a bugzilla for it... Hmm.


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 473 bytes --]