commit: 6792521f0d0d8c2c8e2c25e633f917c4052a457e Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> AuthorDate: Sun Aug 2 17:08:20 2020 +0000 Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> CommitDate: Sun Aug 2 17:14:08 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6792521f
sys-libs/libcap: Bump to version 2.42 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org> sys-libs/libcap/Manifest | 1 + .../files/libcap-2.42-build-system-fixes.patch | 200 +++++++++++++++++++++ sys-libs/libcap/libcap-2.42.ebuild | 87 +++++++++ 3 files changed, 288 insertions(+) diff --git a/sys-libs/libcap/Manifest b/sys-libs/libcap/Manifest index fbfeb0b4a0a..01adfee40c7 100644 --- a/sys-libs/libcap/Manifest +++ b/sys-libs/libcap/Manifest @@ -2,3 +2,4 @@ DIST libcap-2.26.tar.xz 67172 BLAKE2B 9d1952bd03e1bba5ffa225a5088b8d841c2007219b DIST libcap-2.27.tar.xz 67780 BLAKE2B 7b58d7afdd90281771a302cd9554f067b9e3636b0c052935973d8a0d890490c3933b3513874b788a8c10e37ab5ad9cfa766408c9629b7c8562cb17bfdef87747 SHA512 e32335fd3e0d1564574acc73df7030b5b0fd98875217bffabd76f2765f1a7a6f1369f03df2ee22a1782776838784e342378c10613ea1163d53ae5055ab6a62b6 DIST libcap-2.40.tar.xz 137832 BLAKE2B 968b8563400e6d19f72660d51057ee893d35ddd029fb095364417cf4811516424aa49bb03de803642cb68cdbaa34e055f7fb0319e789f444b6ac6f2c372d06dd SHA512 117e8dbb81cbe8974f7d3f36e89e9bec69ce81c2662f7b8edfb1753a109de028427c07d0fd77e03f2004dfff88054daf284d50dd8226c7b5f087f6dd264dd3f2 DIST libcap-2.41.tar.xz 139812 BLAKE2B 96630d2ff45e3cc40f18d0a739796bbed4c5b246a48db64b81870c6f200c6cedfed74ed0267261c3de712e9d14799015ccd1a2391e9a2a9c6d5c250864bf841f SHA512 efb778f1fee3da9ccbcc5c05d0e33dfced55a7fdfe17e1f40f121b6ec08b891c0cd95e91e5b6dce84a9cdb62d40f20efe2b26454013e1e898c25c3f9550af0f9 +DIST libcap-2.42.tar.xz 141288 BLAKE2B 1ee5c3934ba88a8127a6d96780a539d8b291e99d2e621660338fb9a9d511470bedfc3406af0bc787fda0ee0c54ce491d65a11a3e92a8da9f5d494c0931de77db SHA512 2abe2d106583a48e3ee0dbc0f82e5ec92a3209cad2abcc1690a12f33364a1dab467b624670a1cdcac0c8d12761e86d5a05bca90aa4199fee75d46e181a695d50 diff --git a/sys-libs/libcap/files/libcap-2.42-build-system-fixes.patch b/sys-libs/libcap/files/libcap-2.42-build-system-fixes.patch new file mode 100644 index 00000000000..10959cf9339 --- /dev/null +++ b/sys-libs/libcap/files/libcap-2.42-build-system-fixes.patch @@ -0,0 +1,200 @@ +From 8599fc87e91b7903cfb1877983615dadcbcc1b29 Mon Sep 17 00:00:00 2001 +From: Mike Frysinger <vap...@gentoo.org> +Date: Tue, 5 May 2020 09:52:40 +0200 +Subject: [PATCH] build system fixes + +This touches up the homebrewed build system to work much better "out of the +box" for people. Specifically: + - allow toolchain vars to be set via environment + - CC / BUILD_CC / AR / RANLIB + - CFLAGS / CPPFLAGS / LDFLAGS + - split CPPFLAGS out of CFLAGS + - break -fPIC out of global CFLAGS and only use where needed + - use LDLIBS for libraries, not LDFLAGS + +Signed-off-by: Mike Frysinger <vap...@gentoo.org> + +Forward ported from libcap-2.24 to libcap-2.25 +Forward ported from libcap-2.25 to libcap-2.28 +Forward ported from libcap-2.28 to libcap-2.29 +Forward ported from libcap-2.29 to libcap-2.33 +Forward ported from libcap-2.33 to libcap-2.34 +Forward ported from libcap-2.34 to libcap-2.37 +Forward ported from libcap-2.37 to libcap-2.39 +Forward ported from libcap-2.39 to libcap-2.42 + +Signed-off-by: Lars Wendler <polynomia...@gentoo.org> +--- + Make.Rules | 12 +++++++----- + Makefile | 1 - + libcap/Makefile | 7 ++++--- + pam_cap/Makefile | 8 +++++--- + progs/Makefile | 2 +- + tests/Makefile | 6 ++++-- + 6 files changed, 21 insertions(+), 15 deletions(-) + +diff --git a/Make.Rules b/Make.Rules +index 8440e18..67fd4a6 100644 +--- a/Make.Rules ++++ b/Make.Rules +@@ -52,13 +52,12 @@ GOMAJOR=0 + # Compilation specifics + + KERNEL_HEADERS := $(topdir)/libcap/include/uapi +-IPATH += -fPIC -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include + + CC ?= $(CROSS_COMPILE)gcc + DEFINES := -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 + CFLAGS ?= -O2 $(DEFINES) + BUILD_CC ?= $(CC) +-BUILD_CFLAGS ?= -O2 $(DEFINES) $(IPATH) ++BUILD_CFLAGS ?= $(CFLAGS) + AR ?= $(CROSS_COMPILE)ar + RANLIB ?= $(CROSS_COMPILE)ranlib + DEBUG = -g #-DDEBUG +@@ -73,16 +72,19 @@ LIBPSXLIB := -L$(topdir)/libcap -lpsx -lpthread + + BUILD_GPERF := $(shell which gperf >/dev/null 2>/dev/null && echo yes) + +-SYSTEM_HEADERS = /usr/include ++LIBCAP_CPPFLAGS = -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include $(DEFINES) ++CPPFLAGS += $(LIBCAP_CPPFLAGS) ++BUILD_CPPFLAGS += $(LIBCAP_CPPFLAGS) + INCS=$(topdir)/libcap/include/sys/capability.h + LDFLAGS += -L$(topdir)/libcap +-CFLAGS += -Dlinux $(WARNINGS) $(DEBUG) ++CPPFLAGS += -Dlinux ++CFLAGS += $(WARNINGS) $(DEBUG) + PAM_CAP ?= $(shell if [ -f /usr/include/security/pam_modules.h ]; then echo yes ; else echo no ; fi) + INDENT := $(shell if [ -n "$$(which indent 2>/dev/null)" ]; then echo "| indent -kr" ; fi) + DYNAMIC := $(shell if [ ! -d "$(topdir)/.git" ]; then echo yes; fi) + + GO := go +-GOLANG := $(shell if [ -n "$(shell $(GO) version 2>/dev/null)" ]; then echo yes ; else echo no ; fi) ++GOLANG ?= $(shell if [ -n "$(shell $(GO) version 2>/dev/null)" ]; then echo yes ; else echo no ; fi) + ifeq ($(GOLANG),yes) + GOROOT := $(shell $(GO) env GOROOT) + GOCGO := $(shell if [ "$(shell $(GO) env CGO_ENABLED)" = 1 ]; then echo yes ; else echo no ; fi) +diff --git a/Makefile b/Makefile +index 03d7748..4437468 100644 +--- a/Makefile ++++ b/Makefile +@@ -17,7 +17,6 @@ ifeq ($(GOLANG),yes) + $(MAKE) -C go $@ + rm -f cap/go.sum + endif +- $(MAKE) -C tests $@ + $(MAKE) -C progs $@ + $(MAKE) -C doc $@ + $(MAKE) -C kdebug $@ +diff --git a/libcap/Makefile b/libcap/Makefile +index 81b089e..63fe555 100644 +--- a/libcap/Makefile ++++ b/libcap/Makefile +@@ -21,6 +21,7 @@ PSXOBJS=$(addsuffix .o, $(PSXFILES)) + MAJLIBNAME=$(LIBNAME).$(VERSION) + MINLIBNAME=$(MAJLIBNAME).$(MINOR) + GPERF_OUTPUT = _caps_output.gperf ++CFLAGS += -fPIC + + all: $(MINLIBNAME) $(STACAPLIBNAME) pcs $(STAPSXLIBNAME) + +@@ -50,7 +51,7 @@ libpsx.pc: libpsx.pc.in + $< >$@ + + _makenames: _makenames.c cap_names.list.h +- $(BUILD_CC) $(BUILD_CFLAGS) $< -o $@ ++ $(BUILD_CC) $(BUILD_CFLAGS) $(BUILD_CPPFLAGS) $< -o $@ + + cap_names.h: _makenames + ./_makenames > cap_names.h +@@ -82,10 +83,10 @@ $(MINLIBNAME): $(CAPOBJS) + ln -sf $(MAJLIBNAME) $(LIBNAME) + + %.o: %.c $(INCLS) +- $(CC) $(CFLAGS) $(IPATH) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + cap_text.o: cap_text.c $(USE_GPERF_OUTPUT) $(INCLS) +- $(CC) $(CFLAGS) $(IPATH) $(INCLUDE_GPERF_OUTPUT) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) $(INCLUDE_GPERF_OUTPUT) -c $< -o $@ + + cap_test: cap_test.c libcap.h + $(CC) $(CFLAGS) $(IPATH) $< -o $@ +diff --git a/pam_cap/Makefile b/pam_cap/Makefile +index 56604fd..2da4674 100644 +--- a/pam_cap/Makefile ++++ b/pam_cap/Makefile +@@ -3,6 +3,8 @@ + topdir=$(shell pwd)/.. + include ../Make.Rules + ++CFLAGS += -fPIC ++ + all: pam_cap.so + $(MAKE) testlink + +@@ -16,16 +18,16 @@ install: all + # written (and you know why it fails), email me and explain why. Thanks! + + pam_cap.so: pam_cap.o +- $(LD) -o pam_cap.so $< $(LIBCAPLIB) $(LDFLAGS) ++ $(LD) $(CFLAGS) -o pam_cap.so $< $(LIBCAPLIB) $(LDFLAGS) + + pam_cap.o: pam_cap.c +- $(CC) $(CFLAGS) $(IPATH) -c $< -o $@ ++ $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + test_pam_cap: test_pam_cap.c pam_cap.c + $(CC) $(CFLAGS) $(IPATH) -o $@ test_pam_cap.c $(LIBCAPLIB) $(LDFLAGS) --static + + testlink: test.c pam_cap.o +- $(CC) $(CFLAGS) -o $@ $+ -lpam -ldl $(LIBCAPLIB) $(LDFLAGS) ++ $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $+ -lpam -ldl $(LIBCAPLIB) $(LDFLAGS) + + test: pam_cap.so + make testlink +diff --git a/progs/Makefile b/progs/Makefile +index 076e44f..fd13351 100644 +--- a/progs/Makefile ++++ b/progs/Makefile +@@ -23,7 +23,7 @@ $(BUILD): %: %.o $(DEPS) + $(CC) $(CFLAGS) -o $@ $< $(LIBCAPLIB) $(LDFLAGS) + + %.o: %.c $(INCS) +- $(CC) $(IPATH) $(CAPSH_SHELL) $(CFLAGS) -c $< -o $@ ++ $(CC) $(CAPSH_SHELL) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ + + install: all + mkdir -p -m 0755 $(FAKEROOT)$(SBINDIR) +diff --git a/tests/Makefile b/tests/Makefile +index bfedbc2..2b9a801 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -16,19 +16,21 @@ test: run_psx_test run_libcap_psx_test + + sudotest: test run_libcap_launch_test run_libcap_launch_test + ++CFLAGS += -fPIC ++ + install: all + + run_psx_test: psx_test + ./psx_test + + psx_test: psx_test.c $(DEPS) +- $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LIBPSXLIB) -Wl,-wrap,pthread_create ++ $(CC) $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LIBPSXLIB) -Wl,-wrap,pthread_create + + run_libcap_psx_test: libcap_psx_test + ./libcap_psx_test + + libcap_psx_test: libcap_psx_test.c $(DEPS) +- $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LIBCAPLIB) $(LIBPSXLIB) -Wl,-wrap,pthread_create --static ++ $(CC) $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LIBCAPLIB) $(LIBPSXLIB) -Wl,-wrap,pthread_create --static + + run_libcap_launch_test: libcap_launch_test libcap_psx_launch_test noop + sudo ./libcap_launch_test +-- +2.28.0 + diff --git a/sys-libs/libcap/libcap-2.42.ebuild b/sys-libs/libcap/libcap-2.42.ebuild new file mode 100644 index 00000000000..acba4de6b6c --- /dev/null +++ b/sys-libs/libcap/libcap-2.42.ebuild @@ -0,0 +1,87 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit multilib multilib-minimal toolchain-funcs pam usr-ldscript + +DESCRIPTION="POSIX 1003.1e capabilities" +HOMEPAGE="https://sites.google.com/site/fullycapable/"; +SRC_URI="https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/${P}.tar.xz"; + +# it's available under either of the licenses +LICENSE="|| ( GPL-2 BSD )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="pam static-libs" + +# While the build system optionally uses gperf, we don't DEPEND on it because +# the build automatically falls back when it's unavailable. #604802 +RDEPEND=">=sys-apps/attr-2.4.47-r1[${MULTILIB_USEDEP}]" +PDEPEND="pam? ( sys-libs/pam[${MULTILIB_USEDEP}] )" +DEPEND="${RDEPEND} + ${PDEPEND} + sys-kernel/linux-headers" + +# Requires test suite being run as root (via sudo) +RESTRICT="test" + +PATCHES=( + "${FILESDIR}"/${PN}-2.42-build-system-fixes.patch + "${FILESDIR}"/${PN}-2.38-no_perl.patch + "${FILESDIR}"/${PN}-2.25-ignore-RAISE_SETFCAP-install-failures.patch + "${FILESDIR}"/${PN}-2.21-include.patch +) + +src_prepare() { + default + multilib_copy_sources +} + +run_emake() { + local args=( + exec_prefix="${EPREFIX}" + lib_prefix="${EPREFIX}/usr" + lib="$(get_libdir)" + prefix="${EPREFIX}/usr" + PAM_CAP="$(usex pam yes no)" + DYNAMIC=yes + GOLANG=no + ) + emake "${args[@]}" "$@" +} + +src_configure() { + tc-export AR CC RANLIB + tc-export_build_env BUILD_CC + multilib-minimal_src_configure +} + +multilib_src_compile() { + run_emake +} + +multilib_src_install() { + # no configure, needs explicit install line #444724#c3 + run_emake DESTDIR="${D}" install + + gen_usr_ldscript -a cap + if ! use static-libs ; then + # Don't remove libpsx.a! + # See https://bugs.gentoo.org/703912 + rm "${ED}"/usr/$(get_libdir)/libcap.a || die + fi + + if [[ -d "${ED}"/usr/$(get_libdir)/security ]] ; then + rm -r "${ED}"/usr/$(get_libdir)/security || die + fi + + if use pam; then + dopammod pam_cap/pam_cap.so + dopamsecurity '' pam_cap/capability.conf + fi +} + +multilib_src_install_all() { + dodoc CHANGELOG README doc/capability.notes +}
