Re: sparc64 bulk build report (link-grammar: use ports-gcc, fix python rundep)
On Mon, Feb 21, 2022 at 01:18:37AM +, Klemens Nanni wrote: > On Sat, Feb 19, 2022 at 02:40:24AM -0700, Kurt Mosiejczuk wrote: > > http://build-failures.rhaalovely.net/sparc64/2022-02-16/textproc/link-grammar,,-main.log > Needs the usual compiler dance for this: > > /tmp/print-dict-f43ef2.s:4649: Error: operation combines symbols in > > different segments > > clang-13: error: assembler command failed with exit code 1 (use -v to see > > invocation) > Typofix deps while here. > update-plist still puts the python dir into PLIST-main (see diff) which > is wrong but I don't know how to convince it to account for it in > PLIST-python... by not listing it at all since it belongs to > lang/python-3.9 which is now a proper dependency. > OK for the diff *without the PLIST hunk*? ok kmos --Kurt
Re: sparc64 bulk build report (link-grammar: use ports-gcc, fix python rundep)
On Sat, Feb 19, 2022 at 02:40:24AM -0700, Kurt Mosiejczuk wrote: > http://build-failures.rhaalovely.net/sparc64/2022-02-16/textproc/link-grammar,,-main.log Needs the usual compiler dance for this: > /tmp/print-dict-f43ef2.s:4649: Error: operation combines symbols in different > segments > clang-13: error: assembler command failed with exit code 1 (use -v to see > invocation) Typofix deps while here. update-plist still puts the python dir into PLIST-main (see diff) which is wrong but I don't know how to convince it to account for it in PLIST-python... by not listing it at all since it belongs to lang/python-3.9 which is now a proper dependency. OK for the diff *without the PLIST hunk*? Index: Makefile === RCS file: /home/cvs/ports/textproc/link-grammar/Makefile,v retrieving revision 1.65 diff -u -p -r1.65 Makefile --- Makefile2 Nov 2021 00:02:36 - 1.65 +++ Makefile21 Feb 2022 01:10:28 - @@ -8,7 +8,8 @@ COMMENT-java = Java bindings for link-g COMMENT-python = Python bindings for link-grammar VERSION = 5.10.2 -REVISION-python= 0 +REVISION-main =0 +REVISION-python = 1 DISTNAME = link-grammar-${VERSION} PKGNAME-main = ${DISTNAME} @@ -42,8 +43,8 @@ MODPY_ADJ_FILES = bindings/python-exampl USE_GMAKE =Yes -# -std=c++03 -COMPILER = base-clang ports-clang +# -std=c++03 -std=c11 +COMPILER = base-clang ports-gcc MULTI_PACKAGES = -main -java -python PSEUDO_FLAVORS = no_java @@ -65,7 +66,7 @@ LIB_DEPENDS-python = ${MODPY_LIB_DEPENDS RUN_DEPENDS-main = # empty RUN_DEPENDS-java = ${MODJAVA_RUN_DEPENDS} -RUN_DEPENDS-python = ${MODPYTHON_RUN_DEPENDS} +RUN_DEPENDS-python = ${MODPY_RUN_DEPENDS} TEST_DEPENDS = ${BUILD_PKGPATH},-python Index: pkg/PLIST-main === RCS file: /home/cvs/ports/textproc/link-grammar/pkg/PLIST-main,v retrieving revision 1.37 diff -u -p -r1.37 PLIST-main --- pkg/PLIST-main 31 Oct 2021 15:02:58 - 1.37 +++ pkg/PLIST-main 21 Feb 2022 01:11:24 - @@ -10,6 +10,7 @@ include/link-grammar/link-includes.h lib/liblink-grammar.la @lib lib/liblink-grammar.so.${LIBlink-grammar_VERSION} lib/pkgconfig/link-grammar.pc +lib/python${MODPY_VERSION}/ libdata/perl5/site_perl/${MACHINE_ARCH}-openbsd/ libdata/perl5/site_perl/${MACHINE_ARCH}-openbsd/clinkgrammar.pm @so libdata/perl5/site_perl/${MACHINE_ARCH}-openbsd/clinkgrammar.so
Re: [s...@spacehopper.org: NEW: 2 simple python ports to fix asymptote's "xasy"]
On Sun, Jun 20, 2021 at 10:59:36AM +0100, Stuart Henderson wrote: > ping ok kmos to import both --Kurt > - Forwarded message from Stuart Henderson - > > From: Stuart Henderson > Date: Mon, 24 May 2021 18:28:37 +0100 > To: ports > Subject: NEW: 2 simple python ports to fix asymptote's "xasy" > Mail-Followup-To: ports > > Attached; py3-cson and its required dependency py3-speg. > The pkg/DESCR for py3-speg is terrible but there's not really > enough information with the distro to do better. > > These are required to reenable xasy in graphics/asymptote (diff > for that below). > > OK for the imports? > > > $ pkg_info py3-speg py3-cson > Information for inst:py3-speg-0.3 > > Comment: > PEG-based parser interpreter with memoization > > Description: > A PEG-based parser interpreter with memoization. > > Maintainer: The OpenBSD ports mailing-list > > WWW: https://github.com/avakar/speg > > > Information for inst:py3-cson-0.8 > > Comment: > parser for Coffeescript Object Notation (CSON) > > Description: > This is a Python parser for the Coffeescript Object Notation (CSON). > The interface is the same as for the standard 'json' package. > > Maintainer: The OpenBSD ports mailing-list > > WWW: https://github.com/avakar/pycson > > > > Index: Makefile > === > RCS file: /cvs/ports/graphics/asymptote/Makefile,v > retrieving revision 1.41 > diff -u -p -r1.41 Makefile > --- Makefile 24 May 2021 10:22:42 - 1.41 > +++ Makefile 24 May 2021 17:27:39 - > @@ -3,7 +3,7 @@ > COMMENT= powerful descriptive vector graphics language > > DISTNAME=asymptote-2.70 > -REVISION=0 > +REVISION=1 > EXTRACT_SUFX=.src.tgz > CATEGORIES= graphics > > @@ -25,7 +25,10 @@ BUILD_DEPENDS= print/texinfo \ > print/texlive/base \ > print/texlive/texmf,-main > RUN_DEPENDS= print/texlive/texmf,-full \ > - ${MODPY_TKINTER_DEPENDS} > + math/py-numpy${MODPY_FLAVOR} \ > + textproc/py-cson${MODPY_FLAVOR} \ > + x11/gnome/librsvg \ > + x11/py-qt5${MODPY_FLAVOR} > > LIB_DEPENDS= devel/boehm-gc \ > devel/gsl \ > @@ -57,8 +60,5 @@ pre-build: > > post-install: > mv ${PREFIX}/man/man1/xasy.1x ${PREFIX}/man/man1/xasy.1 > - # xasy requires "cson" (https://pypi.org/project/cson/) which is not > - # yet ported; also numpy, PyQt5, rsvg-convert; see GUI/requirements.txt > - rm ${PREFIX}/bin/xasy ${PREFIX}/man/man1/xasy.1 > > .include > Index: pkg/PLIST > === > RCS file: /cvs/ports/graphics/asymptote/pkg/PLIST,v > retrieving revision 1.10 > diff -u -p -r1.10 PLIST > --- pkg/PLIST 24 May 2021 10:22:42 - 1.10 > +++ pkg/PLIST 24 May 2021 17:27:39 - > @@ -1,8 +1,10 @@ > @comment $OpenBSD: PLIST,v 1.10 2021/05/24 10:22:42 sthen Exp $ > @bin bin/asy > +bin/xasy > info/asy-faq.info > @info info/asymptote.info > @man man/man1/asy.1 > +@man man/man1/xasy.1 > share/asymptote/ > share/asymptote/CAD.asy > share/asymptote/GUI/ > > > > > - End forwarded message -
[s...@spacehopper.org: NEW: 2 simple python ports to fix asymptote's "xasy"]
ping - Forwarded message from Stuart Henderson - From: Stuart Henderson Date: Mon, 24 May 2021 18:28:37 +0100 To: ports Subject: NEW: 2 simple python ports to fix asymptote's "xasy" Mail-Followup-To: ports Attached; py3-cson and its required dependency py3-speg. The pkg/DESCR for py3-speg is terrible but there's not really enough information with the distro to do better. These are required to reenable xasy in graphics/asymptote (diff for that below). OK for the imports? $ pkg_info py3-speg py3-cson Information for inst:py3-speg-0.3 Comment: PEG-based parser interpreter with memoization Description: A PEG-based parser interpreter with memoization. Maintainer: The OpenBSD ports mailing-list WWW: https://github.com/avakar/speg Information for inst:py3-cson-0.8 Comment: parser for Coffeescript Object Notation (CSON) Description: This is a Python parser for the Coffeescript Object Notation (CSON). The interface is the same as for the standard 'json' package. Maintainer: The OpenBSD ports mailing-list WWW: https://github.com/avakar/pycson Index: Makefile === RCS file: /cvs/ports/graphics/asymptote/Makefile,v retrieving revision 1.41 diff -u -p -r1.41 Makefile --- Makefile24 May 2021 10:22:42 - 1.41 +++ Makefile24 May 2021 17:27:39 - @@ -3,7 +3,7 @@ COMMENT= powerful descriptive vector graphics language DISTNAME= asymptote-2.70 -REVISION= 0 +REVISION= 1 EXTRACT_SUFX= .src.tgz CATEGORIES=graphics @@ -25,7 +25,10 @@ BUILD_DEPENDS= print/texinfo \ print/texlive/base \ print/texlive/texmf,-main RUN_DEPENDS= print/texlive/texmf,-full \ - ${MODPY_TKINTER_DEPENDS} + math/py-numpy${MODPY_FLAVOR} \ + textproc/py-cson${MODPY_FLAVOR} \ + x11/gnome/librsvg \ + x11/py-qt5${MODPY_FLAVOR} LIB_DEPENDS= devel/boehm-gc \ devel/gsl \ @@ -57,8 +60,5 @@ pre-build: post-install: mv ${PREFIX}/man/man1/xasy.1x ${PREFIX}/man/man1/xasy.1 - # xasy requires "cson" (https://pypi.org/project/cson/) which is not - # yet ported; also numpy, PyQt5, rsvg-convert; see GUI/requirements.txt - rm ${PREFIX}/bin/xasy ${PREFIX}/man/man1/xasy.1 .include Index: pkg/PLIST === RCS file: /cvs/ports/graphics/asymptote/pkg/PLIST,v retrieving revision 1.10 diff -u -p -r1.10 PLIST --- pkg/PLIST 24 May 2021 10:22:42 - 1.10 +++ pkg/PLIST 24 May 2021 17:27:39 - @@ -1,8 +1,10 @@ @comment $OpenBSD: PLIST,v 1.10 2021/05/24 10:22:42 sthen Exp $ @bin bin/asy +bin/xasy info/asy-faq.info @info info/asymptote.info @man man/man1/asy.1 +@man man/man1/xasy.1 share/asymptote/ share/asymptote/CAD.asy share/asymptote/GUI/ - End forwarded message - py-cson,speg.tgz Description: application/tar-gz
NEW: 2 simple python ports to fix asymptote's "xasy"
Attached; py3-cson and its required dependency py3-speg. The pkg/DESCR for py3-speg is terrible but there's not really enough information with the distro to do better. These are required to reenable xasy in graphics/asymptote (diff for that below). OK for the imports? $ pkg_info py3-speg py3-cson Information for inst:py3-speg-0.3 Comment: PEG-based parser interpreter with memoization Description: A PEG-based parser interpreter with memoization. Maintainer: The OpenBSD ports mailing-list WWW: https://github.com/avakar/speg Information for inst:py3-cson-0.8 Comment: parser for Coffeescript Object Notation (CSON) Description: This is a Python parser for the Coffeescript Object Notation (CSON). The interface is the same as for the standard 'json' package. Maintainer: The OpenBSD ports mailing-list WWW: https://github.com/avakar/pycson Index: Makefile === RCS file: /cvs/ports/graphics/asymptote/Makefile,v retrieving revision 1.41 diff -u -p -r1.41 Makefile --- Makefile24 May 2021 10:22:42 - 1.41 +++ Makefile24 May 2021 17:27:39 - @@ -3,7 +3,7 @@ COMMENT= powerful descriptive vector graphics language DISTNAME= asymptote-2.70 -REVISION= 0 +REVISION= 1 EXTRACT_SUFX= .src.tgz CATEGORIES=graphics @@ -25,7 +25,10 @@ BUILD_DEPENDS= print/texinfo \ print/texlive/base \ print/texlive/texmf,-main RUN_DEPENDS= print/texlive/texmf,-full \ - ${MODPY_TKINTER_DEPENDS} + math/py-numpy${MODPY_FLAVOR} \ + textproc/py-cson${MODPY_FLAVOR} \ + x11/gnome/librsvg \ + x11/py-qt5${MODPY_FLAVOR} LIB_DEPENDS= devel/boehm-gc \ devel/gsl \ @@ -57,8 +60,5 @@ pre-build: post-install: mv ${PREFIX}/man/man1/xasy.1x ${PREFIX}/man/man1/xasy.1 - # xasy requires "cson" (https://pypi.org/project/cson/) which is not - # yet ported; also numpy, PyQt5, rsvg-convert; see GUI/requirements.txt - rm ${PREFIX}/bin/xasy ${PREFIX}/man/man1/xasy.1 .include Index: pkg/PLIST === RCS file: /cvs/ports/graphics/asymptote/pkg/PLIST,v retrieving revision 1.10 diff -u -p -r1.10 PLIST --- pkg/PLIST 24 May 2021 10:22:42 - 1.10 +++ pkg/PLIST 24 May 2021 17:27:39 - @@ -1,8 +1,10 @@ @comment $OpenBSD: PLIST,v 1.10 2021/05/24 10:22:42 sthen Exp $ @bin bin/asy +bin/xasy info/asy-faq.info @info info/asymptote.info @man man/man1/asy.1 +@man man/man1/xasy.1 share/asymptote/ share/asymptote/CAD.asy share/asymptote/GUI/ py-cson,speg.tgz Description: application/tar-gz
[sparc64/ports-gcc] Fix build of graphics/opencolorio
opencolorio has -Werror by default, and since compilation with ports-gcc throws lots of warnings, it doesn't build. This patch just patches out -Werror and fixes the build on sparc64 ok? (cc maintainer) --Kurt Index: patches/patch-CMakeLists_txt === RCS file: /cvs/ports/graphics/opencolorio/patches/patch-CMakeLists_txt,v retrieving revision 1.3 diff -u -p -r1.3 patch-CMakeLists_txt --- patches/patch-CMakeLists_txt1 Jan 2021 22:48:55 - 1.3 +++ patches/patch-CMakeLists_txt17 Jan 2021 18:09:16 - @@ -2,9 +2,10 @@ $OpenBSD: patch-CMakeLists_txt,v 1.3 202 Fix macro redefined error CMakeLists.txt.orig2018-01-05 12:08:27 UTC +Index: CMakeLists.txt +--- CMakeLists.txt.orig +++ CMakeLists.txt -@@ -218,8 +222,7 @@ else(USE_EXTERNAL_TINYXML) +@@ -218,8 +218,7 @@ else(USE_EXTERNAL_TINYXML) ## => great news when build staticaly since we do not want another client project have to link also with tinyxml when he want to use this project ## => could be problematic if the client project use another version of tinyxml... In this case build tinyxml as shared lib with all projects could be a solution ## => TODO: so maybe provide a simple cmake way to build 3rdParty as shared and auto install with this project ? @@ -14,7 +15,7 @@ Fix macro redefined error list(APPEND EXTERNAL_OBJECTS $) else() find_package(Git REQUIRED) ## in order to apply patch (for crossplateform compatibility) -@@ -384,7 +387,7 @@ else() +@@ -384,7 +383,7 @@ else() set(OCIO_INLINES_HIDDEN OFF) endif() Index: patches/patch-src_core_CMakeLists_txt === RCS file: patches/patch-src_core_CMakeLists_txt diff -N patches/patch-src_core_CMakeLists_txt --- /dev/null 1 Jan 1970 00:00:00 - +++ patches/patch-src_core_CMakeLists_txt 17 Jan 2021 18:09:16 - @@ -0,0 +1,16 @@ +$OpenBSD$ + +Drop Werror + +Index: src/core/CMakeLists.txt +--- src/core/CMakeLists.txt.orig src/core/CMakeLists.txt +@@ -24,7 +24,7 @@ if(WIN32) + set(EXTERNAL_COMPILE_FLAGS "${EXTERNAL_COMPILE_FLAGS} /WX") + endif() + else() +-set(EXTERNAL_COMPILE_FLAGS "${EXTERNAL_COMPILE_FLAGS} -Werror") ++set(EXTERNAL_COMPILE_FLAGS "${EXTERNAL_COMPILE_FLAGS}") + endif() + + # SHARED Index: patches/patch-src_pyglue_CMakeLists_txt === RCS file: patches/patch-src_pyglue_CMakeLists_txt diff -N patches/patch-src_pyglue_CMakeLists_txt --- /dev/null 1 Jan 1970 00:00:00 - +++ patches/patch-src_pyglue_CMakeLists_txt 17 Jan 2021 18:09:16 - @@ -0,0 +1,16 @@ +$OpenBSD$ + +Drop Werror + +Index: src/pyglue/CMakeLists.txt +--- src/pyglue/CMakeLists.txt.orig src/pyglue/CMakeLists.txt +@@ -23,7 +23,7 @@ endif() + # Process all warnings as errors + # Unfortunately Windows still has a warning + if(UNIX) +-set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror") ++set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}") + endif() + + find_package(PythonLibs)
Re: [ports-clang] Fix games/galois
Hi, As rsadowski@ spotted it: - https HOMEPAGE is available - Bring back C++14 mention. While anyway ${COMPILER_LIBCXX} in WANTLIB should use ports-gcc as COMPILER on base-gcc archs, if it still makes sense for most of us, i won't remove it in future fixes. Opinions welcome :) Charlène. On Fri, 25 Oct 2019 23:32:31 +0200 Charlene Wendling wrote: > Hi, > > games/galois runtime is broken on my macppc box: as soon as i start a > new game it segfaults. > > This port needed ports-clang back when ports-gcc had no C++14, but as > it's not the case anymore, i've switched it to ports-gcc. > > It builds [0] and works fine then. > > Comments and feedback are welcome, > > Charlène. > > > [0] https://bin.charlenew.xyz/galois-0.6p0.log Index: Makefile === RCS file: /cvs/ports/games/galois/Makefile,v retrieving revision 1.16 diff -u -p -u -p -r1.16 Makefile --- Makefile12 Jul 2019 20:46:18 - 1.16 +++ Makefile26 Oct 2019 19:52:59 - @@ -2,9 +2,10 @@ COMMENT = free multi-dimensional Tetris-like game DISTNAME = galois-0.6 +REVISION = 0 CATEGORIES = games x11 -HOMEPAGE = http://www.nongnu.org/galois/ +HOMEPAGE = https://www.nongnu.org/galois/ MAINTAINER = Brian Callahan # GPLv3+ @@ -19,7 +20,7 @@ WANTLIB += sigc-2.0 xml++-2.6 xml2 MASTER_SITES = ${MASTER_SITE_SAVANNAH:=galois/source/} # C++14 -COMPILER = base-clang ports-clang ports-gcc +COMPILER = base-clang ports-gcc LIB_DEPENDS = textproc/libxml++>=2.40.0 \ x11/gtk3mm
Re: [ports-clang] Fix textproc/uncrustify
On 2019-10-25 23:22, Charlene Wendling wrote: Hi, uncrustify is broken at runtime on macppc. Once again it's a libestdc++ vs ports-clang clash: --8<-- ~$ uncrustify terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Abort trap -->8-- It's building [0] and just running fine with ports-gcc. Comments/feedback are welcome, Charlène. Hi, I can't test on macppc so if it's good for you go ahead. Thank you, Cheers, Remi.
[ports-clang] Fix games/galois
Hi, games/galois runtime is broken on my macppc box: as soon as i start a new game it segfaults. This port needed ports-clang back when ports-gcc had no C++14, but as it's not the case anymore, i've switched it to ports-gcc. It builds [0] and works fine then. Comments and feedback are welcome, Charlène. [0] https://bin.charlenew.xyz/galois-0.6p0.log Index: Makefile === RCS file: /cvs/ports/games/galois/Makefile,v retrieving revision 1.16 diff -u -p -u -p -r1.16 Makefile --- Makefile12 Jul 2019 20:46:18 - 1.16 +++ Makefile25 Oct 2019 21:30:58 - @@ -2,6 +2,7 @@ COMMENT = free multi-dimensional Tetris-like game DISTNAME = galois-0.6 +REVISION = 0 CATEGORIES = games x11 HOMEPAGE = http://www.nongnu.org/galois/ @@ -18,8 +19,7 @@ WANTLIB += sigc-2.0 xml++-2.6 xml2 MASTER_SITES = ${MASTER_SITE_SAVANNAH:=galois/source/} -# C++14 -COMPILER = base-clang ports-clang ports-gcc +COMPILER = base-clang ports-gcc LIB_DEPENDS = textproc/libxml++>=2.40.0 \ x11/gtk3mm
[ports-clang] Fix textproc/uncrustify
Hi, uncrustify is broken at runtime on macppc. Once again it's a libestdc++ vs ports-clang clash: --8<-- ~$ uncrustify terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Abort trap -->8-- It's building [0] and just running fine with ports-gcc. Comments/feedback are welcome, Charlène. [0] https://bin.charlenew.xyz/uncrustify-0.69.0p0.log Index: Makefile === RCS file: /cvs/ports/textproc/uncrustify/Makefile,v retrieving revision 1.23 diff -u -p -u -p -r1.23 Makefile --- Makefile12 Jul 2019 20:50:16 - 1.23 +++ Makefile25 Oct 2019 21:06:57 - @@ -4,6 +4,8 @@ COMMENT = source code beautifier DISTNAME = uncrustify-0.69.0 +REVISION = 0 + CATEGORIES = textproc devel HOMEPAGE = http://uncrustify.sourceforge.net/ @@ -17,7 +19,7 @@ WANTLIB += c m ${COMPILER_LIBCXX} MASTER_SITES = ${MASTER_SITE_SOURCEFORGE:=uncrustify/} -COMPILER = base-clang ports-clang ports-gcc +COMPILER = base-clang ports-gcc MODULES = devel/cmake \ lang/python
Minor FAQ ports guide fix
Hi there, When reading through the FAQ's ports guide I noticed a reference to /usr/ports/infrastructure/templates/network.conf.template which has been moved. Here is a fix: diff --git faq/ports/guide.html faq/ports/guide.html index 64275fe39..8685d53f5 100644 --- faq/ports/guide.html +++ faq/ports/guide.html @@ -192,7 +192,7 @@ Common uses are things like security or reliability fixes. If your ports are available over large public mirrors such as GNU, Sourceforge, or CPAN, we have already provided a list of sites for your use in -/usr/ports/infrastructure/templates/network.conf.template. +/usr/ports/infrastructure/db/network.conf. Set MASTER_SITES to ${MASTER_SITE_GNU}, or ${MASTER_SITE_SOURCEFORGE}, etc. To simplify this process, use the construct
LAST WARNING. Re: ports to fix
I'm going to commit that patch tomorrow. Index: OpenBSD/ArcCheck.pm === RCS file: /build/data/openbsd/cvs/src/usr.sbin/pkg_add/OpenBSD/ArcCheck.pm,v retrieving revision 1.23 diff -u -p -r1.23 ArcCheck.pm --- OpenBSD/ArcCheck.pm 17 Jan 2014 15:46:16 - 1.23 +++ OpenBSD/ArcCheck.pm 18 Jan 2014 16:01:15 - @@ -87,7 +87,8 @@ sub verify_modes } } if (!defined $item-{mode} $o-isFile) { - if (($o-{mode} (S_ISUID | S_ISGID | S_IWOTH)) != 0) { + if (($o-{mode} (S_ISUID | S_ISGID | S_IWOTH)) != 0 || + ($o-{mode} S_IROTH) == 0 || ($o-{mode} S_IRGRP) == 0) { $o-errsay(Error: weird mode for #1: #2, $item-fullname, sprintf(%4o, $o-{mode} (S_IRWXU | S_IRWXG | S_IRWXO | S_ISUID | S_ISGID))); I fixed quite a few of the BROKEN ports with it, and I've had some help from a few people on a few others. Depending on my lazyness, I may fix the rest, or just let it break. On Mon, Jan 20, 2014 at 09:23:37AM +0100, Marc Espie wrote: On Sat, Jan 18, 2014 at 05:17:07PM +0100, Marc Espie wrote: The mode checker is paranoid about suid/sgid, not paranoid enough about files that can be read. The following patch prevents ports from packaging/installing if they don't have proper annotations for anything that's g-r or o-r... Before it goes in, a number of port must be properly annotated... (it's also possible the protected files don't really need to be protected, the less special cases the better). shortened list. amanda-2.4.5.1p3:Modes: 550 amanda-client-2.4.5.1p2:Modes: 550 apcupsd-3.14.10p2:Modes: 700 744 botan-1.10.6:Modes: 600 bsd-airtools-0.2p4:Modes: 700 collectd-4.10.2p3:Modes: 640 courier-authlib-0.65.0p1:Modes: 660 courier-authlib-ldap-0.65.0p4:Modes: 660 courier-authlib-mysql-0.65.0p4:Modes: 660 courier-authlib-pgsql-0.65.0p4:Modes: 660 freeradius-iodbc-2.2.0p3:Modes: 640 freeradius-ldap-2.2.0p1:Modes: 640 freeradius-mysql-2.2.0p3:Modes: 640 freeradius-pgsql-2.2.0p1:Modes: 640 fretsonfire-1.3.110p6:Modes: 600 hylafax-6.0.6p1:Modes: 600 hylafax-6.0.6p1-a4:Modes: 600 maradns-1.3.07.15:Modes: 600 moinmoin-1.9.7:Modes: 640 mysql-zrm-2.2.0p5:Modes: 600 nedi-1.0.8p4:Modes: 744 700 600 omega-0.90.4p1:Modes: 711 660 py-prettytable-0.7.1p0:Modes: 600 riak-1.4.2p0:Modes: 700 744 roundcubemail-0.9.5:Modes: 750 slim-themes-1.2.3p4:Modes: 600 smsmail-1.0.2p3:Modes: 640 spectrum-1.4.8:Modes: 640 squidGuard-1.4p9:Modes: 640 squidGuard-1.4p9-ldap:Modes: 640 swig-2.0.11:Modes: 600
Re: ports to fix
On Sat, Jan 18, 2014 at 05:17:07PM +0100, Marc Espie wrote: The mode checker is paranoid about suid/sgid, not paranoid enough about files that can be read. The following patch prevents ports from packaging/installing if they don't have proper annotations for anything that's g-r or o-r... Before it goes in, a number of port must be properly annotated... (it's also possible the protected files don't really need to be protected, the less special cases the better). cups-1.7.1:Modes: 700 500 640 imap-uw-2.11v0:Modes: 600 ldapvacation-1.1.3p2:Modes: 640 ntop-1.1p1:Modes: 700 pgworksheet-1.9p4:Modes: 640 py-prettytable-0.7.1p0:Modes: 600 smsmail-1.0.2p3:Modes: 640 (at least, haven't finished my bulk yet). Here's a fuller list, some of which have already been fixed, as far as I know. amanda-2.4.5.1p3:Modes: 550 amanda-client-2.4.5.1p2:Modes: 550 apcupsd-3.14.10p2:Modes: 700 744 #bacula-client-5.2.13p0:Modes: 640 botan-1.10.6:Modes: 600 bsd-airtools-0.2p4:Modes: 700 clojure-1.5.1:Modes: 640 750 collectd-4.10.2p3:Modes: 640 courier-authlib-0.65.0p1:Modes: 660 courier-authlib-ldap-0.65.0p4:Modes: 660 courier-authlib-mysql-0.65.0p4:Modes: 660 courier-authlib-pgsql-0.65.0p4:Modes: 660 #cups-1.7.1:Modes: 700 500 640 ejabberd-2.1.12:Modes: 750 640 freeradius-iodbc-2.2.0p3:Modes: 640 freeradius-ldap-2.2.0p1:Modes: 640 freeradius-mysql-2.2.0p3:Modes: 640 freeradius-pgsql-2.2.0p1:Modes: 640 fretsonfire-1.3.110p6:Modes: 600 gnats-3.113.1p11:Modes: 600 gnustep-neos-theme-0.1:Modes: 640 hylafax-6.0.6p1:Modes: 600 hylafax-6.0.6p1-a4:Modes: 600 icinga-1.10.2:Modes: 664 660 #imap-uw-2.11v0:Modes: 600 ldapvacation-1.1.3p2:Modes: 640 maradns-1.3.07.15:Modes: 600 #mgetty+sendfax-1.1.37p2:Modes: 711 700 600 mirrormagic-2.0.2p1:Modes: 640 moinmoin-1.9.7:Modes: 640 mysql-zrm-2.2.0p5:Modes: 600 nedi-1.0.8p4:Modes: 744 700 600 ntop-1.1p1:Modes: 700 ocaml-mlgmp-0.13p3:Modes: 640 ocaml-xml-light-2.2p5:Modes: 600 omega-0.90.4p1:Modes: 711 660 parrot-5.4.0:Modes: 600 pgworksheet-1.9p4:Modes: 640 py-mxDateTime-3.2.6:Modes: 640 py-paste-1.7.5.1:Modes: 640 py-prettytable-0.7.1p0:Modes: 600 riak-1.4.2p0:Modes: 700 744 roundcubemail-0.9.5:Modes: 750 #ruby-kgio-2.7.4p3:Modes: 600 #ruby-rainbows-4.4.1p2:Modes: 600 #ruby-raindrops-0.10.0p3:Modes: 600 #ruby-unicorn-4.7.0p1:Modes: 600 #ruby19-kgio-2.7.4p3:Modes: 600 #ruby19-rainbows-4.4.1p2:Modes: 600 #ruby19-raindrops-0.10.0p3:Modes: 600 #ruby19-unicorn-4.7.0p1:Modes: 600 #ruby20-kgio-2.7.4p3:Modes: 600 #ruby20-rainbows-4.4.1p2:Modes: 600 #ruby20-raindrops-0.10.0p3:Modes: 600 #ruby20-unicorn-4.7.0p1:Modes: 600 #ruby21-kgio-2.7.4p3:Modes: 600 #ruby21-raindrops-0.10.0p3:Modes: 600 #ruby21-unicorn-4.7.0p1:Modes: 600 #samhain-3.0.4p7:Modes: 700 #samhain-server-3.0.4p9-mysql:Modes: 700 #samhain-server-3.0.4p9-postgresql:Modes: 700 slim-themes-1.2.3p4:Modes: 600 smsmail-1.0.2p3:Modes: 640 #smtp-vilter-1.3.8p1:Modes: 640 #smtp-vilter-1.3.8p1-ldap:Modes: 640 spectrum-1.4.8:Modes: 640 squidGuard-1.4p9:Modes: 640 squidGuard-1.4p9-ldap:Modes: 640 swig-2.0.11:Modes: 600 #wwwoffle-2.5ep1:Modes: 640 Index: OpenBSD/ArcCheck.pm === RCS file: /build/data/openbsd/cvs/src/usr.sbin/pkg_add/OpenBSD/ArcCheck.pm,v retrieving revision 1.23 diff -u -p -r1.23 ArcCheck.pm --- OpenBSD/ArcCheck.pm 17 Jan 2014 15:46:16 - 1.23 +++ OpenBSD/ArcCheck.pm 18 Jan 2014 16:01:15 - @@ -87,7 +87,8 @@ sub verify_modes } } if (!defined $item-{mode} $o-isFile) { - if (($o-{mode} (S_ISUID | S_ISGID | S_IWOTH)) != 0) { + if (($o-{mode} (S_ISUID | S_ISGID | S_IWOTH)) != 0 || + ($o-{mode} S_IROTH) == 0 || ($o-{mode} S_IRGRP) == 0) { $o-errsay(Error: weird mode for #1: #2, $item-fullname, sprintf(%4o, $o-{mode} (S_IRWXU | S_IRWXG | S_IRWXO | S_ISUID | S_ISGID)));
ports to fix
The mode checker is paranoid about suid/sgid, not paranoid enough about files that can be read. The following patch prevents ports from packaging/installing if they don't have proper annotations for anything that's g-r or o-r... Before it goes in, a number of port must be properly annotated... (it's also possible the protected files don't really need to be protected, the less special cases the better). cups-1.7.1:Modes: 700 500 640 imap-uw-2.11v0:Modes: 600 ldapvacation-1.1.3p2:Modes: 640 ntop-1.1p1:Modes: 700 pgworksheet-1.9p4:Modes: 640 py-prettytable-0.7.1p0:Modes: 600 smsmail-1.0.2p3:Modes: 640 (at least, haven't finished my bulk yet). Index: OpenBSD/ArcCheck.pm === RCS file: /build/data/openbsd/cvs/src/usr.sbin/pkg_add/OpenBSD/ArcCheck.pm,v retrieving revision 1.23 diff -u -p -r1.23 ArcCheck.pm --- OpenBSD/ArcCheck.pm 17 Jan 2014 15:46:16 - 1.23 +++ OpenBSD/ArcCheck.pm 18 Jan 2014 16:01:15 - @@ -87,7 +87,8 @@ sub verify_modes } } if (!defined $item-{mode} $o-isFile) { - if (($o-{mode} (S_ISUID | S_ISGID | S_IWOTH)) != 0) { + if (($o-{mode} (S_ISUID | S_ISGID | S_IWOTH)) != 0 || + ($o-{mode} S_IROTH) == 0 || ($o-{mode} S_IRGRP) == 0) { $o-errsay(Error: weird mode for #1: #2, $item-fullname, sprintf(%4o, $o-{mode} (S_IRWXU | S_IRWXG | S_IRWXO | S_ISUID | S_ISGID)));