1 |
commit: 2fcd58b2c05b0bedd594dbaabd99e7d5f30644de |
2 |
Author: David Seifert <soap <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Nov 21 23:37:35 2021 +0000 |
4 |
Commit: David Seifert <soap <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Nov 21 23:37:35 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2fcd58b2 |
7 |
|
8 |
sys-libs/libcap: add 2.61 |
9 |
|
10 |
Signed-off-by: David Seifert <soap <AT> gentoo.org> |
11 |
|
12 |
sys-libs/libcap/Manifest | 1 + |
13 |
....61-ignore-RAISE_SETFCAP-install-failures.patch | 24 ++++++ |
14 |
sys-libs/libcap/files/libcap-2.61-no_perl.patch | 62 +++++++++++++++ |
15 |
sys-libs/libcap/libcap-2.61.ebuild | 90 ++++++++++++++++++++++ |
16 |
4 files changed, 177 insertions(+) |
17 |
|
18 |
diff --git a/sys-libs/libcap/Manifest b/sys-libs/libcap/Manifest |
19 |
index 4f4e42436180..a96b565578d0 100644 |
20 |
--- a/sys-libs/libcap/Manifest |
21 |
+++ b/sys-libs/libcap/Manifest |
22 |
@@ -1,2 +1,3 @@ |
23 |
DIST libcap-2.49.tar.xz 139568 BLAKE2B 5746dcdf2a737e747450bd50a701ee8543277b17b7fbf1304b79f707a088ea74dc6dc79c61ff89b55b718a460a7b0814f960f44d07944a97b832b78f4e14e07f SHA512 2934a2ded1370edeb9603dbf43d8ca23a2eb5d67efc5cec5d4ba96c707a8db2702da8aa9be0cb86c5ff100d37ec96115c7777a7566ad0ab2e0b4a288bbe357d0 |
24 |
DIST libcap-2.60.tar.xz 170744 BLAKE2B 858b5133a5cb2f3b30dab569a6c9f2097034318c90419fa2372e0b28c891160f5e84b54b302b2d98664df8f7c44df78eb3cb4e47b328cecd4c27e7ab223045ae SHA512 f2ff0d81df7251c05decda706ccc6463ce58df6a3c542fe479328dce5416f77aa5c6a09a1ab05a1d1a3638e6dae5c0e546aaa4824843a570700a8927fb7f73e6 |
25 |
+DIST libcap-2.61.tar.xz 173892 BLAKE2B 50874d3510ab2476aaceb775314d98744736aacd7364a23827756caa160c101e8bc890b7c33b5e19df8b30bb6b3b1c2be323e4b6a963f97e9ee557e86b4f13a0 SHA512 40096bf511d1c45e36f5d7f24e49c709528f3f01fcadd47b6ac40a7e8d5f1705b29b4cc56356b030639f67d0641b9f4e7c19449c3c7f4f77a4070c35745b465c |
26 |
|
27 |
diff --git a/sys-libs/libcap/files/libcap-2.61-ignore-RAISE_SETFCAP-install-failures.patch b/sys-libs/libcap/files/libcap-2.61-ignore-RAISE_SETFCAP-install-failures.patch |
28 |
new file mode 100644 |
29 |
index 000000000000..25f853b2a982 |
30 |
--- /dev/null |
31 |
+++ b/sys-libs/libcap/files/libcap-2.61-ignore-RAISE_SETFCAP-install-failures.patch |
32 |
@@ -0,0 +1,24 @@ |
33 |
+From 8dfcdcfdcb9c462a05566aa8d3c6eca871f0ddbf Mon Sep 17 00:00:00 2001 |
34 |
+From: Mike Frysinger <vapier@g.o> |
35 |
+Date: Wed, 10 Feb 2016 09:52:45 +0100 |
36 |
+Subject: [PATCH] ignore RAISE_SETFCAP install failures |
37 |
+ |
38 |
+While the new RAISE_SETFCAP feature is nifty, its failure to run (often |
39 |
+due to the fs not supporting it) shouldn't impair the default install. |
40 |
+ |
41 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
42 |
+ |
43 |
+Forward ported from libcap-2.20 to libcap-2.25 |
44 |
+ |
45 |
+Signed-off-by: Lars Wendler <polynomial-c@g.o> |
46 |
+--- a/progs/Makefile |
47 |
++++ b/progs/Makefile |
48 |
+@@ -39,7 +39,7 @@ |
49 |
+ install -m 0755 $$p $(FAKEROOT)$(SBINDIR) ; \ |
50 |
+ done |
51 |
+ ifeq ($(RAISE_SETFCAP),yes) |
52 |
+- $(FAKEROOT)$(SBINDIR)/setcap cap_setfcap=i $(FAKEROOT)$(SBINDIR)/setcap |
53 |
++ -$(FAKEROOT)$(SBINDIR)/setcap cap_setfcap=i $(FAKEROOT)$(SBINDIR)/setcap |
54 |
+ endif |
55 |
+ |
56 |
+ test: |
57 |
|
58 |
diff --git a/sys-libs/libcap/files/libcap-2.61-no_perl.patch b/sys-libs/libcap/files/libcap-2.61-no_perl.patch |
59 |
new file mode 100644 |
60 |
index 000000000000..deda35db8e31 |
61 |
--- /dev/null |
62 |
+++ b/sys-libs/libcap/files/libcap-2.61-no_perl.patch |
63 |
@@ -0,0 +1,62 @@ |
64 |
+From 3f76418eaf73896489129c529fac021e4f3a03c0 Mon Sep 17 00:00:00 2001 |
65 |
+From: Mike Frysinger <vapier@g.o> |
66 |
+Date: Wed, 21 Nov 2018 11:00:54 +0100 |
67 |
+Subject: [PATCH] use awk/sed instead of perl for creating header files |
68 |
+ |
69 |
+More systems should have awk/sed than perl. |
70 |
+ |
71 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
72 |
+ |
73 |
+Forward ported from libcap-2.22 to libcap-2.26 |
74 |
+and incorporated the gperf-3.1 fix provided by Mike Gilbert |
75 |
+<floppym@g.o> |
76 |
+Forward ported from libcap-2.26 to libcap-2.28 |
77 |
+Forward ported from libcap-2.28 to libcap-2.38 |
78 |
+ |
79 |
+Signed-off-by: Lars Wendler <polynomial-c@g.o> |
80 |
+--- a/libcap/Makefile |
81 |
++++ b/libcap/Makefile |
82 |
+@@ -20,6 +20,8 @@ |
83 |
+ |
84 |
+ # Always build libcap sources this way: |
85 |
+ CFLAGS += -fPIC |
86 |
++AWK = awk |
87 |
++SED = sed |
88 |
+ |
89 |
+ # The linker magic needed to build a dynamic library as independently |
90 |
+ # executable |
91 |
+@@ -82,17 +84,27 @@ |
92 |
+ ./_makenames > cap_names.h |
93 |
+ |
94 |
+ $(GPERF_OUTPUT): cap_names.list.h |
95 |
+- perl -e 'print "struct __cap_token_s { const char *name; int index; };\n%{\nconst struct __cap_token_s *__cap_lookup_name(const char *, size_t);\n%}\n%%\n"; while ($$l = <>) { $$l =~ s/[\{\"]//g; $$l =~ s/\}.*// ; print $$l; }' < $< | gperf --ignore-case --language=ANSI-C --readonly --null-strings --global-table --hash-function-name=__cap_hash_name --lookup-function-name="__cap_lookup_name" -c -t -m20 $(INDENT) > $@ |
96 |
+- sed -e 's/unsigned int len/size_t len/' -i $@ |
97 |
++ (printf "%b" "struct __cap_token_s { const char *name; int index; };\n%%\n"; \ |
98 |
++ $(SED) -e 's:["{}]::g' -e 's:,$$::' $<) | \ |
99 |
++ gperf \ |
100 |
++ --ignore-case \ |
101 |
++ --language=ANSI-C \ |
102 |
++ --includes \ |
103 |
++ --readonly \ |
104 |
++ --null-strings \ |
105 |
++ --global-table \ |
106 |
++ --hash-function-name=__cap_hash_name \ |
107 |
++ --lookup-function-name="__cap_lookup_name" \ |
108 |
++ -c -t -m20 $(INDENT) > $@ |
109 |
+ |
110 |
+-# Intention is that libcap keeps up with torvalds' tree, as reflected |
111 |
+-# by this maintained version of the kernel header. libcap dynamically |
112 |
+-# trims the meaning of "all" capabilities down to that of the running |
113 |
+-# kernel as of 2.30. |
114 |
+ UAPI_HEADER := $(topdir)/libcap/include/uapi/linux/capability.h |
115 |
+ cap_names.list.h: Makefile $(UAPI_HEADER) |
116 |
+ @echo "=> making $@ from $(UAPI_HEADER)" |
117 |
+- perl -e 'while ($$l=<>) { if ($$l =~ /^\#define[ \t](CAP[_A-Z]+)[ \t]+([0-9]+)\s+$$/) { $$tok=$$1; $$val=$$2; $$tok =~ tr/A-Z/a-z/; print "{\"$$tok\",$$val},\n"; } }' $(UAPI_HEADER) | fgrep -v 0x > $@ |
118 |
++ $(AWK) '($$0 ~ /^#define[[:space:]]+CAP[_A-Z]+[[:space:]]+[0-9]+[[:space:]]*$$/) { printf "{\"%s\",%s},\n", tolower($$2), $$3 }' $(UAPI_HEADER) > $@ |
119 |
++ |
120 |
++cap_names.list.h: $(KERNEL_HEADERS)/linux/capability.h Makefile |
121 |
++ @echo "=> making $@ from $<" |
122 |
++ $(AWK) '($$0 ~ /^#define[[:space:]]+CAP[_A-Z]+[[:space:]]+[0-9]+[[:space:]]*$$/) { printf "{\"%s\",%s},\n", tolower($$2), $$3 }' $< > $@ |
123 |
+ |
124 |
+ $(STACAPLIBNAME): $(CAPOBJS) |
125 |
+ $(AR) rcs $@ $^ |
126 |
|
127 |
diff --git a/sys-libs/libcap/libcap-2.61.ebuild b/sys-libs/libcap/libcap-2.61.ebuild |
128 |
new file mode 100644 |
129 |
index 000000000000..d7182a35dc5b |
130 |
--- /dev/null |
131 |
+++ b/sys-libs/libcap/libcap-2.61.ebuild |
132 |
@@ -0,0 +1,90 @@ |
133 |
+# Copyright 1999-2021 Gentoo Authors |
134 |
+# Distributed under the terms of the GNU General Public License v2 |
135 |
+ |
136 |
+EAPI=7 |
137 |
+ |
138 |
+inherit multilib-minimal toolchain-funcs pam usr-ldscript |
139 |
+ |
140 |
+DESCRIPTION="POSIX 1003.1e capabilities" |
141 |
+HOMEPAGE="https://sites.google.com/site/fullycapable/" |
142 |
+SRC_URI="https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/${P}.tar.xz" |
143 |
+ |
144 |
+# it's available under either of the licenses |
145 |
+LICENSE="|| ( GPL-2 BSD )" |
146 |
+SLOT="0" |
147 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" |
148 |
+IUSE="pam static-libs tools" |
149 |
+ |
150 |
+# While the build system optionally uses gperf, we don't DEPEND on it because |
151 |
+# the build automatically falls back when it's unavailable. #604802 |
152 |
+PDEPEND="pam? ( sys-libs/pam[${MULTILIB_USEDEP}] )" |
153 |
+DEPEND="${PDEPEND} |
154 |
+ sys-kernel/linux-headers" |
155 |
+BDEPEND=" |
156 |
+ sys-apps/diffutils |
157 |
+ tools? ( dev-lang/go )" |
158 |
+ |
159 |
+PATCHES=( |
160 |
+ "${FILESDIR}"/${PN}-2.61-no_perl.patch |
161 |
+ "${FILESDIR}"/${PN}-2.61-ignore-RAISE_SETFCAP-install-failures.patch |
162 |
+) |
163 |
+ |
164 |
+QA_FLAGS_IGNORED="sbin/captree" # go binaries don't use LDFLAGS |
165 |
+ |
166 |
+src_prepare() { |
167 |
+ default |
168 |
+ multilib_copy_sources |
169 |
+} |
170 |
+ |
171 |
+run_emake() { |
172 |
+ local args=( |
173 |
+ AR="$(tc-getAR)" |
174 |
+ CC="$(tc-getCC)" |
175 |
+ OBJCOPY="$(tc-getOBJCOPY)" |
176 |
+ RANLIB="$(tc-getRANLIB)" |
177 |
+ exec_prefix="${EPREFIX}" |
178 |
+ lib_prefix="${EPREFIX}/usr" |
179 |
+ lib="$(get_libdir)" |
180 |
+ prefix="${EPREFIX}/usr" |
181 |
+ PAM_CAP="$(usex pam yes no)" |
182 |
+ DYNAMIC=yes |
183 |
+ GOLANG="$(multilib_native_usex tools yes no)" |
184 |
+ ) |
185 |
+ emake "${args[@]}" "$@" |
186 |
+} |
187 |
+ |
188 |
+src_configure() { |
189 |
+ tc-export_build_env BUILD_CC |
190 |
+ multilib-minimal_src_configure |
191 |
+} |
192 |
+ |
193 |
+multilib_src_compile() { |
194 |
+ run_emake |
195 |
+} |
196 |
+ |
197 |
+multilib_src_test() { |
198 |
+ run_emake test |
199 |
+} |
200 |
+ |
201 |
+multilib_src_install() { |
202 |
+ # no configure, needs explicit install line #444724#c3 |
203 |
+ run_emake DESTDIR="${D}" install |
204 |
+ |
205 |
+ gen_usr_ldscript -a cap |
206 |
+ gen_usr_ldscript -a psx |
207 |
+ if ! use static-libs ; then |
208 |
+ rm "${ED}"/usr/$(get_libdir)/lib{cap,psx}.a || die |
209 |
+ fi |
210 |
+ |
211 |
+ # install pam plugins ourselves |
212 |
+ rm -rf "${ED}"/usr/$(get_libdir)/security || die |
213 |
+ |
214 |
+ if use pam ; then |
215 |
+ dopammod pam_cap/pam_cap.so |
216 |
+ dopamsecurity '' pam_cap/capability.conf |
217 |
+ fi |
218 |
+} |
219 |
+ |
220 |
+multilib_src_install_all() { |
221 |
+ dodoc CHANGELOG README doc/capability.notes |
222 |
+} |