1 |
commit: 38ca8533c440558118b9b9b71c2196c6983a005a |
2 |
Author: David Seifert <soap <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat May 15 00:07:10 2021 +0000 |
4 |
Commit: David Seifert <soap <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat May 15 00:07:10 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=38ca8533 |
7 |
|
8 |
sys-apps/man-db: drop 2.9.3-r1, 2.9.3-r2 |
9 |
|
10 |
Signed-off-by: David Seifert <soap <AT> gentoo.org> |
11 |
|
12 |
sys-apps/man-db/Manifest | 1 - |
13 |
.../files/man-db-2.9.3-clock_gettime64.patch | 44 ----- |
14 |
sys-apps/man-db/man-db-2.9.3-r1.ebuild | 162 ----------------- |
15 |
sys-apps/man-db/man-db-2.9.3-r2.ebuild | 200 --------------------- |
16 |
4 files changed, 407 deletions(-) |
17 |
|
18 |
diff --git a/sys-apps/man-db/Manifest b/sys-apps/man-db/Manifest |
19 |
index b8b41064b44..1125c257db2 100644 |
20 |
--- a/sys-apps/man-db/Manifest |
21 |
+++ b/sys-apps/man-db/Manifest |
22 |
@@ -1,2 +1 @@ |
23 |
-DIST man-db-2.9.3.tar.xz 1885840 BLAKE2B 6163660af60a2900220d7b1de74caa9cb9e5764cc5da20469a8fb08e19ee1948937916664fdc493b89da8fd829aa512877892245fabc00fb586c7754c0da3d53 SHA512 ca1c1214753483f6e22efe69a9df9852e0de01a9ad3b9950dcbbc9f38e6060100b98a84333256f8c734002e66e2fd6256bc017a31bd9acfc42002dca2c0f879b |
24 |
DIST man-db-2.9.4.tar.xz 1909020 BLAKE2B 43427e851f0e661ca1cee55211dd7636f4ffde067c75de7715f525029b22c205728f8e86ac49abff60e47a4a4c9e1fbd78e2c87e70bd37778b88594a3897275f SHA512 169f091dd0a1d0dbd1583366f8257afb8f57e030d0f7d4213c14ce0b1fc5debf8b9cf2731de503830cb2826b3a22b3cff7da993d44ec18557935bd293529133c |
25 |
|
26 |
diff --git a/sys-apps/man-db/files/man-db-2.9.3-clock_gettime64.patch b/sys-apps/man-db/files/man-db-2.9.3-clock_gettime64.patch |
27 |
deleted file mode 100644 |
28 |
index 0da1b2c5b2b..00000000000 |
29 |
--- a/sys-apps/man-db/files/man-db-2.9.3-clock_gettime64.patch |
30 |
+++ /dev/null |
31 |
@@ -1,44 +0,0 @@ |
32 |
-From 7315a9475d8fa37af49e9e7ed11e1534f23ef70b Mon Sep 17 00:00:00 2001 |
33 |
-From: "S. Gilles" <sgilles@×××.edu> |
34 |
-Date: Wed, 12 Aug 2020 16:40:07 -0400 |
35 |
-Subject: Allow clock_gettime64; return ENOSYS so libcs can engage fallbacks |
36 |
- |
37 |
-libcs such as musl expect ENOSYS to be returned (not EPERM) in their |
38 |
-fallback code, so change the seccomp filter to be more agreeable to |
39 |
-them. |
40 |
- |
41 |
-At the same time, clock_gettime is permitted in the filter, so permit |
42 |
-clock_gettime64 as well -- it will be needed by 2038 in any case. |
43 |
- |
44 |
-* lib/sandbox.c (make_seccomp_filter): Set default action to |
45 |
-SCMP_ACT_ERRNO (ENOSYS). Allow clock_gettime64. |
46 |
-* NEWS: Document this. |
47 |
---- |
48 |
- NEWS | 9 +++++++++ |
49 |
- lib/sandbox.c | 3 ++- |
50 |
- 2 files changed, 11 insertions(+), 1 deletion(-) |
51 |
- |
52 |
-diff --git a/lib/sandbox.c b/lib/sandbox.c |
53 |
-index 21ec28aa..d934a0f9 100644 |
54 |
---- a/lib/sandbox.c |
55 |
-+++ b/lib/sandbox.c |
56 |
-@@ -232,7 +232,7 @@ static scmp_filter_ctx make_seccomp_filter (int permissive) |
57 |
- ; |
58 |
- |
59 |
- debug ("initialising seccomp filter (permissive: %d)\n", permissive); |
60 |
-- ctx = seccomp_init (SCMP_ACT_ERRNO (EPERM)); |
61 |
-+ ctx = seccomp_init (SCMP_ACT_ERRNO (ENOSYS)); |
62 |
- if (!ctx) |
63 |
- error (FATAL, errno, "can't initialise seccomp filter"); |
64 |
- |
65 |
-@@ -271,6 +271,7 @@ static scmp_filter_ctx make_seccomp_filter (int permissive) |
66 |
- /* systemd: SystemCallFilter=@default */ |
67 |
- SC_ALLOW ("clock_getres"); |
68 |
- SC_ALLOW ("clock_gettime"); |
69 |
-+ SC_ALLOW ("clock_gettime64"); |
70 |
- SC_ALLOW ("clock_nanosleep"); |
71 |
- SC_ALLOW ("execve"); |
72 |
- SC_ALLOW ("exit"); |
73 |
--- |
74 |
-cgit v1.2.1 |
75 |
- |
76 |
|
77 |
diff --git a/sys-apps/man-db/man-db-2.9.3-r1.ebuild b/sys-apps/man-db/man-db-2.9.3-r1.ebuild |
78 |
deleted file mode 100644 |
79 |
index 2dc1438844d..00000000000 |
80 |
--- a/sys-apps/man-db/man-db-2.9.3-r1.ebuild |
81 |
+++ /dev/null |
82 |
@@ -1,162 +0,0 @@ |
83 |
-# Copyright 1999-2021 Gentoo Authors |
84 |
-# Distributed under the terms of the GNU General Public License v2 |
85 |
- |
86 |
-EAPI=7 |
87 |
- |
88 |
-inherit systemd |
89 |
- |
90 |
-DESCRIPTION="a man replacement that utilizes berkdb instead of flat files" |
91 |
-HOMEPAGE="http://www.nongnu.org/man-db/" |
92 |
-if [[ "${PV}" = 9999* ]] ; then |
93 |
- inherit autotools git-r3 |
94 |
- EGIT_REPO_URI="https://git.savannah.gnu.org/git/man-db.git" |
95 |
-else |
96 |
- SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz" |
97 |
- KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" |
98 |
-fi |
99 |
- |
100 |
-LICENSE="GPL-3" |
101 |
-SLOT="0" |
102 |
-IUSE="berkdb +gdbm +manpager nls +seccomp selinux static-libs zlib" |
103 |
- |
104 |
-CDEPEND=" |
105 |
- !sys-apps/man |
106 |
- >=dev-libs/libpipeline-1.5.0 |
107 |
- sys-apps/groff |
108 |
- gdbm? ( sys-libs/gdbm:= ) |
109 |
- !gdbm? ( berkdb? ( sys-libs/db:= ) ) |
110 |
- !berkdb? ( !gdbm? ( sys-libs/gdbm:= ) ) |
111 |
- seccomp? ( sys-libs/libseccomp ) |
112 |
- zlib? ( sys-libs/zlib ) |
113 |
-" |
114 |
-DEPEND="${CDEPEND}" |
115 |
-BDEPEND=" |
116 |
- app-arch/xz-utils |
117 |
- virtual/pkgconfig |
118 |
- nls? ( |
119 |
- >=app-text/po4a-0.45 |
120 |
- sys-devel/gettext |
121 |
- ) |
122 |
-" |
123 |
-RDEPEND=" |
124 |
- ${CDEPEND} |
125 |
- acct-group/man |
126 |
- acct-user/man |
127 |
- selinux? ( sec-policy/selinux-mandb ) |
128 |
-" |
129 |
-PDEPEND="manpager? ( app-text/manpager )" |
130 |
- |
131 |
-PATCHES=( |
132 |
- "${FILESDIR}"/${PN}-2.9.3-sandbox-env-tests.patch |
133 |
- "${FILESDIR}"/man-db-2.9.3-clock_gettime64.patch |
134 |
-) |
135 |
- |
136 |
-pkg_setup() { |
137 |
- if (use gdbm && use berkdb) || (use !gdbm && use !berkdb) ; then #496150 |
138 |
- ewarn "Defaulting to USE=gdbm due to ambiguous berkdb/gdbm USE flag settings" |
139 |
- fi |
140 |
-} |
141 |
- |
142 |
-src_unpack() { |
143 |
- if [[ "${PV}" == *9999 ]] ; then |
144 |
- git-r3_src_unpack |
145 |
- |
146 |
- # We need to mess with gnulib :-/ |
147 |
- EGIT_REPO_URI="https://git.savannah.gnu.org/r/gnulib.git" \ |
148 |
- EGIT_CHECKOUT_DIR="${WORKDIR}/gnulib" \ |
149 |
- git-r3_src_unpack |
150 |
- else |
151 |
- default |
152 |
- fi |
153 |
-} |
154 |
- |
155 |
-src_prepare() { |
156 |
- default |
157 |
- if [[ "${PV}" == *9999 ]] ; then |
158 |
- local bootstrap_opts=( |
159 |
- --gnulib-srcdir=../gnulib |
160 |
- --no-bootstrap-sync |
161 |
- --copy |
162 |
- --no-git |
163 |
- ) |
164 |
- AUTORECONF="/bin/true" \ |
165 |
- LIBTOOLIZE="/bin/true" \ |
166 |
- sh ./bootstrap "${bootstrap_opts[@]}" || die |
167 |
- |
168 |
- eautoreconf |
169 |
- fi |
170 |
-} |
171 |
- |
172 |
-src_configure() { |
173 |
- export ac_cv_lib_z_gzopen=$(usex zlib) |
174 |
- local myeconfargs=( |
175 |
- --with-systemdtmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d |
176 |
- --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" |
177 |
- --disable-setuid #662438 |
178 |
- --enable-cache-owner=man |
179 |
- --with-sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o 1x 2x 3x 4x 5x 6x 7x 8x" |
180 |
- $(use_enable nls) |
181 |
- $(use_enable static-libs static) |
182 |
- $(use_with seccomp libseccomp) |
183 |
- --with-db=$(usex gdbm gdbm $(usex berkdb db gdbm)) |
184 |
- ) |
185 |
- econf "${myeconfargs[@]}" |
186 |
- |
187 |
- # Disable color output from groff so that the manpager can add it. #184604 |
188 |
- sed -i \ |
189 |
- -e '/^#DEFINE.*\<[nt]roff\>/{s:^#::;s:$: -c:}' \ |
190 |
- src/man_db.conf || die |
191 |
- |
192 |
- cat > 15man-db <<-EOF || die |
193 |
- SANDBOX_PREDICT="/var/cache/man" |
194 |
- EOF |
195 |
-} |
196 |
- |
197 |
-src_install() { |
198 |
- default |
199 |
- dodoc docs/{HACKING,TODO} |
200 |
- find "${ED}" -type f -name "*.la" -delete || die |
201 |
- |
202 |
- exeinto /etc/cron.daily |
203 |
- newexe "${FILESDIR}"/man-db.cron-r1 man-db #289884 |
204 |
- |
205 |
- insinto /etc/sandbox.d |
206 |
- doins 15man-db |
207 |
-} |
208 |
- |
209 |
-pkg_preinst() { |
210 |
- local cachedir="${EROOT}/var/cache/man" |
211 |
- # If the system was already exploited, and the attacker is hiding in the |
212 |
- # cachedir of the old man-db, let's wipe them out. |
213 |
- # see bug #602588 comment 18 |
214 |
- local _replacing_version= |
215 |
- local _setgid_vuln=0 |
216 |
- for _replacing_version in ${REPLACING_VERSIONS}; do |
217 |
- if ver_test '2.7.6.1-r2' -le "${_replacing_version}"; then |
218 |
- debug-print "Skipping security bug #602588 ... existing installation (${_replacing_version}) should not be affected!" |
219 |
- else |
220 |
- _setgid_vuln=1 |
221 |
- debug-print "Applying cleanup for security bug #602588" |
222 |
- fi |
223 |
- done |
224 |
- [[ ${_setgid_vuln} -eq 1 ]] && rm -rf "${cachedir}" |
225 |
- |
226 |
- # Fall back to recreating the cachedir |
227 |
- if [[ ! -d ${cachedir} ]] ; then |
228 |
- mkdir -p "${cachedir}" || die |
229 |
- chown man:man "${cachedir}" || die |
230 |
- fi |
231 |
- |
232 |
- # Update the whatis cache |
233 |
- if [[ -f ${cachedir}/whatis ]] ; then |
234 |
- einfo "Cleaning ${cachedir} from sys-apps/man" |
235 |
- find "${cachedir}" -type f '!' '(' -name index.bt -o -name index.db ')' -delete |
236 |
- fi |
237 |
-} |
238 |
- |
239 |
-pkg_postinst() { |
240 |
- if [[ $(ver_cut 2 ${REPLACING_VERSIONS}) -lt 7 ]] ; then |
241 |
- einfo "Rebuilding man-db from scratch with new database format!" |
242 |
- su man -s /bin/sh -c 'mandb --quiet --create' 2>/dev/null |
243 |
- fi |
244 |
-} |
245 |
|
246 |
diff --git a/sys-apps/man-db/man-db-2.9.3-r2.ebuild b/sys-apps/man-db/man-db-2.9.3-r2.ebuild |
247 |
deleted file mode 100644 |
248 |
index fc6eaf54888..00000000000 |
249 |
--- a/sys-apps/man-db/man-db-2.9.3-r2.ebuild |
250 |
+++ /dev/null |
251 |
@@ -1,200 +0,0 @@ |
252 |
-# Copyright 1999-2021 Gentoo Authors |
253 |
-# Distributed under the terms of the GNU General Public License v2 |
254 |
- |
255 |
-EAPI=7 |
256 |
- |
257 |
-inherit systemd prefix |
258 |
- |
259 |
-DESCRIPTION="a man replacement that utilizes berkdb instead of flat files" |
260 |
-HOMEPAGE="http://www.nongnu.org/man-db/" |
261 |
-if [[ "${PV}" = 9999* ]] ; then |
262 |
- inherit autotools git-r3 |
263 |
- EGIT_REPO_URI="https://git.savannah.gnu.org/git/man-db.git" |
264 |
-else |
265 |
- SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz" |
266 |
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" |
267 |
-fi |
268 |
- |
269 |
-LICENSE="GPL-3" |
270 |
-SLOT="0" |
271 |
-IUSE="berkdb +gdbm +manpager nls +seccomp selinux static-libs zlib" |
272 |
- |
273 |
-CDEPEND=" |
274 |
- !sys-apps/man |
275 |
- >=dev-libs/libpipeline-1.5.0 |
276 |
- sys-apps/groff |
277 |
- gdbm? ( sys-libs/gdbm:= ) |
278 |
- !gdbm? ( berkdb? ( sys-libs/db:= ) ) |
279 |
- !berkdb? ( !gdbm? ( sys-libs/gdbm:= ) ) |
280 |
- seccomp? ( sys-libs/libseccomp ) |
281 |
- zlib? ( sys-libs/zlib ) |
282 |
-" |
283 |
-DEPEND="${CDEPEND}" |
284 |
-BDEPEND=" |
285 |
- app-arch/xz-utils |
286 |
- virtual/pkgconfig |
287 |
- nls? ( |
288 |
- >=app-text/po4a-0.45 |
289 |
- sys-devel/gettext |
290 |
- virtual/libiconv |
291 |
- virtual/libintl |
292 |
- ) |
293 |
-" |
294 |
-RDEPEND=" |
295 |
- ${CDEPEND} |
296 |
- acct-group/man |
297 |
- acct-user/man |
298 |
- selinux? ( sec-policy/selinux-mandb ) |
299 |
-" |
300 |
-PDEPEND="manpager? ( app-text/manpager )" |
301 |
- |
302 |
-PATCHES=( |
303 |
- "${FILESDIR}"/${PN}-2.9.3-sandbox-env-tests.patch |
304 |
- "${FILESDIR}"/man-db-2.9.3-clock_gettime64.patch |
305 |
- "${FILESDIR}"/man-db-2.9.3-darwin-libdb-intl.patch |
306 |
-) |
307 |
- |
308 |
-pkg_setup() { |
309 |
- if (use gdbm && use berkdb) || (use !gdbm && use !berkdb) ; then #496150 |
310 |
- ewarn "Defaulting to USE=gdbm due to ambiguous berkdb/gdbm USE flag settings" |
311 |
- fi |
312 |
-} |
313 |
- |
314 |
-src_unpack() { |
315 |
- if [[ "${PV}" == *9999 ]] ; then |
316 |
- git-r3_src_unpack |
317 |
- |
318 |
- # We need to mess with gnulib :-/ |
319 |
- EGIT_REPO_URI="https://git.savannah.gnu.org/r/gnulib.git" \ |
320 |
- EGIT_CHECKOUT_DIR="${WORKDIR}/gnulib" \ |
321 |
- git-r3_src_unpack |
322 |
- else |
323 |
- default |
324 |
- fi |
325 |
-} |
326 |
- |
327 |
-src_prepare() { |
328 |
- default |
329 |
- if [[ "${PV}" == *9999 ]] ; then |
330 |
- local bootstrap_opts=( |
331 |
- --gnulib-srcdir=../gnulib |
332 |
- --no-bootstrap-sync |
333 |
- --copy |
334 |
- --no-git |
335 |
- ) |
336 |
- AUTORECONF="/bin/true" \ |
337 |
- LIBTOOLIZE="/bin/true" \ |
338 |
- sh ./bootstrap "${bootstrap_opts[@]}" || die |
339 |
- |
340 |
- eautoreconf |
341 |
- fi |
342 |
- |
343 |
- hprefixify src/man_db.conf.in |
344 |
- if use prefix ; then |
345 |
- { |
346 |
- echo "#" |
347 |
- echo "# Added settings for Gentoo Prefix" |
348 |
- [[ ${CHOST} == *-darwin* ]] && \ |
349 |
- echo "MANDATORY_MANPATH ${EPREFIX}/MacOSX.sdk/usr/share/man" |
350 |
- echo "MANDATORY_MANPATH /usr/share/man" |
351 |
- } >> src/man_db.conf.in |
352 |
- fi |
353 |
-} |
354 |
- |
355 |
-src_configure() { |
356 |
- # set sections we want to search by default |
357 |
- local sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o" |
358 |
- sections+=" 1x 2x 3x 4x 5x 6x 7x 8x" |
359 |
- case ${CHOST} in |
360 |
- *-solaris*) |
361 |
- # Solaris tends to use sections named after the pkgs that |
362 |
- # owns them, in particular for libc functions we want those |
363 |
- # sections |
364 |
- local s |
365 |
- for s in $(cd /usr/share/man/ && echo man*) ; do |
366 |
- s=${s#man} |
367 |
- [[ " ${sections} " != *" ${s} "* ]] && sections+=" ${s}" |
368 |
- done |
369 |
- ;; |
370 |
- esac |
371 |
- |
372 |
- export ac_cv_lib_z_gzopen=$(usex zlib) |
373 |
- local myeconfargs=( |
374 |
- --with-systemdtmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d |
375 |
- --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" |
376 |
- --disable-setuid #662438 |
377 |
- --enable-cache-owner=man |
378 |
- --with-sections="${sections}" |
379 |
- $(use_enable nls) |
380 |
- $(use_enable static-libs static) |
381 |
- $(use_with seccomp libseccomp) |
382 |
- --with-db=$(usex gdbm gdbm $(usex berkdb db gdbm)) |
383 |
- ) |
384 |
- case ${CHOST} in |
385 |
- *-solaris*|*-darwin*) |
386 |
- myeconfargs+=( |
387 |
- $(use_with nls libiconv-prefix ${EPREFIX}/usr) |
388 |
- $(use_with nls libintl-prefix ${EPREFIX}/usr) |
389 |
- ) |
390 |
- ;; |
391 |
- esac |
392 |
- econf "${myeconfargs[@]}" |
393 |
- |
394 |
- # Disable color output from groff so that the manpager can add it. #184604 |
395 |
- sed -i \ |
396 |
- -e '/^#DEFINE.*\<[nt]roff\>/{s:^#::;s:$: -c:}' \ |
397 |
- src/man_db.conf || die |
398 |
- |
399 |
- cat > 15man-db <<-EOF || die |
400 |
- SANDBOX_PREDICT="/var/cache/man" |
401 |
- EOF |
402 |
-} |
403 |
- |
404 |
-src_install() { |
405 |
- default |
406 |
- dodoc docs/{HACKING,TODO} |
407 |
- find "${ED}" -type f -name "*.la" -delete || die |
408 |
- |
409 |
- exeinto /etc/cron.daily |
410 |
- newexe "${FILESDIR}"/man-db.cron-r1 man-db #289884 |
411 |
- |
412 |
- insinto /etc/sandbox.d |
413 |
- doins 15man-db |
414 |
-} |
415 |
- |
416 |
-pkg_preinst() { |
417 |
- local cachedir="${EROOT}/var/cache/man" |
418 |
- # If the system was already exploited, and the attacker is hiding in the |
419 |
- # cachedir of the old man-db, let's wipe them out. |
420 |
- # see bug #602588 comment 18 |
421 |
- local _replacing_version= |
422 |
- local _setgid_vuln=0 |
423 |
- for _replacing_version in ${REPLACING_VERSIONS}; do |
424 |
- if ver_test '2.7.6.1-r2' -le "${_replacing_version}"; then |
425 |
- debug-print "Skipping security bug #602588 ... existing installation (${_replacing_version}) should not be affected!" |
426 |
- else |
427 |
- _setgid_vuln=1 |
428 |
- debug-print "Applying cleanup for security bug #602588" |
429 |
- fi |
430 |
- done |
431 |
- [[ ${_setgid_vuln} -eq 1 ]] && rm -rf "${cachedir}" |
432 |
- |
433 |
- # Fall back to recreating the cachedir |
434 |
- if [[ ! -d ${cachedir} ]] ; then |
435 |
- mkdir -p "${cachedir}" || die |
436 |
- chown man:man "${cachedir}" || die |
437 |
- fi |
438 |
- |
439 |
- # Update the whatis cache |
440 |
- if [[ -f ${cachedir}/whatis ]] ; then |
441 |
- einfo "Cleaning ${cachedir} from sys-apps/man" |
442 |
- find "${cachedir}" -type f '!' '(' -name index.bt -o -name index.db ')' -delete |
443 |
- fi |
444 |
-} |
445 |
- |
446 |
-pkg_postinst() { |
447 |
- if [[ $(ver_cut 2 ${REPLACING_VERSIONS}) -lt 7 ]] ; then |
448 |
- einfo "Rebuilding man-db from scratch with new database format!" |
449 |
- su man -s /bin/sh -c 'mandb --quiet --create' 2>/dev/null |
450 |
- fi |
451 |
-} |