[gentoo-commits] repo/gentoo:master commit in: dev-lang/python/ - gentoo-commits

From:	"Michał Górny" <mgorny@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: dev-lang/python/
Date:	Sun, 26 Feb 2023 20:11:24
Message-Id:	`1677442274.fd4fb5da1b236a01c915d81ce8732b1e5ba6c26f.mgorny@gentoo`

1

commit:     fd4fb5da1b236a01c915d81ce8732b1e5ba6c26f

2

Author:     Michał Górny <mgorny <AT> gentoo <DOT> org>

3

AuthorDate: Sun Feb 26 20:00:08 2023 +0000

4

Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>

5

CommitDate: Sun Feb 26 20:11:14 2023 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fd4fb5da

7

8

dev-lang/python: Backport CVE-2023-24329 fix to 3.9.16_p2

9

10

Bug: https://bugs.gentoo.org/897958

11

Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>

12

13

 dev-lang/python/Manifest                |   1 +

14

 dev-lang/python/python-3.9.16_p2.ebuild | 481 ++++++++++++++++++++++++++++++++

15

 2 files changed, 482 insertions(+)

16

17

diff --git a/dev-lang/python/Manifest b/dev-lang/python/Manifest

18

index 134c93377990..485f7b7b55e2 100644

19

--- a/dev-lang/python/Manifest

20

+++ b/dev-lang/python/Manifest

21

@@ -26,3 +26,4 @@ DIST python-gentoo-patches-3.12.0a4.tar.xz 8504 BLAKE2B 1257c1fe428fc967ef7d3107

22

 DIST python-gentoo-patches-3.12.0a5.tar.xz 7704 BLAKE2B 7224d3e4318313183a10dc0d4fa73ab589b9de8096945750f31d45371b926f7e2cbeb2c672c254e369f04bb5588a79335ceea2e3ce4968e76f70206bdc3c9672 SHA512 951d6fd25e113bf29fb334a9162bc132d27a8c3186c8b6cbaddfbdea8ccd221fe126d09cf7c6df59942d49dac8561a4e168468daa0e7cd0d0d3a925166b4d835

23

 DIST python-gentoo-patches-3.8.16_p2.tar.xz 30888 BLAKE2B c1816cd8b043b9aa3629a7753b7a9afa7c9af5d35b81954113af40632c97dabaa2148f0b920d9a37e8f4ebeadc1d76788a904c254ea842ea1062d552d2208e8e SHA512 6383c3f07fc7d6f37bb0cf9af27544323784eb2ded9b6f7913f3f59f5011ccb5615fb1adcc9eb3f9a58a98b7a2c24393bfbeef0b85728d77404621e29cb72656

24

 DIST python-gentoo-patches-3.9.16_p1.tar.xz 25564 BLAKE2B e6b7f20bb0457011d74f441d58eb0c9c4426a61bf0f8a2146f0180104c7b8b5054a04afc664374a17f3770d3ae94836099c362e841e4c00631a75fc56a2b352d SHA512 43f473dba8f6bd19c6a30f169ec8e8abb9eefe7d26c357884ee27cabf1b5876c079ea0e9454b9e52021d15f070e0a824e3366cfde20d57175f5f89774ee50a5b

25

+DIST python-gentoo-patches-3.9.16_p2.tar.xz 26664 BLAKE2B 7176c58fd4bfe40489de33d67a0c106f9d170656e6ae47318b103ac45a4e0aca14e89790300c3881a3c9b8ca556996573621eb5dac0a71106ea0ae9bbf3e82c2 SHA512 792fcd53385d95e3ba5937b26099fcc19e62d3512783c25e734ee0cd153c8717e618dba010dd98b8647d3265bf94e40665e30494aae1a84181febbd7dbab3f36

26

27

diff --git a/dev-lang/python/python-3.9.16_p2.ebuild b/dev-lang/python/python-3.9.16_p2.ebuild

28

new file mode 100644

29

index 000000000000..4648718197f3

30

--- /dev/null

31

+++ b/dev-lang/python/python-3.9.16_p2.ebuild

32

@@ -0,0 +1,481 @@

33

+# Copyright 1999-2023 Gentoo Authors

34

+# Distributed under the terms of the GNU General Public License v2

35

+

36

+EAPI="7"

37

+WANT_LIBTOOL="none"

38

+

39

+inherit autotools check-reqs flag-o-matic multiprocessing pax-utils

40

+inherit prefix python-utils-r1 toolchain-funcs verify-sig

41

+

42

+MY_PV=${PV/_rc/rc}

43

+MY_P="Python-${MY_PV%_p*}"

44

+PYVER=$(ver_cut 1-2)

45

+PATCHSET="python-gentoo-patches-${MY_PV}"

46

+

47

+DESCRIPTION="An interpreted, interactive, object-oriented programming language"

48

+HOMEPAGE="

49

+	https://www.python.org/

50

+	https://github.com/python/cpython/

51

+"

52

+SRC_URI="

53

+	https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz

54

+	https://dev.gentoo.org/~mgorny/dist/python/${PATCHSET}.tar.xz

55

+	verify-sig? (

56

+		https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz.asc

57

+	)

58

+"

59

+S="${WORKDIR}/${MY_P}"

60

+

61

+LICENSE="PSF-2"

62

+SLOT="${PYVER}"

63

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"

64

+IUSE="

65

+	bluetooth build +ensurepip examples gdbm hardened lto +ncurses pgo

66

+	+readline +sqlite +ssl test tk valgrind +xml

67

+"

68

+RESTRICT="!test? ( test )"

69

+

70

+# Do not add a dependency on dev-lang/python to this ebuild.

71

+# If you need to apply a patch which requires python for bootstrapping, please

72

+# run the bootstrap code on your dev box and include the results in the

73

+# patchset. See bug 447752.

74

+

75

+RDEPEND="

76

+	app-arch/bzip2:=

77

+	app-arch/xz-utils:=

78

+	dev-lang/python-exec[python_targets_python3_9(-)]

79

+	dev-libs/libffi:=

80

+	dev-python/gentoo-common

81

+	sys-apps/util-linux:=

82

+	>=sys-libs/zlib-1.1.3:=

83

+	virtual/libcrypt:=

84

+	virtual/libintl

85

+	ensurepip? ( dev-python/ensurepip-wheels )

86

+	gdbm? ( sys-libs/gdbm:=[berkdb] )

87

+	ncurses? ( >=sys-libs/ncurses-5.2:= )

88

+	readline? ( >=sys-libs/readline-4.1:= )

89

+	sqlite? ( >=dev-db/sqlite-3.3.8:3= )

90

+	ssl? ( >=dev-libs/openssl-1.1.1:= )

91

+	tk? (

92

+		>=dev-lang/tcl-8.0:=

93

+		>=dev-lang/tk-8.0:=

94

+		dev-tcltk/blt:=

95

+		dev-tcltk/tix

96

+	)

97

+	xml? ( >=dev-libs/expat-2.1:= )

98

+"

99

+# bluetooth requires headers from bluez

100

+DEPEND="

101

+	${RDEPEND}

102

+	bluetooth? ( net-wireless/bluez )

103

+	test? ( app-arch/xz-utils[extra-filters(+)] )

104

+	valgrind? ( dev-util/valgrind )

105

+"

106

+# autoconf-archive needed to eautoreconf

107

+BDEPEND="

108

+	sys-devel/autoconf-archive

109

+	app-alternatives/awk

110

+	virtual/pkgconfig

111

+	verify-sig? ( sec-keys/openpgp-keys-python )

112

+"

113

+RDEPEND+="

114

+	!build? ( app-misc/mime-types )

115

+"

116

+

117

+VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/python.org.asc

118

+

119

+# large file tests involve a 2.5G file being copied (duplicated)

120

+CHECKREQS_DISK_BUILD=5500M

121

+

122

+QA_PKGCONFIG_VERSION=${PYVER}

123

+

124

+pkg_pretend() {

125

+	use test && check-reqs_pkg_pretend

126

+}

127

+

128

+pkg_setup() {

129

+	use test && check-reqs_pkg_setup

130

+}

131

+

132

+src_unpack() {

133

+	if use verify-sig; then

134

+		verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.asc}

135

+	fi

136

+	default

137

+}

138

+

139

+src_prepare() {

140

+	# Ensure that internal copies of expat and libffi are not used.

141

+	rm -r Modules/expat || die

142

+	rm -r Modules/_ctypes/libffi* || die

143

+

144

+	local PATCHES=(

145

+		"${WORKDIR}/${PATCHSET}"

146

+	)

147

+

148

+	default

149

+

150

+	# https://bugs.gentoo.org/850151

151

+	sed -i -e "s:@@GENTOO_LIBDIR@@:$(get_libdir):g" setup.py || die

152

+

153

+	# force the correct number of jobs

154

+	# https://bugs.gentoo.org/737660

155

+	local jobs=$(makeopts_jobs)

156

+	sed -i -e "s:-j0:-j${jobs}:" Makefile.pre.in || die

157

+	sed -i -e "/self\.parallel/s:True:${jobs}:" setup.py || die

158

+

159

+	eautoreconf

160

+}

161

+

162

+src_configure() {

163

+	# disable automagic bluetooth headers detection

164

+	if ! use bluetooth; then

165

+		local -x ac_cv_header_bluetooth_bluetooth_h=no

166

+	fi

167

+	local disable

168

+	use gdbm      || disable+=" gdbm"

169

+	use ncurses   || disable+=" _curses _curses_panel"

170

+	use readline  || disable+=" readline"

171

+	use sqlite    || disable+=" _sqlite3"

172

+	use ssl       || export PYTHON_DISABLE_SSL="1"

173

+	use tk        || disable+=" _tkinter"

174

+	use xml       || disable+=" _elementtree pyexpat" # _elementtree uses pyexpat.

175

+	export PYTHON_DISABLE_MODULES="${disable}"

176

+

177

+	if ! use xml; then

178

+		ewarn "You have configured Python without XML support."

179

+		ewarn "This is NOT a recommended configuration as you"

180

+		ewarn "may face problems parsing any XML documents."

181

+	fi

182

+

183

+	if [[ -n "${PYTHON_DISABLE_MODULES}" ]]; then

184

+		einfo "Disabled modules: ${PYTHON_DISABLE_MODULES}"

185

+	fi

186

+

187

+	append-flags -fwrapv

188

+	filter-flags -malign-double

189

+

190

+	# https://bugs.gentoo.org/700012

191

+	if is-flagq -flto || is-flagq '-flto=*'; then

192

+		append-cflags $(test-flags-CC -ffat-lto-objects)

193

+	fi

194

+

195

+	# Export CXX so it ends up in /usr/lib/python3.X/config/Makefile.

196

+	# PKG_CONFIG needed for cross.

197

+	tc-export CXX PKG_CONFIG

198

+

199

+	local dbmliborder=

200

+	if use gdbm; then

201

+		dbmliborder+="${dbmliborder:+:}gdbm"

202

+	fi

203

+

204

+	if use pgo; then

205

+		local profile_task_flags=(

206

+			-m test

207

+			"-j$(makeopts_jobs)"

208

+			--pgo-extended

209

+			-x test_gdb

210

+			-u-network

211

+

212

+			# All of these seem to occasionally hang for PGO inconsistently

213

+			# They'll even hang here but be fine in src_test sometimes.

214

+			# bug #828535 (and related: bug #788022)

215

+			-x test_asyncio

216

+			-x test_httpservers

217

+			-x test_logging

218

+			-x test_multiprocessing_fork

219

+			-x test_socket

220

+			-x test_xmlrpc

221

+		)

222

+

223

+		if has_version "app-arch/rpm" ; then

224

+			# Avoid sandbox failure (attempts to write to /var/lib/rpm)

225

+			profile_task_flags+=(

226

+				-x test_distutils

227

+			)

228

+		fi

229

+		local -x PROFILE_TASK="${profile_task_flags[*]}"

230

+	fi

231

+

232

+	local myeconfargs=(

233

+		# glibc-2.30 removes it; since we can't cleanly force-rebuild

234

+		# Python on glibc upgrade, remove it proactively to give

235

+		# a chance for users rebuilding python before glibc

236

+		ac_cv_header_stropts_h=no

237

+

238

+		--enable-shared

239

+		--enable-ipv6

240

+		--infodir='${prefix}/share/info'

241

+		--mandir='${prefix}/share/man'

242

+		--with-computed-gotos

243

+		--with-dbmliborder="${dbmliborder}"

244

+		--with-libc=

245

+		--enable-loadable-sqlite-extensions

246

+		--without-ensurepip

247

+		--with-system-expat

248

+		--with-system-ffi

249

+		--with-wheel-pkg-dir="${EPREFIX}"/usr/lib/python/ensurepip

250

+

251

+		$(use_with lto)

252

+		$(use_enable pgo optimizations)

253

+		$(use_with valgrind)

254

+	)

255

+

256

+	# disable implicit optimization/debugging flags

257

+	local -x OPT=

258

+

259

+	if tc-is-cross-compiler ; then

260

+		# Hack to workaround get_libdir not being able to handle CBUILD, bug #794181

261

+		local cbuild_libdir=$(unset PKG_CONFIG_PATH ; $(tc-getBUILD_PKG_CONFIG) --keep-system-libs --libs-only-L libffi)

262

+

263

+		# pass system CFLAGS & LDFLAGS as _NODIST, otherwise they'll get

264

+		# propagated to sysconfig for built extensions

265

+		local -x CFLAGS_NODIST=${CFLAGS_FOR_BUILD}

266

+		local -x LDFLAGS_NODIST=${LDFLAGS_FOR_BUILD}

267

+		local -x CFLAGS= LDFLAGS=

268

+

269

+		# We need to build our own Python on CBUILD first, and feed it in.

270

+		# bug #847910 and bug #864911.

271

+		local myeconfargs_cbuild=(

272

+			"${myeconfargs[@]}"

273

+

274

+			--libdir="${cbuild_libdir:2}"

275

+

276

+			# Avoid needing to load the right libpython.so.

277

+			--disable-shared

278

+

279

+			# As minimal as possible for the mini CBUILD Python

280

+			# we build just for cross.

281

+			--without-lto

282

+			--disable-optimizations

283

+		)

284

+

285

+		# Point the imminent CHOST build to the Python we just

286

+		# built for CBUILD.

287

+		export PATH="${WORKDIR}/${P}-${CBUILD}:${PATH}"

288

+

289

+		mkdir "${WORKDIR}"/${P}-${CBUILD} || die

290

+		pushd "${WORKDIR}"/${P}-${CBUILD} &> /dev/null || die

291

+		# We disable _ctypes and _crypt for CBUILD because Python's setup.py can't handle locating

292

+		# libdir correctly for cross.

293

+		PYTHON_DISABLE_MODULES="${PYTHON_DISABLE_MODULES} _ctypes _crypt" \

294

+			ECONF_SOURCE="${S}" econf_build "${myeconfargs_cbuild[@]}"

295

+

296

+		# Avoid as many dependencies as possible for the cross build.

297

+		cat >> Makefile <<-EOF || die

298

+			MODULE_NIS=disabled

299

+			MODULE__DBM=disabled

300

+			MODULE__GDBM=disabled

301

+			MODULE__DBM=disabled

302

+			MODULE__SQLITE3=disabled

303

+			MODULE__HASHLIB=disabled

304

+			MODULE__SSL=disabled

305

+			MODULE__CURSES=disabled

306

+			MODULE__CURSES_PANEL=disabled

307

+			MODULE_READLINE=disabled

308

+			MODULE__TKINTER=disabled

309

+			MODULE_PYEXPAT=disabled

310

+			MODULE_ZLIB=disabled

311

+		EOF

312

+

313

+		# Unfortunately, we do have to build this immediately, and

314

+		# not in src_compile, because CHOST configure for Python

315

+		# will check the existence of the Python it was pointed to

316

+		# immediately.

317

+		PYTHON_DISABLE_MODULES="${PYTHON_DISABLE_MODULES} _ctypes _crypt" emake

318

+		popd &> /dev/null || die

319

+	fi

320

+

321

+	# pass system CFLAGS & LDFLAGS as _NODIST, otherwise they'll get

322

+	# propagated to sysconfig for built extensions

323

+	local -x CFLAGS_NODIST=${CFLAGS}

324

+	local -x LDFLAGS_NODIST=${LDFLAGS}

325

+	local -x CFLAGS= LDFLAGS=

326

+

327

+	# Fix implicit declarations on cross and prefix builds. Bug #674070.

328

+	if use ncurses; then

329

+		append-cppflags -I"${ESYSROOT}"/usr/include/ncursesw

330

+	fi

331

+

332

+	hprefixify setup.py

333

+	econf "${myeconfargs[@]}"

334

+

335

+	if grep -q "#define POSIX_SEMAPHORES_NOT_ENABLED 1" pyconfig.h; then

336

+		eerror "configure has detected that the sem_open function is broken."

337

+		eerror "Please ensure that /dev/shm is mounted as a tmpfs with mode 1777."

338

+		die "Broken sem_open function (bug 496328)"

339

+	fi

340

+

341

+	# install epython.py as part of stdlib

342

+	echo "EPYTHON='python${PYVER}'" > Lib/epython.py || die

343

+}

344

+

345

+src_compile() {

346

+	# Ensure sed works as expected

347

+	# https://bugs.gentoo.org/594768

348

+	local -x LC_ALL=C

349

+	# Prevent using distutils bundled by setuptools.

350

+	# https://bugs.gentoo.org/823728

351

+	export SETUPTOOLS_USE_DISTUTILS=stdlib

352

+

353

+	# Save PYTHONDONTWRITEBYTECODE so that 'has_version' doesn't

354

+	# end up writing bytecode & violating sandbox.

355

+	# bug #831897

356

+	local -x _PYTHONDONTWRITEBYTECODE=${PYTHONDONTWRITEBYTECODE}

357

+

358

+	if use pgo ; then

359

+		# bug 660358

360

+		local -x COLUMNS=80

361

+		local -x PYTHONDONTWRITEBYTECODE=

362

+

363

+		addpredict "/usr/lib/python${PYVER}/site-packages"

364

+	fi

365

+

366

+	# also need to clear the flags explicitly here or they end up

367

+	# in _sysconfigdata*

368

+	emake CPPFLAGS= CFLAGS= LDFLAGS=

369

+

370

+	# Restore saved value from above.

371

+	local -x PYTHONDONTWRITEBYTECODE=${_PYTHONDONTWRITEBYTECODE}

372

+

373

+	# Work around bug 329499. See also bug 413751 and 457194.

374

+	if has_version dev-libs/libffi[pax-kernel]; then

375

+		pax-mark E python

376

+	else

377

+		pax-mark m python

378

+	fi

379

+}

380

+

381

+src_test() {

382

+	# Tests will not work when cross compiling.

383

+	if tc-is-cross-compiler; then

384

+		elog "Disabling tests due to crosscompiling."

385

+		return

386

+	fi

387

+

388

+	local test_opts=(

389

+		-u-network

390

+		-j "$(makeopts_jobs)"

391

+

392

+		# fails

393

+		-x test_gdb

394

+	)

395

+

396

+	if use sparc ; then

397

+		# bug #788022

398

+		test_opts+=(

399

+			-x test_multiprocessing_fork

400

+			-x test_multiprocessing_forkserver

401

+		)

402

+	fi

403

+

404

+	# workaround docutils breaking tests

405

+	cat > Lib/docutils.py <<-EOF || die

406

+		raise ImportError("Thou shalt not import!")

407

+	EOF

408

+

409

+	# bug 660358

410

+	local -x COLUMNS=80

411

+	local -x PYTHONDONTWRITEBYTECODE=

412

+

413

+	nonfatal emake test EXTRATESTOPTS="${test_opts[*]}" \

414

+		CPPFLAGS= CFLAGS= LDFLAGS= < /dev/tty

415

+	local ret=${?}

416

+

417

+	rm Lib/docutils.py || die

418

+

419

+	[[ ${ret} -eq 0 ]] || die "emake test failed"

420

+}

421

+

422

+src_install() {

423

+	local libdir=${ED}/usr/lib/python${PYVER}

424

+

425

+	emake DESTDIR="${D}" altinstall

426

+

427

+	# Remove static library

428

+	rm "${ED}"/usr/$(get_libdir)/libpython*.a || die

429

+

430

+	# Fix collisions between different slots of Python.

431

+	rm "${ED}/usr/$(get_libdir)/libpython3.so" || die

432

+

433

+	# Cheap hack to get version with ABIFLAGS

434

+	local abiver=$(cd "${ED}/usr/include"; echo python*)

435

+	if [[ ${abiver} != python${PYVER} ]]; then

436

+		# Replace python3.X with a symlink to python3.Xm

437

+		rm "${ED}/usr/bin/python${PYVER}" || die

438

+		dosym "${abiver}" "/usr/bin/python${PYVER}"

439

+		# Create python3.X-config symlink

440

+		dosym "${abiver}-config" "/usr/bin/python${PYVER}-config"

441

+		# Create python-3.5m.pc symlink

442

+		dosym "python-${PYVER}.pc" "/usr/$(get_libdir)/pkgconfig/${abiver/${PYVER}/-${PYVER}}.pc"

443

+	fi

444

+

445

+	# python seems to get rebuilt in src_install (bug 569908)

446

+	# Work around it for now.

447

+	if has_version dev-libs/libffi[pax-kernel]; then

448

+		pax-mark E "${ED}/usr/bin/${abiver}"

449

+	else

450

+		pax-mark m "${ED}/usr/bin/${abiver}"

451

+	fi

452

+

453

+	rm -r "${libdir}"/ensurepip/_bundled || die

454

+	if ! use ensurepip; then

455

+		rm -r "${libdir}"/ensurepip || die

456

+	fi

457

+	if ! use sqlite; then

458

+		rm -r "${libdir}/"{sqlite3,test/test_sqlite*} || die

459

+	fi

460

+	if ! use tk; then

461

+		rm -r "${ED}/usr/bin/idle${PYVER}" || die

462

+		rm -r "${libdir}/"{idlelib,tkinter,test/test_tk*} || die

463

+	fi

464

+

465

+	ln -s ../python/EXTERNALLY-MANAGED "${libdir}/EXTERNALLY-MANAGED" || die

466

+

467

+	dodoc Misc/{ACKS,HISTORY,NEWS}

468

+

469

+	if use examples; then

470

+		docinto examples

471

+		find Tools -name __pycache__ -exec rm -fr {} + || die

472

+		dodoc -r Tools

473

+	fi

474

+	insinto /usr/share/gdb/auto-load/usr/$(get_libdir) #443510

475

+	local libname=$(

476

+		printf 'e:\n\t@echo $(INSTSONAME)\ninclude Makefile\n' |

477

+		emake --no-print-directory -s -f - 2>/dev/null

478

+	)

479

+	newins Tools/gdb/libpython.py "${libname}"-gdb.py

480

+

481

+	newconfd "${FILESDIR}/pydoc.conf" pydoc-${PYVER}

482

+	newinitd "${FILESDIR}/pydoc.init" pydoc-${PYVER}

483

+	sed \

484

+		-e "s:@PYDOC_PORT_VARIABLE@:PYDOC${PYVER/./_}_PORT:" \

485

+		-e "s:@PYDOC@:pydoc${PYVER}:" \

486

+		-i "${ED}/etc/conf.d/pydoc-${PYVER}" \

487

+		"${ED}/etc/init.d/pydoc-${PYVER}" || die "sed failed"

488

+

489

+	# python-exec wrapping support

490

+	local pymajor=${PYVER%.*}

491

+	local EPYTHON=python${PYVER}

492

+	local scriptdir=${D}$(python_get_scriptdir)

493

+	mkdir -p "${scriptdir}" || die

494

+	# python and pythonX

495

+	ln -s "../../../bin/${abiver}" "${scriptdir}/python${pymajor}" || die

496

+	ln -s "python${pymajor}" "${scriptdir}/python" || die

497

+	# python-config and pythonX-config

498

+	# note: we need to create a wrapper rather than symlinking it due

499

+	# to some random dirname(argv[0]) magic performed by python-config

500

+	cat > "${scriptdir}/python${pymajor}-config" <<-EOF || die

501

+		#!/bin/sh

502

+		exec "${abiver}-config" "\${@}"

503

+	EOF

504

+	chmod +x "${scriptdir}/python${pymajor}-config" || die

505

+	ln -s "python${pymajor}-config" "${scriptdir}/python-config" || die

506

+	# 2to3, pydoc

507

+	ln -s "../../../bin/2to3-${PYVER}" "${scriptdir}/2to3" || die

508

+	ln -s "../../../bin/pydoc${PYVER}" "${scriptdir}/pydoc" || die

509

+	# idle

510

+	if use tk; then

511

+		ln -s "../../../bin/idle${PYVER}" "${scriptdir}/idle" || die

512

+	fi

513

+}

1	commit: fd4fb5da1b236a01c915d81ce8732b1e5ba6c26f
2	Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
3	AuthorDate: Sun Feb 26 20:00:08 2023 +0000
4	Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
5	CommitDate: Sun Feb 26 20:11:14 2023 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fd4fb5da
7
8	dev-lang/python: Backport CVE-2023-24329 fix to 3.9.16_p2
9
10	Bug: https://bugs.gentoo.org/897958
11	Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
12
13	dev-lang/python/Manifest \| 1 +
14	dev-lang/python/python-3.9.16_p2.ebuild \| 481 ++++++++++++++++++++++++++++++++
15	2 files changed, 482 insertions(+)
16
17	diff --git a/dev-lang/python/Manifest b/dev-lang/python/Manifest
18	index 134c93377990..485f7b7b55e2 100644
19	--- a/dev-lang/python/Manifest
20	+++ b/dev-lang/python/Manifest
21	@@ -26,3 +26,4 @@ DIST python-gentoo-patches-3.12.0a4.tar.xz 8504 BLAKE2B 1257c1fe428fc967ef7d3107
22	DIST python-gentoo-patches-3.12.0a5.tar.xz 7704 BLAKE2B 7224d3e4318313183a10dc0d4fa73ab589b9de8096945750f31d45371b926f7e2cbeb2c672c254e369f04bb5588a79335ceea2e3ce4968e76f70206bdc3c9672 SHA512 951d6fd25e113bf29fb334a9162bc132d27a8c3186c8b6cbaddfbdea8ccd221fe126d09cf7c6df59942d49dac8561a4e168468daa0e7cd0d0d3a925166b4d835
23	DIST python-gentoo-patches-3.8.16_p2.tar.xz 30888 BLAKE2B c1816cd8b043b9aa3629a7753b7a9afa7c9af5d35b81954113af40632c97dabaa2148f0b920d9a37e8f4ebeadc1d76788a904c254ea842ea1062d552d2208e8e SHA512 6383c3f07fc7d6f37bb0cf9af27544323784eb2ded9b6f7913f3f59f5011ccb5615fb1adcc9eb3f9a58a98b7a2c24393bfbeef0b85728d77404621e29cb72656
24	DIST python-gentoo-patches-3.9.16_p1.tar.xz 25564 BLAKE2B e6b7f20bb0457011d74f441d58eb0c9c4426a61bf0f8a2146f0180104c7b8b5054a04afc664374a17f3770d3ae94836099c362e841e4c00631a75fc56a2b352d SHA512 43f473dba8f6bd19c6a30f169ec8e8abb9eefe7d26c357884ee27cabf1b5876c079ea0e9454b9e52021d15f070e0a824e3366cfde20d57175f5f89774ee50a5b
25	+DIST python-gentoo-patches-3.9.16_p2.tar.xz 26664 BLAKE2B 7176c58fd4bfe40489de33d67a0c106f9d170656e6ae47318b103ac45a4e0aca14e89790300c3881a3c9b8ca556996573621eb5dac0a71106ea0ae9bbf3e82c2 SHA512 792fcd53385d95e3ba5937b26099fcc19e62d3512783c25e734ee0cd153c8717e618dba010dd98b8647d3265bf94e40665e30494aae1a84181febbd7dbab3f36
26
27	diff --git a/dev-lang/python/python-3.9.16_p2.ebuild b/dev-lang/python/python-3.9.16_p2.ebuild
28	new file mode 100644
29	index 000000000000..4648718197f3
30	--- /dev/null
31	+++ b/dev-lang/python/python-3.9.16_p2.ebuild
32	@@ -0,0 +1,481 @@
33	+# Copyright 1999-2023 Gentoo Authors
34	+# Distributed under the terms of the GNU General Public License v2
35	+
36	+EAPI="7"
37	+WANT_LIBTOOL="none"
38	+
39	+inherit autotools check-reqs flag-o-matic multiprocessing pax-utils
40	+inherit prefix python-utils-r1 toolchain-funcs verify-sig
41	+
42	+MY_PV=${PV/_rc/rc}
43	+MY_P="Python-${MY_PV%_p*}"
44	+PYVER=$(ver_cut 1-2)
45	+PATCHSET="python-gentoo-patches-${MY_PV}"
46	+
47	+DESCRIPTION="An interpreted, interactive, object-oriented programming language"
48	+HOMEPAGE="
49	+ https://www.python.org/
50	+ https://github.com/python/cpython/
51	+"
52	+SRC_URI="
53	+ https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz
54	+ https://dev.gentoo.org/~mgorny/dist/python/${PATCHSET}.tar.xz
55	+ verify-sig? (
56	+ https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz.asc
57	+ )
58	+"
59	+S="${WORKDIR}/${MY_P}"
60	+
61	+LICENSE="PSF-2"
62	+SLOT="${PYVER}"
63	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
64	+IUSE="
65	+ bluetooth build +ensurepip examples gdbm hardened lto +ncurses pgo
66	+ +readline +sqlite +ssl test tk valgrind +xml
67	+"
68	+RESTRICT="!test? ( test )"
69	+
70	+# Do not add a dependency on dev-lang/python to this ebuild.
71	+# If you need to apply a patch which requires python for bootstrapping, please
72	+# run the bootstrap code on your dev box and include the results in the
73	+# patchset. See bug 447752.
74	+
75	+RDEPEND="
76	+ app-arch/bzip2:=
77	+ app-arch/xz-utils:=
78	+ dev-lang/python-exec[python_targets_python3_9(-)]
79	+ dev-libs/libffi:=
80	+ dev-python/gentoo-common
81	+ sys-apps/util-linux:=
82	+ >=sys-libs/zlib-1.1.3:=
83	+ virtual/libcrypt:=
84	+ virtual/libintl
85	+ ensurepip? ( dev-python/ensurepip-wheels )
86	+ gdbm? ( sys-libs/gdbm:=[berkdb] )
87	+ ncurses? ( >=sys-libs/ncurses-5.2:= )
88	+ readline? ( >=sys-libs/readline-4.1:= )
89	+ sqlite? ( >=dev-db/sqlite-3.3.8:3= )
90	+ ssl? ( >=dev-libs/openssl-1.1.1:= )
91	+ tk? (
92	+ >=dev-lang/tcl-8.0:=
93	+ >=dev-lang/tk-8.0:=
94	+ dev-tcltk/blt:=
95	+ dev-tcltk/tix
96	+ )
97	+ xml? ( >=dev-libs/expat-2.1:= )
98	+"
99	+# bluetooth requires headers from bluez
100	+DEPEND="
101	+ ${RDEPEND}
102	+ bluetooth? ( net-wireless/bluez )
103	+ test? ( app-arch/xz-utils[extra-filters(+)] )
104	+ valgrind? ( dev-util/valgrind )
105	+"
106	+# autoconf-archive needed to eautoreconf
107	+BDEPEND="
108	+ sys-devel/autoconf-archive
109	+ app-alternatives/awk
110	+ virtual/pkgconfig
111	+ verify-sig? ( sec-keys/openpgp-keys-python )
112	+"
113	+RDEPEND+="
114	+ !build? ( app-misc/mime-types )
115	+"
116	+
117	+VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/python.org.asc
118	+
119	+# large file tests involve a 2.5G file being copied (duplicated)
120	+CHECKREQS_DISK_BUILD=5500M
121	+
122	+QA_PKGCONFIG_VERSION=${PYVER}
123	+
124	+pkg_pretend() {
125	+ use test && check-reqs_pkg_pretend
126	+}
127	+
128	+pkg_setup() {
129	+ use test && check-reqs_pkg_setup
130	+}
131	+
132	+src_unpack() {
133	+ if use verify-sig; then
134	+ verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.asc}
135	+ fi
136	+ default
137	+}
138	+
139	+src_prepare() {
140	+ # Ensure that internal copies of expat and libffi are not used.
141	+ rm -r Modules/expat \|\| die
142	+ rm -r Modules/_ctypes/libffi* \|\| die
143	+
144	+ local PATCHES=(
145	+ "${WORKDIR}/${PATCHSET}"
146	+ )
147	+
148	+ default
149	+
150	+ # https://bugs.gentoo.org/850151
151	+ sed -i -e "s:@@GENTOO_LIBDIR@@:$(get_libdir):g" setup.py \|\| die
152	+
153	+ # force the correct number of jobs
154	+ # https://bugs.gentoo.org/737660
155	+ local jobs=$(makeopts_jobs)
156	+ sed -i -e "s:-j0:-j${jobs}:" Makefile.pre.in \|\| die
157	+ sed -i -e "/self\.parallel/s:True:${jobs}:" setup.py \|\| die
158	+
159	+ eautoreconf
160	+}
161	+
162	+src_configure() {
163	+ # disable automagic bluetooth headers detection
164	+ if ! use bluetooth; then
165	+ local -x ac_cv_header_bluetooth_bluetooth_h=no
166	+ fi
167	+ local disable
168	+ use gdbm \|\| disable+=" gdbm"
169	+ use ncurses \|\| disable+=" _curses _curses_panel"
170	+ use readline \|\| disable+=" readline"
171	+ use sqlite \|\| disable+=" _sqlite3"
172	+ use ssl \|\| export PYTHON_DISABLE_SSL="1"
173	+ use tk \|\| disable+=" _tkinter"
174	+ use xml \|\| disable+=" _elementtree pyexpat" # _elementtree uses pyexpat.
175	+ export PYTHON_DISABLE_MODULES="${disable}"
176	+
177	+ if ! use xml; then
178	+ ewarn "You have configured Python without XML support."
179	+ ewarn "This is NOT a recommended configuration as you"
180	+ ewarn "may face problems parsing any XML documents."
181	+ fi
182	+
183	+ if [[ -n "${PYTHON_DISABLE_MODULES}" ]]; then
184	+ einfo "Disabled modules: ${PYTHON_DISABLE_MODULES}"
185	+ fi
186	+
187	+ append-flags -fwrapv
188	+ filter-flags -malign-double
189	+
190	+ # https://bugs.gentoo.org/700012
191	+ if is-flagq -flto \|\| is-flagq '-flto=*'; then
192	+ append-cflags $(test-flags-CC -ffat-lto-objects)
193	+ fi
194	+
195	+ # Export CXX so it ends up in /usr/lib/python3.X/config/Makefile.
196	+ # PKG_CONFIG needed for cross.
197	+ tc-export CXX PKG_CONFIG
198	+
199	+ local dbmliborder=
200	+ if use gdbm; then
201	+ dbmliborder+="${dbmliborder:+:}gdbm"
202	+ fi
203	+
204	+ if use pgo; then
205	+ local profile_task_flags=(
206	+ -m test
207	+ "-j$(makeopts_jobs)"
208	+ --pgo-extended
209	+ -x test_gdb
210	+ -u-network
211	+
212	+ # All of these seem to occasionally hang for PGO inconsistently
213	+ # They'll even hang here but be fine in src_test sometimes.
214	+ # bug #828535 (and related: bug #788022)
215	+ -x test_asyncio
216	+ -x test_httpservers
217	+ -x test_logging
218	+ -x test_multiprocessing_fork
219	+ -x test_socket
220	+ -x test_xmlrpc
221	+ )
222	+
223	+ if has_version "app-arch/rpm" ; then
224	+ # Avoid sandbox failure (attempts to write to /var/lib/rpm)
225	+ profile_task_flags+=(
226	+ -x test_distutils
227	+ )
228	+ fi
229	+ local -x PROFILE_TASK="${profile_task_flags[*]}"
230	+ fi
231	+
232	+ local myeconfargs=(
233	+ # glibc-2.30 removes it; since we can't cleanly force-rebuild
234	+ # Python on glibc upgrade, remove it proactively to give
235	+ # a chance for users rebuilding python before glibc
236	+ ac_cv_header_stropts_h=no
237	+
238	+ --enable-shared
239	+ --enable-ipv6
240	+ --infodir='${prefix}/share/info'
241	+ --mandir='${prefix}/share/man'
242	+ --with-computed-gotos
243	+ --with-dbmliborder="${dbmliborder}"
244	+ --with-libc=
245	+ --enable-loadable-sqlite-extensions
246	+ --without-ensurepip
247	+ --with-system-expat
248	+ --with-system-ffi
249	+ --with-wheel-pkg-dir="${EPREFIX}"/usr/lib/python/ensurepip
250	+
251	+ $(use_with lto)
252	+ $(use_enable pgo optimizations)
253	+ $(use_with valgrind)
254	+ )
255	+
256	+ # disable implicit optimization/debugging flags
257	+ local -x OPT=
258	+
259	+ if tc-is-cross-compiler ; then
260	+ # Hack to workaround get_libdir not being able to handle CBUILD, bug #794181
261	+ local cbuild_libdir=$(unset PKG_CONFIG_PATH ; $(tc-getBUILD_PKG_CONFIG) --keep-system-libs --libs-only-L libffi)
262	+
263	+ # pass system CFLAGS & LDFLAGS as _NODIST, otherwise they'll get
264	+ # propagated to sysconfig for built extensions
265	+ local -x CFLAGS_NODIST=${CFLAGS_FOR_BUILD}
266	+ local -x LDFLAGS_NODIST=${LDFLAGS_FOR_BUILD}
267	+ local -x CFLAGS= LDFLAGS=
268	+
269	+ # We need to build our own Python on CBUILD first, and feed it in.
270	+ # bug #847910 and bug #864911.
271	+ local myeconfargs_cbuild=(
272	+ "${myeconfargs[@]}"
273	+
274	+ --libdir="${cbuild_libdir:2}"
275	+
276	+ # Avoid needing to load the right libpython.so.
277	+ --disable-shared
278	+
279	+ # As minimal as possible for the mini CBUILD Python
280	+ # we build just for cross.
281	+ --without-lto
282	+ --disable-optimizations
283	+ )
284	+
285	+ # Point the imminent CHOST build to the Python we just
286	+ # built for CBUILD.
287	+ export PATH="${WORKDIR}/${P}-${CBUILD}:${PATH}"
288	+
289	+ mkdir "${WORKDIR}"/${P}-${CBUILD} \|\| die
290	+ pushd "${WORKDIR}"/${P}-${CBUILD} &> /dev/null \|\| die
291	+ # We disable _ctypes and _crypt for CBUILD because Python's setup.py can't handle locating
292	+ # libdir correctly for cross.
293	+ PYTHON_DISABLE_MODULES="${PYTHON_DISABLE_MODULES} _ctypes _crypt" \
294	+ ECONF_SOURCE="${S}" econf_build "${myeconfargs_cbuild[@]}"
295	+
296	+ # Avoid as many dependencies as possible for the cross build.
297	+ cat >> Makefile <<-EOF \|\| die
298	+ MODULE_NIS=disabled
299	+ MODULE__DBM=disabled
300	+ MODULE__GDBM=disabled
301	+ MODULE__DBM=disabled
302	+ MODULE__SQLITE3=disabled
303	+ MODULE__HASHLIB=disabled
304	+ MODULE__SSL=disabled
305	+ MODULE__CURSES=disabled
306	+ MODULE__CURSES_PANEL=disabled
307	+ MODULE_READLINE=disabled
308	+ MODULE__TKINTER=disabled
309	+ MODULE_PYEXPAT=disabled
310	+ MODULE_ZLIB=disabled
311	+ EOF
312	+
313	+ # Unfortunately, we do have to build this immediately, and
314	+ # not in src_compile, because CHOST configure for Python
315	+ # will check the existence of the Python it was pointed to
316	+ # immediately.
317	+ PYTHON_DISABLE_MODULES="${PYTHON_DISABLE_MODULES} _ctypes _crypt" emake
318	+ popd &> /dev/null \|\| die
319	+ fi
320	+
321	+ # pass system CFLAGS & LDFLAGS as _NODIST, otherwise they'll get
322	+ # propagated to sysconfig for built extensions
323	+ local -x CFLAGS_NODIST=${CFLAGS}
324	+ local -x LDFLAGS_NODIST=${LDFLAGS}
325	+ local -x CFLAGS= LDFLAGS=
326	+
327	+ # Fix implicit declarations on cross and prefix builds. Bug #674070.
328	+ if use ncurses; then
329	+ append-cppflags -I"${ESYSROOT}"/usr/include/ncursesw
330	+ fi
331	+
332	+ hprefixify setup.py
333	+ econf "${myeconfargs[@]}"
334	+
335	+ if grep -q "#define POSIX_SEMAPHORES_NOT_ENABLED 1" pyconfig.h; then
336	+ eerror "configure has detected that the sem_open function is broken."
337	+ eerror "Please ensure that /dev/shm is mounted as a tmpfs with mode 1777."
338	+ die "Broken sem_open function (bug 496328)"
339	+ fi
340	+
341	+ # install epython.py as part of stdlib
342	+ echo "EPYTHON='python${PYVER}'" > Lib/epython.py \|\| die
343	+}
344	+
345	+src_compile() {
346	+ # Ensure sed works as expected
347	+ # https://bugs.gentoo.org/594768
348	+ local -x LC_ALL=C
349	+ # Prevent using distutils bundled by setuptools.
350	+ # https://bugs.gentoo.org/823728
351	+ export SETUPTOOLS_USE_DISTUTILS=stdlib
352	+
353	+ # Save PYTHONDONTWRITEBYTECODE so that 'has_version' doesn't
354	+ # end up writing bytecode & violating sandbox.
355	+ # bug #831897
356	+ local -x _PYTHONDONTWRITEBYTECODE=${PYTHONDONTWRITEBYTECODE}
357	+
358	+ if use pgo ; then
359	+ # bug 660358
360	+ local -x COLUMNS=80
361	+ local -x PYTHONDONTWRITEBYTECODE=
362	+
363	+ addpredict "/usr/lib/python${PYVER}/site-packages"
364	+ fi
365	+
366	+ # also need to clear the flags explicitly here or they end up
367	+ # in _sysconfigdata*
368	+ emake CPPFLAGS= CFLAGS= LDFLAGS=
369	+
370	+ # Restore saved value from above.
371	+ local -x PYTHONDONTWRITEBYTECODE=${_PYTHONDONTWRITEBYTECODE}
372	+
373	+ # Work around bug 329499. See also bug 413751 and 457194.
374	+ if has_version dev-libs/libffi[pax-kernel]; then
375	+ pax-mark E python
376	+ else
377	+ pax-mark m python
378	+ fi
379	+}
380	+
381	+src_test() {
382	+ # Tests will not work when cross compiling.
383	+ if tc-is-cross-compiler; then
384	+ elog "Disabling tests due to crosscompiling."
385	+ return
386	+ fi
387	+
388	+ local test_opts=(
389	+ -u-network
390	+ -j "$(makeopts_jobs)"
391	+
392	+ # fails
393	+ -x test_gdb
394	+ )
395	+
396	+ if use sparc ; then
397	+ # bug #788022
398	+ test_opts+=(
399	+ -x test_multiprocessing_fork
400	+ -x test_multiprocessing_forkserver
401	+ )
402	+ fi
403	+
404	+ # workaround docutils breaking tests
405	+ cat > Lib/docutils.py <<-EOF \|\| die
406	+ raise ImportError("Thou shalt not import!")
407	+ EOF
408	+
409	+ # bug 660358
410	+ local -x COLUMNS=80
411	+ local -x PYTHONDONTWRITEBYTECODE=
412	+
413	+ nonfatal emake test EXTRATESTOPTS="${test_opts[*]}" \
414	+ CPPFLAGS= CFLAGS= LDFLAGS= < /dev/tty
415	+ local ret=${?}
416	+
417	+ rm Lib/docutils.py \|\| die
418	+
419	+ [[ ${ret} -eq 0 ]] \|\| die "emake test failed"
420	+}
421	+
422	+src_install() {
423	+ local libdir=${ED}/usr/lib/python${PYVER}
424	+
425	+ emake DESTDIR="${D}" altinstall
426	+
427	+ # Remove static library
428	+ rm "${ED}"/usr/$(get_libdir)/libpython*.a \|\| die
429	+
430	+ # Fix collisions between different slots of Python.
431	+ rm "${ED}/usr/$(get_libdir)/libpython3.so" \|\| die
432	+
433	+ # Cheap hack to get version with ABIFLAGS
434	+ local abiver=$(cd "${ED}/usr/include"; echo python*)
435	+ if [[ ${abiver} != python${PYVER} ]]; then
436	+ # Replace python3.X with a symlink to python3.Xm
437	+ rm "${ED}/usr/bin/python${PYVER}" \|\| die
438	+ dosym "${abiver}" "/usr/bin/python${PYVER}"
439	+ # Create python3.X-config symlink
440	+ dosym "${abiver}-config" "/usr/bin/python${PYVER}-config"
441	+ # Create python-3.5m.pc symlink
442	+ dosym "python-${PYVER}.pc" "/usr/$(get_libdir)/pkgconfig/${abiver/${PYVER}/-${PYVER}}.pc"
443	+ fi
444	+
445	+ # python seems to get rebuilt in src_install (bug 569908)
446	+ # Work around it for now.
447	+ if has_version dev-libs/libffi[pax-kernel]; then
448	+ pax-mark E "${ED}/usr/bin/${abiver}"
449	+ else
450	+ pax-mark m "${ED}/usr/bin/${abiver}"
451	+ fi
452	+
453	+ rm -r "${libdir}"/ensurepip/_bundled \|\| die
454	+ if ! use ensurepip; then
455	+ rm -r "${libdir}"/ensurepip \|\| die
456	+ fi
457	+ if ! use sqlite; then
458	+ rm -r "${libdir}/"{sqlite3,test/test_sqlite*} \|\| die
459	+ fi
460	+ if ! use tk; then
461	+ rm -r "${ED}/usr/bin/idle${PYVER}" \|\| die
462	+ rm -r "${libdir}/"{idlelib,tkinter,test/test_tk*} \|\| die
463	+ fi
464	+
465	+ ln -s ../python/EXTERNALLY-MANAGED "${libdir}/EXTERNALLY-MANAGED" \|\| die
466	+
467	+ dodoc Misc/{ACKS,HISTORY,NEWS}
468	+
469	+ if use examples; then
470	+ docinto examples
471	+ find Tools -name __pycache__ -exec rm -fr {} + \|\| die
472	+ dodoc -r Tools
473	+ fi
474	+ insinto /usr/share/gdb/auto-load/usr/$(get_libdir) #443510
475	+ local libname=$(
476	+ printf 'e:\n\t@echo $(INSTSONAME)\ninclude Makefile\n' \|
477	+ emake --no-print-directory -s -f - 2>/dev/null
478	+ )
479	+ newins Tools/gdb/libpython.py "${libname}"-gdb.py
480	+
481	+ newconfd "${FILESDIR}/pydoc.conf" pydoc-${PYVER}
482	+ newinitd "${FILESDIR}/pydoc.init" pydoc-${PYVER}
483	+ sed \
484	+ -e "s:@PYDOC_PORT_VARIABLE@:PYDOC${PYVER/./_}_PORT:" \
485	+ -e "s:@PYDOC@:pydoc${PYVER}:" \
486	+ -i "${ED}/etc/conf.d/pydoc-${PYVER}" \
487	+ "${ED}/etc/init.d/pydoc-${PYVER}" \|\| die "sed failed"
488	+
489	+ # python-exec wrapping support
490	+ local pymajor=${PYVER%.*}
491	+ local EPYTHON=python${PYVER}
492	+ local scriptdir=${D}$(python_get_scriptdir)
493	+ mkdir -p "${scriptdir}" \|\| die
494	+ # python and pythonX
495	+ ln -s "../../../bin/${abiver}" "${scriptdir}/python${pymajor}" \|\| die
496	+ ln -s "python${pymajor}" "${scriptdir}/python" \|\| die
497	+ # python-config and pythonX-config
498	+ # note: we need to create a wrapper rather than symlinking it due
499	+ # to some random dirname(argv[0]) magic performed by python-config
500	+ cat > "${scriptdir}/python${pymajor}-config" <<-EOF \|\| die
501	+ #!/bin/sh
502	+ exec "${abiver}-config" "\${@}"
503	+ EOF
504	+ chmod +x "${scriptdir}/python${pymajor}-config" \|\| die
505	+ ln -s "python${pymajor}-config" "${scriptdir}/python-config" \|\| die
506	+ # 2to3, pydoc
507	+ ln -s "../../../bin/2to3-${PYVER}" "${scriptdir}/2to3" \|\| die
508	+ ln -s "../../../bin/pydoc${PYVER}" "${scriptdir}/pydoc" \|\| die
509	+ # idle
510	+ if use tk; then
511	+ ln -s "../../../bin/idle${PYVER}" "${scriptdir}/idle" \|\| die
512	+ fi
513	+}

Gentoo Archives: gentoo-commits