diff options
author | Mike Gilbert <floppym@gentoo.org> | 2020-09-07 12:55:11 -0400 |
---|---|---|
committer | Mike Gilbert <floppym@gentoo.org> | 2020-09-07 12:55:11 -0400 |
commit | 728f8c43b8b540f37871be3080ac63c05a9cf6a7 (patch) | |
tree | 12e0ee1f68547cb0ffc7880b242b7255ef621ca8 | |
parent | net-misc/oidc-agent: respect CC while linking the shared library (diff) | |
download | gentoo-728f8c43b8b540f37871be3080ac63c05a9cf6a7.tar.gz gentoo-728f8c43b8b540f37871be3080ac63c05a9cf6a7.tar.bz2 gentoo-728f8c43b8b540f37871be3080ac63c05a9cf6a7.zip |
sys-apps/file: backport a seccomp fix for musl
Closes: https://bugs.gentoo.org/728978
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
-rw-r--r-- | sys-apps/file/file-5.39-r1.ebuild | 140 | ||||
-rw-r--r-- | sys-apps/file/file-5.39-r3.ebuild (renamed from sys-apps/file/file-5.39-r2.ebuild) | 5 | ||||
-rw-r--r-- | sys-apps/file/file-5.39.ebuild | 140 | ||||
-rw-r--r-- | sys-apps/file/files/file-5.39-add-missing-termios.patch | 35 | ||||
-rw-r--r-- | sys-apps/file/files/file-5.39-portage-sandbox.patch (renamed from sys-apps/file/files/file-5.39-portage_sandbox.patch) | 18 | ||||
-rw-r--r-- | sys-apps/file/files/file-5.39-seccomp-musl.patch | 37 | ||||
-rw-r--r-- | sys-apps/file/files/file-5.39-seccomp_sandbox.patch | 13 |
7 files changed, 67 insertions, 321 deletions
diff --git a/sys-apps/file/file-5.39-r1.ebuild b/sys-apps/file/file-5.39-r1.ebuild deleted file mode 100644 index 8333fd922e2c..000000000000 --- a/sys-apps/file/file-5.39-r1.ebuild +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{6..9} ) -DISTUTILS_OPTIONAL=1 - -inherit autotools distutils-r1 libtool toolchain-funcs multilib-minimal - -if [[ ${PV} == "9999" ]] ; then - EGIT_REPO_URI="https://github.com/glensc/file.git" - inherit git-r3 -else - SRC_URI="ftp://ftp.astron.com/pub/file/${P}.tar.gz" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -fi - -DESCRIPTION="identify a file's format by scanning binary data for patterns" -HOMEPAGE="https://www.darwinsys.com/file/" - -LICENSE="BSD-2" -SLOT="0" -IUSE="bzip2 lzma python seccomp static-libs zlib" -REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" - -DEPEND=" - bzip2? ( app-arch/bzip2[${MULTILIB_USEDEP}] ) - lzma? ( app-arch/xz-utils[${MULTILIB_USEDEP}] ) - python? ( - ${PYTHON_DEPS} - dev-python/setuptools[${PYTHON_USEDEP}] - ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )" -RDEPEND="${DEPEND} - python? ( !dev-python/python-magic ) - seccomp? ( sys-libs/libseccomp[${MULTILIB_USEDEP}] )" - -PATCHES=( - "${FILESDIR}/${PN}-5.39-portage_sandbox.patch" #713710 #728978 -) - -src_prepare() { - default - eautoreconf - elibtoolize - - # don't let python README kill main README #60043 - mv python/README.md python/README.python.md || die - sed 's@README.md@README.python.md@' -i python/setup.py || die #662090 -} - -multilib_src_configure() { - local myeconfargs=( - --enable-fsect-man5 - $(use_enable bzip2 bzlib) - $(use_enable lzma xzlib) - $(use_enable seccomp libseccomp) - $(use_enable static-libs static) - $(use_enable zlib) - ) - econf "${myeconfargs[@]}" -} - -build_src_configure() { - local myeconfargs=( - --disable-shared - --disable-libseccomp - --disable-bzlib - --disable-xzlib - --disable-zlib - ) - tc-env_build econf "${myeconfargs[@]}" -} - -need_build_file() { - # when cross-compiling, we need to build up our own file - # because people often don't keep matching host/target - # file versions #362941 - tc-is-cross-compiler && ! has_version -b "~${CATEGORY}/${P}" -} - -src_configure() { - local ECONF_SOURCE=${S} - - if need_build_file; then - mkdir -p "${WORKDIR}"/build || die - cd "${WORKDIR}"/build || die - build_src_configure - fi - - multilib-minimal_src_configure -} - -multilib_src_compile() { - if multilib_is_native_abi ; then - emake - else - cd src || die - emake magic.h #586444 - emake libmagic.la - fi -} - -src_compile() { - if need_build_file; then - emake -C "${WORKDIR}"/build/src magic.h #586444 - emake -C "${WORKDIR}"/build/src file - local -x PATH="${WORKDIR}/build/src:${PATH}" - fi - multilib-minimal_src_compile - - if use python ; then - cd python || die - distutils-r1_src_compile - fi -} - -multilib_src_install() { - if multilib_is_native_abi ; then - default - else - emake -C src install-{nodist_includeHEADERS,libLTLIBRARIES} DESTDIR="${D}" - fi -} - -multilib_src_install_all() { - dodoc ChangeLog MAINT README - - # Required for `file -C` - dodir /usr/share/misc/magic - insinto /usr/share/misc/magic - doins -r magic/Magdir/* - - if use python ; then - cd python || die - distutils-r1_src_install - fi - find "${ED}" -type f -name "*.la" -delete || die -} diff --git a/sys-apps/file/file-5.39-r2.ebuild b/sys-apps/file/file-5.39-r3.ebuild index 645a85169629..c8425291ed78 100644 --- a/sys-apps/file/file-5.39-r2.ebuild +++ b/sys-apps/file/file-5.39-r3.ebuild @@ -37,8 +37,9 @@ RDEPEND="${DEPEND} seccomp? ( sys-libs/libseccomp[${MULTILIB_USEDEP}] )" PATCHES=( - "${FILESDIR}/${PN}-5.39-portage_sandbox.patch" #713710 #728978 - "${FILESDIR}/${P}-add-missing-termios.patch" #728416 + "${FILESDIR}/file-5.39-add-missing-termios.patch" #728416 + "${FILESDIR}/file-5.39-seccomp-musl.patch" + "${FILESDIR}/file-5.39-portage-sandbox.patch" #713710 #728978 ) src_prepare() { diff --git a/sys-apps/file/file-5.39.ebuild b/sys-apps/file/file-5.39.ebuild deleted file mode 100644 index 98499a3c73df..000000000000 --- a/sys-apps/file/file-5.39.ebuild +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{6..9} ) -DISTUTILS_OPTIONAL=1 - -inherit autotools distutils-r1 libtool toolchain-funcs multilib-minimal - -if [[ ${PV} == "9999" ]] ; then - EGIT_REPO_URI="https://github.com/glensc/file.git" - inherit git-r3 -else - SRC_URI="ftp://ftp.astron.com/pub/file/${P}.tar.gz" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -fi - -DESCRIPTION="identify a file's format by scanning binary data for patterns" -HOMEPAGE="https://www.darwinsys.com/file/" - -LICENSE="BSD-2" -SLOT="0" -IUSE="bzip2 lzma python seccomp static-libs zlib" -REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" - -DEPEND=" - bzip2? ( app-arch/bzip2[${MULTILIB_USEDEP}] ) - lzma? ( app-arch/xz-utils[${MULTILIB_USEDEP}] ) - python? ( - ${PYTHON_DEPS} - dev-python/setuptools[${PYTHON_USEDEP}] - ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )" -RDEPEND="${DEPEND} - python? ( !dev-python/python-magic ) - seccomp? ( sys-libs/libseccomp[${MULTILIB_USEDEP}] )" - -PATCHES=( - "${FILESDIR}/${PN}-5.39-seccomp_sandbox.patch" #713710 -) - -src_prepare() { - default - eautoreconf - elibtoolize - - # don't let python README kill main README #60043 - mv python/README.md python/README.python.md || die - sed 's@README.md@README.python.md@' -i python/setup.py || die #662090 -} - -multilib_src_configure() { - local myeconfargs=( - --enable-fsect-man5 - $(use_enable bzip2 bzlib) - $(use_enable lzma xzlib) - $(use_enable seccomp libseccomp) - $(use_enable static-libs static) - $(use_enable zlib) - ) - econf "${myeconfargs[@]}" -} - -build_src_configure() { - local myeconfargs=( - --disable-shared - --disable-libseccomp - --disable-bzlib - --disable-xzlib - --disable-zlib - ) - tc-env_build econf "${myeconfargs[@]}" -} - -need_build_file() { - # when cross-compiling, we need to build up our own file - # because people often don't keep matching host/target - # file versions #362941 - tc-is-cross-compiler && ! has_version -b "~${CATEGORY}/${P}" -} - -src_configure() { - local ECONF_SOURCE=${S} - - if need_build_file; then - mkdir -p "${WORKDIR}"/build || die - cd "${WORKDIR}"/build || die - build_src_configure - fi - - multilib-minimal_src_configure -} - -multilib_src_compile() { - if multilib_is_native_abi ; then - emake - else - cd src || die - emake magic.h #586444 - emake libmagic.la - fi -} - -src_compile() { - if need_build_file; then - emake -C "${WORKDIR}"/build/src magic.h #586444 - emake -C "${WORKDIR}"/build/src file - local -x PATH="${WORKDIR}/build/src:${PATH}" - fi - multilib-minimal_src_compile - - if use python ; then - cd python || die - distutils-r1_src_compile - fi -} - -multilib_src_install() { - if multilib_is_native_abi ; then - default - else - emake -C src install-{nodist_includeHEADERS,libLTLIBRARIES} DESTDIR="${D}" - fi -} - -multilib_src_install_all() { - dodoc ChangeLog MAINT README - - # Required for `file -C` - dodir /usr/share/misc/magic - insinto /usr/share/misc/magic - doins -r magic/Magdir/* - - if use python ; then - cd python || die - distutils-r1_src_install - fi - find "${ED}" -type f -name "*.la" -delete || die -} diff --git a/sys-apps/file/files/file-5.39-add-missing-termios.patch b/sys-apps/file/files/file-5.39-add-missing-termios.patch index e6cba0d4c28c..0614f52dd275 100644 --- a/sys-apps/file/files/file-5.39-add-missing-termios.patch +++ b/sys-apps/file/files/file-5.39-add-missing-termios.patch @@ -1,27 +1,30 @@ -From 769e9868c17a471323b81b12cab851c9fd22baf4 Mon Sep 17 00:00:00 2001 -From: Georgy Yakovlev <gyakovlev@gentoo.org> -Date: Mon, 15 Jun 2020 14:18:45 -0700 -Subject: [PATCH] add missing termios.h include +From 471e2c6c61ecd30ba6e304ae0444d364cfd44254 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas <christos@zoulas.com> +Date: Thu, 18 Jun 2020 16:25:12 +0000 +Subject: [PATCH] PR/168: gyakovlev: Include <termios.h> -on ppc, TCGETS relies on struct termios being complete, on other -architectures it does not. -so termios.h should be included before ioctl.h --- - src/seccomp.c | 1 + - 1 file changed, 1 insertion(+) + src/seccomp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/seccomp.c b/src/seccomp.c -index e667adf..296f5b3 100644 +index e667adfe4..68c56485d 100644 --- a/src/seccomp.c +++ b/src/seccomp.c -@@ -33,6 +33,7 @@ FILE_RCSID("@(#)$File: seccomp.c,v 1.15 2020/05/30 23:56:26 christos Exp $") +@@ -27,7 +27,7 @@ + #include "file.h" + + #ifndef lint +-FILE_RCSID("@(#)$File: seccomp.c,v 1.15 2020/05/30 23:56:26 christos Exp $") ++FILE_RCSID("@(#)$File: seccomp.c,v 1.16 2020/06/18 16:25:12 christos Exp $") + #endif /* lint */ + #if HAVE_LIBSECCOMP - #include <seccomp.h> /* libseccomp */ +@@ -35,6 +35,7 @@ FILE_RCSID("@(#)$File: seccomp.c,v 1.15 2020/05/30 23:56:26 christos Exp $") #include <sys/prctl.h> /* prctl */ -+#include <termios.h> #include <sys/ioctl.h> #include <sys/socket.h> ++#include <termios.h> #include <fcntl.h> --- -2.27.0 - + #include <stdlib.h> + #include <errno.h> diff --git a/sys-apps/file/files/file-5.39-portage_sandbox.patch b/sys-apps/file/files/file-5.39-portage-sandbox.patch index ff2caed413fc..3ea26641671f 100644 --- a/sys-apps/file/files/file-5.39-portage_sandbox.patch +++ b/sys-apps/file/files/file-5.39-portage-sandbox.patch @@ -1,28 +1,26 @@ -From 7e1d9d51329a0e0f3d9cd1dbc3f9509251950e81 Mon Sep 17 00:00:00 2001 +From 81765a2d4fcce23f42495d5ec03bbfecb2a3c381 Mon Sep 17 00:00:00 2001 From: tka <tka@kamph.org> Date: Wed, 24 Jun 2020 11:18:45 +0200 Subject: [PATCH] Allow getcwd for Gentoo's portage sandbox -Gentoo-bug: https://bugs.gentoo.org/728978 -Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> +Bug: https://bugs.gentoo.org/728978 --- - src/seccomp.c | 3 +++ - 1 file changed, 3 insertions(+) + src/seccomp.c | 2 ++ + 1 file changed, 2 insertions(+) diff --git a/src/seccomp.c b/src/seccomp.c -index 68c56485..af55918e 100644 +index db9364ae..7f5d6f26 100644 --- a/src/seccomp.c +++ b/src/seccomp.c -@@ -227,6 +227,9 @@ enable_sandbox_full(void) - ALLOW_RULE(unlink); +@@ -229,6 +229,8 @@ enable_sandbox_full(void) ALLOW_RULE(write); + ALLOW_RULE(writev); + // needed by Gentoo's portage sandbox + ALLOW_RULE(getcwd); -+ #if 0 // needed by valgrind -- -2.27.0 +2.28.0 diff --git a/sys-apps/file/files/file-5.39-seccomp-musl.patch b/sys-apps/file/files/file-5.39-seccomp-musl.patch new file mode 100644 index 000000000000..72836de67e58 --- /dev/null +++ b/sys-apps/file/files/file-5.39-seccomp-musl.patch @@ -0,0 +1,37 @@ +From 93c91e2ba8042d499fee168e27cbd526438454c6 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas <christos@zoulas.com> +Date: Sat, 5 Sep 2020 17:20:32 +0000 +Subject: [PATCH] PR/194: puchuu: Handle muslc syscalls + +--- + src/seccomp.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/seccomp.c b/src/seccomp.c +index 68c56485d..db9364ae4 100644 +--- a/src/seccomp.c ++++ b/src/seccomp.c +@@ -27,7 +27,7 @@ + #include "file.h" + + #ifndef lint +-FILE_RCSID("@(#)$File: seccomp.c,v 1.16 2020/06/18 16:25:12 christos Exp $") ++FILE_RCSID("@(#)$File: seccomp.c,v 1.17 2020/09/05 17:20:32 christos Exp $") + #endif /* lint */ + + #if HAVE_LIBSECCOMP +@@ -220,12 +220,14 @@ enable_sandbox_full(void) + ALLOW_RULE(rt_sigreturn); + ALLOW_RULE(select); + ALLOW_RULE(stat); ++ ALLOW_RULE(statx); + ALLOW_RULE(stat64); + ALLOW_RULE(sysinfo); + ALLOW_RULE(umask); // Used in file_pipe2file() + ALLOW_RULE(getpid); // Used by glibc in file_pipe2file() + ALLOW_RULE(unlink); + ALLOW_RULE(write); ++ ALLOW_RULE(writev); + + + #if 0 diff --git a/sys-apps/file/files/file-5.39-seccomp_sandbox.patch b/sys-apps/file/files/file-5.39-seccomp_sandbox.patch deleted file mode 100644 index da0a0ff1f284..000000000000 --- a/sys-apps/file/files/file-5.39-seccomp_sandbox.patch +++ /dev/null @@ -1,13 +0,0 @@ -Don't call file with seccomp in portage sandbox. This will fail: - - make[2]: *** [Makefile:834: magic.mgc] Bad system call - ---- file-5.39/magic/Makefile.am -+++ file-5.39/magic/Makefile.am -@@ -352,5 +352,5 @@ - exit 1; \ - fi; \ - fi) -- $(FILE_COMPILE) -C -m magic -+ $(FILE_COMPILE) -S -C -m magic - @rm -fr magic |