mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 21:11:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

dev-libs/openssl: Apply Flatcar changes

Browse Source 
- Drop binddist from RESTRICT variable
- Drop pkg_postinst
- Create /etc/ssl with tmpfiles (and package it for the SDK).

Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
This commit is contained in:
Sayan Chowdhury 2021-02-26 09:41:18 +00:00
parent e1e7339fdd
commit 26b27b7ac5
3 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl.conf vendored Normal file
View File

@ -0,0 +1,3 @@
d /etc/ssl - - - - -
d /etc/ssl/private 0700 - - - -
L /etc/ssl/openssl.cnf - - - - ../../usr/share/ssl/openssl.cnf

25
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/openssl-1.1.1j.ebuild vendored
View File

@ -3,7 +3,7 @@
EAPI="7" EAPI="7"
inherit flag-o-matic toolchain-funcs multilib multilib-minimal inherit flag-o-matic toolchain-funcs multilib multilib-minimal systemd
MY_P=${P/_/-} MY_P=${P/_/-}
@ -29,7 +29,7 @@ SLOT="0/1.1" # .so version of libssl/libcrypto
[[ "${PV}" = *_pre* ]] || \ [[ "${PV}" = *_pre* ]] || \
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~x86-linux" KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~x86-linux"
IUSE="+asm bindist elibc_musl rfc3779 sctp cpu_flags_x86_sse2 sslv3 static-libs test tls-heartbeat vanilla zlib" IUSE="+asm bindist elibc_musl rfc3779 sctp cpu_flags_x86_sse2 sslv3 static-libs test tls-heartbeat vanilla zlib"
RESTRICT="!bindist? ( bindist ) RESTRICT="
!test? ( test )" !test? ( test )"
RDEPEND=">=app-misc/c_rehash-1.7-r1 RDEPEND=">=app-misc/c_rehash-1.7-r1
@ -47,7 +47,6 @@ PDEPEND="app-misc/ca-certificates"
PATCHES=( PATCHES=(
"${FILESDIR}"/${PN}-1.1.0j-parallel_install_fix.patch #671602 "${FILESDIR}"/${PN}-1.1.0j-parallel_install_fix.patch #671602
"${FILESDIR}"/${PN}-1.1.1i-riscv32.patch
) )
S="${WORKDIR}/${MY_P}" S="${WORKDIR}/${MY_P}"
@ -286,9 +285,6 @@ multilib_src_install_all() {
# twice; once with shared lib support enabled and once without. # twice; once with shared lib support enabled and once without.
use static-libs || rm -f "${ED}"/usr/lib*/lib*.a use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
# create the certs directory
keepdir ${SSL_CNF_DIR}/certs
# Namespace openssl programs to prevent conflicts with other man pages # Namespace openssl programs to prevent conflicts with other man pages
cd "${ED}"/usr/share/man || die cd "${ED}"/usr/share/man || die
local m d s local m d s
@ -315,12 +311,15 @@ multilib_src_install_all() {
dodir /etc/sandbox.d #254521 dodir /etc/sandbox.d #254521
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
diropts -m0700 # Don't keep the sample CA files and their ilk in /etc.
keepdir ${SSL_CNF_DIR}/private rm -r "${ED}"${SSL_CNF_DIR}
}
pkg_postinst() { # Save the default openssl.cnf in /usr and link it into place.
ebegin "Running 'c_rehash ${EROOT}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" dodir /usr/share/ssl
c_rehash "${EROOT}${SSL_CNF_DIR}/certs" >/dev/null insinto /usr/share/ssl
eend $? doins "${S}"/apps/openssl.cnf
systemd_dotmpfilesd "${FILESDIR}"/openssl.conf
# Package the tmpfiles.d setup for SDK bootstrapping.
systemd-tmpfiles --create --root="${ED}" "${FILESDIR}"/openssl.conf
} }

2
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask vendored
View File

@ -1,5 +1,5 @@
# Overwrite outdated portage-stable mask # Overwrite outdated portage-stable mask
=dev-libs/openssl-1.1.1g =dev-libs/openssl-1.1.1j
# Overwrite portage-stable mask - this package was removed in # Overwrite portage-stable mask - this package was removed in
# gentoo. We still need it, since sys-libs/libsemanage still requires # gentoo. We still need it, since sys-libs/libsemanage still requires