mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-11-28 22:12:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1560 from simoncampion/add-clevis-krish

Browse Source 
Add support for TPM- and Tang-based disk encryption
This commit is contained in:
Kai Lüke 2024-03-14 12:51:29 +01:00 committed by GitHub
commit 2ea7f40401
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
83 changed files with 4095 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
changelog/changes/2024-03-14-tpm-tang-encryption.md Normal file
View File

@ -0,0 +1 @@
- Added Ignition Clevis support for encrypted disks unlocked with a TPM2 device or a Tang server ([scripts#1560](https://github.com/flatcar/scripts/pull/1560))

1
sdk_container/src/third_party/coreos-overlay/app-crypt/clevis/Manifest vendored Normal file
View File

@ -0,0 +1 @@
DIST clevis-19.tar.gz 81324 BLAKE2B 75323940d0b53e307f5dbc197e3117e7ddc900d76ae1043bac3d17cc3af0264ba00a5f840c5c9dd3c2dd9c8fbde2cf05934b8ab3e89cd403ad8a8eb28609bb78 SHA512 dee19354c908c3843fc295a84b431780d5d6062c77766ee7ce9550636d3623d92b0cd1f6d4c40d57bef14debddc161da2b72289a5d6185cdd17b09a1ef67409a

67
sdk_container/src/third_party/coreos-overlay/app-crypt/clevis/clevis-19-r1.ebuild vendored Normal file
View File

@ -0,0 +1,67 @@
# Copyright 2022-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
# Flatcar: inherit from systemd because we need to use systemd_enable_service below
inherit meson systemd
DESCRIPTION="Automated Encryption Framework"
HOMEPAGE="https://github.com/latchset/clevis"
SRC_URI="https://github.com/latchset/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="GPL-3"
SLOT="0"
KEYWORDS="~amd64"
IUSE="+luks +tpm"
# Flatcar: add dependency for Dracut module
DEPEND="
dev-libs/jose
sys-fs/cryptsetup
sys-kernel/dracut
luks? (
app-misc/jq
dev-libs/libpwquality
dev-libs/luksmeta
)
tpm? ( app-crypt/tpm2-tools )
"
# Flatcar: The Clevis meson build will not build certain features if certain executables are not found at build time, such as `tpm2_createprimary`.
# The meson function `find_program` that checks for the existence of the executables does not seem to search paths under ${ROOT}, but rather
# under `/`. A fix to make meson find all binaries and include all desired features is to install such runtime dependencies into the SDK.
BDEPEND="
luks? (
app-misc/jq
dev-libs/libpwquality
dev-libs/luksmeta
)
tpm? ( app-crypt/tpm2-tools )
"
RDEPEND="${DEPEND}"
PATCHES=(
# From https://github.com/latchset/clevis/pull/347
# Allows using dracut without systemd
"${FILESDIR}/clevis-dracut.patch"
# Fix for systemd on Gentoo
"${FILESDIR}/clevis-meson.patch"
# Flatcar:
# * install `clevis-pin-tang` dracut module in the absence of dracut `network`
# module; Flatcar uses a custom network module
# * skip copying `/etc/services` into initramfs when installing `clevis` dracut
# module, which would fail
"${FILESDIR}/clevis-dracut-flatcar.patch"
)
post_src_install() {
# Flatcar: the meson build for app-crypt/clevis installs some files to ${D}${ROOT}. After that, Portage
# copies from ${D} to ${ROOT}, leading to files ending up in, e.g., /build/amd64-usr/build/amd64-usr/.
# As a workaround, we move everything from ${D}${ROOT} to ${D} after the src_install phase.
rsync -av ${D}${ROOT}/ ${D}
rm -rfv ${D}${ROOT}
# Flatcar: enable the systemd unit that triggers Clevis's automatic response to LUKS
# disk decryption password prompts.
systemd_enable_service cryptsetup.target clevis-luks-askpass.path
}

25
sdk_container/src/third_party/coreos-overlay/app-crypt/clevis/files/clevis-dracut-flatcar.patch vendored Normal file
View File

@ -0,0 +1,25 @@
diff --git a/src/dracut/clevis-pin-tang/module-setup.sh.in b/src/dracut/clevis-pin-tang/module-setup.sh.in
index 929b878..c48e282 100755
--- a/src/dracut/clevis-pin-tang/module-setup.sh.in
+++ b/src/dracut/clevis-pin-tang/module-setup.sh.in
@@ -19,7 +19,7 @@
#
depends() {
- echo clevis network
+ echo clevis
return 0
}
diff --git a/src/dracut/clevis/module-setup.sh.in b/src/dracut/clevis/module-setup.sh.in
index dbce790..c9581db 100755
--- a/src/dracut/clevis/module-setup.sh.in
+++ b/src/dracut/clevis/module-setup.sh.in
@@ -48,7 +48,6 @@ install() {
fi
inst_multiple \
- /etc/services \
clevis-luks-common-functions \
grep sed cut \
clevis-decrypt \

216
sdk_container/src/third_party/coreos-overlay/app-crypt/clevis/files/clevis-dracut.patch vendored Normal file
View File

@ -0,0 +1,216 @@
diff --git a/src/luks/systemd/dracut/clevis-pin-sss/meson.build b/src/dracut/clevis-pin-sss/meson.build
similarity index 100%
rename from src/luks/systemd/dracut/clevis-pin-sss/meson.build
rename to src/dracut/clevis-pin-sss/meson.build
diff --git a/src/luks/systemd/dracut/clevis-pin-sss/module-setup.sh.in b/src/dracut/clevis-pin-sss/module-setup.sh.in
similarity index 100%
rename from src/luks/systemd/dracut/clevis-pin-sss/module-setup.sh.in
rename to src/dracut/clevis-pin-sss/module-setup.sh.in
diff --git a/src/luks/systemd/dracut/clevis-pin-tang/meson.build b/src/dracut/clevis-pin-tang/meson.build
similarity index 100%
rename from src/luks/systemd/dracut/clevis-pin-tang/meson.build
rename to src/dracut/clevis-pin-tang/meson.build
diff --git a/src/luks/systemd/dracut/clevis-pin-tang/module-setup.sh.in b/src/dracut/clevis-pin-tang/module-setup.sh.in
similarity index 100%
rename from src/luks/systemd/dracut/clevis-pin-tang/module-setup.sh.in
rename to src/dracut/clevis-pin-tang/module-setup.sh.in
diff --git a/src/luks/systemd/dracut/clevis-pin-tpm2/meson.build b/src/dracut/clevis-pin-tpm2/meson.build
similarity index 100%
rename from src/luks/systemd/dracut/clevis-pin-tpm2/meson.build
rename to src/dracut/clevis-pin-tpm2/meson.build
diff --git a/src/luks/systemd/dracut/clevis-pin-tpm2/module-setup.sh.in b/src/dracut/clevis-pin-tpm2/module-setup.sh.in
similarity index 100%
rename from src/luks/systemd/dracut/clevis-pin-tpm2/module-setup.sh.in
rename to src/dracut/clevis-pin-tpm2/module-setup.sh.in
diff --git a/src/dracut/clevis/clevis-hook.sh.in b/src/dracut/clevis/clevis-hook.sh.in
new file mode 100755
index 0000000..91ff2bd
--- /dev/null
+++ b/src/dracut/clevis/clevis-hook.sh.in
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+@libexecdir@/clevis-luks-generic-unlocker -l
diff --git a/src/dracut/clevis/clevis-luks-generic-unlocker b/src/dracut/clevis/clevis-luks-generic-unlocker
new file mode 100755
index 0000000..a3b9d62
--- /dev/null
+++ b/src/dracut/clevis/clevis-luks-generic-unlocker
@@ -0,0 +1,70 @@
+#!/bin/bash
+set -eu
+# vim: set ts=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
+#
+# Copyright (c) 2020-2021 Red Hat, Inc.
+# Author: Sergio Correia <scorreia@redhat.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+. clevis-luks-common-functions
+
+# Make sure to exit cleanly if SIGTERM is received.
+trap 'echo "Exiting due to SIGTERM" && exit 0' TERM
+
+loop=
+while getopts ":l" o; do
+ case "${o}" in
+ l) loop=true;;
+ *) ;;
+ esac
+done
+
+to_unlock() {
+ local _devices='' _d _uuid
+ for _d in $(lsblk -o PATH,FSTYPE,RM \
+ | awk '$2 == "crypto_LUKS" && $3 == "0" { print $1 }' | sort -u);
+ do
+ if ! bindings="$(clevis luks list -d "${_d}" 2>/dev/null)" \
+ || [ -z "${bindings}" ]; then
+ continue
+ fi
+ _uuid="$(cryptsetup luksUUID "${_d}")"
+ if clevis_is_luks_device_by_uuid_open "${_uuid}"; then
+ continue
+ fi
+ _devices="$(printf '%s\n%s' "${_devices}" "${_d}")"
+ done
+ echo "${_devices}" | sed -e 's/^\n$//'
+}
+
+while true; do
+ for d in $(to_unlock); do
+ uuid="$(cryptsetup luksUUID "${d}")"
+ if ! clevis luks unlock -d "${d}"; then
+ echo "Unable to unlock ${d} (UUID=${uuid})" >&2
+ continue
+ fi
+ echo "Unlocked ${d} (UUID=${uuid}) successfully" >&2
+ done
+
+ [ "${loop}" != true ] && break
+ # Checking for pending devices to be unlocked.
+ if remaining=$(to_unlock) && [ -z "${remaining}" ]; then
+ break;
+ fi
+
+ sleep 0.5
+done
diff --git a/src/luks/systemd/dracut/clevis/meson.build b/src/dracut/clevis/meson.build
similarity index 87%
rename from src/luks/systemd/dracut/clevis/meson.build
rename to src/dracut/clevis/meson.build
index 167e708..224e27f 100644
--- a/src/luks/systemd/dracut/clevis/meson.build
+++ b/src/dracut/clevis/meson.build
@@ -16,6 +16,7 @@ if dracut.found()
install_dir: dracutdir,
configuration: data,
)
+ install_data('clevis-luks-generic-unlocker', install_dir: libexecdir)
else
warning('Will not install dracut module due to missing dependencies!')
endif
diff --git a/src/luks/systemd/dracut/clevis/module-setup.sh.in b/src/dracut/clevis/module-setup.sh.in
similarity index 76%
rename from src/luks/systemd/dracut/clevis/module-setup.sh.in
rename to src/dracut/clevis/module-setup.sh.in
index bfe657c..dbce790 100755
--- a/src/luks/systemd/dracut/clevis/module-setup.sh.in
+++ b/src/dracut/clevis/module-setup.sh.in
@@ -19,7 +19,11 @@
#
depends() {
- echo crypt systemd
+ local __depends=crypt
+ if dracut_module_included "systemd"; then
+ __depends=$(printf '%s systemd' "${_depends}")
+ fi
+ echo "${__depends}"
return 255
}
@@ -27,17 +31,24 @@ install() {
if dracut_module_included "systemd"; then
inst_multiple \
$systemdsystemunitdir/clevis-luks-askpass.service \
- $systemdsystemunitdir/clevis-luks-askpass.path
+ $systemdsystemunitdir/clevis-luks-askpass.path \
+ @SYSTEMD_REPLY_PASS@ \
+ @libexecdir@/clevis-luks-askpass
systemctl -q --root "$initdir" add-wants cryptsetup.target clevis-luks-askpass.path
else
inst_hook initqueue/online 60 "$moddir/clevis-hook.sh"
inst_hook initqueue/settled 60 "$moddir/clevis-hook.sh"
+
+ inst_multiple \
+ @libexecdir@/clevis-luks-generic-unlocker \
+ clevis-luks-unlock \
+ lsblk \
+ sort \
+ awk
fi
inst_multiple \
/etc/services \
- @SYSTEMD_REPLY_PASS@ \
- @libexecdir@/clevis-luks-askpass \
clevis-luks-common-functions \
grep sed cut \
clevis-decrypt \
diff --git a/src/luks/systemd/dracut/meson.build b/src/dracut/meson.build
similarity index 78%
rename from src/luks/systemd/dracut/meson.build
rename to src/dracut/meson.build
index 7ad5b14..fdb264b 100644
--- a/src/luks/systemd/dracut/meson.build
+++ b/src/dracut/meson.build
@@ -2,4 +2,3 @@ subdir('clevis')
subdir('clevis-pin-tang')
subdir('clevis-pin-tpm2')
subdir('clevis-pin-sss')
-subdir('clevis-pin-null')
diff --git a/src/luks/systemd/dracut/clevis/clevis-hook.sh.in b/src/luks/systemd/dracut/clevis/clevis-hook.sh.in
deleted file mode 100755
index cb257c9..0000000
--- a/src/luks/systemd/dracut/clevis/clevis-hook.sh.in
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/bash
-@libexecdir@/clevis-luks-askpass
diff --git a/src/luks/systemd/meson.build b/src/luks/systemd/meson.build
index e3b3d91..b10494e 100644
--- a/src/luks/systemd/meson.build
+++ b/src/luks/systemd/meson.build
@@ -10,7 +10,6 @@ sd_reply_pass = find_program(
if systemd.found() and sd_reply_pass.found()
data.set('SYSTEMD_REPLY_PASS', sd_reply_pass.path())
- subdir('dracut')
unitdir = systemd.get_pkgconfig_variable('systemdsystemunitdir')
diff --git a/src/meson.build b/src/meson.build
index c4e696f..a0dff5b 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -1,6 +1,7 @@
subdir('bash')
subdir('luks')
subdir('pins')
+subdir('dracut')
subdir('initramfs-tools')
bins += join_paths(meson.current_source_dir(), 'clevis-decrypt')

11
sdk_container/src/third_party/coreos-overlay/app-crypt/clevis/files/clevis-meson.patch vendored Normal file
View File

@ -0,0 +1,11 @@
diff --git a/src/luks/systemd/meson.build b/src/luks/systemd/meson.build
index b10494e3ca4d620437aee0d5e440eecf323b03d9..09f7fb51e7320aa71e275c34baa0561233821d69 100644
--- a/src/luks/systemd/meson.build
+++ b/src/luks/systemd/meson.build
@@ -5,6 +5,7 @@ sd_reply_pass = find_program(
join_paths(get_option('prefix'), 'lib', 'systemd', 'systemd-reply-password'),
join_paths('/', 'usr', get_option('libdir'), 'systemd', 'systemd-reply-password'),
join_paths('/', 'usr', 'lib', 'systemd', 'systemd-reply-password'),
+ join_paths('/', 'lib', 'systemd', 'systemd-reply-password'),
required: false
)

15
sdk_container/src/third_party/coreos-overlay/app-crypt/clevis/metadata.xml vendored Normal file
View File

@ -0,0 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>kjain7@u.rochester.edu</email>
<name>Krish Jain (based off Julien Roy's work) </name>
</maintainer>
<upstream>
<remote-id type="github">latchset/clevis</remote-id>
</upstream>
<use>
<flag name="luks">Enable LUKS support</flag>
<flag name="tpm">Enable TPM support</flag>
</use>
</pkgmetadata>

1
sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild vendored
View File

@ -101,6 +101,7 @@ RDEPEND="${RDEPEND}
app-arch/zip
app-arch/ncompress
app-crypt/adcli
app-crypt/clevis
app-crypt/gnupg
app-crypt/go-tspi
app-crypt/tpmpolicy

9
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords vendored
View File

@ -14,6 +14,9 @@
# Seems to be the only available ebuild in portage-stable right now.
=app-crypt/adcli-0.9.2 ~amd64 ~arm64
# The only available ebuild (from GURU) has ~amd64 and no keyword for arm64 yet.
=app-crypt/clevis-19-r1 **
# Needed by arm64-native SDK.
=app-crypt/efitools-1.9.2-r1 ~arm64
@ -42,6 +45,12 @@
# Needed by arm64-native SDK.
=dev-lang/yasm-1.3.0-r1 ~arm64
# The only available ebuild (from GURU) has ~amd64 and no keyword for arm64 yet.
=dev-libs/jose-12 **
# The only available ebuild (from GURU) has ~amd64 and no keyword for arm64 yet.
=dev-libs/luksmeta-9-r1 **
# Keep versions on both arches in sync.
=dev-libs/ding-libs-0.6.2-r1 ~arm64

5
sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-9999.ebuild vendored
View File

@ -10,7 +10,7 @@ CROS_WORKON_REPO="https://github.com"
if [[ "${PV}" == 9999 ]]; then
KEYWORDS="~amd64 ~arm ~arm64 ~x86"
else
CROS_WORKON_COMMIT="08125679df614d1e95c20ea7676ba19c56838103" # flatcar-master
CROS_WORKON_COMMIT="ea430ee8ada8f3415228c185c1205d1f681c8ca4" # flatcar-master
KEYWORDS="amd64 arm arm64 x86"
fi
@ -38,10 +38,9 @@ src_install() {
"${D}"/usr/lib/dracut/modules.d/30ignition/ignition-setup-pre.sh \
"${D}"/usr/lib/dracut/modules.d/30ignition/ignition-kargs-helper \
"${D}"/usr/lib/dracut/modules.d/30ignition/retry-umount.sh \
"${D}"/usr/lib/dracut/modules.d/40networkd-dependency/*-generator \
"${D}"/usr/lib/dracut/modules.d/99setup-root/initrd-setup-root \
"${D}"/usr/lib/dracut/modules.d/99setup-root/initrd-setup-root-after-ignition \
"${D}"/usr/lib/dracut/modules.d/99setup-root/gpg-agent-wrapper \
"${D}"/usr/lib/dracut/modules.d/30ignition/coreos-metadata-wrapper \
"${D}"/usr/lib/dracut/modules.d/30ignition/ignition-wrapper \
|| die chmod
}

1
sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.6.17.ebuild vendored
View File

@ -12,6 +12,7 @@ RDEPEND="=sys-kernel/coreos-modules-${PVR}"
DEPEND="${RDEPEND}
app-arch/gzip
app-arch/zstd
app-crypt/clevis
app-shells/bash
coreos-base/coreos-init:=
sys-apps/coreutils

3
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tools/Manifest vendored Normal file
View File

@ -0,0 +1,3 @@
DIST tpm2-tools-5.5.tar.gz 1241390 BLAKE2B 2225f9e0835988351f84ed06f914616e25fd65bacaa93b51d0bb04185314efb9a6f60eb3539b250f54b2c2ba590f1b76594df3e625e45c8d37e38d13371bea26 SHA512 24f72a3e9840d531d900e96771a863baae1c71a76fcad0fda8020dff06acd8e3b65b86401ace21f034766403caf9ae97ce710ff6013bb7ed25657a6ecf325470
DIST tpm2-tools-5.6-tpm2_eventlog-Create-raw-and-pretty-print-format-for.patch.xz 47916 BLAKE2B 1bbc84f58ad46507417c89be1b4ce2450fb33cf3abe8f080c23890d96be85379f135ef1dbf4b580e1a386fa6d5ebc4fbaab351b5238bbf1011bb97b0f49a847b SHA512 3db0daa39a8dc756d7cb25e3673149dc3eeafd7410f2c6537464431b501e3704a886d9b7a9acd71440d6d419649dd471fd6f9247d593c89a30b05774a8d1b3de
DIST tpm2-tools-5.6.tar.gz 1266731 BLAKE2B fe88722c26d62128cd6dfbdd8ef2568656a75fe27b1443fed28387d0db1f50b7d0651819d34dfa98acde785b4cfb4e7c11420b110bb5333ed2bb6b67cdd4fc70 SHA512 14216f29ed3ecca5fbe356ed3744c8b6b25a62ff11b2aed596d11101328c8bfd29a02f6ca5a218f9a4477a5e9648c50f0ae96e71de0b4ff5ea1f98ebeeb73cd7

15
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tools/files/tpm2-tools-5.6-Makefile-am-Dont-require-pandoc-for-tests.patch vendored Normal file
View File

@ -0,0 +1,15 @@
diff --git a/Makefile.am b/Makefile.am
index 627983ca..d32f109c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -659,10 +659,3 @@ else
endif
check: prepare-check
-
-if !HAVE_PANDOC
-# If pandoc is not enabled, we want to complain that you need pandoc for make dist,
-# so hook the target and complain.
- @(>&2 echo "You do not have pandoc, a requirement for the distribution of manpages")
- @exit 1
-endif

47
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tools/files/tpm2-tools-5.6-bashism.patch vendored Normal file
View File

@ -0,0 +1,47 @@
https://github.com/tpm2-software/tpm2-tools/pull/3339
From 9f244c3f74747b7f79c8c6813657b2f2f8a1c844 Mon Sep 17 00:00:00 2001
From: Sam James <sam@gentoo.org>
Date: Sun, 21 Jan 2024 08:08:28 +0000
Subject: [PATCH] configure.ac: fix bashisms
configure scripts need to be runnable with a POSIX-compliant /bin/sh.
On many (but not all!) systems, /bin/sh is provided by Bash, so errors
like this aren't spotted. Notably Debian defaults to /bin/sh provided
by dash which doesn't tolerate such bashisms as '=='.
This retains compatibility with bash.
Fixes configure warnings/errors like:
```
checking for libcurl... yes
./configure: 15201: test: xauto: unexpected operator
./configure: 15286: test: xauto: unexpected operator
checking for efivar/efivar.h... yes
```
This fixes a build error later on too:
```
/usr/lib/gcc/x86_64-pc-linux-gnu/14/../../../../x86_64-pc-linux-gnu/bin/ld: lib/libcommon.a(libcommon_a-tpm2_eventlog_yaml.o): in function `yaml_devicepath':
tpm2_eventlog_yaml.c:(.text.yaml_devicepath+0x2f): undefined reference to `efidp_format_device_path'
/usr/lib/gcc/x86_64-pc-linux-gnu/14/../../../../x86_64-pc-linux-gnu/bin/ld: tpm2_eventlog_yaml.c:(.text.yaml_devicepath+0x61): undefined reference to `efidp_format_device_path'
```
Bug: https://bugs.gentoo.org/922592
Signed-off-by: Sam James <sam@gentoo.org>
--- a/configure.ac
+++ b/configure.ac
@@ -94,9 +94,9 @@ AC_ARG_WITH([efivar],
)
# use the true program to avoid failing hard
-AS_IF([test "x$with_efivar" == "xauto"],
+AS_IF([test "x$with_efivar" = "xauto"],
[PKG_CHECK_MODULES([EFIVAR], [efivar], [AC_CHECK_HEADERS([efivar/efivar.h], , [true])], [true])],
- [test "x$with_efivar" == "xyes"],
+ [test "x$with_efivar" = "xyes"],
[PKG_CHECK_MODULES([EFIVAR], [efivar], [AC_CHECK_HEADERS([efivar/efivar.h])])],
)

123
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog-fix-check-eventlog.sh-if-efivar.h-exis.patch vendored Normal file
View File

@ -0,0 +1,123 @@
From 9cd74df24dbeee81b408e12ac10a98a088008d07 Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Mon, 20 Nov 2023 13:55:36 +0100
Subject: [PATCH] test eventlog: fix check eventlog.sh if efivar.h exists
If efivar.h exist a pretty print function for the DevicePath
is executed. Therefore two yaml test files are needed for
the bin test file uefiservices.
Fixes #3302.
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
Makefile.am | 13 ++++++
configure.ac | 3 ++
.../event-uefiservices.bin.yaml.pretty | 45 +++++++++++++++++++
...n.yaml => event-uefiservices.bin.yaml.raw} | 0
4 files changed, 61 insertions(+)
create mode 100644 test/integration/fixtures/event-uefiservices.bin.yaml.pretty
rename test/integration/fixtures/{event-uefiservices.bin.yaml => event-uefiservices.bin.yaml.raw} (100%)
diff --git a/Makefile.am b/Makefile.am
index 413345cd..ef76dca8 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -352,6 +352,7 @@ TEST_EXTENSIONS = .sh
check-hook:
rm -rf .lock_file
+ rm -f $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml
EXTRA_DIST_IGNORE = \
.gitignore \
@@ -647,6 +648,18 @@ dist-hook:
for f in $(EXTRA_DIST_IGNORE); do \
rm -rf `find $(distdir) -name $$f`; \
done;
+
+prepare-check:
+if HAVE_EFIVAR_H
+ cp $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml.pretty \
+ $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml
+else
+ cp $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml.raw \
+ $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml
+endif
+
+check: prepare-check
+
if !HAVE_PANDOC
# If pandoc is not enabled, we want to complain that you need pandoc for make dist,
# so hook the target and complain.
diff --git a/configure.ac b/configure.ac
index 362ae0aa..54224048 100644
--- a/configure.ac
+++ b/configure.ac
@@ -97,6 +97,9 @@ AS_IF([test "x$with_efivar" == "xauto"],
[PKG_CHECK_MODULES([EFIVAR], [efivar], [AC_CHECK_HEADERS([efivar/efivar.h])])],
)
+AC_CHECK_HEADERS([efivar/efivar.h],[efivar_h=yes ], [efivar = no ])
+AM_CONDITIONAL([HAVE_EFIVAR_H], [test "$efivar_h" = yes])
+
# backwards compat with older pkg-config
# - pull in AC_DEFUN from pkg.m4
m4_ifndef([PKG_CHECK_VAR], [
diff --git a/test/integration/fixtures/event-uefiservices.bin.yaml.pretty b/test/integration/fixtures/event-uefiservices.bin.yaml.pretty
new file mode 100644
index 00000000..f0819f70
--- /dev/null
+++ b/test/integration/fixtures/event-uefiservices.bin.yaml.pretty
@@ -0,0 +1,45 @@
+---
+version: 1
+events:
+- EventNum: 0
+ PCRIndex: 0
+ EventType: EV_NO_ACTION
+ Digest: "0000000000000000000000000000000000000000"
+ EventSize: 37
+ SpecID:
+ - Signature: Spec ID Event03
+ platformClass: 0
+ specVersionMinor: 0
+ specVersionMajor: 2
+ specErrata: 0
+ uintnSize: 2
+ numberOfAlgorithms: 2
+ Algorithms:
+ - Algorithm[0]:
+ algorithmId: sha1
+ digestSize: 20
+ - Algorithm[1]:
+ algorithmId: sha256
+ digestSize: 32
+ vendorInfoSize: 0
+- EventNum: 1
+ PCRIndex: 2
+ EventType: EV_EFI_BOOT_SERVICES_DRIVER
+ DigestCount: 2
+ Digests:
+ - AlgorithmId: sha1
+ Digest: "855685b4dbd4b67d50e0594571055054cfe2b1e9"
+ - AlgorithmId: sha256
+ Digest: "dd8576b4ff346c19c56c3e4f97ce55c5afa646f9c669be0a7cdd05057a0ecdf3"
+ EventSize: 84
+ Event:
+ ImageLocationInMemory: 0x7dcf6018
+ ImageLengthInMemory: 171464
+ ImageLinkTimeAddress: 0x0
+ LengthOfDevicePath: 52
+ DevicePath1: 'PciRoot(0x0)/Pci(0x2,0x0)/Pci(0x0,0x0)/Offset(0x12600,0x3c3ff)'
+pcrs:
+ sha1:
+ 2 : 0x5b5f4d5c31664f01670a98a5796a36473671befc
+ sha256:
+ 2 : 0x35fcf9d737c52c971f7c74058d36937dbd7824177fa0f1de3eba3934fcb83b9d
diff --git a/test/integration/fixtures/event-uefiservices.bin.yaml b/test/integration/fixtures/event-uefiservices.bin.yaml.raw
similarity index 100%
rename from test/integration/fixtures/event-uefiservices.bin.yaml
rename to test/integration/fixtures/event-uefiservices.bin.yaml.raw
--
2.41.0

18
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tools/metadata.xml vendored Normal file
View File

@ -0,0 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person" proxied="yes">
<email>salah.coronya@gmail.com</email>
<name>Christopher Byrne</name>
</maintainer>
<maintainer type="project" proxied="proxy">
<email>proxy-maint@gentoo.org</email>
<name>Proxy Maintainers</name>
</maintainer>
<use>
<flag name="fapi">Enable feature API tools</flag>
</use>
<upstream>
<remote-id type="github">tpm2-software/tpm2-tools</remote-id>
</upstream>
</pkgmetadata>

66
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tools/tpm2-tools-5.5.ebuild vendored Normal file
View File

@ -0,0 +1,66 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{10..12} )
inherit bash-completion-r1 flag-o-matic python-any-r1
DESCRIPTION="Tools for the TPM 2.0 TSS"
HOMEPAGE="https://github.com/tpm2-software/tpm2-tools"
SRC_URI="https://github.com/tpm2-software/tpm2-tools/releases/download/${PV}/${P}.tar.gz"
LICENSE="BSD"
SLOT="0"
KEYWORDS="amd64 arm arm64 ppc64 x86"
IUSE="+fapi test"
RESTRICT="!test? ( test )"
RDEPEND=">=app-crypt/tpm2-tss-3.0.1:=[fapi?]
dev-libs/openssl:=
net-misc/curl
sys-libs/efivar:="
DEPEND="${RDEPEND}
test? (
app-crypt/swtpm
app-crypt/tpm2-abrmd
dev-util/cmocka
)"
BDEPEND="virtual/pkgconfig
dev-build/autoconf-archive
test? (
app-editors/vim-core
dev-tcltk/expect
$(python_gen_any_dep 'dev-python/pyyaml[${PYTHON_USEDEP}]')
)
${PYTHON_DEPS}"
python_check_deps() {
python_has_version "dev-python/pyyaml[${PYTHON_USEDEP}]"
}
pkg_setup() {
use test && python-any-r1_pkg_setup
}
src_configure() {
# tests fail with LTO enabbled. See bug 865275 and 865277
filter-lto
econf \
$(use_enable fapi) \
$(use_enable test unit) \
--with-bashcompdir=$(get_bashcompdir) \
--enable-hardening
}
src_install() {
default
mv "${ED}"/$(get_bashcompdir)/tpm2{_completion.bash,} || die
local utils=( "${ED}"/usr/bin/tpm2_* )
utils=("${utils[@]##*/}")
# these utiltites don't have bash completions
local nobashcomp=( tpm2_encodeobject tpm2_getpolicydigest tpm2_sessionconfig )
mapfile -d $'\0' -t utils < <(printf '%s\0' "${utils[@]}" | grep -Ezvw "${nobashcomp[@]/#/-e}")
bashcomp_alias tpm2 "${utils[@]}"
}

79
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tools/tpm2-tools-5.6-r1.ebuild vendored Normal file
View File

@ -0,0 +1,79 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{10..12} )
inherit autotools bash-completion-r1 flag-o-matic python-any-r1
DESCRIPTION="Tools for the TPM 2.0 TSS"
HOMEPAGE="https://github.com/tpm2-software/tpm2-tools"
SRC_URI="https://github.com/tpm2-software/tpm2-tools/releases/download/${PV}/${P}.tar.gz"
SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/tpm2-tools-5.6-tpm2_eventlog-Create-raw-and-pretty-print-format-for.patch.xz"
LICENSE="BSD"
SLOT="0"
KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
IUSE="+fapi test"
RESTRICT="!test? ( test )"
RDEPEND=">=app-crypt/tpm2-tss-3.0.1:=[fapi?]
dev-libs/openssl:=
net-misc/curl
sys-libs/efivar:="
DEPEND="${RDEPEND}
test? (
app-crypt/swtpm
app-crypt/tpm2-abrmd
dev-util/cmocka
)"
BDEPEND="virtual/pkgconfig
dev-build/autoconf-archive
test? (
app-editors/vim-core
dev-tcltk/expect
$(python_gen_any_dep 'dev-python/pyyaml[${PYTHON_USEDEP}]')
)
${PYTHON_DEPS}"
PATCHES=(
"${FILESDIR}/${PN}-5.6-test-eventlog-fix-check-eventlog.sh-if-efivar.h-exis.patch"
"${WORKDIR}/${PN}-5.6-tpm2_eventlog-Create-raw-and-pretty-print-format-for.patch"
"${FILESDIR}/${PN}-5.6-Makefile-am-Dont-require-pandoc-for-tests.patch"
"${FILESDIR}/${PN}-5.6-bashism.patch"
)
python_check_deps() {
python_has_version "dev-python/pyyaml[${PYTHON_USEDEP}]"
}
pkg_setup() {
use test && python-any-r1_pkg_setup
}
src_prepare() {
default
eautoreconf
}
src_configure() {
# tests fail with LTO enabbled. See bug 865275 and 865277
filter-lto
econf \
$(use_enable fapi) \
$(use_enable test unit) \
--with-bashcompdir=$(get_bashcompdir) \
--enable-hardening
}
src_install() {
default
mv "${ED}"/$(get_bashcompdir)/tpm2{_completion.bash,} || die
local utils=( "${ED}"/usr/bin/tpm2_* )
utils=("${utils[@]##*/}")
# these utiltites don't have bash completions
local nobashcomp=( tpm2_encodeobject tpm2_getpolicydigest tpm2_sessionconfig )
mapfile -d $'\0' -t utils < <(printf '%s\0' "${utils[@]}" | grep -Ezvw "${nobashcomp[@]/#/-e}")
bashcomp_alias tpm2 "${utils[@]}"
}

1
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tss/Manifest vendored Normal file
View File

@ -0,0 +1 @@
DIST tpm2-tss-4.0.1.tar.gz 1787139 BLAKE2B 627cdefeff6c64148f9da1425922a0a7a72debcee4930ffab208a3b9b66127c2d4f923e3e105bfd45410cdb13c19cb40cc15a720e9a05dd32ff622dabf5fcc32 SHA512 ed6ddc52cb0e8c1082a4bb001e1225eb9905fd2380da88db5fd69ff5b5d9d43a93eb67b634e49d53eb5d586832da3aef2c4c7e5f18d51bb730481f8913319d7d

26
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tss/files/tpm2-tss-4.0.0-Dont-install-files-into-run.patch vendored Normal file
View File

@ -0,0 +1,26 @@
diff --git a/Makefile.am b/Makefile.am
index 2c81cfa9..2673995c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -767,13 +767,11 @@ define set_tss_permissions
endef
define make_fapi_dirs
- ($(call make_tss_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/) || true) && \
($(call make_tss_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/))
endef
define set_fapi_permissions
if test -z "${DESTDIR}"; then \ e
- ($(call set_tss_permissions,$(DESTDIR)$(runstatedir)/tpm2-tss)) && \
($(call set_tss_permissions,$(DESTDIR)$(localstatedir)/lib/tpm2-tss)) \
fi
endef
@@ -784,7 +782,6 @@ endef
define check_fapi_dirs
if test -z "${DESTDIR}"; then \
- ($(call check_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/)) && \
($(call check_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) \
fi;
endef

27
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch vendored Normal file
View File

@ -0,0 +1,27 @@
From 0632885d08917092ffc8d98febd158745a74465a Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 4 Aug 2023 16:07:52 +0200
Subject: [PATCH] Do not consider failures to write files in /sys hard errors
systemd-tmpfiles can run in containers, chroots, ... where writing to /sys will fail, so let's suffix these lines with "-" to avoid considering these cases hard errors.
Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com>
---
dist/tmpfiles.d/tpm2-tss-fapi.conf.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
index 7ea3c652..51ff78e5 100644
--- a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
+++ b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
@@ -3,5 +3,5 @@ d @localstatedir@/lib/tpm2-tss/system/keystore 2775 tss tss -
a+ @localstatedir@/lib/tpm2-tss/system/keystore - - - - default:group:tss:rwx
d @runstatedir@/tpm2-tss/eventlog 2775 tss tss - -
a+ @runstatedir@/tpm2-tss/eventlog - - - - default:group:tss:rwx
-z /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - -
-z /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - -
+z- /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - -
+z- /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - -
--
2.43.0

50
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch vendored Normal file
View File

@ -0,0 +1,50 @@
From 75f53cf7eab591870ce735203995d01d2f577187 Mon Sep 17 00:00:00 2001
From: Christopher Byrne <salah.coronya@gmail.com>
Date: Tue, 13 Jun 2023 21:40:56 -0500
Subject: [PATCH] configure.ac: Make sysusers and tmpfiles optional
Signed-off-by: Christopher Byrne <salah.coronya@gmail.com>
---
Makefile.am | 6 +++++-
configure.ac | 4 ++--
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 2c81cfa9..98965fa7 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -563,10 +563,14 @@ fapi-config.json: dist/fapi-config.json.in
-e 's|[@]sysmeasurements@|$(sysmeasurements)|g' \
< "$<" > "$@"
+if SYSD_SYSUSERS
sysusers_DATA = dist/sysusers.d/tpm2-tss.conf
-tmpfiles_DATA = tpm2-tss-fapi.conf
+endif
+if SYSD_TMPFILES
+tmpfiles_DATA = tpm2-tss-fapi.conf
CLEANFILES += tpm2-tss-fapi.conf
+endif
# We have to do this ourselves, in order to get absolute paths
tpm2-tss-fapi.conf: dist/tmpfiles.d/tpm2-tss-fapi.conf.in
diff --git a/configure.ac b/configure.ac
index b6550278..2d478147 100644
--- a/configure.ac
+++ b/configure.ac
@@ -550,9 +550,9 @@ AS_IF([test "x$enable_integration" = "xyes" && test "x$enable_self_generated_cer
# Check for systemd helper tools used by make install
AC_CHECK_PROG(systemd_sysusers, systemd-sysusers, yes)
-AM_CONDITIONAL(SYSD_SYSUSERS, test "x$systemd_sysusers" = "xyes")
+AM_CONDITIONAL([SYSD_SYSUSERS], [test "x$systemd_sysusers" = "xyes" && test "x$sysusersdir" != "xno"])
AC_CHECK_PROG(systemd_tmpfiles, systemd-tmpfiles, yes)
-AM_CONDITIONAL(SYSD_TMPFILES, test "x$systemd_tmpfiles" = "xyes")
+AM_CONDITIONAL([SYSD_TMPFILES], [test "x$systemd_tmpfiles" = "xyes" && test "x$tmpfilesdir" != "xno"])
# Check all tools used by make install
AS_IF([test "$HOSTOS" = "Linux" && test "x$systemd_sysusers" != "xyes"],
--
2.39.3

21
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tss/metadata.xml vendored Normal file
View File

@ -0,0 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person" proxied="yes">
<email>salah.coronya@gmail.com</email>
<name>Christopher Byrne</name>
</maintainer>
<maintainer type="project" proxied="proxy">
<email>proxy-maint@gentoo.org</email>
<name>Proxy Maintainers</name>
</maintainer>
<use>
<flag name="fapi">Enable feature API (requires openssl as crypto backend)</flag>
<flag name="mbedtls">Use <pkg>net-libs/mbedtls</pkg> as crypto engine</flag>
<flag name="openssl">Use <pkg>dev-libs/openssl</pkg> as crypto engine</flag>
<flag name="policy">Enable policy library (requires openssl as crypto backend)</flag>
</use>
<upstream>
<remote-id type="github">tpm2-software/tpm2-tss</remote-id>
</upstream>
</pkgmetadata>

109
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild vendored Normal file
View File

@ -0,0 +1,109 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
LICENSE="BSD-2"
SLOT="0/4"
KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
RESTRICT="!test? ( test )"
REQUIRED_USE="
^^ ( mbedtls openssl )
fapi? ( openssl !mbedtls )
policy? ( openssl !mbedtls )
"
RDEPEND="
acct-group/tss
acct-user/tss
sys-apps/util-linux:=[${MULTILIB_USEDEP}]
fapi? (
dev-libs/json-c:=[${MULTILIB_USEDEP}]
>=net-misc/curl-7.80.0[${MULTILIB_USEDEP}]
)
mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )
"
DEPEND="
${RDEPEND}
test? ( app-crypt/swtpm
dev-libs/uthash
dev-util/cmocka
fapi? ( >=net-misc/curl-7.80.0 ) )
"
BDEPEND="
sys-apps/acl
virtual/pkgconfig
doc? ( app-text/doxygen )
"
PATCHES=(
"${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch"
"${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch"
"${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch"
)
pkg_setup() {
local CONFIG_CHECK="~TCG_TPM"
linux-info_pkg_setup
kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
}
src_prepare() {
default
eautoreconf
}
multilib_src_configure() {
# Fails with inlining
filter-flags -fno-semantic-interposition
# tests fail with LTO enabbled. See bug 865275 and 865279
filter-lto
local myconf=(
--localstatedir=/var
$(multilib_native_use_enable doc doxygen-doc)
$(use_enable fapi)
$(use_enable policy)
$(use_enable static-libs static)
$(multilib_native_use_enable test unit)
$(multilib_native_use_enable test integration)
$(multilib_native_use_enable test self-generated-certificate)
--disable-tcti-libtpms
--disable-defaultflags
--disable-weakcrypto
--with-crypto="$(usex mbedtls mbed ossl)"
--with-runstatedir=/run
--with-udevrulesdir="$(get_udevdir)/rules.d"
--with-udevrulesprefix=60-
--without-sysusersdir
--with-tmpfilesdir="/usr/lib/tmpfiles.d"
)
ECONF_SOURCE=${S} econf "${myconf[@]}"
}
multilib_src_install() {
default
keepdir /var/lib/tpm2-tss/system/keystore
find "${ED}" -name '*.la' -delete || die
}
pkg_postinst() {
tmpfiles_process tpm2-tss-fapi.conf
udev_reload
}
pkg_postrm() {
udev_reload
}

97
sdk_container/src/third_party/portage-stable/app-crypt/tpm2-tss/tpm2-tss-4.0.1.ebuild vendored Normal file
View File

@ -0,0 +1,97 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
LICENSE="BSD-2"
SLOT="0/4"
KEYWORDS="amd64 arm arm64 ~loong ppc64 ~riscv x86"
IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
RESTRICT="!test? ( test )"
REQUIRED_USE="^^ ( mbedtls openssl )
fapi? ( openssl !mbedtls )
policy? ( openssl !mbedtls )"
RDEPEND="acct-group/tss
acct-user/tss
sys-apps/util-linux:=[${MULTILIB_USEDEP}]
fapi? ( dev-libs/json-c:=[${MULTILIB_USEDEP}]
>=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] )
mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )"
DEPEND="${RDEPEND}
test? ( app-crypt/swtpm
dev-libs/uthash
dev-util/cmocka
fapi? ( >=net-misc/curl-7.80.0 ) )"
BDEPEND="sys-apps/acl
virtual/pkgconfig
doc? ( app-text/doxygen )"
PATCHES=(
"${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch"
"${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch"
)
pkg_setup() {
local CONFIG_CHECK=" \
~TCG_TPM
"
linux-info_pkg_setup
kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
}
src_prepare() {
default
eautoreconf
}
multilib_src_configure() {
# Fails with inlining
filter-flags -fno-semantic-interposition
# tests fail with LTO enabbled. See bug 865275 and 865279
filter-lto
ECONF_SOURCE=${S} econf \
--localstatedir=/var \
$(multilib_native_use_enable doc doxygen-doc) \
$(use_enable fapi) \
$(use_enable policy) \
$(use_enable static-libs static) \
$(multilib_native_use_enable test unit) \
$(multilib_native_use_enable test integration) \
$(multilib_native_use_enable test self-generated-certificate) \
--disable-tcti-libtpms \
--disable-defaultflags \
--disable-weakcrypto \
--with-crypto="$(usex mbedtls mbed ossl)" \
--with-runstatedir=/run \
--with-udevrulesdir="$(get_udevdir)/rules.d" \
--with-udevrulesprefix=60- \
--without-sysusersdir \
--with-tmpfilesdir="/usr/lib/tmpfiles.d"
}
multilib_src_install() {
default
keepdir /var/lib/tpm2-tss/system/keystore
find "${ED}" -name '*.la' -delete || die
}
pkg_postinst() {
tmpfiles_process tpm2-tss-fapi.conf
udev_reload
}
pkg_postrm() {
udev_reload
}

2
sdk_container/src/third_party/portage-stable/dev-libs/jose/Manifest vendored Normal file
View File

@ -0,0 +1,2 @@
DIST jose-11.tar.gz 841374 BLAKE2B 5ffe35ebd48ed72d140e1dbf3ad37fcc3b4fd5534a5e1a5d9c43e82ad1901f989610baee2e2eb17209fd72f73c4f17227bed01d168bb4d243f067ec25051f913 SHA512 ffe09000837f79cefa549734d13c5d5d51042a42a055867241777ccbff3a127bac86a6155638fdf5ee52aad3598829e19724fd4e7de541117ed9b1c77c2ce457
DIST jose-12.tar.gz 841206 BLAKE2B 32473b67b4c6235c3f7ea04295bdd44dda3fe5a51355b9880a92d0a6aada78eeba2fb027a6329e8f249f087ab7dee705d0493771b63cb463067df709b7707212 SHA512 31b7fc9354c3579f5bf904be0efd3631fe35fbbcc85455b2d414664ff2b4dbb3253b9c954229d87ca2a2e3ec382c5316bcb3f2ee424572ed25946a99fe885ada

19
sdk_container/src/third_party/portage-stable/dev-libs/jose/jose-11-r1.ebuild vendored Normal file
View File

@ -0,0 +1,19 @@
# Copyright 2022-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit meson
DESCRIPTION="C-language implementation of Javascript Object Signing and Encryption"
HOMEPAGE="https://github.com/latchset/jose"
SRC_URI="https://github.com/latchset/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="Apache-2.0"
SLOT="0"
KEYWORDS="~amd64"
DEPEND="dev-libs/jansson"
RDEPEND="${DEPEND}
dev-libs/openssl:=
"

22
sdk_container/src/third_party/portage-stable/dev-libs/jose/jose-12.ebuild vendored Normal file
View File

@ -0,0 +1,22 @@
# Copyright 2022-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit meson
DESCRIPTION="C-language implementation of Javascript Object Signing and Encryption"
HOMEPAGE="https://github.com/latchset/jose"
SRC_URI="https://github.com/latchset/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="Apache-2.0"
SLOT="0"
KEYWORDS="~amd64"
DEPEND="
dev-libs/jansson
sys-libs/zlib
"
RDEPEND="${DEPEND}
dev-libs/openssl:=
"

11
sdk_container/src/third_party/portage-stable/dev-libs/jose/metadata.xml vendored Normal file
View File

@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>julien@jroy.ca</email>
<name>Julien Roy</name>
</maintainer>
<upstream>
<remote-id type="github">latchset/jose</remote-id>
</upstream>
</pkgmetadata>

2
sdk_container/src/third_party/portage-stable/dev-libs/libatasmart/Manifest vendored Normal file
View File

@ -0,0 +1,2 @@
DIST libatasmart_0.19-5.debian.tar.xz 6452 BLAKE2B 09bde3d5d79062d4df82e5582e932b6b566a91607086ddd805925d1966cdee4cb4ba43863f4b7d26a98588479b117841050f762d23c6719448635bf1e681b315 SHA512 434b6ef3ea377485ce745e147da8bb72851b2eeabe6f418379511650f0161f15a9ee21f4f0b5f9beb218b99eb417c1aeafdea4640995efbaf45024f40ce71802
DIST libatasmart_0.19.orig.tar.xz 251204 BLAKE2B 7e2a9823c27eee5a41f93464b28236239891349639162c5fdc114c241a70fb39a3046c3de16ce402787cd86e13609fff0578bd26f7a2c994fefe3c9756d45968 SHA512 ec9edb019c477873b01289ba365ad0ed0946505d651c1f6f83a63ef61b3976a5db6439c8a0c74d9a55325db9a3a587ad6f655f8d1af9387b0d08356eccabdb62

51
sdk_container/src/third_party/portage-stable/dev-libs/libatasmart/libatasmart-0.19_p5.ebuild vendored Normal file
View File

@ -0,0 +1,51 @@
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit toolchain-funcs
DESCRIPTION="A small and lightweight parser library for ATA S.M.A.R.T. hard disks"
HOMEPAGE="https://salsa.debian.org/utopia-team/libatasmart"
SRC_URI="mirror://debian/pool/main/liba/${PN}/${PN}_${PV/_p*}.orig.tar.xz
mirror://debian/pool/main/liba/${PN}/${PN}_${PV/_p/-}.debian.tar.xz"
LICENSE="LGPL-2.1"
SLOT="0/4"
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv sparc x86"
IUSE="static-libs"
RDEPEND="virtual/libudev:="
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig"
S="${WORKDIR}/${P/_p*}"
src_prepare() {
# https://bugs.gentoo.org/470874
local d="${WORKDIR}/debian/patches"
sed -i -e '/#/d' \
-e "s|^|${d}/|" "${d}"/series || die
eapply $(<"${d}"/series)
eapply_user
}
src_configure() {
econf $(use_enable static-libs static)
}
src_compile() {
if tc-is-cross-compiler; then
tc-export_build_env
emake -C strpool strpool \
CFLAGS="${BUILD_CFLAGS}" \
CPPFLAGS="${BUILD_CPPFLAGS}" \
LDFLAGS="${BUILD_LDFLAGS}"
fi
emake
}
src_install() {
default
find "${ED}" -type f -name "*.la" -delete || die
}

7
sdk_container/src/third_party/portage-stable/dev-libs/libatasmart/metadata.xml vendored Normal file
View File

@ -0,0 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>freedesktop-bugs@gentoo.org</email>
</maintainer>
</pkgmetadata>

2
sdk_container/src/third_party/portage-stable/dev-libs/libbytesize/Manifest vendored Normal file
View File

@ -0,0 +1,2 @@
DIST libbytesize-2.10.tar.gz 458804 BLAKE2B 413a45bebf8394e0557c2e1ef7e1f4348fa6dfa52c697599886d70292ea8b2e1b17402e787afaeb8fecd84e3a37a6c0c39440fa22a556dcaba3f419ee17e1b0e SHA512 9e52b9a756a5b4ee6e23a7a20fd0c6ca2a65ff31f38ddc7545d6838fe9a3da0ee0bd7491cb268f071c950fbeb8d65c707423d285cc3548038b3a2d3aa7f0de48
DIST libbytesize-2.9.tar.gz 458737 BLAKE2B d2e47b520cf2669131816f069d8ebeb946be02bc04acc676579f12e798fcb2aa176fd25e6bb77dd1e6b274ec0762498df5df18d88c627653accc426a7e268f36 SHA512 6def6bebe33344e6d6ce1a636bcd200a9d28ed5c4e5ce5dfbfd94c4d92ba37512ef1ee4f12716af0d6a402d5285e60df1ee629ecf31cf7d0b59990c524384fd1

24
sdk_container/src/third_party/portage-stable/dev-libs/libbytesize/files/libbytesize-2.4-no_Werror.patch vendored Normal file
View File

@ -0,0 +1,24 @@
https://bugs.gentoo.org/744286
--- libbytesize-2.4/configure.ac
+++ libbytesize-2.4/configure.ac
@@ -6,7 +6,7 @@
# This needs to be set before initializing automake
AC_DISABLE_STATIC
-AM_INIT_AUTOMAKE([foreign -Wall -Werror -Wno-syntax -Wno-portability])
+AM_INIT_AUTOMAKE([foreign -Wall -Wno-syntax -Wno-portability])
AC_CONFIG_MACRO_DIR([m4])
# Check for the gettext programs
--- libbytesize-2.4/src/Makefile.am
+++ libbytesize-2.4/src/Makefile.am
@@ -2,7 +2,7 @@
LDADD = $(LIBINTL)
lib_LTLIBRARIES = libbytesize.la
-libbytesize_la_CFLAGS = -Wall -Wextra -Werror -Wno-overflow -D_GNU_SOURCE
+libbytesize_la_CFLAGS = -Wall -Wextra -Wno-overflow -D_GNU_SOURCE
libbytesize_la_LIBADD = -lgmp -lmpfr $(PCRE2_LIBS)
libbytesize_la_LDFLAGS = -version-info 1:0:0
libbytesize_la_SOURCES = bs_size.c bs_size.h gettext.h

88
sdk_container/src/third_party/portage-stable/dev-libs/libbytesize/libbytesize-2.10.ebuild vendored Normal file
View File

@ -0,0 +1,88 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{10..12} )
inherit autotools python-r1
DESCRIPTION="Tiny library providing a C \"class\" for working with arbitrary big byte sizes"
HOMEPAGE="https://github.com/storaged-project/libbytesize"
SRC_URI="https://github.com/storaged-project/libbytesize/releases/download/${PV}/${P}.tar.gz"
LICENSE="LGPL-2+"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~loong ~mips ppc ppc64 ~riscv ~sparc x86"
IUSE="doc python test tools"
RESTRICT="!test? ( test )"
REQUIRED_USE="
python? ( ${PYTHON_REQUIRED_USE} )
tools? ( python )
"
RDEPEND="
dev-libs/gmp:=
dev-libs/mpfr:=
dev-libs/libpcre2:=
python? ( ${PYTHON_DEPS} )
"
DEPEND="${RDEPEND}"
BDEPEND="
sys-devel/gettext
doc? (
dev-util/gtk-doc
virtual/pkgconfig
)
test? (
dev-python/pocketlint[${PYTHON_USEDEP}]
dev-python/polib[${PYTHON_USEDEP}]
)
"
PATCHES=(
"${FILESDIR}/${PN}-2.4-no_Werror.patch"
)
python_do() {
if use python ; then
python_foreach_impl run_in_build_dir "$@"
else
"$@"
fi
}
src_prepare() {
default
eautoreconf
}
src_configure() {
local myeconfargs=(
$(use_with doc gtk-doc)
$(use_with python python3)
$(use_with tools)
)
local ECONF_SOURCE="${S}"
python_do econf "${myeconfargs[@]}"
}
src_compile() {
python_do emake
}
src_test() {
python_do emake check
}
install_helper() {
emake DESTDIR="${D}" install
use python && python_optimize
}
src_install() {
python_do install_helper
einstalldocs
find "${ED}" -name "*.la" -type f -delete || die
}

91
sdk_container/src/third_party/portage-stable/dev-libs/libbytesize/libbytesize-2.9.ebuild vendored Normal file
View File

@ -0,0 +1,91 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
# py3.12 blocked by the massive dependency tree of dev-python/pocketlint
PYTHON_COMPAT=( python3_{10..11} )
inherit autotools python-r1
DESCRIPTION="Tiny library providing a C \"class\" for working with arbitrary big byte sizes"
HOMEPAGE="https://github.com/storaged-project/libbytesize"
SRC_URI="https://github.com/storaged-project/libbytesize/releases/download/${PV}/${P}.tar.gz"
LICENSE="LGPL-2+"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~loong ~mips ppc ppc64 ~riscv sparc x86"
IUSE="doc python test tools"
RESTRICT="!test? ( test )"
REQUIRED_USE="
python? ( ${PYTHON_REQUIRED_USE} )
tools? ( python )
"
RDEPEND="
dev-libs/gmp:=
dev-libs/mpfr:=
dev-libs/libpcre2:=
python? ( ${PYTHON_DEPS} )
"
DEPEND="${RDEPEND}"
BDEPEND="
sys-devel/gettext
doc? (
dev-util/gtk-doc
virtual/pkgconfig
)
test? (
dev-python/pocketlint[${PYTHON_USEDEP}]
dev-python/polib[${PYTHON_USEDEP}]
)
"
DOCS=( README.md )
PATCHES=(
"${FILESDIR}/${PN}-2.4-no_Werror.patch"
)
python_do() {
if use python ; then
python_foreach_impl run_in_build_dir "$@"
else
"$@"
fi
}
src_prepare() {
default
eautoreconf
}
src_configure() {
local myeconfargs=(
$(use_with doc gtk-doc)
$(use_with python python3)
$(use_with tools)
)
local ECONF_SOURCE="${S}"
python_do econf "${myeconfargs[@]}"
}
src_compile() {
python_do emake
}
src_test() {
python_do emake check
}
install_helper() {
emake DESTDIR="${D}" install
use python && python_optimize
}
src_install() {
python_do install_helper
einstalldocs
find "${ED}" -name "*.la" -type f -delete || die
}

11
sdk_container/src/third_party/portage-stable/dev-libs/libbytesize/metadata.xml vendored Normal file
View File

@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<!-- maintainer-needed -->
<use>
<flag name="tools">Build bscalc python CLI tool</flag>
</use>
<upstream>
<remote-id type="github">storaged-project/libbytesize</remote-id>
</upstream>
</pkgmetadata>

1
sdk_container/src/third_party/portage-stable/dev-libs/libgudev/Manifest vendored Normal file
View File

@ -0,0 +1 @@
DIST libgudev-238.tar.xz 30548 BLAKE2B 386491e78c82081e89dad897d16ea6733430a67db3f75f2d9fdee5474b074ad6fede9f08e429f4eb6feaa9bbbb982d9d039db738aac5b5ce0ffac2d3a19430d4 SHA512 684061b4fc64a6ea3dd1ac34835279330c7eb2728fad6e3a9d34c0d501be3103d0f96c6d6866c8e257a0027e4f78a6314cb8ba81cda5ddf42ee9ea1a576ec5dc

47
sdk_container/src/third_party/portage-stable/dev-libs/libgudev/libgudev-238-r1.ebuild vendored Normal file
View File

@ -0,0 +1,47 @@
# Copyright 2015-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit meson-multilib
DESCRIPTION="GObject bindings for libudev"
HOMEPAGE="https://wiki.gnome.org/Projects/libgudev"
SRC_URI="https://download.gnome.org/sources/libgudev/${PV}/${P}.tar.xz"
LICENSE="LGPL-2.1+"
SLOT="0/0"
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
IUSE="introspection test"
RESTRICT="!test? ( test )"
RDEPEND="
>=dev-libs/glib-2.38.0:2[${MULTILIB_USEDEP}]
>=virtual/libudev-251:=[sticky-tags(+),${MULTILIB_USEDEP}]
introspection? ( >=dev-libs/gobject-introspection-1.31.1 )
"
DEPEND="${RDEPEND}
test? ( dev-util/umockdev[${MULTILIB_USEDEP}] )
"
BDEPEND="
dev-util/glib-utils
virtual/pkgconfig
"
multilib_src_configure() {
local emesonargs=(
$(meson_native_use_feature introspection)
-Dgtk_doc=false
$(meson_feature test tests)
-Dvapi=disabled
)
meson_src_configure
}
src_test() {
# libsandbox interferes somehow.
# There are no access violations, but tests fail.
# https://bugs.gentoo.org/805449
local -x SANDBOX_ON=0
meson-multilib_src_test
}

14
sdk_container/src/third_party/portage-stable/dev-libs/libgudev/metadata.xml vendored Normal file
View File

@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>gnome@gentoo.org</email>
<name>Gentoo GNOME Desktop</name>
</maintainer>
<maintainer type="project">
<email>systemd@gentoo.org</email>
</maintainer>
<upstream>
<remote-id type="gnome-gitlab">GNOME/libgudev</remote-id>
</upstream>
</pkgmetadata>

1
sdk_container/src/third_party/portage-stable/dev-libs/libpwquality/Manifest vendored Normal file
View File

@ -0,0 +1 @@
DIST libpwquality-1.4.5.tar.bz2 433961 BLAKE2B f5326996ab607bf9d24de446d9714987ad259fd2222bc54983769abc298969e2e9a4cee78f2a5c5d963bd0e5f57ea3aa346b0ce108b465a8da82810486b37e36 SHA512 91a6febbf40047e553b6051df727857df7932c816638f15118a46b8286527a80446ca4f6a050d2b1f4e33335bf4b75290751ce358fa477cb9d06fe89a450d647

35
sdk_container/src/third_party/portage-stable/dev-libs/libpwquality/files/libpwquality-1.4.4-pam_pwquality-include.patch vendored Normal file
View File

@ -0,0 +1,35 @@
https://github.com/libpwquality/libpwquality/pull/62
From 27057c6cbf528108c35df934280c7dd83e8d5ce9 Mon Sep 17 00:00:00 2001
From: Sam James <sam@gentoo.org>
Date: Wed, 7 Sep 2022 05:42:17 +0100
Subject: [PATCH] pam_pwquality: add include for
pam_modutil_check_user_in_passwd
After 9084c1b032161cdb53d5f66132a91bdc207faecf, one gets:
```
pam_pwquality.c: In function 'check_local_user':
pam_pwquality.c:102:16: error: implicit declaration of function 'pam_modutil_check_user_in_passwd' [-Werror=implicit-function-declaration]
102 | return pam_modutil_check_user_in_passwd(pamh, user, NULL) == PAM_SUCCESS;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
make[2]: *** [Makefile:634: pam_pwquality.lo] Error 1
make[2]: *** Waiting for unfinished jobs....
```
We need to include security/pam_modutil.h when appropriate.
Signed-off-by: Sam James <sam@gentoo.org>
--- a/src/pam_pwquality.c
+++ b/src/pam_pwquality.c
@@ -34,6 +34,10 @@
#include <security/_pam_macros.h>
#include <security/pam_ext.h>
+#ifdef HAVE_PAM_CHECK_USER_IN_PASSWD
+#include <security/pam_modutil.h>
+#endif
+
/* argument parsing */
#define PAM_DEBUG_ARG 0x0001

75
sdk_container/src/third_party/portage-stable/dev-libs/libpwquality/libpwquality-1.4.5-r1.ebuild vendored Normal file
View File

@ -0,0 +1,75 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{9..11} )
inherit libtool pam python-r1
DESCRIPTION="Library for password quality checking and generating random passwords"
HOMEPAGE="https://github.com/libpwquality/libpwquality"
SRC_URI="https://github.com/${PN}/${PN}/releases/download/${P}/${P}.tar.bz2"
LICENSE="|| ( BSD GPL-2 )"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
IUSE="pam python static-libs"
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
BDEPEND="
>=sys-devel/gettext-0.18.2
virtual/pkgconfig
"
RDEPEND="
>=sys-libs/cracklib-2.8:=[static-libs(+)?]
pam? ( sys-libs/pam )
python? ( ${PYTHON_DEPS} )
"
DEPEND="${RDEPEND}"
src_prepare() {
default
elibtoolize
if use python ; then
# bug #830397
export SETUPTOOLS_USE_DISTUTILS=stdlib
python_copy_sources
fi
}
src_configure() {
# Install library in /lib for pam
configuring() {
local sitedir
econf \
--libdir="${EPREFIX}/usr/$(get_libdir)" \
$(use_enable pam) \
--with-securedir="${EPREFIX}/$(getpam_mod_dir)" \
$(use_enable python python-bindings) \
$(usex python "--with-pythonsitedir=$(use python && python_get_sitedir)" "") \
$(use_enable static-libs static)
}
if_use_python_python_foreach_impl configuring
}
src_compile() {
if_use_python_python_foreach_impl default
}
src_test() {
if_use_python_python_foreach_impl default
}
src_install() {
if_use_python_python_foreach_impl default
find "${ED}" -name '*.la' -delete || die
}
if_use_python_python_foreach_impl() {
if use python; then
python_foreach_impl run_in_build_dir "$@"
else
"$@"
fi
}

87
sdk_container/src/third_party/portage-stable/dev-libs/libpwquality/libpwquality-1.4.5.ebuild vendored Normal file
View File

@ -0,0 +1,87 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{9..11} )
inherit pam python-r1 usr-ldscript
DESCRIPTION="Library for password quality checking and generating random passwords"
HOMEPAGE="https://github.com/libpwquality/libpwquality"
SRC_URI="https://github.com/${PN}/${PN}/releases/download/${P}/${P}.tar.bz2"
LICENSE="|| ( BSD GPL-2 )"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
IUSE="pam python static-libs"
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
BDEPEND="
>=sys-devel/gettext-0.18.2
virtual/pkgconfig
"
RDEPEND="
>=sys-libs/cracklib-2.8:=[static-libs(+)?]
pam? ( sys-libs/pam )
python? ( ${PYTHON_DEPS} )
"
DEPEND="${RDEPEND}"
PATCHES=(
"${FILESDIR}"/${PN}-1.4.4-pam_pwquality-include.patch
)
src_prepare() {
default
# ensure pkgconfig files go in /usr
sed -e "s:\(pkgconfigdir *=\).*:\1 ${EPREFIX}/usr/$(get_libdir)/pkgconfig:" \
-i src/Makefile.{am,in} || die "sed failed"
if use python ; then
# bug #830397
export SETUPTOOLS_USE_DISTUTILS=stdlib
python_copy_sources
fi
}
src_configure() {
# Install library in /lib for pam
configuring() {
local sitedir
econf \
--libdir="${EPREFIX}/$(get_libdir)" \
$(use_enable pam) \
--with-securedir="${EPREFIX}/$(getpam_mod_dir)" \
$(use_enable python python-bindings) \
$(usex python "--with-pythonsitedir=$(use python && python_get_sitedir)" "") \
$(use_enable static-libs static)
}
if_use_python_python_foreach_impl configuring
}
src_compile() {
if_use_python_python_foreach_impl default
}
src_test() {
if_use_python_python_foreach_impl default
}
src_install() {
if_use_python_python_foreach_impl default
if use static-libs; then
# Do not install static libs in /lib
mkdir -p "${ED}/usr/$(get_libdir)"
mv "${ED}/$(get_libdir)/libpwquality.a" "${ED}/usr/$(get_libdir)/" || die
gen_usr_ldscript libpwquality.so
fi
find "${ED}" -name '*.la' -delete || die
}
if_use_python_python_foreach_impl() {
if use python; then
python_foreach_impl run_in_build_dir "$@"
else
"$@"
fi
}

11
sdk_container/src/third_party/portage-stable/dev-libs/libpwquality/metadata.xml vendored Normal file
View File

@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>gnome@gentoo.org</email>
<name>Gentoo GNOME Desktop</name>
</maintainer>
<upstream>
<remote-id type="github">libpwquality/libpwquality</remote-id>
</upstream>
</pkgmetadata>

1
sdk_container/src/third_party/portage-stable/dev-libs/luksmeta/Manifest vendored Normal file
View File

@ -0,0 +1 @@
DIST luksmeta-9.tar.gz 27650 BLAKE2B e55796929410e9a3124c3f28066bac42b46e71df98ab7a1e58c1f973d4fda41d7c8d64b735ae0d1e192054297932951407083f89a7f255c09d22dce370865036 SHA512 874331988fe2648d4924779b348f190ed5c6e4d71da4ad027f176e3f8dcbc78fc26e9f9b8402a97437db5b884db31b72598afc70e025cd8533168a5986417a76

136
sdk_container/src/third_party/portage-stable/dev-libs/luksmeta/files/luksmeta-tests.patch vendored Normal file
View File

@ -0,0 +1,136 @@
# This patch backports the master branch's test-lm-{big,one,two}.c and test-luksmeta.c
# due to failing tests on v9 tag (see https://bugs.gentoo.org/837308)
diff --git a/test-lm-assumptions.c b/test-lm-assumptions.c
index d9ff20b..b4f293f 100644
--- a/test-lm-assumptions.c
+++ b/test-lm-assumptions.c
@@ -28,7 +28,8 @@ main(int argc, char *argv[])
/* Test the layout state. */
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- END(1024), /* Rest of the file */
+ { 1024, 3072, true }, /* Keyslot Area */
+ { 0, 0 },
}));
unlink(filename);
diff --git a/test-lm-big.c b/test-lm-big.c
index 6098e59..eb94d3b 100644
--- a/test-lm-big.c
+++ b/test-lm-big.c
@@ -111,7 +111,7 @@ main(int argc, char *argv[])
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
{ offset + 4096, 4096 }, /* luksmeta slot 0 */
{ offset + 8192, 4096 }, /* luksmeta slot 0 (cont) */
@@ -127,7 +127,7 @@ main(int argc, char *argv[])
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
END(offset + 4096), /* Rest of the file */
}));
diff --git a/test-lm-init.c b/test-lm-init.c
index 2a6cb45..b16d597 100644
--- a/test-lm-init.c
+++ b/test-lm-init.c
@@ -57,7 +57,7 @@ main(int argc, char *argv[])
/* Test the layout state. */
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
END(offset + 4096), /* Rest of the file */
}));
@@ -106,7 +106,7 @@ main(int argc, char *argv[])
assert(luksmeta_test(cd) == -ENOENT);
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
END(offset), /* Rest of the file */
}));
diff --git a/test-lm-one.c b/test-lm-one.c
index 8deb70a..18613e0 100644
--- a/test-lm-one.c
+++ b/test-lm-one.c
@@ -49,7 +49,7 @@ main(int argc, char *argv[])
/* Test the layout state. */
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
{ offset + 4096, 4096 }, /* luksmeta slot 0 */
END(offset + 8192), /* Rest of the file */
@@ -68,7 +68,7 @@ main(int argc, char *argv[])
/* Test the layout state. */
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
END(offset + 4096), /* Rest of the file */
}));
diff --git a/test-lm-two.c b/test-lm-two.c
index 78fea5b..9f0b1c5 100644
--- a/test-lm-two.c
+++ b/test-lm-two.c
@@ -53,7 +53,7 @@ main(int argc, char *argv[])
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
{ offset + 4096, 4096 }, /* luksmeta slot 0 */
END(offset + 8192), /* Rest of the file */
@@ -70,7 +70,7 @@ main(int argc, char *argv[])
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
{ offset + 4096, 4096 }, /* luksmeta slot 0 */
{ offset + 8192, 4096 }, /* luksmeta slot 1 */
@@ -88,7 +88,7 @@ main(int argc, char *argv[])
assert(luksmeta_wipe(cd, 0, UUID0) == 0);
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
{ offset + 4096, 4096, true }, /* luksmeta slot 0 */
{ offset + 8192, 4096 }, /* luksmeta slot 1 */
@@ -99,7 +99,7 @@ main(int argc, char *argv[])
assert(luksmeta_wipe(cd, 1, UUID1) == 0);
assert(test_layout((range_t[]) {
{ 0, 1024 }, /* LUKS header */
- { 1024, offset - 1024, true }, /* Keyslot Area */
+ { 1024, 3072, true }, /* Keyslot Area */
{ offset, 4096 }, /* luksmeta header */
END(offset + 4096), /* Rest of the file */
}));
diff --git a/test-luksmeta b/test-luksmeta
index fd17ead..f1e8b2e 100755
--- a/test-luksmeta
+++ b/test-luksmeta
@@ -11,7 +11,7 @@ function onexit() {
trap 'onexit' EXIT
truncate -s 4M $tmp
-echo -n foo | cryptsetup luksFormat $tmp -
+echo -n foo | cryptsetup luksFormat --type luks1 $tmp -
! ./luksmeta test -d $tmp

38
sdk_container/src/third_party/portage-stable/dev-libs/luksmeta/luksmeta-9-r1.ebuild vendored Normal file
View File

@ -0,0 +1,38 @@
# Copyright 2022-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit autotools
DESCRIPTION="LUKSMeta is a simple library for storing metadata in the LUKSv1 header"
HOMEPAGE="https://github.com/latchset/luksmeta"
SRC_URI="https://github.com/latchset/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="LGPL-2.1"
SLOT="0"
KEYWORDS="~amd64"
IUSE="+man"
DEPEND="sys-fs/cryptsetup"
RDEPEND="${DEPEND}"
BDEPEND="man? ( app-text/asciidoc )
dev-build/libtool"
PATCHES=(
# https://bugs.gentoo.org/837308
"${FILESDIR}/${PN}-tests.patch"
)
src_prepare() {
default
eautoreconf
# Bug https://bugs.gentoo.org/921710
sed -i -e '/^-Werror \\$/d' configure.ac || die
}
src_install() {
default
# Bug https://bugs.gentoo.org/839609
find "${ED}" -name '*.la' -delete || die
}

11
sdk_container/src/third_party/portage-stable/dev-libs/luksmeta/metadata.xml vendored Normal file
View File

@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>julien@jroy.ca</email>
<name>Julien Roy</name>
</maintainer>
<upstream>
<remote-id type="github">latchset/luksmeta</remote-id>
</upstream>
</pkgmetadata>

1
sdk_container/src/third_party/portage-stable/sys-apps/keyutils/Manifest vendored Normal file
View File

@ -0,0 +1 @@
DIST keyutils-1.6.3.tar.gz 137022 BLAKE2B b5620b1b6109415fec1268963c2c65d774f3ef7a69eb1ce8d5d8e78b4b807e4fdfda861662a1b5556975ef867add8f985362a31b6608ac2dc198c8d0395d516b SHA512 f65965b8566037078b8eeffa66c6fdbe121c8c2bea7fa5bce04cf7ba5ccc50d5b48e51f4a67ca91e4d5d9a12469e7e3eb3036c920ab25e3feba6e93b4c149cf9

51
sdk_container/src/third_party/portage-stable/sys-apps/keyutils/files/keyutils-1.5.10-disable-tests.patch vendored Normal file
View File

@ -0,0 +1,51 @@
disable tests that mess with system wide settings
https://bugs.gentoo.org/519062
--- keyutils-1.5.10/tests/bugzillas/bz1031154/runtest.sh
+++ keyutils-1.5.10/tests/bugzillas/bz1031154/runtest.sh
@@ -27,6 +27,8 @@
echo "++++ BEGINNING TEST" >$OUTPUTFILE
+if false ; then
+
# we need a reference time to scan the audit log from so as not to pick up old
# results from this test.
base_date=`date +"%x@%X"`
@@ -97,6 +99,10 @@
fi
fi
+else
+marker "Gentoo: skipping test due to system wide modifications"
+fi
+
echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE
# --- then report the results in the database ---
https://bugs.gentoo.org/522050
--- keyutils-1.5.10/tests/keyctl/padd/useradd/runtest.sh
+++ keyutils-1.5.10/tests/keyctl/padd/useradd/runtest.sh
@@ -40,6 +40,8 @@
marker "UNLINK KEY"
unlink_key $keyid @s
+if false ; then
+
if [ $skip_root_required = 0 ] && {
[ $OSDIST = RHEL ] && ! version_less_than $OSRELEASE 6.6 ||
keyutils_at_or_later_than 1.5.6 ;
@@ -85,6 +87,10 @@
fi
fi
+else
+marker "Gentoo: skipping test due to system wide modifications"
+fi
+
echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE
# --- then report the results in the database ---

43
sdk_container/src/third_party/portage-stable/sys-apps/keyutils/files/keyutils-1.5.9-header-extern-c.patch vendored Normal file
View File

@ -0,0 +1,43 @@
sent upstream
From 1f15000ad21c301a51f7746eb561659348060f45 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@chromium.org>
Date: Wed, 25 Jan 2017 14:06:55 -1000
Subject: [PATCH keyutils] add extern C markings to header file for C++ users
If people try to use keyutils from C++ code, the header doesn't work
properly because the compiler mangles the keyutils symbols. Add the
right extern markings so it works out of the box.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
keyutils.h | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/keyutils.h b/keyutils.h
index a69fa7aaa11d..d50d19d3e929 100644
--- a/keyutils.h
+++ b/keyutils.h
@@ -15,6 +15,10 @@
#include <sys/types.h>
#include <stdint.h>
+#ifdef __cplusplus
+extern "C" {
+#endif
+
extern const char keyutils_version_string[];
extern const char keyutils_build_string[];
@@ -180,4 +184,8 @@ extern int recursive_session_key_scan(recursive_key_scanner_t func, void *data);
extern key_serial_t find_key_by_type_and_desc(const char *type, const char *desc,
key_serial_t destringid);
+#ifdef __cplusplus
+}
+#endif
+
#endif /* KEYUTILS_H */
--
2.11.0

25
sdk_container/src/third_party/portage-stable/sys-apps/keyutils/files/keyutils-1.6-makefile-fixup.patch vendored Normal file
View File

@ -0,0 +1,25 @@
From d1a02ed81c86fe7140f93b9a160fbb53be148446 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Fri, 16 Nov 2018 12:39:12 +0100
Subject: [PATCH] depend on $(DEVELLIB) not -lkeyutils
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 33a451e..845b8fe 100644
--- a/Makefile
+++ b/Makefile
@@ -184,7 +184,7 @@ ifeq ($(NO_SOLIB),0)
$(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
$(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME)
mkdir -p $(DESTDIR)$(USRLIBDIR)
- $(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
+ $(LNS) $(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
sed \
-e 's,@VERSION\@,$(VERSION),g' \
-e 's,@prefix\@,$(PREFIX),g' \
--
2.19.1

38
sdk_container/src/third_party/portage-stable/sys-apps/keyutils/files/keyutils-1.6.3-fix-rpmspec-check.patch vendored Normal file
View File

@ -0,0 +1,38 @@
https://bugs.gentoo.org/760633
From 41077f8901b642d36b63f94b0fc62377a07fc0b2 Mon Sep 17 00:00:00 2001
From: Adrian Ratiu <adrian.ratiu@collabora.com>
Date: Tue, 4 Jan 2022 03:51:10 +0200
Subject: [PATCH] Makefile: only run rpmspec if it exists
keyutils is built on many distros which do not use rpm like
Gentoo, ChromeOS or Arch. Older versions of bash silently
ignored the fact that rpmspec was missing, but newer bash
like v5.1 issue a new error:
/bin/sh: line 1: rpmspec: command not found
This happens every time the Makefile is parsed, including
for a simple "make" invocation or "make install" even if
a rpm package is not desired.
Arch Linux simply ignores this new error but Gentoo and
ChromeOS fail because portage actively monitors the build
log for errors like this. See bug report [1].
Fix this by calling rpmspec only if it exists.
[1] https://bugs.gentoo.org/760633
Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
--- a/Makefile
+++ b/Makefile
@@ -285,7 +285,7 @@ SRCBALL := rpmbuild/SOURCES/$(TARBALL)
ZSRCBALL := rpmbuild/SOURCES/$(ZTARBALL)
BUILDID := .local
-rpmver0 := $(shell rpmspec -q ./keyutils.spec --define "buildid $(BUILDID)")
+rpmver0 := $(shell if which rpmspec >/dev/null 2>&1; then rpmspec -q ./keyutils.spec --define "buildid $(BUILDID)"; fi)
rpmver1 := $(word 1,$(rpmver0))
rpmver2 := $(subst ., ,$(rpmver1))
rpmver3 := $(lastword $(rpmver2))

76
sdk_container/src/third_party/portage-stable/sys-apps/keyutils/files/keyutils-1.6.3-tests.patch vendored Normal file
View File

@ -0,0 +1,76 @@
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/commit/?id=c076dff259e99d84d3822b4d2ad7f3f66532f411
From c076dff259e99d84d3822b4d2ad7f3f66532f411 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Tue, 20 Dec 2022 14:13:29 +0100
Subject: test: Fix test expectation based on kernel config
Some test results are dependent on the kernel configuration option
CONFIG_SYSTEM_BLACKLIST_AUTH_UPDATE.
Check the kernel configuration file for its presence and expect appropriate
test results.
Function has_kernel_config is based on its xfstsests counterpart.
Signed-off-by: Pavel Reichl <preichl@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
--- a/tests/features/builtin_trusted/runtest.sh
+++ b/tests/features/builtin_trusted/runtest.sh
@@ -33,7 +33,11 @@ expect_error EACCES
create_key --fail user a a $stk
expect_error EOPNOTSUPP
create_key --fail user a a $blk
-expect_error EACCES
+if has_kernel_config "CONFIG_SYSTEM_BLACKLIST_AUTH_UPDATE"; then
+ expect_error EOPNOTSUPP
+else
+ expect_error EACCES
+fi
# Try adding a key to the keyrings
marker "TRY ADDING ASYMMETRIC KEYS"
@@ -89,7 +93,11 @@ expect_error EACCES
create_key --fail -x asymmetric "" "$x509" $stk
expect_error ENOKEY
create_key --fail -x asymmetric "" "$x509" $blk
-expect_error EACCES
+if has_kernel_config "CONFIG_SYSTEM_BLACKLIST_AUTH_UPDATE"; then
+ expect_error EOPNOTSUPP
+else
+ expect_error EACCES
+fi
echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE
--- a/tests/prepare.inc.sh
+++ b/tests/prepare.inc.sh
@@ -4,6 +4,26 @@
includes=${BASH_SOURCE[0]}
includes=${includes%/*}/
+# Check if currently running kernel has option set
+function has_kernel_config()
+{
+ local option=$1
+ local uname=$(uname -r)
+ local config_list="$KCONFIG_PATH
+ /lib/modules/$uname/build/.config
+ /boot/config-$uname
+ /lib/kernel/config-$uname"
+
+ for config in $config_list; do
+ [ ! -f $config ] && continue
+ grep -qE "^${option}=[my]" $config
+ return
+ done
+
+ echo "Failed to find kernel configuration file"
+ return false
+}
+
# --- need to run in own session keyring
watch_fd=0
if [ "$1" != "--inside-test-session" ]
--
cgit 1.2.3-korg

116
sdk_container/src/third_party/portage-stable/sys-apps/keyutils/keyutils-1.6.3-r1.ebuild vendored Normal file
View File

@ -0,0 +1,116 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit toolchain-funcs linux-info multilib-minimal
DESCRIPTION="Linux Key Management Utilities"
HOMEPAGE="https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git"
SRC_URI="https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/snapshot/${P}.tar.gz"
LICENSE="GPL-2 LGPL-2.1"
SLOT="0/1.9"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux"
IUSE="static static-libs test"
RESTRICT="!test? ( test )"
RDEPEND=""
DEPEND="!prefix? ( >=sys-kernel/linux-headers-2.6.11 )"
PATCHES=(
"${FILESDIR}"/${PN}-1.6-makefile-fixup.patch
"${FILESDIR}"/${PN}-1.5.10-disable-tests.patch #519062 #522050
"${FILESDIR}"/${PN}-1.5.9-header-extern-c.patch
"${FILESDIR}"/${PN}-1.6.3-fix-rpmspec-check.patch
"${FILESDIR}"/${P}-tests.patch
)
pkg_setup() {
# To prevent a failure in test phase and false positive bug reports
# we are enforcing the following options because testsuite expects
# that these options are available. I.e. testsuite only decides based
# on kernel version which tests will be called, no feature checking.
if use test ; then
CONFIG_CHECK="KEYS"
ERROR_KEYS="You must have CONFIG_KEYS to run the package testsuite!"
if kernel_is -ge 2 6 10 && kernel_is -lt 4 0 0 ; then
CONFIG_CHECK="${CONFIG_CHECK} KEYS_DEBUG_PROC_KEYS"
ERROR_KEYS_DEBUG_PROC_KEYS="You must have CONFIG_KEYS_DEBUG_PROC_KEYS to run the package testsuite!"
fi
if kernel_is -ge 4 7 ; then
CONFIG_CHECK="${CONFIG_CHECK} KEY_DH_OPERATIONS"
ERROR_KEY_DH_OPERATIONS="You must have CONFIG_KEY_DH_OPERATIONS to run the package testsuite!"
fi
else
CONFIG_CHECK="~KEYS"
ERROR_KEYS="You will be unable to use this package on this system because CONFIG_KEYS is not set!"
if kernel_is -ge 4 7 ; then
CONFIG_CHECK="${CONFIG_CHECK} ~KEY_DH_OPERATIONS"
ERROR_KEY_DH_OPERATIONS="You will be unable to use Diffie-Hellman on this system because CONFIG_KEY_DH_OPERATIONS is not set!"
fi
fi
linux-info_pkg_setup
}
src_prepare() {
default
# The lsb check is useless, so avoid spurious command not found messages.
sed -i -e 's,lsb_release,:,' tests/prepare.inc.sh || die
# Some tests call the kernel which calls userspace, but that will
# run the install keyutils rather than the locally compiled one,
# so disable round trip tests.
rm -rf tests/keyctl/requesting/{bad-args,piped,valid}
multilib_copy_sources
}
multilib_src_compile() {
tc-export AR CC CXX
sed -i \
-e "1iRPATH = $(usex static -static '')" \
-e '/^C.*FLAGS/s|:=|+=|' \
-e 's:-Werror::' \
-e '/^BUILDFOR/s:=.*:=:' \
-e "/^LIBDIR/s:=.*:= /usr/$(get_libdir):" \
-e '/^USRLIBDIR/s:=.*:=$(LIBDIR):' \
-e "s: /: ${EPREFIX}/:g" \
-e '/^NO_ARLIB/d' \
Makefile || die
# We need the static lib in order to statically link programs.
if use static ; then
export NO_ARLIB=0
# Hack the progs to depend on the static lib instead.
sed -i \
-e '/^.*:.*[$](DEVELLIB)$/s:$(DEVELLIB):$(ARLIB) $(SONAME):' \
Makefile || die
else
export NO_ARLIB=$(usex static-libs 0 1)
fi
emake
}
multilib_src_test() {
# Execute the locally compiled code rather than the
# older versions already installed in the system.
LD_LIBRARY_PATH=${BUILD_DIR} \
PATH="${BUILD_DIR}:${PATH}" \
emake test
}
multilib_src_install() {
# Possibly undo the setting for USE=static (see src_compile).
export NO_ARLIB=$(usex static-libs 0 1)
default
}
multilib_src_install_all() {
dodoc README
}

17
sdk_container/src/third_party/portage-stable/sys-apps/keyutils/metadata.xml vendored Normal file
View File

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>robbat2@gentoo.org</email>
</maintainer>
<maintainer type="project">
<email>base-system@gentoo.org</email>
<name>Gentoo Base System</name>
</maintainer>
<upstream>
<remote-id type="cpe">cpe:/a:keyutils_project:keyutils</remote-id>
</upstream>
<slots>
<subslots>Reflect ABI compatibility for libkeyutils.so.</subslots>
</slots>
</pkgmetadata>

3
sdk_container/src/third_party/portage-stable/sys-auth/Manifest vendored Normal file
View File

@ -0,0 +1,3 @@
DIST polkit-122.tar.bz2 704972 BLAKE2B 601ed969de816d061a974b07490d64c144940898a75d4e1761462ee1ff0f00686b068298fa6fdc901879d8cd4bea4334c0187aa5bde50acf90728c37e73e21f4 SHA512 a7c0a951bbcdb09899adbc128296c74fc062441e996f4d6a782b214178f0936137e2fdc489eaa86a00599b988711735a5bd9b5c3b93bdb42fb915db9f9b04e26
DIST polkit-123.tar.bz2 707480 BLAKE2B 27d8764606d8156118269fb4cd5eda1cfd0d56df219e4157cd78fd4c2a2d001c474271b7bb31e7e82ca376eacd26411418695058cc888700690606348b4d014a SHA512 4306363d3ed7311243de462832199bd10ddda35e36449104daff0895725d8189b07a4c88340f28607846fdf761c23470da2d43288199c46aa816426384124bb6
DIST polkit-124.tar.bz2 715490 BLAKE2B ecfc1ec73a7e1bbdf7374642ad4e1dbe534149a27e75bb1235eaa446ff912466ee0cdd978c34b7f110bc62a49b25ffddc9011e280686e3f304a234454be85a40 SHA512 db520882b0bedf1c96052570bf4c55d7e966d8172f6d26acf0791d98c4b911fce5ee39e6d830f06122ac8df33c6b43c252cdb7ba3a54523804824ebf355405dc

39
sdk_container/src/third_party/portage-stable/sys-auth/files/polkit-122-libs-only-postinstall.patch vendored Normal file
View File

@ -0,0 +1,39 @@
https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/149
From bef75fb8291b3871894d8ffe19f7242448cdb4a8 Mon Sep 17 00:00:00 2001
From: Sam James <sam@gentoo.org>
Date: Wed, 7 Dec 2022 13:18:09 +0000
Subject: [PATCH] meson.build: fix install with libs_only
Bug: https://bugs.gentoo.org/884701
Signed-off-by: Sam James <sam@gentoo.org>
--- a/meson.build
+++ b/meson.build
@@ -360,14 +360,17 @@ configure_file(
configuration: config_h,
)
-meson.add_install_script(
- 'meson_post_install.py',
- get_option('bindir'),
- pk_pkgdatadir,
- pk_libprivdir,
- pk_pkgsysconfdir,
- polkitd_user,
-)
+
+if not libs_only
+ meson.add_install_script(
+ 'meson_post_install.py',
+ get_option('bindir'),
+ pk_pkgdatadir,
+ pk_libprivdir,
+ pk_pkgsysconfdir,
+ polkitd_user,
+ )
+endif
output = '\n ' + meson.project_name() + ' ' + meson.project_version() + '\n'
output += ' ============\n\n'
--
GitLab

36
sdk_container/src/third_party/portage-stable/sys-auth/files/polkit-123-mozjs-JIT.patch vendored Normal file
View File

@ -0,0 +1,36 @@
https://gitlab.freedesktop.org/polkit/polkit/-/commit/4b7a5c35fb3dd439e490f8fd6b1265d17c6d4bcb
From 4b7a5c35fb3dd439e490f8fd6b1265d17c6d4bcb Mon Sep 17 00:00:00 2001
From: Xi Ruoyao <xry111@xry111.site>
Date: Sat, 29 Jul 2023 17:44:58 +0800
Subject: [PATCH] jsauthority: mozjs: Disable JIT
The JIT compiling of mozjs needs W/X mapping, but our systemd hardening
setting does not allow it.
For polkit, security is much more important than the speed running
Javascript code in rule files, so we should disable JIT.
Fixes #199.
--- a/src/polkitbackend/polkitbackendjsauthority.cpp
+++ b/src/polkitbackend/polkitbackendjsauthority.cpp
@@ -56,7 +56,16 @@
static class JsInitHelperType
{
public:
- JsInitHelperType() { JS_Init(); }
+ JsInitHelperType()
+ {
+ /* Disable JIT because it needs W/X mapping, which is not allowed by
+ * our systemd hardening setting.
+ */
+ JS::DisableJitBackend();
+
+ JS_Init();
+ }
+
~JsInitHelperType() { JS_ShutDown(); }
} JsInitHelper;
--
GitLab

35
sdk_container/src/third_party/portage-stable/sys-auth/files/polkit-123-pkexec-uninitialized.patch vendored Normal file
View File

@ -0,0 +1,35 @@
https://gitlab.freedesktop.org/polkit/polkit/-/commit/c79ee5595c8d397098978ad50eb521ba2ae8467d
From c79ee5595c8d397098978ad50eb521ba2ae8467d Mon Sep 17 00:00:00 2001
From: Vincent Mihalkovic <vmihalko@redhat.com>
Date: Wed, 16 Aug 2023 08:59:55 +0000
Subject: [PATCH] pkexec: fix uninitialized pointer warning
--- a/src/programs/pkexec.c
+++ b/src/programs/pkexec.c
@@ -53,6 +53,7 @@
static gchar *original_user_name = NULL;
static gchar *original_cwd;
static gchar *command_line = NULL;
+static gchar *cmdline_short = NULL;
static struct passwd *pw;
#ifndef HAVE_CLEARENV
@@ -508,6 +509,7 @@ main (int argc, char *argv[])
path = NULL;
exec_argv = NULL;
command_line = NULL;
+ cmdline_short = NULL;
opt_user = NULL;
local_agent_handle = NULL;
@@ -802,7 +804,6 @@ main (int argc, char *argv[])
polkit_details_insert (details, "program", path);
polkit_details_insert (details, "command_line", command_line);
- gchar *cmdline_short = NULL;
cmdline_short = g_strdup(command_line);
if (strlen(command_line) > 80)
g_stpcpy(g_stpcpy( cmdline_short + 38, " ... " ),
--
GitLab

28
sdk_container/src/third_party/portage-stable/sys-auth/files/polkit-124-systemd-fixup.patch vendored Normal file
View File

@ -0,0 +1,28 @@
https://bugs.gentoo.org/922458
https://github.com/polkit-org/polkit/pull/417/files#r1458416421
--- a/meson.build
+++ b/meson.build
@@ -212,14 +212,17 @@ if enable_logind
config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep))
# systemd unit / service files
- systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
systemd_systemdsystemunitdir = get_option('systemdsystemunitdir')
- if systemd_systemdsystemunitdir == '' and session_tracking == 'libsystemd-login'
- # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
- systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
- endif
+ if session_tracking == 'libsystemd-login'
+ systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
- systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d')
+ if systemd_systemdsystemunitdir == ''
+ # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
+ systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
+ endif
+
+ systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d')
+ endif
endif
config_h.set('HAVE_LIBSYSTEMD', enable_logind)

50
sdk_container/src/third_party/portage-stable/sys-auth/files/polkit-124-systemd.patch vendored Normal file
View File

@ -0,0 +1,50 @@
https://github.com/polkit-org/polkit/pull/417
From 69d6b94d590b4dd1fbbac22b4f4d449f46ef61aa Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Thu, 18 Jan 2024 15:07:32 +0000
Subject: [PATCH] meson: fix build failure when -Dsystemdsystemunitdir is
specified
When 'systemdsystemunitdir' is specified as an option the systemd_dep
variable is not defined, but the sysusers.d directory lookup uses it,
causing a build failure:
dh_auto_configure -- \
-Dexamples=false \
-Dintrospection=true \
-Dman=true \
-Dsystemdsystemunitdir=/usr/lib/systemd/system \
-Dtests=true \
-Dgtk_doc=true -Dsession_tracking=libsystemd-login
cd obj-x86_64-linux-gnu && DEB_PYTHON_INSTALL_LAYOUT=deb LC_ALL=C.UTF-8 meson setup .. --wrap-mode=nodownload --buildtype=plain --prefix=/usr --sysconfdir=/etc --localstatedir=/var --libdir=lib/x86_64-linux-gnu -Dpython.bytecompile=-1 -Dexamples=false -Dintrospection=true -Dman=true -Dsystemdsystemunitdir=/usr/lib/systemd/system -Dtests=true -Dgtk_doc=true -Dsession_tracking=libsystemd-login
The Meson build system
Version: 1.3.1
Source dir: /builds/bluca/polkit/debian/output/source_dir
Build dir: /builds/bluca/polkit/debian/output/source_dir/obj-x86_64-linux-gnu
Build type: native build
Project name: polkit
Project version: 124
<...>
Run-time dependency libsystemd found: YES 255
Checking for function "sd_uid_get_display" with dependency libsystemd: YES
Checking for function "sd_pidfd_get_session" with dependency libsystemd: YES
../meson.build:222:37: ERROR: Unknown variable "systemd_dep".
Follow-up for 24f1e0af3f7bd17e220cb96201f3c654e737ad34
--- a/meson.build
+++ b/meson.build
@@ -212,9 +212,9 @@ if enable_logind
config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep))
# systemd unit / service files
+ systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
systemd_systemdsystemunitdir = get_option('systemdsystemunitdir')
if systemd_systemdsystemunitdir == '' and session_tracking == 'libsystemd-login'
- systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
# FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
endif

15
sdk_container/src/third_party/portage-stable/sys-auth/metadata.xml vendored Normal file
View File

@ -0,0 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>freedesktop-bugs@gentoo.org</email>
</maintainer>
<use>
<flag name="daemon">Build polkitd in addition to libpolkit.</flag>
<flag name="duktape">Use <pkg>dev-lang/duktape</pkg> instead of <pkg>dev-lang/spidermonkey</pkg> as JavaScript engine</flag>
<flag name="systemd">Use <pkg>sys-apps/systemd</pkg> for session tracking</flag>
</use>
<upstream>
<remote-id type="github">polkit-org/polkit</remote-id>
</upstream>
</pkgmetadata>

160
sdk_container/src/third_party/portage-stable/sys-auth/polkit-122-r1.ebuild vendored Normal file
View File

@ -0,0 +1,160 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{9..11} )
inherit meson pam pax-utils python-any-r1 systemd xdg-utils
DESCRIPTION="Policy framework for controlling privileges for system-wide services"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
if [[ ${PV} == *_p* ]] ; then
# Upstream don't make releases very often. Test snapshots throughly
# and review commits, but don't shy away if there's useful stuff there
# we want.
MY_COMMIT=""
SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${MY_COMMIT}/polkit-${MY_COMMIT}.tar.bz2 -> ${P}.tar.bz2"
S="${WORKDIR}"/${PN}-${MY_COMMIT}
else
SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${PV}/${P}.tar.bz2"
fi
LICENSE="LGPL-2"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
IUSE="+daemon +duktape examples gtk +introspection kde pam selinux systemd test"
# https://gitlab.freedesktop.org/polkit/polkit/-/issues/181 for test restriction
RESTRICT="!test? ( test ) test"
# This seems to be fixed with 121?
#if [[ ${PV} == *_p* ]] ; then
# RESTRICT="!test? ( test )"
#else
# # Tests currently don't work with meson in the dist tarballs. See
# # https://gitlab.freedesktop.org/polkit/polkit/-/issues/144
# RESTRICT="test"
#fi
BDEPEND="
acct-user/polkitd
app-text/docbook-xml-dtd:4.1.2
app-text/docbook-xsl-stylesheets
dev-libs/glib
dev-libs/gobject-introspection-common
dev-libs/libxslt
dev-util/glib-utils
sys-devel/gettext
virtual/pkgconfig
introspection? ( dev-libs/gobject-introspection )
test? (
$(python_gen_any_dep '
dev-python/dbus-python[${PYTHON_USEDEP}]
dev-python/python-dbusmock[${PYTHON_USEDEP}]
')
)
"
DEPEND="
dev-libs/glib:2
dev-libs/expat
daemon? (
duktape? ( dev-lang/duktape:= )
!duktape? ( dev-lang/spidermonkey:102[-debug] )
)
pam? (
sys-auth/pambase
sys-libs/pam
)
!pam? ( virtual/libcrypt:= )
systemd? ( sys-apps/systemd:0=[policykit] )
!systemd? ( sys-auth/elogind )
"
RDEPEND="${DEPEND}
acct-user/polkitd
selinux? ( sec-policy/selinux-policykit )
"
PDEPEND="
gtk? ( || (
>=gnome-extra/polkit-gnome-0.105
>=lxde-base/lxsession-0.5.2
) )
kde? ( kde-plasma/polkit-kde-agent )
"
DOCS=( docs/TODO HACKING.md NEWS.md README.md )
QA_MULTILIB_PATHS="
usr/lib/polkit-1/polkit-agent-helper-1
usr/lib/polkit-1/polkitd
"
PATCHES=(
"${FILESDIR}"/${PN}-122-libs-only-postinstall.patch
)
python_check_deps() {
python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" &&
python_has_version "dev-python/python-dbusmock[${PYTHON_USEDEP}]"
}
pkg_setup() {
use test && python-any-r1_pkg_setup
}
src_prepare() {
default
# bug #401513
sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die
}
src_configure() {
xdg_environment_reset
local emesonargs=(
--localstatedir="${EPREFIX}"/var
-Dauthfw="$(usex pam pam shadow)"
-Dexamples=false
-Dgtk_doc=false
-Dman=true
-Dos_type=gentoo
-Dsession_tracking="$(usex systemd libsystemd-login libelogind)"
-Dsystemdsystemunitdir="$(systemd_get_systemunitdir)"
-Djs_engine=$(usex duktape duktape mozjs)
$(meson_use !daemon libs-only)
$(meson_use introspection)
$(meson_use test tests)
$(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '')
)
meson_src_configure
}
src_compile() {
meson_src_compile
# Required for polkitd on hardened/PaX due to spidermonkey's JIT
pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest
}
src_install() {
meson_src_install
if use examples ; then
docinto examples
dodoc src/examples/{*.c,*.policy*}
fi
if use daemon; then
if [[ ${EUID} == 0 ]]; then
diropts -m 0700 -o polkitd
fi
keepdir /etc/polkit-1/rules.d
fi
}
pkg_postinst() {
if use daemon && [[ ${EUID} == 0 ]]; then
chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
fi
}

162
sdk_container/src/third_party/portage-stable/sys-auth/polkit-123.ebuild vendored Normal file
View File

@ -0,0 +1,162 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{10..11} )
inherit meson pam pax-utils python-any-r1 systemd xdg-utils
DESCRIPTION="Policy framework for controlling privileges for system-wide services"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
if [[ ${PV} == *_p* ]] ; then
# Upstream don't make releases very often. Test snapshots throughly
# and review commits, but don't shy away if there's useful stuff there
# we want.
MY_COMMIT=""
SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${MY_COMMIT}/polkit-${MY_COMMIT}.tar.bz2 -> ${P}.tar.bz2"
S="${WORKDIR}"/${PN}-${MY_COMMIT}
else
SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${PV}/${P}.tar.bz2"
fi
LICENSE="LGPL-2"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
IUSE="+daemon +duktape examples gtk +introspection kde pam selinux systemd test"
# https://gitlab.freedesktop.org/polkit/polkit/-/issues/181 for test restriction
RESTRICT="!test? ( test ) test"
# This seems to be fixed with 121?
#if [[ ${PV} == *_p* ]] ; then
# RESTRICT="!test? ( test )"
#else
# # Tests currently don't work with meson in the dist tarballs. See
# # https://gitlab.freedesktop.org/polkit/polkit/-/issues/144
# RESTRICT="test"
#fi
BDEPEND="
acct-user/polkitd
app-text/docbook-xml-dtd:4.1.2
app-text/docbook-xsl-stylesheets
dev-libs/glib
dev-libs/gobject-introspection-common
dev-libs/libxslt
dev-util/glib-utils
sys-devel/gettext
virtual/pkgconfig
introspection? ( >=dev-libs/gobject-introspection-0.6.2 )
test? (
$(python_gen_any_dep '
dev-python/dbus-python[${PYTHON_USEDEP}]
dev-python/python-dbusmock[${PYTHON_USEDEP}]
')
)
"
DEPEND="
>=dev-libs/glib-2.32:2
dev-libs/expat
daemon? (
duktape? ( dev-lang/duktape:= )
!duktape? ( dev-lang/spidermonkey:102[-debug] )
)
pam? (
sys-auth/pambase
sys-libs/pam
)
!pam? ( virtual/libcrypt:= )
systemd? ( sys-apps/systemd:0=[policykit] )
!systemd? ( sys-auth/elogind )
"
RDEPEND="
${DEPEND}
acct-user/polkitd
selinux? ( sec-policy/selinux-policykit )
"
PDEPEND="
gtk? ( || (
>=gnome-extra/polkit-gnome-0.105
>=lxde-base/lxsession-0.5.2
) )
kde? ( kde-plasma/polkit-kde-agent )
"
DOCS=( docs/TODO HACKING.md NEWS.md README.md )
QA_MULTILIB_PATHS="
usr/lib/polkit-1/polkit-agent-helper-1
usr/lib/polkit-1/polkitd
"
PATCHES=(
"${FILESDIR}"/${P}-mozjs-JIT.patch
"${FILESDIR}"/${P}-pkexec-uninitialized.patch
)
python_check_deps() {
python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" &&
python_has_version "dev-python/python-dbusmock[${PYTHON_USEDEP}]"
}
pkg_setup() {
use test && python-any-r1_pkg_setup
}
src_prepare() {
default
# bug #401513
sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die
}
src_configure() {
xdg_environment_reset
local emesonargs=(
--localstatedir="${EPREFIX}"/var
-Dauthfw="$(usex pam pam shadow)"
-Dexamples=false
-Dgtk_doc=false
-Dman=true
-Dos_type=gentoo
-Dsession_tracking="$(usex systemd libsystemd-login libelogind)"
-Dsystemdsystemunitdir="$(systemd_get_systemunitdir)"
-Djs_engine=$(usex duktape duktape mozjs)
$(meson_use !daemon libs-only)
$(meson_use introspection)
$(meson_use test tests)
$(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '')
)
meson_src_configure
}
src_compile() {
meson_src_compile
# Required for polkitd on hardened/PaX due to spidermonkey's JIT
pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest
}
src_install() {
meson_src_install
if use examples ; then
docinto examples
dodoc src/examples/{*.c,*.policy*}
fi
if use daemon; then
if [[ ${EUID} == 0 ]]; then
diropts -m 0700 -o polkitd
fi
keepdir /etc/polkit-1/rules.d
fi
}
pkg_postinst() {
if use daemon && [[ ${EUID} == 0 ]]; then
chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
fi
}

165
sdk_container/src/third_party/portage-stable/sys-auth/polkit-124-r1.ebuild vendored Normal file
View File

@ -0,0 +1,165 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{10..12} )
inherit meson pam pax-utils python-any-r1 systemd xdg-utils
DESCRIPTION="Policy framework for controlling privileges for system-wide services"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
if [[ ${PV} == *_p* ]] ; then
# Upstream don't make releases very often. Test snapshots throughly
# and review commits, but don't shy away if there's useful stuff there
# we want.
MY_COMMIT=""
SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${MY_COMMIT}/polkit-${MY_COMMIT}.tar.bz2 -> ${P}.tar.bz2"
S="${WORKDIR}"/${PN}-${MY_COMMIT}
else
SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${PV}/${P}.tar.bz2"
fi
LICENSE="LGPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
IUSE="+daemon +duktape examples gtk +introspection kde pam selinux systemd test"
# https://gitlab.freedesktop.org/polkit/polkit/-/issues/181 for test restriction
RESTRICT="!test? ( test ) test"
# This seems to be fixed with 121?
#if [[ ${PV} == *_p* ]] ; then
# RESTRICT="!test? ( test )"
#else
# # Tests currently don't work with meson in the dist tarballs. See
# # https://gitlab.freedesktop.org/polkit/polkit/-/issues/144
# RESTRICT="test"
#fi
BDEPEND="
acct-user/polkitd
app-text/docbook-xml-dtd:4.1.2
app-text/docbook-xsl-stylesheets
dev-libs/glib
dev-libs/gobject-introspection-common
dev-libs/libxslt
dev-util/glib-utils
sys-devel/gettext
virtual/pkgconfig
introspection? ( >=dev-libs/gobject-introspection-0.6.2 )
test? (
$(python_gen_any_dep '
dev-python/dbus-python[${PYTHON_USEDEP}]
dev-python/python-dbusmock[${PYTHON_USEDEP}]
')
)
"
DEPEND="
>=dev-libs/glib-2.32:2
dev-libs/expat
daemon? (
duktape? ( dev-lang/duktape:= )
!duktape? ( dev-lang/spidermonkey:115[-debug] )
)
pam? (
sys-auth/pambase
sys-libs/pam
)
!pam? ( virtual/libcrypt:= )
systemd? ( sys-apps/systemd:0=[policykit] )
!systemd? ( sys-auth/elogind )
"
RDEPEND="
${DEPEND}
acct-user/polkitd
selinux? ( sec-policy/selinux-policykit )
"
PDEPEND="
gtk? ( || (
>=gnome-extra/polkit-gnome-0.105
>=lxde-base/lxsession-0.5.2
) )
kde? ( kde-plasma/polkit-kde-agent )
"
DOCS=( docs/TODO HACKING.md NEWS.md README.md )
QA_MULTILIB_PATHS="
usr/lib/polkit-1/polkit-agent-helper-1
usr/lib/polkit-1/polkitd
"
PATCHES=(
"${FILESDIR}"/${PN}-124-systemd.patch
"${FILESDIR}"/${PN}-124-systemd-fixup.patch
)
python_check_deps() {
python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" &&
python_has_version "dev-python/python-dbusmock[${PYTHON_USEDEP}]"
}
pkg_setup() {
use test && python-any-r1_pkg_setup
}
src_prepare() {
default
# bug #401513
sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die
}
src_configure() {
xdg_environment_reset
local emesonargs=(
--localstatedir="${EPREFIX}"/var
-Dauthfw="$(usex pam pam shadow)"
-Dexamples=false
-Dgtk_doc=false
-Dman=true
-Dos_type=gentoo
-Dsession_tracking="$(usex systemd libsystemd-login libelogind)"
-Dsystemdsystemunitdir="$(systemd_get_systemunitdir)"
-Djs_engine=$(usex duktape duktape mozjs)
$(meson_use !daemon libs-only)
$(meson_use introspection)
$(meson_use test tests)
$(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '')
)
meson_src_configure
}
src_compile() {
meson_src_compile
# Required for polkitd on hardened/PaX due to spidermonkey's JIT
pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest
}
src_install() {
meson_src_install
# acct-user/polkitd installs its own (albeit with a different filename)
rm -rf "${ED}"/usr/lib/sysusers.d || die
if use examples ; then
docinto examples
dodoc src/examples/{*.c,*.policy*}
fi
if use daemon; then
if [[ ${EUID} == 0 ]]; then
diropts -m 0700 -o polkitd
fi
keepdir /etc/polkit-1/rules.d
fi
}
pkg_postinst() {
if use daemon && [[ ${EUID} == 0 ]]; then
chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
fi
}

3
sdk_container/src/third_party/portage-stable/sys-fs/udisks/Manifest vendored Normal file
View File

@ -0,0 +1,3 @@
DIST udisks-2.10.0.tar.bz2 1784010 BLAKE2B a3923433408ab87448ea0b6dcafcf329b1392f5810ca6d1bcb52da90aad02578f9e533041a5ad62258c485e43b834a60b28fc66ade0aa241c1cdfafdb130bf65 SHA512 3c9dc18dd5f6d61442205f4df2592ebf79211d12d71168f96e6814c2ce16f7a46cda7c0a5ccf47b7dc8b655d8af654d5a62e54b04e5b600af0b15558442cf3ed
DIST udisks-2.10.1.tar.bz2 1896207 BLAKE2B 41282e4dbbd93e6bda2a10a6ff2f2fb82bfc83b3ccbed9450cca7888c634cde9300fcd0b7d055e0d8e4c8fc0b431a75d5612a24132ea9b2677d194529732178d SHA512 9cdaeca4306a970c85f88d406dbe5d2dad23d72f47d9ab1c021b8c2888d4c790f680eb94388d86f9255024283b4a36e98b8aee4408d193a7d4aad1e74463356a
DIST udisks-2.9.4.tar.bz2 1699288 BLAKE2B 913f6dd02988c0bded13ae15a5f05e5b3c6404f0b0d58a493601a0762c7534403f89e9fb46ec6a536b85d5f9ca1f788c7a308f5563a897b324d212da0e7bab4b SHA512 35f5429bc2a7092aa659cba9296837d127e2b17c23ab23111d0d9b230d15ef5a6965e112b1f3829748a69a52fb5b09722153f86f1ef70977b3ad7b7a4ec40ec5

143
sdk_container/src/third_party/portage-stable/sys-fs/udisks/files/udisks-2.9.4-undefined.patch vendored Normal file
View File

@ -0,0 +1,143 @@
Upstream-PR: https://github.com/storaged-project/udisks/pull/978
Upstream-PR: https://github.com/storaged-project/udisks/pull/979
Upstream-Commit: 362cc8f1613193f8e68d13a416421bb36fd7f713
Upstream-Commit: 6cbce6602ce447127cb4f77706870b6706bf1c5f
Upstream-Commit: 97bb17425e52ee6b2f11b13b3764d0dd6e8cfc97
From 362cc8f1613193f8e68d13a416421bb36fd7f713 Mon Sep 17 00:00:00 2001
From: orbea <orbea@riseup.net>
Date: Tue, 10 May 2022 09:29:10 -0700
Subject: [PATCH 1/3] modules/btrfs: Add missing dependency
When building udisks with --enable-btrfs using slibtool instead of GNU
libtool the build will fail with undefined references.
This is because of a missing dependency for libudisks2_btrfs_la_LIBADD
and GNU libtool will hide this issue by silently ignoring -no-undefined
while slibtool does not.
Gentoo Bug: https://bugs.gentoo.org/782061
---
modules/btrfs/Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules/btrfs/Makefile.am b/modules/btrfs/Makefile.am
index ac8c941849..f96cd16186 100644
--- a/modules/btrfs/Makefile.am
+++ b/modules/btrfs/Makefile.am
@@ -73,6 +73,7 @@ libudisks2_btrfs_la_LDFLAGS = \
$(NULL)
libudisks2_btrfs_la_LIBADD = \
+ $(top_builddir)/src/libudisks-daemon.la \
$(GLIB_LIBS) \
$(GIO_LIBS) \
$(GUDEV_LIBS) \
From 6cbce6602ce447127cb4f77706870b6706bf1c5f Mon Sep 17 00:00:00 2001
From: orbea <orbea@riseup.net>
Date: Wed, 11 May 2022 07:55:13 -0700
Subject: [PATCH 2/3] modules/bcache: Add missing dependency
---
modules/bcache/Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules/bcache/Makefile.am b/modules/bcache/Makefile.am
index 571541a6d4..7509205ba2 100644
--- a/modules/bcache/Makefile.am
+++ b/modules/bcache/Makefile.am
@@ -71,6 +71,7 @@ libudisks2_bcache_la_LDFLAGS = \
$(NULL)
libudisks2_bcache_la_LIBADD = \
+ $(top_builddir)/src/libudisks-daemon.la \
$(GLIB_LIBS) \
$(GIO_LIBS) \
$(GUDEV_LIBS) \
From 97bb17425e52ee6b2f11b13b3764d0dd6e8cfc97 Mon Sep 17 00:00:00 2001
From: orbea <orbea@riseup.net>
Date: Wed, 11 May 2022 07:55:25 -0700
Subject: [PATCH 3/3] modules/lvm2: Add missing dependency
---
modules/lvm2/Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules/lvm2/Makefile.am b/modules/lvm2/Makefile.am
index 3342ad8e9b..67b8aa6b3f 100644
--- a/modules/lvm2/Makefile.am
+++ b/modules/lvm2/Makefile.am
@@ -76,6 +76,7 @@ libudisks2_lvm2_la_LDFLAGS = \
$(NULL)
libudisks2_lvm2_la_LIBADD = \
+ $(top_builddir)/src/libudisks-daemon.la \
$(GLIB_LIBS) \
$(GIO_LIBS) \
$(GUDEV_LIBS) \
From 663f8194eeac75ec26fbfbd8855c5873315c495c Mon Sep 17 00:00:00 2001
From: Tomas Bzatek <tbzatek@redhat.com>
Date: Fri, 13 May 2022 17:04:52 +0200
Subject: [PATCH 1/3] modules/iscsi: Add missing linker dependency
---
modules/iscsi/Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules/iscsi/Makefile.am b/modules/iscsi/Makefile.am
index 05af5ece29..2cecc300e9 100644
--- a/modules/iscsi/Makefile.am
+++ b/modules/iscsi/Makefile.am
@@ -77,6 +77,7 @@ libudisks2_iscsi_la_LDFLAGS = \
$(NULL)
libudisks2_iscsi_la_LIBADD = \
+ $(top_builddir)/src/libudisks-daemon.la \
$(GLIB_LIBS) \
$(GIO_LIBS) \
$(GUDEV_LIBS) \
From 8ff2214d740f9819d6ede02534d7d0f23d6a3818 Mon Sep 17 00:00:00 2001
From: Tomas Bzatek <tbzatek@redhat.com>
Date: Fri, 13 May 2022 17:05:26 +0200
Subject: [PATCH 2/3] modules/lsm: Add missing linker dependency
---
modules/lsm/Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules/lsm/Makefile.am b/modules/lsm/Makefile.am
index 2193115417..b77a9013fa 100644
--- a/modules/lsm/Makefile.am
+++ b/modules/lsm/Makefile.am
@@ -71,6 +71,7 @@ libudisks2_lsm_la_LDFLAGS = \
$(NULL)
libudisks2_lsm_la_LIBADD = \
+ $(top_builddir)/src/libudisks-daemon.la \
$(GLIB_LIBS) \
$(GIO_LIBS) \
$(GUDEV_LIBS) \
From 4f59e7fd5b9ad94091230713c28f6a818269d48c Mon Sep 17 00:00:00 2001
From: Tomas Bzatek <tbzatek@redhat.com>
Date: Fri, 13 May 2022 17:05:43 +0200
Subject: [PATCH 3/3] modules/zram: Add missing linker dependency
---
modules/zram/Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules/zram/Makefile.am b/modules/zram/Makefile.am
index 9e5e9a6315..40f929583d 100644
--- a/modules/zram/Makefile.am
+++ b/modules/zram/Makefile.am
@@ -78,6 +78,7 @@ libudisks2_zram_la_LDFLAGS = \
$(NULL)
libudisks2_zram_la_LIBADD = \
+ $(top_builddir)/src/libudisks-daemon.la \
$(GLIB_LIBS) \
$(GIO_LIBS) \
$(GUDEV_LIBS) \

18
sdk_container/src/third_party/portage-stable/sys-fs/udisks/metadata.xml vendored Normal file
View File

@ -0,0 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>freedesktop-bugs@gentoo.org</email>
</maintainer>
<use>
<flag name="daemon">Build the system daemon, not just the client tool</flag>
<flag name="elogind">Use <pkg>sys-auth/elogind</pkg> for session tracking</flag>
<flag name="lvm">Add support for Logical Volume Management via <pkg>sys-fs/lvm2</pkg>.</flag>
<flag name="systemd">Support <pkg>sys-apps/systemd</pkg>'s logind</flag>
<flag name="vdo">Enable Virtual Data Optimizer support.</flag>
<flag name="zram">Enable ZRAM support (requires <pkg>sys-apps/systemd</pkg>).</flag>
</use>
<upstream>
<remote-id type="github">storaged-project/udisks</remote-id>
</upstream>
</pkgmetadata>

141
sdk_container/src/third_party/portage-stable/sys-fs/udisks/udisks-2.10.0.ebuild vendored Normal file
View File

@ -0,0 +1,141 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit autotools bash-completion-r1 linux-info systemd tmpfiles udev xdg-utils
DESCRIPTION="Daemon providing interfaces to work with storage devices"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/udisks"
SRC_URI="https://github.com/storaged-project/udisks/releases/download/${P}/${P}.tar.bz2"
LICENSE="LGPL-2+ GPL-2+"
SLOT="2"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~mips ~ppc64 ~riscv ~x86"
IUSE="acl +daemon debug elogind +introspection lvm nls selinux systemd"
REQUIRED_USE="
?? ( elogind systemd )
elogind? ( daemon )
systemd? ( daemon )
"
# See configure.ac file for the required min version
BLOCKDEV_MIN_VER="3.0"
COMMON_DEPEND="
>=sys-auth/polkit-0.114[daemon]
>=sys-libs/libblockdev-${BLOCKDEV_MIN_VER}:=[cryptsetup,lvm?,nvme]
virtual/udev
acl? ( virtual/acl )
daemon? (
>=dev-libs/glib-2.68:2
>=dev-libs/libatasmart-0.19
>=dev-libs/libgudev-165:=
)
elogind? ( >=sys-auth/elogind-219 )
introspection? ( >=dev-libs/gobject-introspection-1.30:= )
lvm? ( sys-fs/lvm2 )
systemd? ( >=sys-apps/systemd-209 )
"
# util-linux -> mount, umount, swapon, swapoff (see also #403073)
RDEPEND="${COMMON_DEPEND}
>=sys-block/parted-3
>=sys-apps/util-linux-2.30
selinux? ( sec-policy/selinux-devicekit )
"
DEPEND="${COMMON_DEPEND}
>=sys-kernel/linux-headers-3.1
"
BDEPEND="
app-text/docbook-xsl-stylesheets
>=dev-util/gdbus-codegen-2.32
>=dev-build/gtk-doc-am-1.3
virtual/pkgconfig
nls? ( >=sys-devel/gettext-0.19.8 )
dev-libs/gobject-introspection-common
dev-build/autoconf-archive
"
# If adding a eautoreconf, then these might be needed at buildtime:
# dev-libs/gobject-introspection-common
# dev-build/autoconf-archive
DOCS=( AUTHORS HACKING NEWS README.md )
pkg_setup() {
# Listing only major arch's here to avoid tracking kernel's defconfig
if use amd64 || use arm || use ppc || use ppc64 || use x86; then
CONFIG_CHECK="~!IDE" #319829
CONFIG_CHECK+=" ~TMPFS_POSIX_ACL" #412377
CONFIG_CHECK+=" ~NLS_UTF8" #425562
kernel_is lt 3 10 && CONFIG_CHECK+=" ~USB_SUSPEND" #331065, #477278
linux-info_pkg_setup
fi
}
src_prepare() {
xdg_environment_reset
default
if ! use systemd ; then
sed -i -e 's:libsystemd-login:&disable:' configure || die
fi
# Added for bug # 782061
eautoreconf
}
src_configure() {
local myeconfargs=(
--enable-btrfs
--disable-gtk-doc
--disable-static
--localstatedir="${EPREFIX}"/var
--with-html-dir="${EPREFIX}"/usr/share/gtk-doc/html
--with-modprobedir="${EPREFIX}"/lib/modprobe.d
--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
--with-tmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d
--with-udevdir="${EPREFIX}$(get_udevdir)"
$(use_enable acl)
$(use_enable daemon)
$(use_enable debug)
$(use_enable introspection)
$(use_enable lvm lvm2)
$(use_enable nls)
)
econf "${myeconfargs[@]}"
}
src_install() {
default
find "${ED}" -type f -name "*.la" -delete || die
keepdir /var/lib/udisks2 #383091
rm -rf "${ED}"/usr/share/bash-completion
dobashcomp data/completions/udisksctl
}
pkg_preinst() {
# Remove gtk-doc symlink, #597628
if [[ -L "${EROOT}"/usr/share/gtk-doc/html/udisks2 ]]; then
rm "${EROOT}"/usr/share/gtk-doc/html/udisks2 || die
fi
}
pkg_postinst() {
udev_reload
# TODO: obsolete with tmpfiles_process?
# mkdir -p "${EROOT}"/run #415987
tmpfiles_process udisks2.conf
# See pkg_postinst() of >=sys-apps/baselayout-2.1-r1. Keep in sync?
if ! grep -qs "^tmpfs.*/run " "${EROOT}"/proc/mounts ; then
echo
ewarn "You should reboot the system now to get /run mounted with tmpfs!"
fi
}
pkg_postrm() {
udev_reload
}

141
sdk_container/src/third_party/portage-stable/sys-fs/udisks/udisks-2.10.1.ebuild vendored Normal file
View File

@ -0,0 +1,141 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit autotools bash-completion-r1 linux-info systemd tmpfiles udev xdg-utils
DESCRIPTION="Daemon providing interfaces to work with storage devices"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/udisks"
SRC_URI="https://github.com/storaged-project/udisks/releases/download/${P}/${P}.tar.bz2"
LICENSE="LGPL-2+ GPL-2+"
SLOT="2"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~x86"
IUSE="acl +daemon debug elogind +introspection lvm nls selinux systemd"
REQUIRED_USE="
?? ( elogind systemd )
elogind? ( daemon )
systemd? ( daemon )
"
# See configure.ac file for the required min version
BLOCKDEV_MIN_VER="3.0"
COMMON_DEPEND="
>=sys-auth/polkit-0.114[daemon]
>=sys-libs/libblockdev-${BLOCKDEV_MIN_VER}:=[cryptsetup,lvm?,nvme]
virtual/udev
acl? ( virtual/acl )
daemon? (
>=dev-libs/glib-2.68:2
>=dev-libs/libatasmart-0.19
>=dev-libs/libgudev-165:=
)
elogind? ( >=sys-auth/elogind-219 )
introspection? ( >=dev-libs/gobject-introspection-1.30:= )
lvm? ( sys-fs/lvm2 )
systemd? ( >=sys-apps/systemd-209 )
"
# util-linux -> mount, umount, swapon, swapoff (see also #403073)
RDEPEND="${COMMON_DEPEND}
>=sys-block/parted-3
>=sys-apps/util-linux-2.30
selinux? ( sec-policy/selinux-devicekit )
"
DEPEND="${COMMON_DEPEND}
>=sys-kernel/linux-headers-3.1
"
BDEPEND="
app-text/docbook-xsl-stylesheets
>=dev-util/gdbus-codegen-2.32
>=dev-build/gtk-doc-am-1.3
virtual/pkgconfig
nls? ( >=sys-devel/gettext-0.19.8 )
dev-libs/gobject-introspection-common
dev-build/autoconf-archive
"
# If adding a eautoreconf, then these might be needed at buildtime:
# dev-libs/gobject-introspection-common
# dev-build/autoconf-archive
DOCS=( AUTHORS HACKING NEWS README.md )
pkg_setup() {
# Listing only major arch's here to avoid tracking kernel's defconfig
if use amd64 || use arm || use ppc || use ppc64 || use x86; then
CONFIG_CHECK="~!IDE" #319829
CONFIG_CHECK+=" ~TMPFS_POSIX_ACL" #412377
CONFIG_CHECK+=" ~NLS_UTF8" #425562
kernel_is lt 3 10 && CONFIG_CHECK+=" ~USB_SUSPEND" #331065, #477278
linux-info_pkg_setup
fi
}
src_prepare() {
xdg_environment_reset
default
if ! use systemd ; then
sed -i -e 's:libsystemd-login:&disable:' configure || die
fi
# Added for bug # 782061
eautoreconf
}
src_configure() {
local myeconfargs=(
--enable-btrfs
--disable-gtk-doc
--disable-static
--localstatedir="${EPREFIX}"/var
--with-html-dir="${EPREFIX}"/usr/share/gtk-doc/html
--with-modprobedir="${EPREFIX}"/lib/modprobe.d
--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
--with-tmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d
--with-udevdir="${EPREFIX}$(get_udevdir)"
$(use_enable acl)
$(use_enable daemon)
$(use_enable debug)
$(use_enable introspection)
$(use_enable lvm lvm2)
$(use_enable nls)
)
econf "${myeconfargs[@]}"
}
src_install() {
default
find "${ED}" -type f -name "*.la" -delete || die
keepdir /var/lib/udisks2 #383091
rm -rf "${ED}"/usr/share/bash-completion
dobashcomp data/completions/udisksctl
}
pkg_preinst() {
# Remove gtk-doc symlink, #597628
if [[ -L "${EROOT}"/usr/share/gtk-doc/html/udisks2 ]]; then
rm "${EROOT}"/usr/share/gtk-doc/html/udisks2 || die
fi
}
pkg_postinst() {
udev_reload
# TODO: obsolete with tmpfiles_process?
# mkdir -p "${EROOT}"/run #415987
tmpfiles_process udisks2.conf
# See pkg_postinst() of >=sys-apps/baselayout-2.1-r1. Keep in sync?
if ! grep -qs "^tmpfs.*/run " "${EROOT}"/proc/mounts ; then
echo
ewarn "You should reboot the system now to get /run mounted with tmpfs!"
fi
}
pkg_postrm() {
udev_reload
}

150
sdk_container/src/third_party/portage-stable/sys-fs/udisks/udisks-2.9.4-r3.ebuild vendored Normal file
View File

@ -0,0 +1,150 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit autotools bash-completion-r1 linux-info systemd tmpfiles udev xdg-utils
DESCRIPTION="Daemon providing interfaces to work with storage devices"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/udisks"
SRC_URI="https://github.com/storaged-project/udisks/releases/download/${P}/${P}.tar.bz2"
LICENSE="LGPL-2+ GPL-2+"
SLOT="2"
KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~loong ~mips ppc ppc64 ~riscv sparc x86"
IUSE="acl +daemon debug elogind +introspection lvm nls selinux systemd vdo zram"
REQUIRED_USE="
?? ( elogind systemd )
elogind? ( daemon )
systemd? ( daemon )
zram? ( systemd )
"
# See configure.ac file for the required min version
BLOCKDEV_MIN_VER="2.25"
# <libblockdev-3 dep for bug #910077, should go away with udisks-2.10
COMMON_DEPEND="
>=sys-auth/polkit-0.114
>=sys-libs/libblockdev-${BLOCKDEV_MIN_VER}:=[cryptsetup,lvm?,vdo(-)?]
<sys-libs/libblockdev-3[cryptsetup,lvm?,vdo(-)?]
virtual/udev
acl? ( virtual/acl )
daemon? (
>=dev-libs/glib-2.50:2
>=dev-libs/libatasmart-0.19
>=dev-libs/libgudev-165:=
)
elogind? ( >=sys-auth/elogind-219 )
introspection? ( >=dev-libs/gobject-introspection-1.30:= )
lvm? ( sys-fs/lvm2 )
systemd? ( >=sys-apps/systemd-209 )
zram? ( >=sys-libs/libblockdev-${BLOCKDEV_MIN_VER}[kbd(-)] )
"
# util-linux -> mount, umount, swapon, swapoff (see also #403073)
RDEPEND="${COMMON_DEPEND}
>=sys-block/parted-3
>=sys-apps/util-linux-2.30
selinux? ( sec-policy/selinux-devicekit )
"
DEPEND="${COMMON_DEPEND}
>=sys-kernel/linux-headers-3.1
"
BDEPEND="
app-text/docbook-xsl-stylesheets
>=dev-util/gdbus-codegen-2.32
>=dev-build/gtk-doc-am-1.3
virtual/pkgconfig
nls? ( >=sys-devel/gettext-0.19.8 )
"
# If adding a eautoreconf, then these might be needed at buildtime:
# dev-libs/gobject-introspection-common
# dev-build/autoconf-archive
DOCS=( AUTHORS HACKING NEWS README.md )
PATCHES=(
"${FILESDIR}/${P}-undefined.patch" # 782061
)
pkg_setup() {
# Listing only major arch's here to avoid tracking kernel's defconfig
if use amd64 || use arm || use ppc || use ppc64 || use x86; then
CONFIG_CHECK="~!IDE" #319829
CONFIG_CHECK+=" ~TMPFS_POSIX_ACL" #412377
CONFIG_CHECK+=" ~NLS_UTF8" #425562
kernel_is lt 3 10 && CONFIG_CHECK+=" ~USB_SUSPEND" #331065, #477278
linux-info_pkg_setup
fi
}
src_prepare() {
xdg_environment_reset
default
if ! use systemd ; then
sed -i -e 's:libsystemd-login:&disable:' configure || die
fi
# Added for bug # 782061
eautoreconf
}
src_configure() {
local myeconfargs=(
--enable-btrfs
--disable-gtk-doc
--disable-static
--localstatedir="${EPREFIX}"/var
--with-html-dir="${EPREFIX}"/usr/share/gtk-doc/html
--with-modprobedir="${EPREFIX}"/lib/modprobe.d
--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
--with-tmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d
--with-udevdir="${EPREFIX}$(get_udevdir)"
$(use_enable acl)
$(use_enable daemon)
$(use_enable debug)
$(use_enable introspection)
$(use_enable lvm lvm2)
$(use_enable lvm lvmcache)
$(use_enable nls)
$(use_enable vdo)
$(use_enable zram)
)
econf "${myeconfargs[@]}"
}
src_install() {
default
find "${ED}" -type f -name "*.la" -delete || die
keepdir /var/lib/udisks2 #383091
rm -rf "${ED}"/usr/share/bash-completion
dobashcomp data/completions/udisksctl
}
pkg_preinst() {
# Remove gtk-doc symlink, #597628
if [[ -L "${EROOT}"/usr/share/gtk-doc/html/udisks2 ]]; then
rm "${EROOT}"/usr/share/gtk-doc/html/udisks2 || die
fi
}
pkg_postinst() {
udev_reload
# TODO: obsolete with tmpfiles_process?
# mkdir -p "${EROOT}"/run #415987
tmpfiles_process udisks2.conf
# See pkg_postinst() of >=sys-apps/baselayout-2.1-r1. Keep in sync?
if ! grep -qs "^tmpfs.*/run " "${EROOT}"/proc/mounts ; then
echo
ewarn "You should reboot the system now to get /run mounted with tmpfs!"
fi
}
pkg_postrm() {
udev_reload
}

1
sdk_container/src/third_party/portage-stable/sys-libs/cracklib/Manifest vendored Normal file
View File

@ -0,0 +1 @@
DIST cracklib-2.9.11.tar.xz 461116 BLAKE2B 46b499e465c1c268b772781a9c8ce573a5167ae2e0ac919b403acdb9a14c35140dfb53909eef6e41600e26c2f87d905b3d6d05380c66f053d091765b58a264f4 SHA512 c32e509f757344a1f0b7032ad3b6dc47a8759852a94e511c92073d85bce55f45d48c389d9eb34c993e1d61ad5c1542150672f3e8bc147148ebbb04d3319a2409

130
sdk_container/src/third_party/portage-stable/sys-libs/cracklib/cracklib-2.9.11.ebuild vendored Normal file
View File

@ -0,0 +1,130 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
# Note: ideally bump with sys-apps/cracklib-words
DISTUTILS_OPTIONAL=1
DISTUTILS_USE_PEP517=setuptools
PYTHON_COMPAT=( python3_{9..11} )
inherit distutils-r1 libtool multilib-minimal usr-ldscript
MY_P=${P/_}
DESCRIPTION="Password Checking Library"
HOMEPAGE="https://github.com/cracklib/cracklib/"
SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${PV}/${P}.tar.xz"
S="${WORKDIR}"/${MY_P}
LICENSE="LGPL-2.1"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos"
IUSE="nls python static-libs zlib"
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
RDEPEND="
python? ( ${PYTHON_DEPS} )
zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )
"
DEPEND="
${RDEPEND}
nls? ( virtual/libintl )
"
BDEPEND="
nls? ( sys-devel/gettext )
python? ( ${DISTUTILS_DEPS} )
"
distutils_enable_tests unittest
pkg_setup() {
# Workaround bug #195017
if has unmerge-orphans ${FEATURES} && has_version "<${CATEGORY}/${PN}-2.8.10" ; then
eerror "Upgrade path is broken with FEATURES=unmerge-orphans"
eerror "Please run: FEATURES=-unmerge-orphans emerge cracklib"
die "Please run: FEATURES=-unmerge-orphans emerge cracklib"
fi
}
src_prepare() {
default
# bug #269003
elibtoolize
if use python ; then
distutils-r1_src_prepare
fi
}
multilib_src_configure() {
local myeconfargs=(
# use /usr/lib so that the dictionary is shared between ABIs
--with-default-dict="/usr/lib/cracklib_dict"
--without-python
$(use_enable nls)
$(use_enable static-libs static)
)
export ac_cv_header_zlib_h=$(usex zlib)
export ac_cv_search_gzopen=$(usex zlib -lz no)
ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
}
multilib_src_compile() {
default
if multilib_is_native_abi && use python ; then
local -x CFLAGS="${CFLAGS} -DLOCALEDIR='\"${EPREFIX}/usr/share/locale\"' -DDEFAULT_CRACKLIB_DICT=\'${EPREFIX}/usr/lib/cracklib_dict\'"
cd python || die
distutils-r1_src_compile
fi
}
multilib_src_test() {
default
if multilib_is_native_abi && use python ; then
distutils-r1_src_test
fi
}
python_test() {
cd "${S}"/python || die
# Make sure we load the freshly built library
local -x LD_LIBRARY_PATH="${BUILD_DIR/-${EPYTHON/./_}}/lib/.libs:${BUILD_DIR}/lib:${LD_LIBRARY_PATH}"
eunittest
}
multilib_src_install() {
default
# Move shared libs to /
gen_usr_ldscript -a crack
if multilib_is_native_abi && use python ; then
cd python || die
distutils-r1_src_install
fi
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name "*.la" -delete || die
rm -r "${ED}"/usr/share/cracklib || die
insinto /usr/share/dict
doins dicts/cracklib-small
}
pkg_postinst() {
if [[ -z ${ROOT} ]] ; then
ebegin "Regenerating cracklib dictionary"
create-cracklib-dict "${EPREFIX}"/usr/share/dict/* > /dev/null
eend $?
fi
}

12
sdk_container/src/third_party/portage-stable/sys-libs/cracklib/metadata.xml vendored Normal file
View File

@ -0,0 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>base-system@gentoo.org</email>
<name>Gentoo Base System</name>
</maintainer>
<upstream>
<remote-id type="sourceforge">cracklib</remote-id>
<remote-id type="github">cracklib/cracklib</remote-id>
</upstream>
</pkgmetadata>

3
sdk_container/src/third_party/portage-stable/sys-libs/libblockdev/Manifest vendored Normal file
View File

@ -0,0 +1,3 @@
DIST libblockdev-2.28.tar.gz 925698 BLAKE2B 63ac7ab5bd02c1ef1848d0b252e09fe721cfe86258f063b7bab616766cbc56311707dcb2dd3a1fadf0e0840187f121aa178fd5959500cd590b846238a9d3e36e SHA512 9e01c41db4f728c8e81e710c6bb4725bbe34b3a7de25ff7f57b7b88ca6b7b5debbe858947585d314770036b2c3c533f9f8ff3d038b7ca50eee3d18f9fbe0d392
DIST libblockdev-3.0.3.tar.gz 1048628 BLAKE2B c26a806797effc7231a0eb92f1b8cd74e548da5b1800cddd75a21e7df327be8371edabc2e9a39a727291f365b6a4f6242f78b66396adc4526b41749219f0429f SHA512 f2cc6fbe1df6fd9886016177a4a94984d704f3b402c7090344c581afb89f7cb050c9516c52974157a99ea6c6239f6a1f6079cde0b43a2336af0daca7311ca788
DIST libblockdev-3.0.4.tar.gz 1050971 BLAKE2B e31ecb04310c2c66cbe432c1e003b3c3241f318f78916d5c61c0efca37fa677e5f857eab9b7c3bfc7c5a589350cdef12402940d28af68ab9fc95e5da6852ddf1 SHA512 82b574c1f8e301d6e9ff07f8c3d2a351a5bc966b5d65a3b578c214e03e48b54270b54176d646ac15e8119c79536d08b36415de478ffd34c8b3fe536300fc5172

23
sdk_container/src/third_party/portage-stable/sys-libs/libblockdev/files/libblockdev-2.28-sh_tests.patch vendored Normal file
View File

@ -0,0 +1,23 @@
bash is fine with "test . == ." but e.g. dash fails on not having
the two dots quoted as strings.
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -2,7 +2,7 @@
html-doc.stamp: ${srcdir}/libblockdev-docs.xml ${srcdir}/libblockdev-sections.txt $(wildcard ${srcdir}/../src/plugins/*.[ch]) $(wildcard ${srcdir}/../src/lib/*.[ch]) $(wildcard ${srcdir}/../src/utils/*.[ch])
touch ${builddir}/html-doc.stamp
- test ${builddir} == ${srcdir} || cp ${srcdir}/libblockdev-sections.txt ${srcdir}/libblockdev-docs.xml ${builddir}
+ test "${builddir}" == "${srcdir}" || cp ${srcdir}/libblockdev-sections.txt ${srcdir}/libblockdev-docs.xml ${builddir}
gtkdoc-scan --rebuild-types --module=libblockdev --source-dir=${srcdir}/../src/plugins/ --source-dir=${srcdir}/../src/lib/ --source-dir=${srcdir}/../src/utils/
gtkdoc-mkdb --module=libblockdev --output-format=xml --source-dir=${srcdir}/../src/plugins/ --source-dir=${srcdir}/../src/lib/ --source-dir=${srcdir}/../src/utils/ --source-suffixes=c,h
test -d ${builddir}/html || mkdir ${builddir}/html
@@ -13,7 +13,7 @@
-rm -rf ${builddir}/html
-rm -rf ${builddir}/xml
test ! -f ${builddir}/html-doc.stamp || rm ${builddir}/html-doc.stamp
- test ${builddir} == ${srcdir} || rm -f ${builddir}/libblockdev-sections.txt ${builddir}/libblockdev-docs.xml
+ test "${builddir}" == "${srcdir}" || rm -f ${builddir}/libblockdev-sections.txt ${builddir}/libblockdev-docs.xml
install-data-local:
test -d ${DESTDIR}${datadir}/gtk-doc/html/libblockdev || mkdir -p ${DESTDIR}${datadir}/gtk-doc/html/libblockdev

30
sdk_container/src/third_party/portage-stable/sys-libs/libblockdev/files/libblockdev-3.0.4-add-non-systemd-method-for-distro-info.patch vendored Normal file
View File

@ -0,0 +1,30 @@
From ec8cab726abe60ba5c7ffcce07905b29c5376163 Mon Sep 17 00:00:00 2001
From: Alfred Wingate <parona@protonmail.com>
Date: Mon, 13 Nov 2023 16:21:44 +0200
Subject: [PATCH] Add non-systemd method to get distro name and version
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -514,10 +514,16 @@ def get_version():
""" Try to get distro and version
"""
- bus = dbus.SystemBus()
+ try:
+ bus = dbus.SystemBus()
+
+ # get information about the distribution from systemd (hostname1)
+ sys_info = bus.get_object("org.freedesktop.hostname1", "/org/freedesktop/hostname1")
+ except dbus.exceptions.DBusException:
+ import platform
+ info = platform.freedesktop_os_release()
+ return (info["NAME"], info["VERSION_ID"])
- # get information about the distribution from systemd (hostname1)
- sys_info = bus.get_object("org.freedesktop.hostname1", "/org/freedesktop/hostname1")
cpe = str(sys_info.Get("org.freedesktop.hostname1", "OperatingSystemCPEName", dbus_interface=dbus.PROPERTIES_IFACE))
if cpe:
--
2.42.1

136
sdk_container/src/third_party/portage-stable/sys-libs/libblockdev/libblockdev-2.28-r1.ebuild vendored Normal file
View File

@ -0,0 +1,136 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{10..11} )
inherit autotools python-single-r1 xdg-utils
DESCRIPTION="A library for manipulating block devices"
HOMEPAGE="https://github.com/storaged-project/libblockdev"
if [[ "${PV}" == *9999 ]] ; then
inherit git-r3
EGIT_REPO_URI="https://github.com/storaged-project/libblockdev.git"
BDEPEND="
dev-build/autoconf-archive
"
else
MY_PV="${PV}-1"
SRC_URI="https://github.com/storaged-project/${PN}/releases/download/${MY_PV}/${P}.tar.gz"
KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~loong ~mips ppc ppc64 ~riscv sparc x86"
fi
LICENSE="LGPL-2+"
SLOT="0/2" # subslot is SOVERSION
IUSE="bcache +cryptsetup device-mapper dmraid escrow gtk-doc introspection lvm kbd test +tools vdo"
# Tests require root. In a future release, we may be able to run a smaller
# subset with new run_tests.py arguments.
RESTRICT="!test? ( test ) test"
RDEPEND="
>=dev-libs/glib-2.42.2
dev-libs/libbytesize
>=sys-apps/kmod-19
>=sys-apps/util-linux-2.27
>=sys-block/parted-3.1
cryptsetup? (
escrow? (
>=dev-libs/nss-3.18.0
dev-libs/volume_key
)
>=sys-fs/cryptsetup-1.6.7:=
)
device-mapper? ( sys-fs/lvm2 )
dmraid? (
sys-fs/dmraid
sys-fs/lvm2
)
lvm? (
sys-fs/lvm2
virtual/udev
)
vdo? ( dev-libs/libyaml )
${PYTHON_DEPS}
"
DEPEND="
${RDEPEND}
"
# TODO: relax libbytesize condition once it has gained py3.11 support
BDEPEND+="
dev-build/gtk-doc-am
gtk-doc? ( dev-util/gtk-doc )
introspection? ( >=dev-libs/gobject-introspection-1.3.0 )
test? (
$(python_gen_cond_dep '
dev-libs/libbytesize[python,${PYTHON_USEDEP}]
' python3_{9..10} )
sys-block/targetcli-fb
)
"
REQUIRED_USE="${PYTHON_REQUIRED_USE}
escrow? ( cryptsetup )"
PATCHES=(
"${FILESDIR}"/${PN}-2.28-sh_tests.patch
)
pkg_setup() {
python-single-r1_pkg_setup
}
src_prepare() {
xdg_environment_reset #623992
default
# https://bugs.gentoo.org/744289
find -type f \( -name "Makefile.am" -o -name "configure.ac" \) -print0 \
| xargs --null sed "s@ -Werror@@" -i || die
eautoreconf
}
src_configure() {
local myeconfargs=(
--with-btrfs
--with-fs
--with-part
--with-python3
--without-mpath
--without-nvdimm
--without-python2
$(use_enable introspection)
$(use_enable test tests)
$(use_with bcache)
$(use_with cryptsetup crypto)
$(use_with device-mapper dm)
$(use_with dmraid)
$(use_with escrow)
$(use_with gtk-doc)
$(use_with kbd)
$(use_with lvm lvm)
$(use_with lvm lvm-dbus)
$(use_with tools)
$(use_with vdo)
)
econf "${myeconfargs[@]}"
}
src_test() {
# See http://storaged.org/libblockdev/ch03.html
# The 'check' target just does Pylint.
# ... but it needs root.
emake test
}
src_install() {
default
find "${ED}" -type f -name "*.la" -delete || die
# This is installed even with USE=-lvm, but libbd_lvm are omitted so it
# doesn't work at all.
if ! use lvm ; then
rm -f "${ED}"/usr/bin/lvm-cache-stats || die
fi
python_optimize #718576
}

131
sdk_container/src/third_party/portage-stable/sys-libs/libblockdev/libblockdev-3.0.3.ebuild vendored Normal file
View File

@ -0,0 +1,131 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{10..11} )
inherit autotools python-single-r1 toolchain-funcs xdg-utils
DESCRIPTION="A library for manipulating block devices"
HOMEPAGE="https://github.com/storaged-project/libblockdev"
if [[ "${PV}" == *9999 ]] ; then
inherit git-r3
EGIT_REPO_URI="https://github.com/storaged-project/libblockdev.git"
BDEPEND="
dev-build/autoconf-archive
"
else
MY_PV="${PV}-1"
SRC_URI="https://github.com/storaged-project/${PN}/releases/download/${MY_PV}/${P}.tar.gz"
KEYWORDS="~alpha amd64 arm arm64 ~loong ~mips ppc64 ~riscv x86"
fi
LICENSE="LGPL-2+"
SLOT="0/3" # subslot is SOVERSION
IUSE="+cryptsetup device-mapper escrow gtk-doc introspection lvm +nvme test +tools"
# Tests require root. In a future release, we may be able to run a smaller
# subset with new run_tests.py arguments.
RESTRICT="!test? ( test ) test"
RDEPEND="
>=dev-libs/glib-2.42.2
dev-libs/libbytesize
sys-apps/gptfdisk
>=sys-apps/kmod-19
>=sys-apps/util-linux-2.27
>=sys-block/parted-3.1
cryptsetup? (
escrow? (
>=dev-libs/nss-3.18.0
dev-libs/volume_key
)
>=sys-apps/keyutils-1.5.0:=
>=sys-fs/cryptsetup-2.3.0:=
)
device-mapper? ( sys-fs/lvm2 )
lvm? (
sys-fs/lvm2
virtual/udev
)
nvme? ( sys-libs/libnvme )
${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pygobject:3[${PYTHON_USEDEP}]
')
"
DEPEND="${RDEPEND}"
BDEPEND+="
dev-build/gtk-doc-am
gtk-doc? ( dev-util/gtk-doc )
introspection? ( >=dev-libs/gobject-introspection-1.3.0 )
test? (
$(python_gen_cond_dep '
dev-libs/libbytesize[python,${PYTHON_USEDEP}]
')
sys-block/targetcli-fb
)
"
REQUIRED_USE="${PYTHON_REQUIRED_USE}
escrow? ( cryptsetup )"
pkg_setup() {
python-single-r1_pkg_setup
}
src_prepare() {
xdg_environment_reset #623992
default
# https://bugs.gentoo.org/744289
find -type f \( -name "Makefile.am" -o -name "configure.ac" \) -print0 \
| xargs --null sed "s@ -Werror@@" -i || die
eautoreconf
}
src_configure() {
# Bug #910487
if tc-ld-is-lld; then
tc-ld-force-bfd
fi
local myeconfargs=(
--with-btrfs
--with-fs
--with-part
--with-python3
--without-mpath
--without-nvdimm
$(use_enable introspection)
$(use_enable test tests)
$(use_with cryptsetup crypto)
$(use_with device-mapper dm)
$(use_with escrow)
$(use_with gtk-doc)
$(use_with lvm lvm)
$(use_with lvm lvm-dbus)
$(use_with nvme)
$(use_with tools)
)
econf "${myeconfargs[@]}"
}
src_test() {
# See http://storaged.org/libblockdev/ch03.html
# The 'check' target just does Pylint.
# ... but it needs root.
emake test
}
src_install() {
default
find "${ED}" -type f -name "*.la" -delete || die
# This is installed even with USE=-lvm, but libbd_lvm are omitted so it
# doesn't work at all.
if ! use lvm ; then
rm -f "${ED}"/usr/bin/lvm-cache-stats || die
fi
python_optimize #718576
}

132
sdk_container/src/third_party/portage-stable/sys-libs/libblockdev/libblockdev-3.0.4.ebuild vendored Normal file
View File

@ -0,0 +1,132 @@
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
PYTHON_COMPAT=( python3_{10..12} )
inherit autotools python-single-r1 xdg-utils
DESCRIPTION="A library for manipulating block devices"
HOMEPAGE="https://github.com/storaged-project/libblockdev"
if [[ "${PV}" == *9999 ]] ; then
inherit git-r3
EGIT_REPO_URI="https://github.com/storaged-project/libblockdev.git"
BDEPEND="
dev-build/autoconf-archive
"
else
MY_PV="${PV}-1"
SRC_URI="https://github.com/storaged-project/${PN}/releases/download/${MY_PV}/${P}.tar.gz"
KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~loong ~mips ~ppc ppc64 ~riscv x86"
fi
LICENSE="LGPL-2+"
SLOT="0/3" # subslot is SOVERSION
IUSE="+cryptsetup device-mapper escrow gtk-doc introspection lvm +nvme test +tools"
RESTRICT="!test? ( test )"
RDEPEND="
>=dev-libs/glib-2.42.2
dev-libs/libbytesize
sys-apps/gptfdisk
>=sys-apps/kmod-19
>=sys-apps/util-linux-2.27
>=sys-block/parted-3.1
cryptsetup? (
escrow? (
>=dev-libs/nss-3.18.0
dev-libs/volume_key
)
>=sys-apps/keyutils-1.5.0:=
>=sys-fs/cryptsetup-2.3.0:=
)
device-mapper? ( sys-fs/lvm2 )
lvm? (
sys-fs/lvm2
virtual/udev
)
nvme? ( sys-libs/libnvme )
${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pygobject:3[${PYTHON_USEDEP}]
')
"
DEPEND="${RDEPEND}"
BDEPEND+="
dev-build/gtk-doc-am
gtk-doc? ( dev-util/gtk-doc )
introspection? ( >=dev-libs/gobject-introspection-1.3.0 )
test? (
$(python_gen_cond_dep '
dev-libs/libbytesize[python,${PYTHON_USEDEP}]
dev-python/dbus-python[${PYTHON_USEDEP}]
dev-python/pyyaml[${PYTHON_USEDEP}]
')
sys-apps/lsb-release
sys-block/targetcli-fb
)
"
REQUIRED_USE="${PYTHON_REQUIRED_USE}
escrow? ( cryptsetup )
test? ( introspection lvm )
"
PATCHES=(
"${FILESDIR}/libblockdev-3.0.4-add-non-systemd-method-for-distro-info.patch"
)
pkg_setup() {
python-single-r1_pkg_setup
}
src_prepare() {
xdg_environment_reset #623992
default
# https://bugs.gentoo.org/744289
find -type f \( -name "Makefile.am" -o -name "configure.ac" \) -print0 \
| xargs --null sed "s@ -Werror@@" -i || die
eautoreconf
}
src_configure() {
local myeconfargs=(
--with-btrfs
--with-fs
--with-part
--with-python3
--without-mpath
--without-nvdimm
$(use_enable introspection)
$(use_enable test tests)
$(use_with cryptsetup crypto)
$(use_with device-mapper dm)
$(use_with escrow)
$(use_with gtk-doc)
$(use_with lvm lvm)
$(use_with lvm lvm-dbus)
$(use_with nvme)
$(use_with tools)
)
econf "${myeconfargs[@]}"
}
src_test() {
# See http://storaged.org/libblockdev/ch03.html
# Largest subset which doesn't require root priviledges
${EPYTHON} tests/run_tests.py --include-tags extradeps sourceonly || die
}
src_install() {
default
find "${ED}" -type f -name "*.la" -delete || die
# This is installed even with USE=-lvm, but libbd_lvm are omitted so it
# doesn't work at all.
if ! use lvm ; then
rm -f "${ED}"/usr/bin/lvm-cache-stats || die
fi
python_optimize #718576
}

23
sdk_container/src/third_party/portage-stable/sys-libs/libblockdev/metadata.xml vendored Normal file
View File

@ -0,0 +1,23 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>marecki@gentoo.org</email>
<name>Marek Szuba</name>
</maintainer>
<use>
<flag name="bcache">Enable block device cache support.</flag>
<flag name="cryptsetup">Enable <pkg>sys-fs/cryptsetup</pkg> support</flag>
<flag name="device-mapper">Enable support for device-mapper from <pkg>sys-fs/lvm2</pkg></flag>
<flag name="dmraid">Support for dmraid devices, also known as ATA-RAID, or Fake RAID.</flag>
<flag name="escrow">Support for building crypto plugin with escrow device support</flag>
<flag name="kbd">Enable kernel block device support.</flag>
<flag name="lvm">Enable support for Logical Volume Management via <pkg>sys-fs/lvm2</pkg>.</flag>
<flag name="nvme">Add nvme support via <pkg>sys-libs/libnvme</pkg></flag>
<flag name="tools">Build tools</flag>
<flag name="vdo">Enable Virtual Data Optimizer support.</flag>
</use>
<upstream>
<remote-id type="github">storaged-project/libblockdev</remote-id>
</upstream>
</pkgmetadata>