From 41382177090d278afd39b09f90040ec7f7ec9ba4 Mon Sep 17 00:00:00 2001
From: David Michael <dm0@redhat.com>
Date: Sat, 25 May 2019 00:04:56 +0000
Subject: [PATCH] sys-libs/glibc: Apply CoreOS changes

Drop pkg_pretend since it breaks build_image if cross-compilers are
not installed yet (e.g. in Jenkins jobs).

Drop the libidn2 runtime dependency since it breaks bootstrapping,
and it's dlopen()ed so the resolver can work without it.

Drop the host /dev/pts checks since the SDK doesn't control it.

Apply our gshadow segfault patch.  (We no longer steal Fedora's
patch for C UTF-8 since it's in the Gentoo patch set now.)

Install nscd.conf in /usr and set up tmpfiles to link it in /etc.

Wipe out /etc files (except for an environment file that is still
needed in the SDK).
---
 .../metadata/md5-cache/sys-libs/glibc-2.29-r2 |   6 +-
 .../glibc-2.25-gshadow-handle-erange.patch    | 114 ++++++++++++++++++
 .../sys-libs/glibc/files/nscd-conf.tmpfiles   |   2 +
 .../sys-libs/glibc/glibc-2.29-r2.ebuild       |  33 +++--
 4 files changed, 140 insertions(+), 15 deletions(-)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.25/glibc-2.25-gshadow-handle-erange.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nscd-conf.tmpfiles

diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/glibc-2.29-r2 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/glibc-2.29-r2
index 5084f24345..971ca78ee1 100644
--- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/glibc-2.29-r2
+++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/glibc-2.29-r2
@@ -1,4 +1,4 @@
-DEFINED_PHASES=compile configure install postinst preinst prepare pretend setup test unpack
+DEFINED_PHASES=compile configure install postinst preinst prepare setup test unpack
 DEPEND=nscd? ( selinux? ( audit? ( sys-process/audit ) caps? ( sys-libs/libcap ) ) ) suid? ( caps? ( sys-libs/libcap ) ) selinux? ( sys-libs/libselinux ) systemtap? ( dev-util/systemtap ) || ( dev-lang/python:3.7 dev-lang/python:3.6 dev-lang/python:3.5 ) >=app-misc/pax-utils-0.1.10 sys-devel/bison !<sys-apps/sandbox-1.6 !<sys-apps/portage-2.1.2 !<sys-devel/bison-2.7 !<sys-devel/make-4 doc? ( sys-apps/texinfo ) test? ( >=net-dns/libidn2-2.0.5 ) >=sys-devel/binutils-2.24 >=sys-devel/gcc-6 virtual/os-headers sys-devel/gnuconfig virtual/pkgconfig
 DESCRIPTION=GNU libc C library
 EAPI=6
@@ -7,9 +7,9 @@ IUSE=audit caps cet compile-locales doc gd headers-only +multiarch multilib nscd
 KEYWORDS=~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc x86
 LICENSE=LGPL-2.1+ BSD HPND ISC inner-net rc PCRE
 PDEPEND=!vanilla? ( sys-libs/timezone-data )
-RDEPEND=nscd? ( selinux? ( audit? ( sys-process/audit ) caps? ( sys-libs/libcap ) ) ) suid? ( caps? ( sys-libs/libcap ) ) selinux? ( sys-libs/libselinux ) systemtap? ( dev-util/systemtap ) sys-apps/gentoo-functions !sys-kernel/ps3-sources !sys-libs/nss-db >=net-dns/libidn2-2.0.5 vanilla? ( !sys-libs/timezone-data )
+RDEPEND=nscd? ( selinux? ( audit? ( sys-process/audit ) caps? ( sys-libs/libcap ) ) ) suid? ( caps? ( sys-libs/libcap ) ) selinux? ( sys-libs/libselinux ) systemtap? ( dev-util/systemtap ) sys-apps/gentoo-functions !sys-kernel/ps3-sources !sys-libs/nss-db vanilla? ( !sys-libs/timezone-data )
 RESTRICT=strip
 SLOT=2.2
 SRC_URI=mirror://gnu/glibc/glibc-2.29.tar.xz https://dev.gentoo.org/~dilfridge/distfiles/glibc-2.29-patches-3.tar.xz multilib? ( https://dev.gentoo.org/~dilfridge/distfiles/gcc-multilib-bootstrap-20180511.tar.xz )
 _eclasses_=desktop	b1d22ac8bdd4679ab79c71aca235009d	eapi7-ver	756b3f27d8e46131d5cf3c51bd876446	epatch	a1bf4756dba418a7238f3be0cb010c54	estack	43ddf5aaffa7a8d0482df54d25a66a1f	eutils	6e6c2737b59a4b982de6fb3ecefd87f8	flag-o-matic	a09389deba2c0a7108b581e02c7cecbf	gnuconfig	b8ec1c34be4ff9dac7ad4034d277936b	ltprune	2729691420b6deeda2a90b1f1183fb55	multilib	1d91b03d42ab6308b5f4f6b598ed110e	multiprocessing	cac3169468f893670dac3e7cb940e045	prefix	e51c7882b7b721e54e684f7eb143cbfe	preserve-libs	ef207dc62baddfddfd39a164d9797648	python-any-r1	4900ae970f827a22d33d41bd8b8f9ace	python-utils-r1	08e17157a6807add7db1f8d01e7e391f	systemd	71fd8d2065d102753fb9e4d20eaf3e9f	toolchain-funcs	8c7f9d80beedd16f2e5a7f612c609529	vcs-clean	2a0f74a496fa2b1552c4f3398258b7bf
-_md5_=30979c9f59c01b26585992a380d11aaa
+_md5_=aeb85a7df94aaf5745418ae1a2a73183
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.25/glibc-2.25-gshadow-handle-erange.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.25/glibc-2.25-gshadow-handle-erange.patch
new file mode 100644
index 0000000000..d223e9f088
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/2.25/glibc-2.25-gshadow-handle-erange.patch
@@ -0,0 +1,114 @@
+From 74250a7cdf106d4ca7d9506e6d5dc7c448dc3434 Mon Sep 17 00:00:00 2001
+From: David Michael <david.michael@coreos.com>
+Date: Thu, 15 Dec 2016 15:22:57 -0800
+Subject: [PATCH] gshadow: Sync fgetsgent_r.c with grp/fgetgrent_r.c
+
+	[BZ #20338]
+	* gshadow/fgetsgent_r.c: Include <libio/iolibio.h>.
+	(flockfile): New macro.
+	(funlockfile): Likewise.
+	(__fgetsgent_r): Sync with __fgetgrent_r.
+	* nss/nss_files/files-sgrp.c: Fix "fgetsgent_r.c" typo.
+---
+ gshadow/fgetsgent_r.c      | 35 ++++++++++++++++++++++++-----------
+ nss/nss_files/files-sgrp.c |  2 +-
+ 2 files changed, 25 insertions(+), 12 deletions(-)
+
+diff --git a/gshadow/fgetsgent_r.c b/gshadow/fgetsgent_r.c
+index b70f6fa..02cd33a 100644
+--- a/gshadow/fgetsgent_r.c
++++ b/gshadow/fgetsgent_r.c
+@@ -20,39 +20,44 @@
+ #include <gshadow.h>
+ #include <stdio.h>
+ 
++#include <libio/iolibio.h>
++#define flockfile(s) _IO_flockfile (s)
++#define funlockfile(s) _IO_funlockfile (s)
++
+ /* Define a line parsing function using the common code
+    used in the nss_files module.  */
+ 
+ #define STRUCTURE	sgrp
+ #define ENTNAME		sgent
+-#define	EXTERN_PARSER	1
++#define EXTERN_PARSER	1
+ struct sgent_data {};
+ 
+ #include <nss/nss_files/files-parse.c>
+ 
+ 
+-/* Read one shadow entry from the given stream.  */
++/* Read one entry from the given stream.  */
+ int
+ __fgetsgent_r (FILE *stream, struct sgrp *resbuf, char *buffer, size_t buflen,
+ 	       struct sgrp **result)
+ {
+   char *p;
++  int parse_result;
+ 
+-  _IO_flockfile (stream);
++  flockfile (stream);
+   do
+     {
+       buffer[buflen - 1] = '\xff';
+       p = fgets_unlocked (buffer, buflen, stream);
+-      if (p == NULL && feof_unlocked (stream))
++      if (__builtin_expect (p == NULL, 0) && feof_unlocked (stream))
+ 	{
+-	  _IO_funlockfile (stream);
++	  funlockfile (stream);
+ 	  *result = NULL;
+ 	  __set_errno (ENOENT);
+ 	  return errno;
+ 	}
+-      if (p == NULL || buffer[buflen - 1] != '\xff')
++      if (__builtin_expect (p == NULL, 0) || buffer[buflen - 1] != '\xff')
+ 	{
+-	  _IO_funlockfile (stream);
++	  funlockfile (stream);
+ 	  *result = NULL;
+ 	  __set_errno (ERANGE);
+ 	  return errno;
+@@ -61,13 +66,21 @@ __fgetsgent_r (FILE *stream, struct sgrp *resbuf, char *buffer, size_t buflen,
+       /* Skip leading blanks.  */
+       while (isspace (*p))
+ 	++p;
+-    } while (*p == '\0' || *p == '#' ||	/* Ignore empty and comment lines.  */
++    } while (*p == '\0' || *p == '#'	/* Ignore empty and comment lines.  */
+ 	     /* Parse the line.  If it is invalid, loop to
+ 		get the next line of the file to parse.  */
+-	     ! parse_line (buffer, (void *) resbuf, (void *) buffer, buflen,
+-			   &errno));
++	     || ! (parse_result = parse_line (p, resbuf,
++					      (void *) buffer, buflen,
++					      &errno)));
++
++  funlockfile (stream);
+ 
+-  _IO_funlockfile (stream);
++  if (__builtin_expect (parse_result, 0) == -1)
++    {
++      /* The parser ran out of space.  */
++      *result = NULL;
++      return errno;
++    }
+ 
+   *result = resbuf;
+   return 0;
+diff --git a/nss/nss_files/files-sgrp.c b/nss/nss_files/files-sgrp.c
+index 15dc659..05c3805 100644
+--- a/nss/nss_files/files-sgrp.c
++++ b/nss/nss_files/files-sgrp.c
+@@ -23,7 +23,7 @@
+ #define DATABASE	"gshadow"
+ struct sgent_data {};
+ 
+-/* Our parser function is already defined in sgetspent_r.c, so use that
++/* Our parser function is already defined in sgetsgent_r.c, so use that
+    to parse lines from the database file.  */
+ #define EXTERN_PARSER
+ #include "files-parse.c"
+-- 
+2.7.4
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nscd-conf.tmpfiles b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nscd-conf.tmpfiles
new file mode 100644
index 0000000000..0cf43dcb7a
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/files/nscd-conf.tmpfiles
@@ -0,0 +1,2 @@
+L /etc/nscd.conf	-	-	-	-	../usr/share/baselayout/nscd.conf
+d /var/db/nscd		-	-	-	-	-
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.29-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.29-r2.ebuild
index e99e6b51c5..b92b9a2e2a 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.29-r2.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.29-r2.ebuild
@@ -103,7 +103,6 @@ else
 		virtual/os-headers
 	"
 	RDEPEND+="
-		>=net-dns/libidn2-2.0.5
 		vanilla? ( !sys-libs/timezone-data )
 	"
 	PDEPEND+=" !vanilla? ( sys-libs/timezone-data )"
@@ -586,9 +585,6 @@ get_kheader_version() {
 # pkg_ and src_ phases, so we call this function both in pkg_pretend and in
 # src_unpack.
 sanity_prechecks() {
-	# Make sure devpts is mounted correctly for use w/out setuid pt_chown
-	check_devpts
-
 	# Prevent native builds from downgrading
 	if [[ ${MERGE_TYPE} != "buildonly" ]] && \
 	   [[ ${ROOT} == "/" ]] && \
@@ -711,14 +707,6 @@ sanity_prechecks() {
 # the phases
 #
 
-# pkg_pretend
-
-pkg_pretend() {
-	# All the checks...
-	einfo "Checking general environment sanity."
-	sanity_prechecks
-}
-
 pkg_setup() {
 	# see bug 682570
 	[[ -z ${BOOTSTRAP_RAP} ]] && python-any-r1_pkg_setup
@@ -744,6 +732,10 @@ src_unpack() {
 	unpack glibc-${RELEASE_VER}-patches-${PATCH_VER}.tar.xz
 }
 
+PATCHES=(
+	"${FILESDIR}"/2.25/glibc-2.25-gshadow-handle-erange.patch
+)
+
 src_prepare() {
 	if ! use vanilla ; then
 		elog "Applying Gentoo Glibc Patchset ${RELEASE_VER}-${PATCH_VER}"
@@ -1315,6 +1307,23 @@ glibc_do_src_install() {
 	if use compile-locales && ! is_crosscompile ; then
 		run_locale_gen "${ED}"
 	fi
+
+	## COREOS: Add some local changes:
+	# - Config files are installed by baselayout, not glibc.
+	# - Install nscd/systemd stuff in /usr.
+
+	# Use tmpfiles to put nscd.conf in /etc and create directories.
+	insinto /usr/share/baselayout
+	if ! in_iuse nscd || use nscd ; then
+		doins "${S}"/nscd/nscd.conf || die
+		systemd_newtmpfilesd "${FILESDIR}"/nscd-conf.tmpfiles nscd-conf.conf || die
+	fi
+
+	# Clean out any default configs.
+	rm -rf "${ED}"/etc
+
+	# Restore this one for the SDK.
+	test ! -e "${T}"/00glibc || doenvd "${T}"/00glibc
 }
 
 glibc_headers_install() {