diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use.force b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use.force index b642673c60..1ce186e069 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use.force +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use.force @@ -1,5 +1,9 @@ # Copyright (c) 2014 The CoreOS Authors. All rights reserved. # Distributed under the terms of the GNU General Public License v2 +# Force libcrypt so it's included in stage-1 of the SDK build. +# +crypt was introduced in glibc-2.30 and above. +sys-libs/glibc crypt + # Do not force this flag, we don't need XATTR_PAX sys-apps/portage -xattr diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.29-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.29-r2.ebuild index b92b9a2e2a..3b3702fe14 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.29-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.29-r2.ebuild @@ -1308,7 +1308,7 @@ glibc_do_src_install() { run_locale_gen "${ED}" fi - ## COREOS: Add some local changes: + ## Flatcar Container Linux: Add some local changes: # - Config files are installed by baselayout, not glibc. # - Install nscd/systemd stuff in /usr. diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.32-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.32-r2.ebuild index e34d1e0310..526aa046b5 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.32-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/glibc-2.32-r2.ebuild @@ -1,11 +1,11 @@ # Copyright 1999-2020 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI=7 +EAPI=6 -PYTHON_COMPAT=( python3_{6,7,8,9} ) +PYTHON_COMPAT=( python3_{6,7} ) -inherit python-any-r1 prefix eutils toolchain-funcs flag-o-matic gnuconfig \ +inherit python-any-r1 prefix eutils eapi7-ver toolchain-funcs flag-o-matic gnuconfig \ multilib systemd multiprocessing DESCRIPTION="GNU libc C library" @@ -22,7 +22,7 @@ PATCH_DEV=dilfridge if [[ ${PV} == 9999* ]]; then inherit git-r3 else - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 ~sparc x86" + KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86" SRC_URI="mirror://gnu/glibc/${P}.tar.xz" SRC_URI+=" https://dev.gentoo.org/~${PATCH_DEV}/distfiles/${P}-patches-${PATCH_VER}.tar.xz" SRC_URI+=" riscv? ( https://dev.gentoo.org/~dilfridge/distfiles/backport-rv32.txz )" @@ -93,7 +93,6 @@ fi # gzip, grep, awk are needed by locale-gen, bug 740750 BDEPEND=" - ${PYTHON_DEPS} >=app-misc/pax-utils-0.1.10 sys-devel/bison doc? ( sys-apps/texinfo ) @@ -115,6 +114,7 @@ COMMON_DEPEND=" ! '2.26.90' local upstream_pv=$(sed -n -r 's/#define VERSION "(.*)"/\1/p' "${S}"/version.h) + # Flatcar: dostrip not available in EAPI6 # Avoid stripping binaries not targeted by ${CHOST}. Or else # ${CHOST}-strip would break binaries build for ${CTARGET}. - is_crosscompile && dostrip -x / + # is_crosscompile && dostrip -x / # gdb thread introspection relies on local libpthreas symbols. stripping breaks it # See Note [Disable automatic stripping] - dostrip -x $(alt_libdir)/libpthread-${upstream_pv}.so + # dostrip -x $(alt_libdir)/libpthread-${upstream_pv}.so if [[ -e ${ED}/$(alt_usrlibdir)/libm-${upstream_pv}.a ]] ; then # Move versioned .a file out of libdir to evade portage QA checks @@ -1405,6 +1406,23 @@ glibc_do_src_install() { run_locale_gen --inplace-glibc "${ED}/" sed -e 's:COMPILED_LOCALES="":COMPILED_LOCALES="1":' -i "${ED}"/usr/sbin/locale-gen || die fi + + ## Flatcar Container Linux: Add some local changes: + # - Config files are installed by baselayout, not glibc. + # - Install nscd/systemd stuff in /usr. + + # Use tmpfiles to put nscd.conf in /etc and create directories. + insinto /usr/share/baselayout + if ! in_iuse nscd || use nscd ; then + doins "${S}"/nscd/nscd.conf || die + systemd_newtmpfilesd "${FILESDIR}"/nscd-conf.tmpfiles nscd-conf.conf || die + fi + + # Clean out any default configs. + rm -rf "${ED}"/etc + + # Restore this one for the SDK. + test ! -e "${T}"/00glibc || doenvd "${T}"/00glibc } glibc_headers_install() { diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/metadata.xml b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/metadata.xml index 58d861be03..6630fde73e 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/metadata.xml +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/glibc/metadata.xml @@ -8,12 +8,14 @@ Enable Intel Control-flow Enforcement Technology (needs binutils 2.29 and gcc 8) build *all* locales in src_install; this is generally meant for stage building only as it ignores /etc/locale.gen file and can be pretty slow + build and install libcrypt and crypt.h When USE=hardened, allow fortify/stack violations to dump core (SIGABRT) and not kill self (SIGKILL) build memusage and memusagestat tools enable optimizations for multiple CPU architectures (detected at runtime) Build, and enable support for, the Name Service Cache Daemon Enable obsolete RPC/NIS layers protect stack of glibc internals + Enable static PIE support (runtime files for -static-pie gcc option). Make internal pt_chown helper setuid -- not needed if using Linux and have /dev/pts mounted with gid=5 enable systemtap static probe points