diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/Manifest index 08c5655aca..2d430658d3 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/Manifest @@ -1 +1 @@ -DIST keyutils-1.5.9.tar.bz2 74683 SHA256 4da2c5552c688b65ab14d4fd40fbdf720c8b396d8ece643e040cf6e707e083ae SHA512 d4ee1dabb87844e18bfd8d094a5bc9ce792c96720b71e77961b6c36bb1addb9acea2a7004ddfba1d09b167af908368162312e5c3656b22a6266955bb57b887e2 WHIRLPOOL 0509cce076a32d2f319f596506d4aaeb83e1853ee6337e6a3041e6957e9098f4482ae56a9c6455605b72b3f34701a890e9be666b6fdd752ff14a3d3564dcba19 +DIST keyutils-1.6.1.tar.gz 119065 BLAKE2B b0c65d8a1ee8cab1ac712820a8bf073777eacd558ddd007fa0fd50467d1de86cff238c1c0e6b33b5ff4da7dfd7e2fd673ce5706c39780e1a4fbee7d9653f3bc9 SHA512 a717d9bc6142edefc02da9e92242db352e0bc835483c303629c236e6d9cc51fb495b03fdf9e0e9f0864d7e755c92b7a67f018e806a5de1944673e60e317134a2 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.10-disable-tests.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.10-disable-tests.patch new file mode 100644 index 0000000000..fa82792cdd --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.10-disable-tests.patch @@ -0,0 +1,51 @@ +disable tests that mess with system wide settings + +https://bugs.gentoo.org/519062 + +--- keyutils-1.5.10/tests/bugzillas/bz1031154/runtest.sh ++++ keyutils-1.5.10/tests/bugzillas/bz1031154/runtest.sh +@@ -27,6 +27,8 @@ + + echo "++++ BEGINNING TEST" >$OUTPUTFILE + ++if false ; then ++ + # we need a reference time to scan the audit log from so as not to pick up old + # results from this test. + base_date=`date +"%x@%X"` +@@ -97,6 +99,10 @@ + fi + fi + ++else ++marker "Gentoo: skipping test due to system wide modifications" ++fi ++ + echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE + + # --- then report the results in the database --- + +https://bugs.gentoo.org/522050 + +--- keyutils-1.5.10/tests/keyctl/padd/useradd/runtest.sh ++++ keyutils-1.5.10/tests/keyctl/padd/useradd/runtest.sh +@@ -40,6 +40,8 @@ + marker "UNLINK KEY" + unlink_key $keyid @s + ++if false ; then ++ + if [ $skip_root_required = 0 ] && { + [ $OSDIST = RHEL ] && ! version_less_than $OSRELEASE 6.6 || + keyutils_at_or_later_than 1.5.6 ; +@@ -85,6 +87,10 @@ + fi + fi + ++else ++marker "Gentoo: skipping test due to system wide modifications" ++fi ++ + echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE + + # --- then report the results in the database --- diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.5-makefile-fixup.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.5-makefile-fixup.patch deleted file mode 100644 index ff4bcfa94d..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.5-makefile-fixup.patch +++ /dev/null @@ -1,27 +0,0 @@ -Raw patch edit based on: - -From af14e945bd617bb82ebc4c6c8d4fb948d715f16a Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Fri, 2 Sep 2011 13:30:30 -0400 -Subject: [PATCH] depend on $(DEVELLIB) not -lkeyutils - ---- - Makefile | 6 +++--- - 1 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/Makefile b/Makefile -index 9e3fa9b..46695d1 100644 ---- a/Makefile -+++ b/Makefile -@@ -91,7 +91,7 @@ - $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME) - $(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME) - mkdir -p $(DESTDIR)$(USRLIBDIR) -- $(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) -+ $(LNS) $(SONAME) $(DESTDIR)$(LIBDIR)/$(DEVELLIB) - $(INSTALL) -D keyctl $(DESTDIR)$(BINDIR)/keyctl - $(INSTALL) -D request-key $(DESTDIR)$(SBINDIR)/request-key - $(INSTALL) -D request-key-debug.sh $(DESTDIR)$(SHAREDIR)/request-key-debug.sh --- -1.7.6 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.9-header-extern-c.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.9-header-extern-c.patch new file mode 100644 index 0000000000..c7a4c1034c --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.5.9-header-extern-c.patch @@ -0,0 +1,43 @@ +sent upstream + +From 1f15000ad21c301a51f7746eb561659348060f45 Mon Sep 17 00:00:00 2001 +From: Mike Frysinger +Date: Wed, 25 Jan 2017 14:06:55 -1000 +Subject: [PATCH keyutils] add extern C markings to header file for C++ users + +If people try to use keyutils from C++ code, the header doesn't work +properly because the compiler mangles the keyutils symbols. Add the +right extern markings so it works out of the box. + +Signed-off-by: Mike Frysinger +--- + keyutils.h | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/keyutils.h b/keyutils.h +index a69fa7aaa11d..d50d19d3e929 100644 +--- a/keyutils.h ++++ b/keyutils.h +@@ -15,6 +15,10 @@ + #include + #include + ++#ifdef __cplusplus ++extern "C" { ++#endif ++ + extern const char keyutils_version_string[]; + extern const char keyutils_build_string[]; + +@@ -180,4 +184,8 @@ extern int recursive_session_key_scan(recursive_key_scanner_t func, void *data); + extern key_serial_t find_key_by_type_and_desc(const char *type, const char *desc, + key_serial_t destringid); + ++#ifdef __cplusplus ++} ++#endif ++ + #endif /* KEYUTILS_H */ +-- +2.11.0 + diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6-endian-check-1.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6-endian-check-1.patch new file mode 100644 index 0000000000..e783ec699c --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6-endian-check-1.patch @@ -0,0 +1,32 @@ +From 0a99778774df85448aeda0a37b85c43bc8868a9e Mon Sep 17 00:00:00 2001 +From: Lars Wendler +Date: Fri, 16 Nov 2018 12:37:29 +0100 +Subject: [PATCH] fix regexp match against `file /proc/$$/exe` for -fPIE bash + +Now that bash is built with PIE enabled, keyutils' check for endianness +fails because file no longer returns "executable", but instead returns +"shared object" for file << 5.33 and "pie executable" for file >= 5.33. +--- + tests/toolbox.inc.sh | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh +index 0ce6db0..712c5bd 100644 +--- a/tests/toolbox.inc.sh ++++ b/tests/toolbox.inc.sh +@@ -13,10 +13,10 @@ + echo === $OUTPUTFILE === + + endian=`file -L /proc/$$/exe` +-if expr "$endian" : '.* MSB \+\(executable\|shared object\).*' >&/dev/null ++if expr "$endian" : '.* MSB \+\(executable\|shared object\|pie executable\).*' >&/dev/null + then + endian=BE +-elif expr "$endian" : '.* LSB \+\(executable\|shared object\).*' >&/dev/null ++elif expr "$endian" : '.* LSB \+\(executable\|shared object\|pie executable\).*' >&/dev/null + then + endian=LE + else +-- +2.19.1 + diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6-makefile-fixup.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6-makefile-fixup.patch new file mode 100644 index 0000000000..25dcdeb5fc --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6-makefile-fixup.patch @@ -0,0 +1,25 @@ +From d1a02ed81c86fe7140f93b9a160fbb53be148446 Mon Sep 17 00:00:00 2001 +From: Mike Frysinger +Date: Fri, 16 Nov 2018 12:39:12 +0100 +Subject: [PATCH] depend on $(DEVELLIB) not -lkeyutils + +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 33a451e..845b8fe 100644 +--- a/Makefile ++++ b/Makefile +@@ -184,7 +184,7 @@ ifeq ($(NO_SOLIB),0) + $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME) + $(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME) + mkdir -p $(DESTDIR)$(USRLIBDIR) +- $(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) ++ $(LNS) $(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) + sed \ + -e 's,@VERSION\@,$(VERSION),g' \ + -e 's,@prefix\@,$(PREFIX),g' \ +-- +2.19.1 + diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6.1-silence-rpm-check.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6.1-silence-rpm-check.patch new file mode 100644 index 0000000000..f68d7d111a --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/keyutils-1.6.1-silence-rpm-check.patch @@ -0,0 +1,20 @@ +Hide + +> grep: /etc/rpm: No such file or directory +> grep: /usr/lib/rpm: No such file or directory + +errors. + +Bug: https://bugs.gentoo.org/656446 + +--- keyutils-1.6.1/Makefile ++++ keyutils-1.6.1/Makefile +@@ -267,7 +267,7 @@ + ZSRCBALL := rpmbuild/SOURCES/$(ZTARBALL) + + BUILDID := .local +-dist := $(word 2,$(shell grep -r "^%dist" /etc/rpm /usr/lib/rpm)) ++dist := $(word 2,$(shell grep -r "^%dist" /etc/rpm /usr/lib/rpm 2>/dev/null)) + release3:= $(word 2,$(shell grep ^Release: $(SPECFILE))) + release2:= $(subst %{?dist},$(dist),$(release3)) + release1:= $(subst %{?buildid},$(BUILDID),$(release2)) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/tmpfiles.d/keyutils.conf b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/tmpfiles.d/keyutils.conf deleted file mode 100644 index 5750b4b167..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/files/tmpfiles.d/keyutils.conf +++ /dev/null @@ -1,3 +0,0 @@ -L /etc/request-key.conf - - - - ../usr/share/keyutils/request-key.conf -d /etc/request-key.d - - - - - - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/keyutils-1.5.9-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/keyutils-1.5.9-r2.ebuild deleted file mode 100644 index 911d66efe7..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/keyutils-1.5.9-r2.ebuild +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/keyutils/keyutils-1.5.9-r1.ebuild,v 1.11 2014/08/10 17:25:33 ago Exp $ - -EAPI="5" - -inherit multilib eutils toolchain-funcs linux-info multilib-minimal systemd - -DESCRIPTION="Linux Key Management Utilities" -HOMEPAGE="http://people.redhat.com/dhowells/keyutils/" -SRC_URI="http://people.redhat.com/dhowells/${PN}/${P}.tar.bz2" - -LICENSE="GPL-2 LGPL-2.1" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-linux ~arm-linux ~ia64-linux ~x86-linux" -IUSE="test" - -RDEPEND=" - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508-r1 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - )" -DEPEND="!prefix? ( >=sys-kernel/linux-headers-2.6.11 )" - -pkg_setup() { - CONFIG_CHECK="~KEYS" - use test && CONFIG_CHECK="${CONFIG_CHECK} ~KEYS_DEBUG_PROC_KEYS" - ERROR_KEYS="You must have CONFIG_KEYS to use this package!" - ERROR_KEYS_DEBUG_PROC_KEYS="You must have CONFIG_KEYS_DEBUG_PROC_KEYS to run the package testsuite!" - linux-info_pkg_setup -} - -src_prepare() { - epatch "${FILESDIR}"/${PN}-1.5.5-makefile-fixup.patch - - # The lsb check is useless, so avoid spurious command not found messages. - sed -i -e 's,lsb_release,:,' tests/prepare.inc.sh || die - # All the test files are bash, but try to execute via `sh`. - sed -i -r \ - -e 's:([[:space:]])sh([[:space:]]):\1bash\2:' \ - tests/{Makefile*,*.sh} || die - find tests/ -name '*.sh' -exec sed -i '1s:/sh$:/bash:' {} + - # Some tests call the kernel which calls userspace, but that will - # run the install keyutils rather than the locally compiled one, - # so disable round trip tests. - rm -rf tests/keyctl/requesting/{bad-args,piped,valid} - - multilib_copy_sources -} - -multilib_src_compile() { - tc-export CC - tc-export AR - sed -i \ - -e '1iRPATH=' \ - -e '/^C.*FLAGS/s|:=|+=|' \ - -e 's:-Werror::' \ - -e '/^BUILDFOR/s:=.*:=:' \ - -e "/^LIBDIR/s:=.*:=/usr/$(get_libdir):" \ - -e '/^USRLIBDIR/s:=.*:=$(LIBDIR):' \ - Makefile || die - - emake -} - -multilib_src_test() { - # Execute the locally compiled code rather than the - # older versions already installed in the system. - LD_LIBRARY_PATH=${BUILD_DIR} \ - PATH="${BUILD_DIR}:${PATH}" \ - emake test -} - -multilib_src_install() { - # setup tmpfiles symlinks for moved confs - systemd_dotmpfilesd "${FILESDIR}"/tmpfiles.d/keyutils.conf - - emake install ETCDIR=/usr/share/keyutils DESTDIR="${D}" - multilib_is_native_abi && gen_usr_ldscript -a keyutils - - dosym ../usr/share/keyutils/request-key.conf /etc/request-key.conf - dodir /etc/request-key.d -} - -multilib_src_install_all() { - dodoc README -} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/keyutils-1.6.1.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/keyutils-1.6.1.ebuild new file mode 100644 index 0000000000..96aead1e27 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/keyutils-1.6.1.ebuild @@ -0,0 +1,122 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit toolchain-funcs linux-info multilib-minimal usr-ldscript + +DESCRIPTION="Linux Key Management Utilities" +HOMEPAGE="https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git" +SRC_URI="https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/snapshot/${P}.tar.gz" + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0/1.9" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" +IUSE="static static-libs test" +RESTRICT="!test? ( test )" + +RDEPEND="" +DEPEND="!prefix? ( >=sys-kernel/linux-headers-2.6.11 )" + +PATCHES=( + "${FILESDIR}"/${PN}-1.6-endian-check-1.patch + "${FILESDIR}"/${PN}-1.6-makefile-fixup.patch + "${FILESDIR}"/${PN}-1.6.1-silence-rpm-check.patch #656446 + "${FILESDIR}"/${PN}-1.5.10-disable-tests.patch #519062 #522050 + "${FILESDIR}"/${PN}-1.5.9-header-extern-c.patch +) + +pkg_setup() { + # To prevent a failure in test phase and false positive bug reports + # we are enforcing the following options because testsuite expects + # that these options are available. I.e. testsuite only decides based + # on kernel version which tests will be called, no feature checking. + if use test ; then + CONFIG_CHECK="KEYS" + ERROR_KEYS="You must have CONFIG_KEYS to run the package testsuite!" + + if kernel_is -ge 2 6 10 && kernel_is -lt 4 0 0 ; then + CONFIG_CHECK="${CONFIG_CHECK} KEYS_DEBUG_PROC_KEYS" + ERROR_KEYS_DEBUG_PROC_KEYS="You must have CONFIG_KEYS_DEBUG_PROC_KEYS to run the package testsuite!" + fi + + if kernel_is -ge 4 7 ; then + CONFIG_CHECK="${CONFIG_CHECK} KEY_DH_OPERATIONS" + ERROR_KEY_DH_OPERATIONS="You must have CONFIG_KEY_DH_OPERATIONS to run the package testsuite!" + fi + else + CONFIG_CHECK="~KEYS" + ERROR_KEYS="You will be unable to use this package on this system because CONFIG_KEYS is not set!" + + if kernel_is -ge 4 7 ; then + CONFIG_CHECK="${CONFIG_CHECK} ~KEY_DH_OPERATIONS" + ERROR_KEY_DH_OPERATIONS="You will be unable to use Diffie-Hellman on this system because CONFIG_KEY_DH_OPERATIONS is not set!" + fi + fi + + linux-info_pkg_setup +} + +src_prepare() { + default + + # The lsb check is useless, so avoid spurious command not found messages. + sed -i -e 's,lsb_release,:,' tests/prepare.inc.sh || die + # All the test files are bash, but try to execute via `sh`. + sed -i -r \ + -e 's:([[:space:]])sh([[:space:]]):\1bash\2:' \ + tests/{Makefile*,*.sh} || die + find tests/ -name '*.sh' -exec sed -i '1s:/sh$:/bash:' {} + || die + # Some tests call the kernel which calls userspace, but that will + # run the install keyutils rather than the locally compiled one, + # so disable round trip tests. + rm -rf tests/keyctl/requesting/{bad-args,piped,valid} + + multilib_copy_sources +} + +multilib_src_compile() { + tc-export AR CC + sed -i \ + -e "1iRPATH = $(usex static -static '')" \ + -e '/^C.*FLAGS/s|:=|+=|' \ + -e 's:-Werror::' \ + -e '/^BUILDFOR/s:=.*:=:' \ + -e "/^LIBDIR/s:=.*:= /usr/$(get_libdir):" \ + -e '/^USRLIBDIR/s:=.*:=$(LIBDIR):' \ + -e "s: /: ${EPREFIX}/:g" \ + -e '/^NO_ARLIB/d' \ + Makefile || die + + # We need the static lib in order to statically link programs. + if use static ; then + export NO_ARLIB=0 + # Hack the progs to depend on the static lib instead. + sed -i \ + -e '/^.*:.*[$](DEVELLIB)$/s:$(DEVELLIB):$(ARLIB) $(SONAME):' \ + Makefile || die + else + export NO_ARLIB=$(usex static-libs 0 1) + fi + emake +} + +multilib_src_test() { + # Execute the locally compiled code rather than the + # older versions already installed in the system. + LD_LIBRARY_PATH=${BUILD_DIR} \ + PATH="${BUILD_DIR}:${PATH}" \ + emake test +} + +multilib_src_install() { + # Possibly undo the setting for USE=static (see src_compile). + export NO_ARLIB=$(usex static-libs 0 1) + + default + use static || gen_usr_ldscript -a keyutils +} + +multilib_src_install_all() { + dodoc README +} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/metadata.xml b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/metadata.xml index 5f280f821a..0b1a8dcd2f 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/metadata.xml +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/keyutils/metadata.xml @@ -1,8 +1,14 @@ - + - base-system - - robbat2@gentoo.org - + + robbat2@gentoo.org + + + base-system@gentoo.org + Gentoo Base System + + + Reflect ABI compatibility for libkeyutils.so. +