2018-05-28 19:12:29 +00:00
|
|
|
#!/bin/bash
|
2009-08-26 10:00:38 -05:00
|
|
|
|
2020-01-05 23:29:24 +00:00
|
|
|
# Copyright 2009, 2010, 2011, 2018, 2019, 2020 Patrick J. Volkerding, Sebeka, MN, USA
|
2009-08-26 10:00:38 -05:00
|
|
|
# All rights reserved.
|
|
|
|
|
#
|
|
|
|
|
# Redistribution and use of this script, with or without modification, is
|
|
|
|
|
# permitted provided that the following conditions are met:
|
|
|
|
|
#
|
|
|
|
|
# 1. Redistributions of this script must retain the above copyright
|
|
|
|
|
# notice, this list of conditions and the following disclaimer.
|
|
|
|
|
#
|
|
|
|
|
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
|
|
|
|
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
|
|
|
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
|
|
|
|
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
|
|
|
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
|
|
|
|
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
|
|
|
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
|
|
|
|
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
|
|
|
|
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
|
|
|
|
|
# Originally written by Menno Duursma
|
|
|
|
|
|
2018-05-28 19:12:29 +00:00
|
|
|
cd $(dirname $0) ; CWD=$(pwd)
|
2009-08-26 10:00:38 -05:00
|
|
|
|
2010-05-19 08:58:23 +00:00
|
|
|
PKGNAM=libcap
|
2018-05-28 19:12:29 +00:00
|
|
|
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | cut -d - -f 2 | rev | cut -f 3- -d . | rev)}
|
Mon May 18 19:17:21 UTC 2020
Greetings! After three months in /testing, the PAM merge into the main tree
is now complete. When updating, be sure to install the new pam, cracklib, and
libpwquality packages or you may find yourself locked out of your machine.
Otherwise, these changes should be completely transparent and you shouldn't
notice any obvious operational differences. Be careful if you make any changes
in /etc/pam.d/ - leaving an extra console logged in while testing PAM config
changes is a recommended standard procedure. Thanks again to Robby Workman,
Vincent Batts, Phantom X, and ivandi for help implementing this. It's not
done yet and there will be more fine-tuning of the config files, but now we
can move on to build some other updates. Enjoy!
a/cracklib-2.9.7-x86_64-1.txz: Added.
a/kernel-firmware-20200517_f8d32e4-noarch-1.txz: Upgraded.
a/libcgroup-0.41-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
a/libpwquality-1.4.2-x86_64-1.txz: Added.
a/lilo-24.2-x86_64-9.txz: Rebuilt.
Enable the "compact" option by default.
liloconfig: correctly set the root partition.
a/pam-1.3.1-x86_64-1.txz: Added.
a/shadow-4.8.1-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
a/utempter-1.2.0-x86_64-1.txz: Upgraded.
a/util-linux-2.35.1-x86_64-6.txz: Rebuilt.
Rebuilt to add PAM support.
a/xfsprogs-5.6.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
ap/at-3.2.1-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/cups-2.3.3-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/hplip-3.20.5-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/mariadb-10.4.13-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/screen-4.8.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/soma-3.3.0-noarch-1.txz: Upgraded.
Thanks to David Woodfall.
ap/sqlite-3.31.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
ap/sudo-1.9.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/vim-8.2.0788-x86_64-1.txz: Upgraded.
d/bison-3.6.2-x86_64-1.txz: Upgraded.
d/meson-0.54.2-x86_64-1.txz: Upgraded.
d/python-setuptools-46.4.0-x86_64-1.txz: Upgraded.
d/vala-0.48.6-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-36.txz: Rebuilt.
Recompiled against icu4c-67.1.
kde/kde-workspace-4.11.22-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
l/ConsoleKit2-1.2.1-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
l/boost-1.73.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/gnome-keyring-3.36.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
l/harfbuzz-2.6.6-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/icu4c-67.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/imagemagick-7.0.10_13-x86_64-1.txz: Upgraded.
l/libcap-2.34-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
l/libical-3.0.8-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/libuv-1.38.0-x86_64-1.txz: Upgraded.
l/libvisio-0.1.7-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/polkit-0.116-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
l/qt-4.8.7-x86_64-16.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/qt5-5.13.2-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/raptor2-2.0.15-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/system-config-printer-1.5.12-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
l/vte-0.60.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/cifs-utils-6.10-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/cyrus-sasl-2.1.27-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/dovecot-2.3.10.1-x86_64-1.txz: Upgraded.
Rebuilt to add PAM support.
Compiled against icu4c-67.1.
This update fixes several denial-of-service vulnerabilities.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10967
(* Security fix *)
n/mutt-1.14.1-x86_64-1.txz: Upgraded.
n/netatalk-3.1.12-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/netkit-rsh-0.17-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/nss-pam-ldapd-0.9.11-x86_64-1.txz: Added.
n/openssh-8.2p1-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/openvpn-2.4.9-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/pam-krb5-4.9-x86_64-1.txz: Added.
n/php-7.4.6-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/popa3d-1.0.3-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/postfix-3.5.2-x86_64-1.txz: Upgraded.
Compiled against icu4c-67.1.
n/ppp-2.4.8-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/proftpd-1.3.6c-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/samba-4.12.2-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
Recompiled against icu4c-67.1.
n/tin-2.4.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/vsftpd-3.0.3-x86_64-6.txz: Rebuilt.
Rebuilt to add PAM support.
t/texlive-2019.190626-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-67.1.
x/vulkan-sdk-1.2.135.0-x86_64-1.txz: Upgraded.
x/xdm-1.1.11-x86_64-10.txz: Rebuilt.
Rebuilt to add PAM support.
x/xisxwayland-1-x86_64-1.txz: Added.
xap/sane-1.0.30-x86_64-1.txz: Upgraded.
This update fixes several security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864
(* Security fix *)
xap/vim-gvim-8.2.0788-x86_64-1.txz: Upgraded.
xap/xlockmore-5.63-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
xap/xscreensaver-5.44-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
extra/brltty/brltty-6.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
extra/pure-alsa-system/qt5-5.13.2-x86_64-4_alsa.txz: Rebuilt.
Recompiled against icu4c-67.1.
isolinux/initrd.img: Rebuilt.
Added PAM libraries, security modules, and config files.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Added PAM libraries, security modules, and config files.
2020-05-18 19:17:21 +00:00
|
|
|
BUILD=${BUILD:-2}
|
2009-08-26 10:00:38 -05:00
|
|
|
|
2019-12-27 22:54:53 +00:00
|
|
|
# Building Go support is currently disabled until something actually needs it:
|
|
|
|
|
GOSUPPORT=${GOSUPPORT:-no}
|
|
|
|
|
|
2010-05-19 08:58:23 +00:00
|
|
|
# Automatically determine the architecture we're building on:
|
|
|
|
|
if [ -z "$ARCH" ]; then
|
|
|
|
|
case "$( uname -m )" in
|
2018-05-28 19:12:29 +00:00
|
|
|
i?86) export ARCH=i586 ;;
|
2010-05-19 08:58:23 +00:00
|
|
|
arm*) export ARCH=arm ;;
|
|
|
|
|
# Unless $ARCH is already set, use uname -m for all other archs:
|
|
|
|
|
*) export ARCH=$( uname -m ) ;;
|
|
|
|
|
esac
|
|
|
|
|
fi
|
|
|
|
|
|
2018-05-28 19:12:29 +00:00
|
|
|
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
|
|
|
|
|
# the name of the created package would be, and then exit. This information
|
|
|
|
|
# could be useful to other scripts.
|
|
|
|
|
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
|
|
|
|
|
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
2019-12-27 22:54:53 +00:00
|
|
|
# Recent versions haven't worked well with -j:
|
|
|
|
|
#NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
|
2018-11-22 05:56:56 +00:00
|
|
|
|
2018-05-28 19:12:29 +00:00
|
|
|
if [ "$ARCH" = "i586" ]; then
|
|
|
|
|
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
|
2009-08-26 10:00:38 -05:00
|
|
|
LIBDIRSUFFIX=""
|
|
|
|
|
elif [ "$ARCH" = "i686" ]; then
|
|
|
|
|
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
|
|
|
|
|
LIBDIRSUFFIX=""
|
|
|
|
|
elif [ "$ARCH" = "x86_64" ]; then
|
|
|
|
|
SLKCFLAGS="-O2 -fPIC"
|
|
|
|
|
LIBDIRSUFFIX="64"
|
|
|
|
|
elif [ "$ARCH" = "arm" ]; then
|
|
|
|
|
SLKCFLAGS="-O2 -march=armv4 -mtune=xscale"
|
|
|
|
|
LIBDIRSUFFIX=""
|
|
|
|
|
elif [ "$ARCH" = "armel" ]; then
|
|
|
|
|
SLKCFLAGS="-O2 -march=armv4t"
|
|
|
|
|
LIBDIRSUFFIX=""
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
TMP=${TMP:-/tmp}
|
2010-05-19 08:58:23 +00:00
|
|
|
PKG=$TMP/package-$PKGNAM
|
2009-08-26 10:00:38 -05:00
|
|
|
|
|
|
|
|
rm -rf $PKG
|
|
|
|
|
mkdir -p $TMP $PKG
|
|
|
|
|
cd $TMP
|
2010-05-19 08:58:23 +00:00
|
|
|
rm -rf $PKGNAM-$VERSION
|
2018-05-28 19:12:29 +00:00
|
|
|
tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
|
2010-05-19 08:58:23 +00:00
|
|
|
cd $PKGNAM-$VERSION || exit 1
|
2009-08-26 10:00:38 -05:00
|
|
|
|
|
|
|
|
chown -R root:root .
|
|
|
|
|
find . \
|
|
|
|
|
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
|
2019-09-30 21:08:32 +00:00
|
|
|
-exec chmod 755 {} \+ -o \
|
2009-08-26 10:00:38 -05:00
|
|
|
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
|
2019-09-30 21:08:32 +00:00
|
|
|
-exec chmod 644 {} \+
|
2009-08-26 10:00:38 -05:00
|
|
|
|
2020-05-05 20:21:27 +00:00
|
|
|
# Put the pkgconfig files in the proper location:
|
|
|
|
|
zcat $CWD/libcap.pkgconfig.path.diff.gz | patch -p1 --verbose || exit 1
|
|
|
|
|
|
2009-08-26 10:00:38 -05:00
|
|
|
# Set the CFLAGS
|
2020-05-05 20:21:27 +00:00
|
|
|
sed -i "s/^\(DEBUG =\).*/\1$SLKCFLAGS/" Make.Rules
|
2009-08-26 10:00:38 -05:00
|
|
|
|
2018-05-28 19:12:29 +00:00
|
|
|
# Disable broken gperf support:
|
2020-05-05 20:21:27 +00:00
|
|
|
sed -i 's@^BUILD_GPERF@#\0@' Make.Rules
|
2018-05-28 19:12:29 +00:00
|
|
|
|
2019-12-27 22:54:53 +00:00
|
|
|
make DYNAMIC=yes GOLANG=$GOSUPPORT || exit 1
|
|
|
|
|
make install RAISE_SETFCAP=no GOLANG=$GOSUPPORT DESTDIR=$PKG man_prefix=/usr || exit 1
|
2010-05-19 08:58:23 +00:00
|
|
|
chmod 755 $PKG/lib${LIBDIRSUFFIX}/libcap.so*
|
2009-08-26 10:00:38 -05:00
|
|
|
|
2019-12-27 22:54:53 +00:00
|
|
|
# Don't ship the static libcap.a. Leave libpsx.a alone, though - there's no
|
|
|
|
|
# dynamic equivalent for that one:
|
2019-02-13 00:22:29 +00:00
|
|
|
rm -f $PKG/lib*/libcap.a
|
|
|
|
|
|
2009-08-26 10:00:38 -05:00
|
|
|
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
|
|
|
|
|
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
|
|
|
|
|
|
|
|
|
# Add included scripts
|
|
|
|
|
( cd contrib || exit 1
|
|
|
|
|
for file in pcaps4convenience pcaps4server pcaps4suid0 ; do
|
|
|
|
|
install -m 0755 -D $file $PKG/usr/sbin/$file
|
|
|
|
|
done
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# glibc already has the capget/capset manpage
|
|
|
|
|
rm -rf $PKG/usr/man/man2
|
|
|
|
|
|
|
|
|
|
# Compress the man pages
|
|
|
|
|
( cd $PKG/usr/man
|
2019-09-30 21:08:32 +00:00
|
|
|
find . -type f -exec gzip -9 {} \+
|
2009-08-26 10:00:38 -05:00
|
|
|
for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done
|
|
|
|
|
)
|
|
|
|
|
|
2010-05-19 08:58:23 +00:00
|
|
|
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
|
2009-08-26 10:00:38 -05:00
|
|
|
cp -a \
|
2020-01-16 20:06:13 +00:00
|
|
|
CHANGELOG License README pgp.keys.asc doc/capability.notes \
|
2009-08-26 10:00:38 -05:00
|
|
|
progs/quicktest.sh $CWD/capfaq-0.2.txt $CWD/README.SLACKWARE \
|
2010-05-19 08:58:23 +00:00
|
|
|
$PKG/usr/doc/$PKGNAM-$VERSION
|
2009-08-26 10:00:38 -05:00
|
|
|
chown -R root:root $PKG/usr/doc
|
2019-09-30 21:08:32 +00:00
|
|
|
find $PKG/usr/doc -type f -exec chmod 644 {} \+
|
2009-08-26 10:00:38 -05:00
|
|
|
|
|
|
|
|
mkdir -p $PKG/install
|
|
|
|
|
cat $CWD/slack-desc > $PKG/install/slack-desc
|
|
|
|
|
|
|
|
|
|
cd $PKG
|
2010-05-19 08:58:23 +00:00
|
|
|
/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
|
2009-08-26 10:00:38 -05:00
|
|
|
|