slackware-current/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild

70 lines
2.4 KiB
Text
Raw Normal View History

#!/bin/bash
Wed Apr 6 20:23:46 UTC 2022 a/haveged-1.9.17-x86_64-2.txz: Rebuilt. Install /etc/rc.d/rc.haveged as non-executable. For existing installations running a recent kernel, it is safe to turn this off. Back when we added the haveged package we were using the 4.4 kernel, but since Linux 5.4 this same entropy generating algorithm has been built into the kernel, so there's no reason to also run it in userspace. We'll keep the package around (for now, anyway) in case someone might be running an old kernel. Thanks to Jason A. Donenfeld. a/sysvinit-scripts-15.0-noarch-10.txz: Rebuilt. rc.S, rc.6: use the seedrng utility to seed and initialize the kernel random number generator and generate a new seed. If seedrng is missing, we'll attempt to do these things with scripting. Thanks to Jason A. Donenfeld for hints about how to make a modest improvement in that regard (blame me for any problems with my own changes), but because you can't force the kernel RNG to initialize with a script (it needs an ioctl), you won't get the same guarantees that you do when using the new seedrng utility. a/util-linux-2.38-x86_64-2.txz: Rebuilt. Added seedrng utility, used to seed and initialize the kernel random number generator and to generate new seeds for carrying entropy across reboots. Thanks to Jason A. Donenfeld. n/libmnl-1.0.5-x86_64-1.txz: Upgraded. n/libnfnetlink-1.0.2-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-91.8.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289 (* Security fix *)
2022-04-06 22:23:46 +02:00
# Copyright 2005-2022 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=sysvinit-scripts
VERSION=${VERSION:-15.1}
ARCH=noarch
BUILD=${BUILD:-7}
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
TMP=${TMP:-/tmp}
PKG=$TMP/package-sysvinit-scripts
rm -rf $PKG
mkdir -p $TMP $PKG
# Install Slackware scripts and config files from $CWD/scripts/:
mkdir -p $PKG/etc/rc.d
for file in rc.{4,6,K,M,S} rc.cpufreq rc.local rc.loop rc.sysvinit rc.modules rc.modules.local ; do
cp -a $CWD/scripts/$file $PKG/etc/rc.d/${file}.new
chmod 755 $PKG/etc/rc.d/${file}.new
chown root:root $PKG/etc/rc.d/${file}.new
done
cat $CWD/scripts/inittab > $PKG/etc/inittab.new
chmod 644 $PKG/etc/inittab.new
chown root:root $PKG/etc/inittab.new
Thu Sep 6 06:15:46 UTC 2018 a/acpid-2.0.30-x86_64-1.txz: Upgraded. a/etc-15.0-x86_64-9.txz: Rebuilt. Added support for /etc/ld.so.conf.d/. Thanks to Qury. a/kernel-firmware-20180904_85c5d90-noarch-1.txz: Upgraded. a/kernel-generic-4.14.68-x86_64-1.txz: Upgraded. a/kernel-huge-4.14.68-x86_64-1.txz: Upgraded. a/kernel-modules-4.14.68-x86_64-1.txz: Upgraded. a/pkgtools-15.0-noarch-22.txz: Rebuilt. installpkg: prevent noise from the "stray cat" if tar hands it a broken pipe. Thanks to ivandi. Also (in the comments) provide a possibly better but untested solution. Thanks to SeB. a/sysvinit-2.90-x86_64-2.txz: Rebuilt. sysvinit-2.90 added an undocumented feature that tries to spawn agetty if it sees console= in the kernel command line. Avoiding the debate about whether this code belongs in init at all, at least such a change should be documented, and probably made opt-in. This patch disables the new behavior unless "sysvinit_agetty" is also seen in the kernel command line. It seems like this might have been something added for Hurd, and it might be wise to stick to what we've got rather than following upstream on this particular package. If anyone notices any other odd behavior, please let me know. Thanks to shastah. a/sysvinit-scripts-2.1-noarch-19.txz: Rebuilt. When checking for intel_pstate, direct the stderr to /dev/null in case the file doesn't exist in /sys. Thanks to ivandi. Allow forcing an option by editing /etc/default/cpufreq. ap/cups-filters-1.21.2-x86_64-1.txz: Upgraded. ap/ghostscript-9.24-x86_64-1.txz: Upgraded. Patched multiple -dSAFER sandbox bypass vulnerabilities. Thanks to Tavis Ormandy. For more information, see: https://www.ghostscript.com/doc/9.24/News.htm https://www.kb.cert.org/vuls/id/332928 (* Security fix *) ap/sudo-1.8.25-x86_64-1.txz: Upgraded. d/binutils-2.31.1-x86_64-2.txz: Rebuilt. elf.c (_bfd_elf_get_symbol_version_string): Return _("<corrupt>") for corrupt symbol version info. elflink.c (bfd_elf_record_link_assignment): Always clear h->verinfo.verdef when overriding a dynamic definition. Thanks to Michael Short for pointing out the upstream patches. d/ccache-3.4.3-x86_64-1.txz: Upgraded. d/kernel-headers-4.14.68-x86-1.txz: Upgraded. d/llvm-6.0.1-x86_64-2.txz: Rebuilt. Recompiled with -DCLANG_BUILD_SHARED_LIBS=ON to fix issues when multiple OpenCL drivers are installed. Thanks to Heinz Wiesinger. d/mercurial-4.7.1-x86_64-1.txz: Upgraded. k/kernel-source-4.14.68-noarch-1.txz: Upgraded. l/mozilla-nss-3.39-x86_64-1.txz: Upgraded. n/curl-7.61.1-x86_64-1.txz: Upgraded. This update fixes an NTLM password overflow via integer overflow. For more information, see: https://curl.haxx.se/docs/CVE-2018-14618.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618 (* Security fix *) n/gnupg2-2.2.10-x86_64-1.txz: Upgraded. n/libtirpc-1.1.4-x86_64-1.txz: Upgraded. n/netatalk-3.1.11-x86_64-2.txz: Rebuilt. rc.atalk: fixed errors in status output. Thanks to marav. n/nghttp2-1.33.0-x86_64-1.txz: Upgraded. n/p11-kit-0.23.14-x86_64-1.txz: Upgraded. n/stunnel-5.49-x86_64-1.txz: Upgraded. x/libdrm-2.4.94-x86_64-1.txz: Upgraded. x/xf86-video-ati-20180824_de88ea27-x86_64-1.txz: Upgraded. xap/hexchat-2.14.2-x86_64-1.txz: Upgraded. xap/mozilla-firefox-60.2.0esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html (* Security fix *) xap/xlockmore-5.56-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
2018-09-06 08:15:46 +02:00
# Install /etc/default/cpufreq.new:
mkdir -p $PKG/etc/default
cat $CWD/default/cpufreq > $PKG/etc/default/cpufreq.new
Thu May 25 00:24:33 UTC 2023 a/elilo-3.16-x86_64-16.txz: Rebuilt. eliloconfig: don't mess with mounting efivarfs. This should be handled by rc.S, or by whatever the admin put in /etc/fstab. a/kernel-firmware-20230523_1ba3519-noarch-1.txz: Upgraded. a/kernel-generic-6.1.30-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.30-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.30-x86_64-1.txz: Upgraded. a/sysvinit-scripts-15.1-noarch-5.txz: Rebuilt. rc.S: mount efivarfs rw, may be overridden in /etc/default/efivarfs. ap/sc-im-0.8.3-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.30-x86-1.txz: Upgraded. d/parallel-20230522-noarch-1.txz: Upgraded. k/kernel-source-6.1.30-noarch-1.txz: Upgraded. l/enchant-2.4.0-x86_64-1.txz: Upgraded. l/glib2-2.76.3-x86_64-1.txz: Upgraded. l/gtk+3-3.24.38-x86_64-1.txz: Upgraded. l/qt5-5.15.9_20230523_245f369c-x86_64-1.txz: Upgraded. This update fixes a security issue. Qt-based clients may mismatch HSTS headers (Strict-Transport-Security), which would prevent the client from switching to a secure HTTPS connection as requested by a server. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-32762 (* Security fix *) n/curl-8.1.1-x86_64-1.txz: Upgraded. This is a bugfix release. t/texlive-2023.230322-x86_64-3.txz: Rebuilt. This update patches a security issue: LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5. Thanks to Johannes Schoepfer. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-32700 (* Security fix *) xap/mozilla-firefox-113.0.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/113.0.2/releasenotes/ xfce/libxfce4ui-4.18.4-x86_64-1.txz: Upgraded. xfce/xfce4-panel-4.18.4-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
2023-05-25 02:24:33 +02:00
# Install /etc/default/efivarfs.new:
cat $CWD/default/efivarfs > $PKG/etc/default/efivarfs.new
mkdir -p $PKG/install
zcat $CWD/doinst.sh > $PKG/install/doinst.sh
cat $CWD/slack-desc > $PKG/install/slack-desc
# Build the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/sysvinit-scripts-$VERSION-$ARCH-$BUILD.txz