slackware-current/source/n/krb5/krb5.SlackBuild

195 lines
5.9 KiB
Text
Raw Normal View History

#!/bin/sh
# Copyright 2009 Tom Canich, State College, Pennsylvania, USA
# Copyright 2015-2017 Willy Sudiarto Raharjo <willysr@slackbuilds.org>
# Copyright 2017, 2018, 2019, 2020 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=krb5
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
Thu Nov 17 01:49:28 UTC 2022 ap/man-db-2.11.1-x86_64-1.txz: Upgraded. ap/nano-7.0-x86_64-1.txz: Upgraded. ap/sqlite-3.40.0-x86_64-1.txz: Upgraded. kde/plasma-framework-5.100.0-x86_64-2.txz: Rebuilt. [PATCH] svgitem: do not upscale svg when using fractional scaling. l/netpbm-11.00.02-x86_64-1.txz: Upgraded. n/bind-9.18.9-x86_64-1.txz: Upgraded. n/krb5-1.20.1-x86_64-1.txz: Upgraded. Fixed integer overflows in PAC parsing. Fixed null deref in KDC when decoding invalid NDR. Fixed memory leak in OTP kdcpreauth module. Fixed PKCS11 module path search. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-42898 (* Security fix *) n/samba-4.17.3-x86_64-1.txz: Upgraded. Fixed a security issue where Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap. For more information, see: https://www.samba.org/samba/security/CVE-2022-42898.html https://www.cve.org/CVERecord?id=CVE-2022-42898 (* Security fix *) x/libXft-2.3.7-x86_64-1.txz: Upgraded. x/wayland-protocols-1.29-noarch-1.txz: Upgraded. xap/mozilla-firefox-107.0-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/107.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-47/ https://www.cve.org/CVERecord?id=CVE-2022-45403 https://www.cve.org/CVERecord?id=CVE-2022-45404 https://www.cve.org/CVERecord?id=CVE-2022-45405 https://www.cve.org/CVERecord?id=CVE-2022-45406 https://www.cve.org/CVERecord?id=CVE-2022-45407 https://www.cve.org/CVERecord?id=CVE-2022-45408 https://www.cve.org/CVERecord?id=CVE-2022-45409 https://www.cve.org/CVERecord?id=CVE-2022-45410 https://www.cve.org/CVERecord?id=CVE-2022-45411 https://www.cve.org/CVERecord?id=CVE-2022-45412 https://www.cve.org/CVERecord?id=CVE-2022-45413 https://www.cve.org/CVERecord?id=CVE-2022-40674 https://www.cve.org/CVERecord?id=CVE-2022-45415 https://www.cve.org/CVERecord?id=CVE-2022-45416 https://www.cve.org/CVERecord?id=CVE-2022-45417 https://www.cve.org/CVERecord?id=CVE-2022-45418 https://www.cve.org/CVERecord?id=CVE-2022-45419 https://www.cve.org/CVERecord?id=CVE-2022-45420 https://www.cve.org/CVERecord?id=CVE-2022-45421 (* Security fix *) xap/mozilla-thunderbird-102.5.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/ https://www.cve.org/CVERecord?id=CVE-2022-45403 https://www.cve.org/CVERecord?id=CVE-2022-45404 https://www.cve.org/CVERecord?id=CVE-2022-45405 https://www.cve.org/CVERecord?id=CVE-2022-45406 https://www.cve.org/CVERecord?id=CVE-2022-45408 https://www.cve.org/CVERecord?id=CVE-2022-45409 https://www.cve.org/CVERecord?id=CVE-2022-45410 https://www.cve.org/CVERecord?id=CVE-2022-45411 https://www.cve.org/CVERecord?id=CVE-2022-45412 https://www.cve.org/CVERecord?id=CVE-2022-45416 https://www.cve.org/CVERecord?id=CVE-2022-45418 https://www.cve.org/CVERecord?id=CVE-2022-45420 https://www.cve.org/CVERecord?id=CVE-2022-45421 (* Security fix *) xfce/xfce4-settings-4.16.5-x86_64-1.txz: Upgraded. This update fixes regressions in the previous security fix: mime-settings: Properly quote command parameters. Revert "Escape characters which do not belong into an URI/URL (Issue #390)."
2022-11-17 02:49:28 +01:00
BUILD=${BUILD:-1}
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) ARCH=i586 ;;
arm*) ARCH=arm ;;
*) ARCH=$( uname -m ) ;;
esac
fi
NUMJOBS=${NUMJOBS:-" -j7 "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf $PKGNAM-$VERSION
tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
cd $PKGNAM-$VERSION || exit 1
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
sed -i "/KRB5ROOT=/s/\/local//" src/util/ac_check_krb5.m4
cd src
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
CPPFLAGS+=" -I/usr/include/et" \
./configure \
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
--sysconfdir=/etc \
--localstatedir=/var/kerberos \
--runstatedir=/var/run \
--mandir=/usr/man \
--enable-dns-for-realm \
--with-ldap \
--with-system-et \
--with-system-ss \
--enable-pkinit \
--with-tls-impl=openssl \
--with-system-verto=no \
--with-prng-alg=os \
--build=$ARCH-slackware-linux || exit 1
# Build:
make $NUMJOBS || make || exit 1
# Double check for proper runstatedir setting:
if ! grep -q /var/run/krb5kdc include/osconf.h ; then
echo "FATAL: runstatedir not set properly: $(grep KDC_RUN_DIR include/osconf.h)"
exit 1
fi
# Install:
make install DESTDIR=$PKG || exit 1
# Don't ship .la files:
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
# Fix perms on shared objects:
find $PKG/usr/lib${LIBDIRSUFFIX} -name "*.so*" -exec chmod 755 "{}" \+
# Install init scripts:
mkdir -p $PKG/etc/rc.d
cp -a $CWD/conf/rc.kadmind $PKG/etc/rc.d/rc.kadmind.new
cp -a $CWD/conf/rc.kpropd $PKG/etc/rc.d/rc.kpropd.new
cp -a $CWD/conf/rc.krb5kdc $PKG/etc/rc.d/rc.krb5kdc.new
chown root:root $PKG/etc/rc.d/*
chmod 644 $PKG/etc/rc.d/*
# Install default options:
mkdir -p $PKG/etc/default
cp -a $CWD/conf/kadmind $PKG/etc/default/kadmind.new
cp -a $CWD/conf/kpropd $PKG/etc/default/kpropd.new
cp -a $CWD/conf/krb5kdc $PKG/etc/default/krb5kdc.new
chown root:root $PKG/etc/default/*
chmod 644 $PKG/etc/default/*
# Install example config files:
mkdir -p $PKG/etc
cp -a $CWD/conf/krb5.conf.example $PKG/etc/krb5.conf.example
chown root:root $PKG/etc/krb5.conf.example
chmod 644 $PKG/etc/krb5.conf.example
mkdir -p /var/kerberos/krb5kdc
cp -a $CWD/conf/kdc.conf.example $PKG/var/kerberos/krb5kdc/kdc.conf.example
chown root:root $PKG/var/kerberos/krb5kdc/kdc.conf.example
chmod 644 $PKG/var/kerberos/krb5kdc/kdc.conf.example
# Move examples to the documentation directory:
mkdir -p $PKG/usr/doc/${PKGNAM}-${VERSION}/examples
mv $PKG/usr/share/examples/krb5/* $PKG/usr/doc/${PKGNAM}-${VERSION}/examples
rmdir $PKG/usr/share/examples/krb5 $PKG/usr/share/examples 2> /dev/null
# Move some libraries to $PKG/lib${LIBDIRSUFFIX}:
mkdir -p $PKG/lib${LIBDIRSUFFIX}
( cd $PKG/usr/lib${LIBDIRSUFFIX}
for lib in libgssapi_krb5 libkrb5 libk5crypto libkrb5support ; do
mv ${lib}.so.?.* ../../lib${LIBDIRSUFFIX}
ln -sf ../../lib${LIBDIRSUFFIX}/${lib}.so.?.* .
cp -a ${lib}.so.? ../../lib${LIBDIRSUFFIX}
done
)
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
rm -rf $PKG/usr/man/cat{1,5,8}
# Compress and link manpages, if any:
if [ -d $PKG/usr/man ]; then
( cd $PKG/usr/man
for manpagedir in $(find . -type d -name "man*") ; do
( cd $manpagedir
for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do
ln -s $( readlink $eachpage ).gz $eachpage.gz
rm $eachpage
done
gzip -9 *.?
)
done
)
fi
# krb5 ships with a ton of docs, but for now we'll just include these:
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
cp -a \
../NOTICE* ../README* \
$PKG/usr/doc/$PKGNAM-$VERSION
mkdir -p $PKG/install
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
cat $CWD/slack-desc > $PKG/install/slack-desc
cd $PKG
/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz