Mon Jun 7 18:53:49 UTC 2021

Hey folks! Sorry about the delay in getting this batch out but I had other
distractions going on here last week that prevented getting this one wrapped
up. Anyway, probably the highlight of this update set is that we've decided
to abandon the 5.10 LTS kernel in favor of following the latest one. We've
never really had a policy that required LTS in a stable release although that
is how it has been done for years, but based on comments from the Slackware
community it seems like 5.10 LTS isn't getting a lot of love and lacks
hardware support that people need now. Conversely, the reports on 5.12 have
been almost entirely positive, so we're going to provide what we think is the
best available kernel. It's unlikely that we'll see another LTS prior to
release, so the plan for maintenance is to keep following the latest kernels
as needed for security purposes. If that means we have to jump to a new branch
while supporting the stable release, we'll start the kernel out in testing
first until we've had some feedback that it's safe to move it to the patches
directory. Sooner or later we will end up on an LTS kernel again, and at that
point we'll just roll with that one. Feel free to comment (or complain) about
this plan on LQ... I'll be curious to see what people think. Anyway, enjoy!
a/hwdata-0.348-noarch-1.txz:  Upgraded.
a/kernel-generic-5.12.9-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.12.9-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.12.9-x86_64-1.txz:  Upgraded.
ap/ispell-3.4.04-x86_64-1.txz:  Upgraded.
ap/mpg123-1.28.0-x86_64-1.txz:  Upgraded.
ap/slackpkg-15.0.5-noarch-1.txz:  Upgraded.
  Add "--" option to "command cd" in bash completion file. (akinomyoga)
  shell-completions/slackpkg.bash: add "show-changelog".
  Import bash-completion file from upstream project.
  Added the new-config actions for specific files. (Piter PUNK)
  Harden slackpkg with respect to obtaining GPG key. (CRTS)
d/clisp-2.50_20191103_c26de7873-x86_64-5.txz:  Rebuilt.
  Upgraded to libffcall-2.3.
d/git-2.32.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.12.9-x86-1.txz:  Upgraded.
d/poke-1.3-x86_64-1.txz:  Upgraded.
d/vala-0.52.4-x86_64-1.txz:  Upgraded.
k/kernel-source-5.12.9-noarch-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-21.06.1.
kde/cantor-21.04.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-21.06.1.
kde/digikam-7.2.0-x86_64-3.txz:  Rebuilt.
  Recompiled against imagemagick-7.0.11_14.
kde/kfilemetadata-5.82.0-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-21.06.1.
kde/kile-2.9.93-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-21.06.1.
kde/kitinerary-21.04.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-21.06.1.
kde/krita-4.4.3-x86_64-5.txz:  Rebuilt.
  Recompiled against poppler-21.06.1.
kde/okular-21.04.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-21.06.1.
l/alsa-lib-1.2.5-x86_64-2.txz:  Rebuilt.
  Account for unexpected packing of the conf file tarballs. We'll see if this
  is enough to make things work well again.
l/at-spi2-core-2.40.2-x86_64-1.txz:  Upgraded.
l/dvdauthor-0.7.2-x86_64-5.txz:  Rebuilt.
  Recompiled against imagemagick-7.0.11_14.
l/libogg-1.3.5-x86_64-1.txz:  Upgraded.
l/librsvg-2.50.7-x86_64-1.txz:  Upgraded.
l/pipewire-0.3.29-x86_64-1.txz:  Upgraded.
l/polkit-0.119-x86_64-1.txz:  Upgraded.
  This update includes a mitigation for local privilege escalation using
  polkit_system_bus_name_get_creds_sync().
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560
  (* Security fix *)
l/poppler-21.06.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/pycairo-1.20.1-x86_64-1.txz:  Upgraded.
l/qca-2.3.3-x86_64-1.txz:  Upgraded.
l/vte-0.64.2-x86_64-1.txz:  Upgraded.
n/epic5-2.1.5-x86_64-1.txz:  Upgraded.
n/httpd-2.4.48-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  mod_http2: Fix a potential NULL pointer dereference.
  Unexpected <Location> section matching with 'MergeSlashes OFF'.
  mod_auth_digest: possible stack overflow by one nul byte while validating
  the Digest nonce.
  mod_session: Fix possible crash due to NULL pointer dereference, which
  could be used to cause a Denial of Service with a malicious backend
  server and SessionHeader.
  mod_session: Fix possible crash due to NULL pointer dereference, which
  could be used to cause a Denial of Service.
  mod_proxy_http: Fix possible crash due to NULL pointer dereference, which
  could be used to cause a Denial of Service.
  mod_proxy_wstunnel, mod_proxy_http: Handle Upgradable protocols end-to-end
  negotiation.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
  (* Security fix *)
n/libmbim-1.24.8-x86_64-1.txz:  Upgraded.
n/libqmi-1.28.6-x86_64-1.txz:  Upgraded.
n/nettle-3.7.3-x86_64-1.txz:  Upgraded.
n/openldap-2.4.59-x86_64-1.txz:  Upgraded.
n/p11-kit-0.24.0-x86_64-1.txz:  Upgraded.
n/php-7.4.20-x86_64-1.txz:  Upgraded.
n/vsftpd-3.0.4-x86_64-1.txz:  Upgraded.
n/whois-5.5.10-x86_64-1.txz:  Upgraded.
x/libX11-1.7.2-x86_64-1.txz:  Upgraded.
  This is a bug fix release, correcting a regression introduced by and
  improving the checks from the fix for CVE-2021-31535.
x/libinput-1.18.0-x86_64-1.txz:  Upgraded.
x/mesa-21.1.2-x86_64-1.txz:  Upgraded.
xap/blueman-2.2.1-x86_64-1.txz:  Upgraded.
xap/gnuplot-5.4.2-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-78.11.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/78.11.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2021-26/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29964
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967
  (* Security fix *)
xap/pidgin-2.14.5-x86_64-1.txz:  Upgraded.
xap/xine-lib-1.2.11-x86_64-6.txz:  Rebuilt.
  Recompiled against poppler-21.06.1.
extra/bash-completion/bash-completion-2.11-noarch-2.txz:  Rebuilt.
  Removed the slackpkg completion file.
extra/php8/php8-8.0.7-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
This commit is contained in:
Patrick J Volkerding 2021-06-07 18:53:49 +00:00 committed by Eric Hameleers
parent 603621fccb
commit 3e486d66d2
84 changed files with 930 additions and 61098 deletions

View file

@ -11,9 +11,148 @@
<description>Tracking Slackware development in git.</description> <description>Tracking Slackware development in git.</description>
<language>en-us</language> <language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Tue, 1 Jun 2021 18:41:29 GMT</pubDate> <pubDate>Mon, 7 Jun 2021 18:53:49 GMT</pubDate>
<lastBuildDate>Wed, 2 Jun 2021 06:59:48 GMT</lastBuildDate> <lastBuildDate>Mon, 7 Jun 2021 21:59:50 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.12</generator> <generator>maintain_current_git.sh v 1.12</generator>
<item>
<title>Mon, 7 Jun 2021 18:53:49 GMT</title>
<pubDate>Mon, 7 Jun 2021 18:53:49 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20210607185349</link>
<guid isPermaLink="false">20210607185349</guid>
<description>
<![CDATA[<pre>
Hey folks! Sorry about the delay in getting this batch out but I had other
distractions going on here last week that prevented getting this one wrapped
up. Anyway, probably the highlight of this update set is that we've decided
to abandon the 5.10 LTS kernel in favor of following the latest one. We've
never really had a policy that required LTS in a stable release although that
is how it has been done for years, but based on comments from the Slackware
community it seems like 5.10 LTS isn't getting a lot of love and lacks
hardware support that people need now. Conversely, the reports on 5.12 have
been almost entirely positive, so we're going to provide what we think is the
best available kernel. It's unlikely that we'll see another LTS prior to
release, so the plan for maintenance is to keep following the latest kernels
as needed for security purposes. If that means we have to jump to a new branch
while supporting the stable release, we'll start the kernel out in testing
first until we've had some feedback that it's safe to move it to the patches
directory. Sooner or later we will end up on an LTS kernel again, and at that
point we'll just roll with that one. Feel free to comment (or complain) about
this plan on LQ... I'll be curious to see what people think. Anyway, enjoy!
a/hwdata-0.348-noarch-1.txz: Upgraded.
a/kernel-generic-5.12.9-x86_64-1.txz: Upgraded.
a/kernel-huge-5.12.9-x86_64-1.txz: Upgraded.
a/kernel-modules-5.12.9-x86_64-1.txz: Upgraded.
ap/ispell-3.4.04-x86_64-1.txz: Upgraded.
ap/mpg123-1.28.0-x86_64-1.txz: Upgraded.
ap/slackpkg-15.0.5-noarch-1.txz: Upgraded.
Add "--" option to "command cd" in bash completion file. (akinomyoga)
shell-completions/slackpkg.bash: add "show-changelog".
Import bash-completion file from upstream project.
Added the new-config actions for specific files. (Piter PUNK)
Harden slackpkg with respect to obtaining GPG key. (CRTS)
d/clisp-2.50_20191103_c26de7873-x86_64-5.txz: Rebuilt.
Upgraded to libffcall-2.3.
d/git-2.32.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.12.9-x86-1.txz: Upgraded.
d/poke-1.3-x86_64-1.txz: Upgraded.
d/vala-0.52.4-x86_64-1.txz: Upgraded.
k/kernel-source-5.12.9-noarch-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-9.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/cantor-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/digikam-7.2.0-x86_64-3.txz: Rebuilt.
Recompiled against imagemagick-7.0.11_14.
kde/kfilemetadata-5.82.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/kile-2.9.93-x86_64-9.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/kitinerary-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/krita-4.4.3-x86_64-5.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/okular-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
l/alsa-lib-1.2.5-x86_64-2.txz: Rebuilt.
Account for unexpected packing of the conf file tarballs. We'll see if this
is enough to make things work well again.
l/at-spi2-core-2.40.2-x86_64-1.txz: Upgraded.
l/dvdauthor-0.7.2-x86_64-5.txz: Rebuilt.
Recompiled against imagemagick-7.0.11_14.
l/libogg-1.3.5-x86_64-1.txz: Upgraded.
l/librsvg-2.50.7-x86_64-1.txz: Upgraded.
l/pipewire-0.3.29-x86_64-1.txz: Upgraded.
l/polkit-0.119-x86_64-1.txz: Upgraded.
This update includes a mitigation for local privilege escalation using
polkit_system_bus_name_get_creds_sync().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560
(* Security fix *)
l/poppler-21.06.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/pycairo-1.20.1-x86_64-1.txz: Upgraded.
l/qca-2.3.3-x86_64-1.txz: Upgraded.
l/vte-0.64.2-x86_64-1.txz: Upgraded.
n/epic5-2.1.5-x86_64-1.txz: Upgraded.
n/httpd-2.4.48-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
mod_http2: Fix a potential NULL pointer dereference.
Unexpected <Location> section matching with 'MergeSlashes OFF'.
mod_auth_digest: possible stack overflow by one nul byte while validating
the Digest nonce.
mod_session: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service with a malicious backend
server and SessionHeader.
mod_session: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service.
mod_proxy_http: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service.
mod_proxy_wstunnel, mod_proxy_http: Handle Upgradable protocols end-to-end
negotiation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
(* Security fix *)
n/libmbim-1.24.8-x86_64-1.txz: Upgraded.
n/libqmi-1.28.6-x86_64-1.txz: Upgraded.
n/nettle-3.7.3-x86_64-1.txz: Upgraded.
n/openldap-2.4.59-x86_64-1.txz: Upgraded.
n/p11-kit-0.24.0-x86_64-1.txz: Upgraded.
n/php-7.4.20-x86_64-1.txz: Upgraded.
n/vsftpd-3.0.4-x86_64-1.txz: Upgraded.
n/whois-5.5.10-x86_64-1.txz: Upgraded.
x/libX11-1.7.2-x86_64-1.txz: Upgraded.
This is a bug fix release, correcting a regression introduced by and
improving the checks from the fix for CVE-2021-31535.
x/libinput-1.18.0-x86_64-1.txz: Upgraded.
x/mesa-21.1.2-x86_64-1.txz: Upgraded.
xap/blueman-2.2.1-x86_64-1.txz: Upgraded.
xap/gnuplot-5.4.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-78.11.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.11.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-26/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967
(* Security fix *)
xap/pidgin-2.14.5-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.11-x86_64-6.txz: Rebuilt.
Recompiled against poppler-21.06.1.
extra/bash-completion/bash-completion-2.11-noarch-2.txz: Rebuilt.
Removed the slackpkg completion file.
extra/php8/php8-8.0.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
</pre>]]>
</description>
</item>
<item> <item>
<title>Tue, 1 Jun 2021 18:41:29 GMT</title> <title>Tue, 1 Jun 2021 18:41:29 GMT</title>
<pubDate>Tue, 1 Jun 2021 18:41:29 GMT</pubDate> <pubDate>Tue, 1 Jun 2021 18:41:29 GMT</pubDate>
@ -40,6 +179,7 @@ d/m4-1.4.19-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.5-x86_64-1.txz: Upgraded. l/alsa-lib-1.2.5-x86_64-1.txz: Upgraded.
l/alsa-plugins-1.2.5-x86_64-1.txz: Upgraded. l/alsa-plugins-1.2.5-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.11_14-x86_64-1.txz: Upgraded. l/imagemagick-7.0.11_14-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libedit-20210522_3.1-x86_64-1.txz: Upgraded. l/libedit-20210522_3.1-x86_64-1.txz: Upgraded.
l/python-certifi-2021.5.30-x86_64-1.txz: Upgraded. l/python-certifi-2021.5.30-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-89.0-x86_64-1.txz: Upgraded. xap/mozilla-firefox-89.0-x86_64-1.txz: Upgraded.

View file

@ -1,3 +1,134 @@
Mon Jun 7 18:53:49 UTC 2021
Hey folks! Sorry about the delay in getting this batch out but I had other
distractions going on here last week that prevented getting this one wrapped
up. Anyway, probably the highlight of this update set is that we've decided
to abandon the 5.10 LTS kernel in favor of following the latest one. We've
never really had a policy that required LTS in a stable release although that
is how it has been done for years, but based on comments from the Slackware
community it seems like 5.10 LTS isn't getting a lot of love and lacks
hardware support that people need now. Conversely, the reports on 5.12 have
been almost entirely positive, so we're going to provide what we think is the
best available kernel. It's unlikely that we'll see another LTS prior to
release, so the plan for maintenance is to keep following the latest kernels
as needed for security purposes. If that means we have to jump to a new branch
while supporting the stable release, we'll start the kernel out in testing
first until we've had some feedback that it's safe to move it to the patches
directory. Sooner or later we will end up on an LTS kernel again, and at that
point we'll just roll with that one. Feel free to comment (or complain) about
this plan on LQ... I'll be curious to see what people think. Anyway, enjoy!
a/hwdata-0.348-noarch-1.txz: Upgraded.
a/kernel-generic-5.12.9-x86_64-1.txz: Upgraded.
a/kernel-huge-5.12.9-x86_64-1.txz: Upgraded.
a/kernel-modules-5.12.9-x86_64-1.txz: Upgraded.
ap/ispell-3.4.04-x86_64-1.txz: Upgraded.
ap/mpg123-1.28.0-x86_64-1.txz: Upgraded.
ap/slackpkg-15.0.5-noarch-1.txz: Upgraded.
Add "--" option to "command cd" in bash completion file. (akinomyoga)
shell-completions/slackpkg.bash: add "show-changelog".
Import bash-completion file from upstream project.
Added the new-config actions for specific files. (Piter PUNK)
Harden slackpkg with respect to obtaining GPG key. (CRTS)
d/clisp-2.50_20191103_c26de7873-x86_64-5.txz: Rebuilt.
Upgraded to libffcall-2.3.
d/git-2.32.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.12.9-x86-1.txz: Upgraded.
d/poke-1.3-x86_64-1.txz: Upgraded.
d/vala-0.52.4-x86_64-1.txz: Upgraded.
k/kernel-source-5.12.9-noarch-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-9.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/cantor-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/digikam-7.2.0-x86_64-3.txz: Rebuilt.
Recompiled against imagemagick-7.0.11_14.
kde/kfilemetadata-5.82.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/kile-2.9.93-x86_64-9.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/kitinerary-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/krita-4.4.3-x86_64-5.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/okular-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
l/alsa-lib-1.2.5-x86_64-2.txz: Rebuilt.
Account for unexpected packing of the conf file tarballs. We'll see if this
is enough to make things work well again.
l/at-spi2-core-2.40.2-x86_64-1.txz: Upgraded.
l/dvdauthor-0.7.2-x86_64-5.txz: Rebuilt.
Recompiled against imagemagick-7.0.11_14.
l/libogg-1.3.5-x86_64-1.txz: Upgraded.
l/librsvg-2.50.7-x86_64-1.txz: Upgraded.
l/pipewire-0.3.29-x86_64-1.txz: Upgraded.
l/polkit-0.119-x86_64-1.txz: Upgraded.
This update includes a mitigation for local privilege escalation using
polkit_system_bus_name_get_creds_sync().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560
(* Security fix *)
l/poppler-21.06.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/pycairo-1.20.1-x86_64-1.txz: Upgraded.
l/qca-2.3.3-x86_64-1.txz: Upgraded.
l/vte-0.64.2-x86_64-1.txz: Upgraded.
n/epic5-2.1.5-x86_64-1.txz: Upgraded.
n/httpd-2.4.48-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
mod_http2: Fix a potential NULL pointer dereference.
Unexpected <Location> section matching with 'MergeSlashes OFF'.
mod_auth_digest: possible stack overflow by one nul byte while validating
the Digest nonce.
mod_session: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service with a malicious backend
server and SessionHeader.
mod_session: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service.
mod_proxy_http: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service.
mod_proxy_wstunnel, mod_proxy_http: Handle Upgradable protocols end-to-end
negotiation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
(* Security fix *)
n/libmbim-1.24.8-x86_64-1.txz: Upgraded.
n/libqmi-1.28.6-x86_64-1.txz: Upgraded.
n/nettle-3.7.3-x86_64-1.txz: Upgraded.
n/openldap-2.4.59-x86_64-1.txz: Upgraded.
n/p11-kit-0.24.0-x86_64-1.txz: Upgraded.
n/php-7.4.20-x86_64-1.txz: Upgraded.
n/vsftpd-3.0.4-x86_64-1.txz: Upgraded.
n/whois-5.5.10-x86_64-1.txz: Upgraded.
x/libX11-1.7.2-x86_64-1.txz: Upgraded.
This is a bug fix release, correcting a regression introduced by and
improving the checks from the fix for CVE-2021-31535.
x/libinput-1.18.0-x86_64-1.txz: Upgraded.
x/mesa-21.1.2-x86_64-1.txz: Upgraded.
xap/blueman-2.2.1-x86_64-1.txz: Upgraded.
xap/gnuplot-5.4.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-78.11.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.11.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-26/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967
(* Security fix *)
xap/pidgin-2.14.5-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.11-x86_64-6.txz: Rebuilt.
Recompiled against poppler-21.06.1.
extra/bash-completion/bash-completion-2.11-noarch-2.txz: Rebuilt.
Removed the slackpkg completion file.
extra/php8/php8-8.0.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Tue Jun 1 18:41:29 UTC 2021 Tue Jun 1 18:41:29 UTC 2021
l/gsl-2.7-x86_64-1.txz: Upgraded. l/gsl-2.7-x86_64-1.txz: Upgraded.
l/mozjs78-78.11.0esr-x86_64-1.txz: Upgraded. l/mozjs78-78.11.0esr-x86_64-1.txz: Upgraded.
@ -10,6 +141,7 @@ d/m4-1.4.19-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.5-x86_64-1.txz: Upgraded. l/alsa-lib-1.2.5-x86_64-1.txz: Upgraded.
l/alsa-plugins-1.2.5-x86_64-1.txz: Upgraded. l/alsa-plugins-1.2.5-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.11_14-x86_64-1.txz: Upgraded. l/imagemagick-7.0.11_14-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libedit-20210522_3.1-x86_64-1.txz: Upgraded. l/libedit-20210522_3.1-x86_64-1.txz: Upgraded.
l/python-certifi-2021.5.30-x86_64-1.txz: Upgraded. l/python-certifi-2021.5.30-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-89.0-x86_64-1.txz: Upgraded. xap/mozilla-firefox-89.0-x86_64-1.txz: Upgraded.

File diff suppressed because it is too large Load diff

View file

@ -1,7 +1,7 @@
Slackware initrd mini HOWTO Slackware initrd mini HOWTO
by Patrick Volkerding, volkerdi@slackware.com by Patrick Volkerding, volkerdi@slackware.com
Fri May 28 19:12:36 UTC 2021 Mon Jun 7 05:03:59 UTC 2021
This document describes how to create and install an initrd, which may be This document describes how to create and install an initrd, which may be
required to use the 4.x kernel. Also see "man mkinitrd". required to use the 4.x kernel. Also see "man mkinitrd".
@ -33,15 +33,15 @@ flexible to ship a generic kernel and a set of kernel modules for it.
The easiest way to make the initrd is to use the mkinitrd script included The easiest way to make the initrd is to use the mkinitrd script included
in Slackware's mkinitrd package. We'll walk through the process of in Slackware's mkinitrd package. We'll walk through the process of
upgrading to the generic 5.10.41 Linux kernel using the packages upgrading to the generic 5.12.9 Linux kernel using the packages
found in Slackware's slackware/a/ directory. found in Slackware's slackware/a/ directory.
First, make sure the kernel, kernel modules, and mkinitrd package are First, make sure the kernel, kernel modules, and mkinitrd package are
installed (the current version numbers might be a little different, so installed (the current version numbers might be a little different, so
this is just an example): this is just an example):
installpkg kernel-generic-5.10.41-x86_64-1.txz installpkg kernel-generic-5.12.9-x86_64-1.txz
installpkg kernel-modules-5.10.41-x86_64-1.txz installpkg kernel-modules-5.12.9-x86_64-1.txz
installpkg mkinitrd-1.4.11-x86_64-24.txz installpkg mkinitrd-1.4.11-x86_64-24.txz
Change into the /boot directory: Change into the /boot directory:
@ -52,7 +52,7 @@ Now you'll want to run "mkinitrd". I'm using ext4 for my root filesystem,
and since the disk controller requires no special support the ext4 module and since the disk controller requires no special support the ext4 module
will be the only one I need to load: will be the only one I need to load:
mkinitrd -c -k 5.10.41 -m ext4 mkinitrd -c -k 5.12.9 -m ext4
This should do two things. First, it will create a directory This should do two things. First, it will create a directory
/boot/initrd-tree containing the initrd's filesystem. Then it will /boot/initrd-tree containing the initrd's filesystem. Then it will
@ -61,10 +61,10 @@ you could make some additional changes in /boot/initrd-tree/ and
then run mkinitrd again without options to rebuild the image. That's then run mkinitrd again without options to rebuild the image. That's
optional, though, and only advanced users will need to think about that. optional, though, and only advanced users will need to think about that.
Here's another example: Build an initrd image using Linux 5.10.41 Here's another example: Build an initrd image using Linux 5.12.9
kernel modules for a system with an ext4 root partition on /dev/sdb3: kernel modules for a system with an ext4 root partition on /dev/sdb3:
mkinitrd -c -k 5.10.41 -m ext4 -f ext4 -r /dev/sdb3 mkinitrd -c -k 5.12.9 -m ext4 -f ext4 -r /dev/sdb3
4. Now that I've built an initrd, how do I use it? 4. Now that I've built an initrd, how do I use it?

View file

@ -24,7 +24,7 @@
VERSION=2.11 VERSION=2.11
ARCH=noarch ARCH=noarch
BUILD=${BUILD:-1} BUILD=${BUILD:-2}
CWD=$(pwd) CWD=$(pwd)
TMP=${TMP:-/tmp} TMP=${TMP:-/tmp}
@ -69,6 +69,9 @@ mv $PKG/usr/share/bash-completion/completions/mount \
mv $PKG/usr/share/bash-completion/completions/umount \ mv $PKG/usr/share/bash-completion/completions/umount \
$PKG/usr/share/bash-completion/completions/_umount $PKG/usr/share/bash-completion/completions/_umount
# Remove the slackpkg completion file
rm -f $PKG/usr/share/bash-completion/completions/slackpkg
# Create the local directory for admin changes/additions: # Create the local directory for admin changes/additions:
mkdir -p $PKG/etc/bash_completion.d/ mkdir -p $PKG/etc/bash_completion.d/

View file

@ -1,2 +1,2 @@
lftpget http://us.php.net/distributions/php-8.0.6.tar.xz.asc lftpget http://us.php.net/distributions/php-8.0.7.tar.xz.asc
lftpget http://us.php.net/distributions/php-8.0.6.tar.xz lftpget http://us.php.net/distributions/php-8.0.7.tar.xz

View file

@ -1,5 +1,5 @@
Welcome to 09Slackware6407 version 15.0 (Linux kernel 5.10.41)! Welcome to 09Slackware6407 version 15.0 (Linux kernel 5.12.9)!
If you need to pass extra parameters to the kernel, enter them at the prompt If you need to pass extra parameters to the kernel, enter them at the prompt
below after the name of the kernel to boot (e.g., huge.s). below after the name of the kernel to boot (e.g., huge.s).

View file

@ -1,3 +1,3 @@
These kernels are version 5.10.41. These kernels are version 5.12.9.

View file

@ -533,10 +533,7 @@ gzip ./source/n/netkit-timed/netkit-timed-0.17.diff
gzip ./source/n/wget/doinst.sh gzip ./source/n/wget/doinst.sh
gzip ./source/n/vsftpd/vsftpd.conf.diff gzip ./source/n/vsftpd/vsftpd.conf.diff
gzip ./source/n/vsftpd/vsftpd.crypt.diff gzip ./source/n/vsftpd/vsftpd.crypt.diff
gzip ./source/n/vsftpd/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch
gzip ./source/n/vsftpd/vsftpd.link-with-openssl-1.1.diff
gzip ./source/n/vsftpd/doinst.sh gzip ./source/n/vsftpd/doinst.sh
gzip ./source/n/vsftpd/0021-Introduce-support-for-DHE-based-cipher-suites.patch
gzip ./source/n/vsftpd/vsftpd.log gzip ./source/n/vsftpd/vsftpd.log
gzip ./source/n/vsftpd/vsftpd.builddefs.diff gzip ./source/n/vsftpd/vsftpd.builddefs.diff
gzip ./source/n/net-tools/net-tools.config.h gzip ./source/n/net-tools/net-tools.config.h

View file

@ -65,9 +65,9 @@ system. :^) Press ENTER when you are done." 21 76 10 \
"jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \ "jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \
"kbd" "Change keyboard and console mappings" "on" \ "kbd" "Change keyboard and console mappings" "on" \
"kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \ "kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \
"kernel-generic" "Generic 5.10.41 kernel (needs an initrd)" "on" \ "kernel-generic" "Generic 5.12.9 kernel (needs an initrd)" "on" \
"kernel-huge" "Loaded 5.10.41 Linux kernel" "on" \ "kernel-huge" "Loaded 5.12.9 Linux kernel" "on" \
"kernel-modules" "Linux 5.10.41 kernel modules -- REQUIRED" "on" \ "kernel-modules" "Linux 5.12.9 kernel modules -- REQUIRED" "on" \
"kmod" "Kernel module utilities -- REQUIRED" "on" \ "kmod" "Kernel module utilities -- REQUIRED" "on" \
"lbzip2" "Parallel bzip2 compressor" "on" \ "lbzip2" "Parallel bzip2 compressor" "on" \
"less" "A text pager utility - REQUIRED" "on" \ "less" "A text pager utility - REQUIRED" "on" \

View file

@ -65,9 +65,9 @@ system. :^) Press ENTER when you are done." 21 76 10 \
"jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \ "jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \
"kbd" "Change keyboard and console mappings" "on" \ "kbd" "Change keyboard and console mappings" "on" \
"kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \ "kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \
"kernel-generic" "Generic 5.10.41 kernel (needs an initrd)" "on" \ "kernel-generic" "Generic 5.12.9 kernel (needs an initrd)" "on" \
"kernel-huge" "Loaded 5.10.41 Linux kernel" "on" \ "kernel-huge" "Loaded 5.12.9 Linux kernel" "on" \
"kernel-modules" "Linux 5.10.41 kernel modules -- REQUIRED" "on" \ "kernel-modules" "Linux 5.12.9 kernel modules -- REQUIRED" "on" \
"kmod" "Kernel module utilities -- REQUIRED" "on" \ "kmod" "Kernel module utilities -- REQUIRED" "on" \
"lbzip2" "Parallel bzip2 compressor" "on" \ "lbzip2" "Parallel bzip2 compressor" "on" \
"less" "A text pager utility - REQUIRED" "on" \ "less" "A text pager utility - REQUIRED" "on" \

View file

@ -21,7 +21,7 @@ from series K. Use the UP/DOWN keys to scroll through the list, and \
the SPACE key to deselect any items you don't want to install. \ the SPACE key to deselect any items you don't want to install. \
Press ENTER when you are \ Press ENTER when you are \
done." 11 70 1 \ done." 11 70 1 \
"kernel-source" "Linux 5.10.41 kernel source" "on" \ "kernel-source" "Linux 5.12.9 kernel source" "on" \
2> $TMP/SeTpkgs 2> $TMP/SeTpkgs
if [ $? = 1 -o $? = 255 ]; then if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs rm -f $TMP/SeTpkgs

View file

@ -21,7 +21,7 @@ from series K. Use the UP/DOWN keys to scroll through the list, and \
the SPACE key to deselect any items you don't want to install. \ the SPACE key to deselect any items you don't want to install. \
Press ENTER when you are \ Press ENTER when you are \
done." 11 70 1 \ done." 11 70 1 \
"kernel-source" "Linux 5.10.41 kernel source" "on" \ "kernel-source" "Linux 5.12.9 kernel source" "on" \
2> $TMP/SeTpkgs 2> $TMP/SeTpkgs
if [ $? = 1 -o $? = 255 ]; then if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs rm -f $TMP/SeTpkgs

View file

@ -1,3 +1,17 @@
Sat Jun 5 03:54:45 UTC 2021
---------------
- Release 15.0.5
- Add "--" option to "command cd" in bash completion file
(akinomyoga)
Sat Jun 5 03:30:43 UTC 2021
---------------
- Release 15.0.4
- shell-completions/slackpkg.bash: add "show-changelog"
- Import bash-completion file from upstream project
- Added the new-config actions for specific files (Piter PUNK)
- Harden slackpkg with respect to obtaining GPG key (CRTS)
Mon May 3 23:53:57 UTC 2021 Mon May 3 23:53:57 UTC 2021
--------------- ---------------
- Release 15.0.3 - Release 15.0.3

View file

@ -64,9 +64,14 @@ function system_setup() {
# Create $WORKDIR just in case # Create $WORKDIR just in case
mkdir -p "${WORKDIR}" mkdir -p "${WORKDIR}"
# Select the command to fetch files and packages from network sources
if [ "$DOWNLOADER" = "curl" ]; then
DOWNLOADER="curl ${CURLFLAGS} -o"
else
DOWNLOADER="wget ${WGETFLAGS} -O"
fi
# Set LOCAL if mirror isn't through network # Set LOCAL if mirror isn't through network
# If mirror is through network, select the command to fetch
# files and packages from there.
# #
MEDIA=${SOURCE%%:*} MEDIA=${SOURCE%%:*}
if [ "$MEDIA" = "cdrom" ] || [ "$MEDIA" = "file" ] || \ if [ "$MEDIA" = "cdrom" ] || [ "$MEDIA" = "file" ] || \
@ -75,11 +80,6 @@ function system_setup() {
LOCAL=1 LOCAL=1
else else
LOCAL=0 LOCAL=0
if [ "$DOWNLOADER" = "curl" ]; then
DOWNLOADER="curl ${CURLFLAGS} -o"
else
DOWNLOADER="wget ${WGETFLAGS} -O"
fi
fi fi
# Set MORECMD, EDITCMD and check BATCH mode # Set MORECMD, EDITCMD and check BATCH mode
@ -555,6 +555,42 @@ function checkgpg() {
gpg --verify ${1}.asc ${1} 2>/dev/null && echo "1" || echo "0" gpg --verify ${1}.asc ${1} 2>/dev/null && echo "1" || echo "0"
} }
function get_gpg_key() {
if ping -c 1 slackware.com &>/dev/null; then
echo -e "\t\t\tGetting key from https://www.slackware.com/infra/keys/GPG-KEY"
$DOWNLOADER $TMPDIR/gpgkey https://www.slackware.com/infra/keys/GPG-KEY &>/dev/null
elif ping -c 1 mirrors.slackware.com &>/dev/null; then
echo -e "\t\t\tGetting key from https://mirrors.slackware.com/slackware/slackware-current/GPG-KEY"
$DOWNLOADER $TMPDIR/gpgkey https://mirrors.slackware.com/slackware/slackware-current/GPG-KEY &>/dev/null
else
echo -e "\
slackpkg is unable to get the Slackware GPG key from either\n\
slackware.com or mirrors.slackware.com; if you trust the\n\
source you have configured in /etc/slackpkg/mirrors, slackpkg\n\
can import the GPG key from that source.\n\
The source currently in use is:\n\
\t ${SOURCE}\n\
Do you want to import the GPG key from this source? (YES|NO)\n"
read ANSWER
case "$ANSWER" in
YES|Y|yes|y)
getfile ${SOURCE}GPG-KEY $TMPDIR/gpgkey
;;
*)
echo -e "\t\tslackpkg is unable to get the Slackware GPG key."
cleanup
;;
esac
fi
}
function import_gpg_key() {
mkdir -p ~/.gnupg
gpg --yes --batch --delete-key "$SLACKKEY" &>/dev/null
gpg --import $TMPDIR/gpgkey &>/dev/null && \
echo -e "\t\t\tSlackware Linux Project's GPG key added"
}
# Found packages in repository. # Found packages in repository.
# This function selects the package from the higher priority # This function selects the package from the higher priority
# repository directories. # repository directories.

View file

@ -0,0 +1,14 @@
# You can list here the .new files and the default action
# to do for each file. The list format is:
#
# /full/path/of/dot/new/file.new:action
#
# The action can be:
#
# O to Overwrite it with the new version
# R to Remove the new file
# K to Keep the current and the .new files
#
# E.g:
#/etc/slackpkg/mirrors.new:K
#/etc/ntp.conf.new:R

View file

@ -137,6 +137,12 @@ looknew() {
ONLY_NEW_DOTNEW="" ONLY_NEW_DOTNEW=""
fi fi
# if there is a /etc/slackpkg/post-functions.conf file, it will be
# used to take the pre-defined action to each file specified there.
if [ -f /etc/slackpkg/post-functions.conf ]; then
NEWCONFIG="/etc/slackpkg/post-functions.conf"
fi
printf "%s\n" "Searching for NEW configuration files..." printf "%s\n" "Searching for NEW configuration files..."
FILES=$( find \ FILES=$( find \
@ -179,8 +185,8 @@ What do you want (K/O/R/P)?
# No. of prompt etc. lines to print. # No. of prompt etc. lines to print.
TEXTLINES=$(( $( printf %b "$PROMPTTEXT" | wc -l ) + 3 )) TEXTLINES=$(( $( printf %b "$PROMPTTEXT" | wc -l ) + 3 ))
if [ $(( newcount + TEXTLINES )) -lt $ROWS ]; then if [ $(( newcount + TEXTLINES )) -lt $ROWS ] || [ "${BATCH}" = "on" ]; then
# All files will fit on screen. # All files will fit on screen or is a batch execution.
printf "%s\n" "$FILES" printf "%s\n" "$FILES"
else else
# Won't all fit, so scroll a screenfull at a time. # Won't all fit, so scroll a screenfull at a time.
@ -240,6 +246,9 @@ EOF
printf %b "$PROMPTTEXT" printf %b "$PROMPTTEXT"
answer answer
if [ "${BATCH}" = "on" ] && [ -n "${NEWCONFIG}" ]; then
ANSWER=P
fi
case $ANSWER in case $ANSWER in
K|k) K|k)
;; ;;
@ -256,11 +265,24 @@ EOF
P|p) P|p)
echo "Select what you want file-by-file" echo "Select what you want file-by-file"
for i in $FILES; do for i in $FILES; do
if [ -n "${NEWCONFIG}" ]; then
AUTOANSWER="$(sed -ne 's#^'$i':\([ORK]\)#\1#p' $NEWCONFIG 2>/dev/null)"
fi
GOEX=0 GOEX=0
while [ $GOEX -eq 0 ]; do while [ $GOEX -eq 0 ]; do
echo echo
showmenu $i "(K)eep" "(O)verwrite" "(R)emove" "(D)iff" "(M)erge" "(V)imdiff" showmenu $i "(K)eep" "(O)verwrite" "(R)emove" "(D)iff" "(M)erge" "(V)imdiff"
if [ -n "${AUTOANSWER}" ]; then
ANSWER=$AUTOANSWER
echo $ANSWER
else
if [ "${BATCH}" = "on" ]; then
ANSWER=K
echo $ANSWER
else
read ANSWER read ANSWER
fi
fi
case $ANSWER in case $ANSWER in
O|o) O|o)
overold $i overold $i

View file

@ -0,0 +1,114 @@
# bash completion for slackpkg(8) -*- shell-script -*-
# options list is based on `grep '\-.*\=.*)' /usr/sbin/slackpkg | cut -f1 -d\)`
_slackpkg()
{
local cur prev words cword
_init_completion -n = || return
local split=false
if [[ $cur == -?*=* ]]; then
prev="${cur%%?(\\)=*}"
cur="${cur#*=}"
split=true
fi
case "$prev" in
-delall | -checkmd5 | -checkgpg | -checksize | -postinst | -onoff | \
-download_all | -dialog | -batch | -only_new_dotnew | \
-use_includes | -spinning)
COMPREPLY=($(compgen -W 'on off' -- "$cur"))
return
;;
-default_answer)
COMPREPLY=($(compgen -W 'yes no' -- "$cur"))
return
;;
-dialog_maxargs | -mirror)
# argument required but no completions available
return
;;
esac
$split && return
if [[ $cur == -* ]]; then
compopt -o nospace
COMPREPLY=($(compgen -W '-delall= -checkmd5= -checkgpg=
-checksize= -postinst= -onoff= -download_all= -dialog=
-dialog_maxargs= -batch= -only_new_dotnew= -use_includes=
-spinning= -default_answer= -mirror=' -- "$cur"))
return
fi
local confdir="/etc/slackpkg"
local config="$confdir/slackpkg.conf"
[[ -r $config ]] || return
. "$config"
local i action
for ((i = 1; i < ${#words[@]}; i++)); do
if [[ ${words[i]} != -* ]]; then
action="${words[i]}"
break
fi
done
case "$action" in
generate-template | search | file-search)
# argument required but no completions available
return
;;
install-template | remove-template)
if [[ -e $confdir/templates ]]; then
COMPREPLY=($(
command cd -- "$confdir/templates"
compgen -f -X "!*.template" -- "$cur"
))
COMPREPLY=(${COMPREPLY[@]%.template})
fi
return
;;
remove)
_filedir
COMPREPLY+=($(compgen -W 'a ap d e f k kde kdei l n t tcl x
xap xfce y' -- "$cur"))
COMPREPLY+=($(
command cd /var/log/packages
compgen -f -- "$cur"
))
return
;;
install | reinstall | upgrade | blacklist | download)
_filedir
COMPREPLY+=($(compgen -W 'a ap d e f k kde kdei l n t tcl x
xap xfce y' -- "$cur"))
COMPREPLY+=($(cut -f 6 -d\ "${WORKDIR}/pkglist" 2>/dev/null |
command grep "^$cur"))
return
;;
info)
COMPREPLY=($(cut -f 6 -d\ "${WORKDIR}/pkglist" 2>/dev/null |
command grep "^$cur"))
return
;;
update)
# we should complete the same as the next `list` + "gpg"
COMPREPLY=($(compgen -W 'gpg' -- "$cur"))
;&
*)
COMPREPLY+=($(compgen -W 'install reinstall upgrade remove
blacklist download update install-new upgrade-all
clean-system new-config check-updates help generate-template
install-template remove-template search file-search info
show-changelog' -- \
"$cur"))
return
;;
esac
} &&
complete -F _slackpkg slackpkg
# ex: filetype=sh

View file

@ -350,17 +350,8 @@ case "$CMD" in
# the key # the key
# #
if [ "$UPARG" = "gpg" ] || [ "$GPGFIRSTTIME" = "0" ]; then if [ "$UPARG" = "gpg" ] || [ "$GPGFIRSTTIME" = "0" ]; then
# get_gpg_key && import_gpg_key
# Creates .gnupg directory if doesn't exist
# without this dir, gpg got an error.
#
if ! [ -e ~/.gnupg ]; then
mkdir ~/.gnupg
fi
getfile ${SOURCE}GPG-KEY $TMPDIR/gpgkey
gpg --yes --batch --delete-key "$SLACKKEY" &>/dev/null
gpg --import $TMPDIR/gpgkey &>/dev/null && \
echo -e "\t\t\tSlackware Linux Project's GPG key added"
if [ "$UPARG" = "gpg" ]; then if [ "$UPARG" = "gpg" ]; then
cleanup cleanup
fi fi

View file

@ -23,7 +23,7 @@
cd $(dirname $0) ; CWD=$(pwd) cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=slackpkg PKGNAM=slackpkg
VERSION=${VERSION:-15.0.3} VERSION=${VERSION:-15.0.5}
ARCH="noarch" ARCH="noarch"
BUILD=${BUILD:-1} BUILD=${BUILD:-1}
@ -55,7 +55,8 @@ chown root:root $PKG/usr/sbin/slackpkg
# Prepare /etc directory: # Prepare /etc directory:
mkdir -pv $PKG/etc/slackpkg mkdir -pv $PKG/etc/slackpkg
cp -av blacklist.new slackpkg.conf.new $PKG/etc/slackpkg cp -av blacklist.new slackpkg.conf.new post-functions.conf-sample \
$PKG/etc/slackpkg
chmod 644 $PKG/etc/slackpkg/* chmod 644 $PKG/etc/slackpkg/*
chown root:root $PKG/etc/slackpkg/* chown root:root $PKG/etc/slackpkg/*
mkdir -pv $PKG/etc/slackpkg/templates mkdir -pv $PKG/etc/slackpkg/templates
@ -99,6 +100,10 @@ chown -R root:root $PKG/usr/man
# Compress manual pages # Compress manual pages
find $PKG/usr/man -type f -exec gzip -9 {} \; find $PKG/usr/man -type f -exec gzip -9 {} \;
# Install bash-completion file
mkdir -p $PKG/usr/share/bash-completion/completions
cat $CWD/files/shell-completion/slackpkg.bash > $PKG/usr/share/bash-completion/completions/slackpkg
# Update version number: # Update version number:
sed -i "s/@VERSION@/$VERSION/g" $PKG/usr/sbin/slackpkg sed -i "s/@VERSION@/$VERSION/g" $PKG/usr/sbin/slackpkg

View file

@ -24,10 +24,10 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=clisp PKGNAM=clisp
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-4} BUILD=${BUILD:-5}
# Bundled libraries: # Bundled libraries:
FFCALLVER=2.2 FFCALLVER=2.3
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.12.8 Kernel Configuration # Linux/x86 5.12.9 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.12.8 Kernel Configuration # Linux/x86 5.12.9 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y

File diff suppressed because it is too large Load diff

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.12.8 Kernel Configuration # Linux/x86 5.12.9 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.12.8 Kernel Configuration # Linux/x86 5.12.9 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.12.8 Kernel Configuration # Linux/x86 5.12.9 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y

File diff suppressed because it is too large Load diff

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.12.8 Kernel Configuration # Linux/x86 5.12.9 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0" CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y

View file

@ -1 +1 @@
8 9

View file

@ -1 +1 @@
1 2

View file

@ -1 +1 @@
2 3

View file

@ -1 +1 @@
1 2

View file

@ -1 +1 @@
8 9

View file

@ -1 +1 @@
1 2

View file

@ -1 +1 @@
4 5

View file

@ -1 +1 @@
1 2

View file

@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=alsa-lib PKGNAM=alsa-lib
VERSION=${VERSION:-$(echo alsa-lib-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo alsa-lib-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-1} BUILD=${BUILD:-2}
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
@ -86,8 +86,10 @@ fi
cd ucm-and-topology-configs cd ucm-and-topology-configs
for file in $CWD/alsa-*conf*tar.lz ; do for file in $CWD/alsa-*conf*tar.lz ; do
tar xvf $file tar xvf $file
mv $(basename $file .tar.lz)/* . #mv $(basename $file .tar.lz)/* .
rmdir $(basename $file .tar.lz) mv $(basename $file | cut -f 1-3 -d -)-*/* .
#rmdir $(basename $file .tar.lz)
rmdir $(basename $file | cut -f 1-3 -d -)-*
mv README.md README-$(echo $(basename $file) | cut -f 1-3 -d -) mv README.md README-$(echo $(basename $file) | cut -f 1-3 -d -)
done done
) )

View file

@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=dvdauthor PKGNAM=dvdauthor
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-4} BUILD=${BUILD:-5}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=libogg PKGNAM=libogg
VERSION=${VERSION:-$(echo libogg-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo libogg-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-3} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=polkit PKGNAM=polkit
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-5} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=pycairo PKGNAM=pycairo
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-4} BUILD=${BUILD:-1}
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}

View file

@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=qca PKGNAM=qca
SRCNAM=qca SRCNAM=qca
VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-2} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -26,7 +26,7 @@ PKGNAM=epic5
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
EPICVER=5 EPICVER=5
HELPFILE=current HELPFILE=current
BUILD=${BUILD:-2} BUILD=${BUILD:-1}
## Default to no Ruby support, since it seems that ruby-2.7.0 is not compatible. ## Default to no Ruby support, since it seems that ruby-2.7.0 is not compatible.
## Patches to fix this are welcome, otherwise we'll keep an eye on upstream. ## Patches to fix this are welcome, otherwise we'll keep an eye on upstream.

View file

@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=httpd PKGNAM=httpd
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-4} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -1,2 +1,2 @@
http://www.apache.org/dist/httpd/httpd-2.4.46.tar.bz2 http://www.apache.org/dist/httpd/httpd-2.4.48.tar.bz2
http://www.apache.org/dist/httpd/httpd-2.4.46.tar.bz2.asc http://www.apache.org/dist/httpd/httpd-2.4.48.tar.bz2.asc

View file

@ -1,7 +1,5 @@
#!/bin/bash #!/bin/bash
# Slackware build script for libmbim
# Copyright 2013 Robby Workman, Northport, Alabama, USA # Copyright 2013 Robby Workman, Northport, Alabama, USA
# All rights reserved. # All rights reserved.
# #
@ -26,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=libmbim PKGNAM=libmbim
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-2} BUILD=${BUILD:-1}
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}

View file

@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=openldap PKGNAM=openldap
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-2} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=p11-kit PKGNAM=p11-kit
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-3} BUILD=${BUILD:-1}
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}

View file

@ -1,2 +1,2 @@
lftpget http://us.php.net/distributions/php-7.4.19.tar.xz.asc lftpget http://us.php.net/distributions/php-7.4.20.tar.xz.asc
lftpget http://us.php.net/distributions/php-7.4.19.tar.xz lftpget http://us.php.net/distributions/php-7.4.20.tar.xz

View file

@ -1,226 +0,0 @@
From 4eac1dbb5f70a652d31847eec7c28d245f36cdbb Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 10:48:28 +0100
Subject: [PATCH 21/33] Introduce support for DHE based cipher suites.
---
parseconf.c | 1 +
ssl.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
tunables.c | 5 +++-
tunables.h | 1 +
vsftpd.conf.5 | 6 ++++
5 files changed, 104 insertions(+), 2 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 3e0dba4..38e3182 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -176,6 +176,7 @@ parseconf_str_array[] =
{ "email_password_file", &tunable_email_password_file },
{ "rsa_cert_file", &tunable_rsa_cert_file },
{ "dsa_cert_file", &tunable_dsa_cert_file },
+ { "dh_param_file", &tunable_dh_param_file },
{ "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
diff --git a/ssl.c b/ssl.c
index c362983..22b69b3 100644
--- a/ssl.c
+++ b/ssl.c
@@ -28,6 +28,8 @@
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/bio.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
#include <errno.h>
#include <limits.h>
@@ -38,6 +40,7 @@ static void setup_bio_callbacks();
static long bio_callback(
BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
+static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength);
static int ssl_cert_digest(
SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
static void maybe_log_shutdown_state(struct vsf_session* p_sess);
@@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_session* p_sess,
static int ssl_inited;
static struct mystr debug_str;
+
+// Grab prime number from OpenSSL; <openssl/bn.h>
+// (get_rfc*) for all available primes.
+// wraps selection of comparable algorithm strength
+#if !defined(match_dh_bits)
+ #define match_dh_bits(keylen) \
+ keylen >= 8191 ? 8192 : \
+ keylen >= 6143 ? 6144 : \
+ keylen >= 4095 ? 4096 : \
+ keylen >= 3071 ? 3072 : \
+ keylen >= 2047 ? 2048 : \
+ keylen >= 1535 ? 1536 : \
+ keylen >= 1023 ? 1024 : 768
+#endif
+
+#if !defined(DH_get_prime)
+ BIGNUM *
+ DH_get_prime(int bits)
+ {
+ switch (bits) {
+ case 768: return get_rfc2409_prime_768(NULL);
+ case 1024: return get_rfc2409_prime_1024(NULL);
+ case 1536: return get_rfc3526_prime_1536(NULL);
+ case 2048: return get_rfc3526_prime_2048(NULL);
+ case 3072: return get_rfc3526_prime_3072(NULL);
+ case 4096: return get_rfc3526_prime_4096(NULL);
+ case 6144: return get_rfc3526_prime_6144(NULL);
+ case 8192: return get_rfc3526_prime_8192(NULL);
+ // shouldn't happen when used match_dh_bits; strict compiler
+ default: return NULL;
+ }
+}
+#endif
+
+#if !defined(DH_get_dh)
+ // Grab DH parameters
+ DH *
+ DH_get_dh(int size)
+ {
+ DH *dh = DH_new();
+ if (!dh) {
+ return NULL;
+ }
+ dh->p = DH_get_prime(match_dh_bits(size));
+ BN_dec2bn(&dh->g, "2");
+ if (!dh->p || !dh->g)
+ {
+ DH_free(dh);
+ return NULL;
+ }
+ return dh;
+ }
+#endif
+
void
ssl_init(struct vsf_session* p_sess)
{
@@ -65,7 +122,7 @@ ssl_init(struct vsf_session* p_sess)
{
die("SSL: could not allocate SSL context");
}
- options = SSL_OP_ALL;
+ options = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE;
if (!tunable_sslv2)
{
options |= SSL_OP_NO_SSLv2;
@@ -111,6 +168,25 @@ ssl_init(struct vsf_session* p_sess)
die("SSL: cannot load DSA private key");
}
}
+ if (tunable_dh_param_file)
+ {
+ BIO *bio;
+ DH *dhparams = NULL;
+ if ((bio = BIO_new_file(tunable_dh_param_file, "r")) == NULL)
+ {
+ die("SSL: cannot load custom DH params");
+ }
+ else
+ {
+ dhparams = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
+ BIO_free(bio);
+
+ if (!SSL_CTX_set_tmp_dh(p_ctx, dhparams))
+ {
+ die("SSL: setting custom DH params failed");
+ }
+ }
+ }
if (tunable_ssl_ciphers &&
SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
{
@@ -165,6 +241,9 @@ ssl_init(struct vsf_session* p_sess)
/* Ensure cached session doesn't expire */
SSL_CTX_set_timeout(p_ctx, INT_MAX);
}
+
+ SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback);
+
p_sess->p_ssl_ctx = p_ctx;
ssl_inited = 1;
}
@@ -702,6 +781,18 @@ ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx)
return 1;
}
+#define UNUSED(x) ( (void)(x) )
+
+static DH *
+ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
+{
+ // strict compiler bypassing
+ UNUSED(ssl);
+ UNUSED(is_export);
+
+ return DH_get_dh(keylength);
+}
+
void
ssl_add_entropy(struct vsf_session* p_sess)
{
diff --git a/tunables.c b/tunables.c
index c737465..1ea7227 100644
--- a/tunables.c
+++ b/tunables.c
@@ -140,6 +140,7 @@ const char* tunable_user_sub_token;
const char* tunable_email_password_file;
const char* tunable_rsa_cert_file;
const char* tunable_dsa_cert_file;
+const char* tunable_dh_param_file;
const char* tunable_ssl_ciphers;
const char* tunable_rsa_private_key_file;
const char* tunable_dsa_private_key_file;
@@ -288,7 +289,9 @@ tunables_load_defaults()
install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
&tunable_rsa_cert_file);
install_str_setting(0, &tunable_dsa_cert_file);
- install_str_setting("ECDHE-RSA-AES256-GCM-SHA384", &tunable_ssl_ciphers);
+ install_str_setting(0, &tunable_dh_param_file);
+ install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA",
+ &tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
install_str_setting(0, &tunable_ca_certs_file);
diff --git a/tunables.h b/tunables.h
index 9553038..3995472 100644
--- a/tunables.h
+++ b/tunables.h
@@ -142,6 +142,7 @@ extern const char* tunable_user_sub_token;
extern const char* tunable_email_password_file;
extern const char* tunable_rsa_cert_file;
extern const char* tunable_dsa_cert_file;
+extern const char* tunable_dh_param_file;
extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index fb6324e..ff94eca 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -893,6 +893,12 @@ to be in the same file as the certificate.
Default: (none)
.TP
+.B dh_param_file
+This option specifies the location of the custom parameters used for
+ephemeral Diffie-Hellman key exchange in SSL.
+
+Default: (none - use built in parameters appropriate for certificate key size)
+.TP
.B email_password_file
This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable
--
2.7.4

View file

@ -1,74 +0,0 @@
From 6c8dd87f311e411bcb1c72c1c780497881a5621c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Mon, 4 Sep 2017 11:32:03 +0200
Subject: [PATCH 35/35] Modify DH enablement patch to build with OpenSSL 1.1
---
ssl.c | 41 ++++++++++++++++++++++++++++++++++++++---
1 file changed, 38 insertions(+), 3 deletions(-)
diff --git a/ssl.c b/ssl.c
index ba8a613..09ec96a 100644
--- a/ssl.c
+++ b/ssl.c
@@ -88,19 +88,54 @@ static struct mystr debug_str;
}
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
+{
+ /* If the fields p and g in d are NULL, the corresponding input
+ * parameters MUST be non-NULL. q may remain NULL.
+ */
+ if ((dh->p == NULL && p == NULL)
+ || (dh->g == NULL && g == NULL))
+ return 0;
+
+ if (p != NULL) {
+ BN_free(dh->p);
+ dh->p = p;
+ }
+ if (q != NULL) {
+ BN_free(dh->q);
+ dh->q = q;
+ }
+ if (g != NULL) {
+ BN_free(dh->g);
+ dh->g = g;
+ }
+
+ if (q != NULL) {
+ dh->length = BN_num_bits(q);
+ }
+
+ return 1;
+}
+#endif
+
#if !defined(DH_get_dh)
// Grab DH parameters
DH *
DH_get_dh(int size)
{
+ BIGNUM *g = NULL;
+ BIGNUM *p = NULL;
DH *dh = DH_new();
if (!dh) {
return NULL;
}
- dh->p = DH_get_prime(match_dh_bits(size));
- BN_dec2bn(&dh->g, "2");
- if (!dh->p || !dh->g)
+ p = DH_get_prime(match_dh_bits(size));
+ BN_dec2bn(&g, "2");
+ if (!p || !g || !DH_set0_pqg(dh, p, NULL, g))
{
+ BN_free(g);
+ BN_free(p);
DH_free(dh);
return NULL;
}
--
2.9.5

View file

@ -12,8 +12,8 @@ vsftpd: vsftpd is an FTP server, or daemon. The 'vs' stands for Very Secure.
vsftpd: Obviously this is not a guarantee, but a reflection that the entire vsftpd: Obviously this is not a guarantee, but a reflection that the entire
vsftpd: codebase was written with security in mind, and carefully designed to vsftpd: codebase was written with security in mind, and carefully designed to
vsftpd: be resilient to attack (as well as extremely fast and scalable). vsftpd: be resilient to attack (as well as extremely fast and scalable).
vsftpd:
vsftpd: The vsftpd homepage is https://security.appspot.com/vsftpd.html
vsftpd:
vsftpd: The Very Secure FTP Daemon was written by Chris Evans. vsftpd: The Very Secure FTP Daemon was written by Chris Evans.
vsftpd: vsftpd:
vsftpd: Homepage: https://security.appspot.com/vsftpd.html
vsftpd:
vsftpd:

View file

@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=vsftpd PKGNAM=vsftpd
VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-9} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then
@ -72,13 +72,6 @@ find . \
zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1 zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1 zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/vsftpd.crypt.diff.gz | patch -p1 --verbose || exit 1 zcat $CWD/vsftpd.crypt.diff.gz | patch -p1 --verbose || exit 1
# patch from BLFS due to gcc >= 10.1.x
sed -e "s/kVSFSysStrOpenUnknown;/(enum EVSFSysUtilOpenMode)&/" -i sysstr.c
# Support OpenSSL 1.1.x:
zcat $CWD/0021-Introduce-support-for-DHE-based-cipher-suites.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/vsftpd.link-with-openssl-1.1.diff.gz | patch -p1 --verbose || exit 1
make $NUMJOBS || make || exit 1 make $NUMJOBS || make || exit 1

View file

@ -1,16 +0,0 @@
--- ./vsf_findlibs.sh.orig 2012-03-27 21:17:41.000000000 -0500
+++ ./vsf_findlibs.sh 2018-05-07 16:10:58.744003755 -0500
@@ -68,10 +68,10 @@
# Solaris sendfile
locate_library /usr/lib/libsendfile.so && echo "-lsendfile";
-# OpenSSL
-if find_func SSL_library_init ssl.o; then
+# Always link with OpenSSL:
+#if find_func SSL_library_init ssl.o; then
echo "-lssl -lcrypto";
-fi
+#fi
exit 0;

View file

@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=blueman PKGNAM=blueman
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-5} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=gnuplot PKGNAM=gnuplot
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-3} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=pidgin PKGNAM=pidgin
VERSION=${VERSION:-$(echo $PKGNAM-2.*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-2.*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
PIDGINENC=${PIDGINENC:-3.1} PIDGINENC=${PIDGINENC:-3.1}
BUILD=${BUILD:-2} BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -32,7 +32,7 @@ DIRVER=1.2.11
# Version used for the Slackware package # Version used for the Slackware package
PKGVER=1.2.11 PKGVER=1.2.11
BUILD=${BUILD:-5} BUILD=${BUILD:-6}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -1,11 +0,0 @@
kernel-generic: kernel-generic (a general purpose SMP Linux kernel)
kernel-generic:
kernel-generic: This is a Linux kernel with built-in support for most disk
kernel-generic: controllers. To use filesystems, or to load support for a SCSI or
kernel-generic: other controller, then you'll need to load one or more kernel
kernel-generic: modules using an initial ramdisk, or initrd. For more information
kernel-generic: about creating an initrd, see the README.initrd file in the /boot
kernel-generic: directory.
kernel-generic:
kernel-generic: SMP is "Symmetric multiprocessing", or multiple CPU/core support.
kernel-generic:

View file

@ -1,11 +0,0 @@
kernel-headers: kernel-headers (Linux kernel include files)
kernel-headers:
kernel-headers: These are the include files from the Linux kernel.
kernel-headers:
kernel-headers: You'll need these to compile most system software for Linux.
kernel-headers:
kernel-headers:
kernel-headers:
kernel-headers:
kernel-headers:
kernel-headers:

View file

@ -1,11 +0,0 @@
kernel-huge: kernel-huge (a fully-loaded SMP Linux kernel)
kernel-huge:
kernel-huge: This is a Linux kernel with built-in support for most disk
kernel-huge: controllers. If you're looking for a more stripped down kernel
kernel-huge: (this one contains everything but the kitchen sink ;-), then install
kernel-huge: the kernel-generic in the /boot directory along with an initrd to
kernel-huge: load support for your boot device and filesystem. For instructions
kernel-huge: on the initrd, see README.initrd in the /boot directory.
kernel-huge:
kernel-huge: SMP is "Symmetric multiprocessing", or multiple CPU/core support.
kernel-huge:

View file

@ -1,11 +0,0 @@
kernel-modules: kernel-modules (Linux kernel modules)
kernel-modules:
kernel-modules: Kernel modules are pieces of code that can be loaded and unloaded into
kernel-modules: the kernel upon demand. They extend the functionality of the kernel
kernel-modules: without the need to reboot the system. These modules provide support
kernel-modules: for hardware such as USB devices, RAID controllers, network
kernel-modules: interfaces, and display devices, or add other additional capabilities
kernel-modules: to the kernel.
kernel-modules:
kernel-modules:
kernel-modules:

View file

@ -1,11 +0,0 @@
kernel-source: kernel-source (Linux kernel source)
kernel-source:
kernel-source: Source code for Linus Torvalds' Linux kernel.
kernel-source:
kernel-source: This is the complete and unmodified source code for the Linux kernel.
kernel-source:
kernel-source:
kernel-source:
kernel-source:
kernel-source:
kernel-source:

View file

@ -1,175 +0,0 @@
#!/bin/sh
# Copyright 2018, 2021 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# This script uses the SlackBuild scripts present here to build a
# complete set of kernel packages for the currently running architecture.
# It needs to be run once on 64-bit (uname -m = x86_64) and once on IA32
# (uname -m = i586 or i686).
cd $(dirname $0) ; CWD=$(pwd)
BUILD=${BUILD:-1}
if [ -z "$VERSION" ]; then
# Get the filename of the newest kernel tarball:
KERNEL_SOURCE_FILE="$(/bin/ls -t linux-*.tar.?z | head -n 1 )"
if echo $KERNEL_SOURCE_FILE | grep -q rc ; then # need to get rc versions a bit differently
VERSION=$(/bin/ls -t linux-*.tar.?z | head -n 1 | rev | cut -f 3- -d . | cut -f 1,2 -d - | rev)
else # normal release version
VERSION=$(/bin/ls -t linux-*.tar.?z | head -n 1 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)
fi
fi
TMP=${TMP:-/tmp}
# By default, install the packages as we build them and update the initrd.
INSTALL_PACKAGES=${INSTALL_PACKAGES:-YES}
# Clean kernels before building them. Not doing so quit working some time
# after 4.19.x.
export KERNEL_CLEAN=YES
# A list of recipes for build may be passed in the $RECIPES variable, otherwise
# we have defaults based on uname -m:
if [ -z "$RECIPES" ]; then
if uname -m | grep -wq x86_64 ; then
RECIPES="x86_64"
elif uname -m | grep -wq i.86 ; then
RECIPES="IA32_NO_SMP IA32_SMP"
else
echo "Error: no build recipes available for $(uname -m)"
exit 1
fi
fi
# Main build loop:
for recipe in $RECIPES ; do
# Build recipes are defined here. These will select the appropriate .config
# files and package naming scheme, and define the output location.
if [ "$recipe" = "x86_64" ]; then
# Recipe for x86_64:
CONFIG_SUFFIX=".x64"
unset LOCALVERSION
OUTPUT=${OUTPUT:-${TMP}/output-x86_64-${VERSION}}
elif [ "$recipe" = "IA32_SMP" ]; then
# Recipe for IA32_SMP:
unset CONFIG_SUFFIX
LOCALVERSION="-smp"
OUTPUT=${OUTPUT:-${TMP}/output-ia32-${VERSION}}
elif [ "$recipe" = "IA32_NO_SMP" ]; then
# Recipe for IA32_NO_SMP:
unset CONFIG_SUFFIX
unset LOCALVERSION
OUTPUT=${OUTPUT:-${TMP}/output-ia32-${VERSION}}
else
echo "Error: recipe ${recipe} not implemented"
exit 1
fi
echo
echo "*************************************************"
echo "* Building kernels for recipe ${recipe}..."
echo "*************************************************"
echo
# Build kernel-source package:
KERNEL_SOURCE_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_CONFIG="config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}" VERSION=$VERSION BUILD=$BUILD ./kernel-source.SlackBuild)
KERNEL_CONFIG="config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}" VERSION=$VERSION BUILD=$BUILD ./kernel-source.SlackBuild
mkdir -p $OUTPUT
mv ${TMP}/${KERNEL_SOURCE_PACKAGE_NAME} $OUTPUT || exit 1
if [ "${INSTALL_PACKAGES}" = "YES" ]; then
installpkg ${OUTPUT}/${KERNEL_SOURCE_PACKAGE_NAME} || exit 1
fi
# Build kernel-huge package:
# We will build in the just-built kernel tree. First, let's put back the
# symlinks:
( cd $TMP/package-kernel-source
sh install/doinst.sh
)
KERNEL_HUGE_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_NAME=huge KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-huge${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} CONFIG_SUFFIX=${CONFIG_SUFFIX} KERNEL_OUTPUT_DIRECTORY=$OUTPUT/kernels/huge$(echo ${LOCALVERSION} | tr -d -).s BUILD=$BUILD ./kernel-generic.SlackBuild)
KERNEL_NAME=huge KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-huge${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} CONFIG_SUFFIX=${CONFIG_SUFFIX} KERNEL_OUTPUT_DIRECTORY=$OUTPUT/kernels/huge$(echo ${LOCALVERSION} | tr -d -).s BUILD=$BUILD ./kernel-generic.SlackBuild
if [ -r ${TMP}/${KERNEL_HUGE_PACKAGE_NAME} ]; then
mv ${TMP}/${KERNEL_HUGE_PACKAGE_NAME} $OUTPUT
else
echo "kernel-source build failed."
exit 1
fi
if [ "${INSTALL_PACKAGES}" = "YES" ]; then
installpkg ${OUTPUT}/${KERNEL_HUGE_PACKAGE_NAME} || exit 1
fi
# Build kernel-generic package:
KERNEL_GENERIC_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_NAME=generic KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} CONFIG_SUFFIX=${CONFIG_SUFFIX} KERNEL_OUTPUT_DIRECTORY=$OUTPUT/kernels/generic$(echo ${LOCALVERSION} | tr -d -).s BUILD=$BUILD ./kernel-generic.SlackBuild)
KERNEL_NAME=generic KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} CONFIG_SUFFIX=${CONFIG_SUFFIX} KERNEL_OUTPUT_DIRECTORY=$OUTPUT/kernels/generic$(echo ${LOCALVERSION} | tr -d -).s BUILD=$BUILD ./kernel-generic.SlackBuild
if [ -r ${TMP}/${KERNEL_GENERIC_PACKAGE_NAME} ]; then
mv ${TMP}/${KERNEL_GENERIC_PACKAGE_NAME} $OUTPUT
else
echo "kernel-generic build failed."
exit 1
fi
if [ "${INSTALL_PACKAGES}" = "YES" ]; then
installpkg ${OUTPUT}/${KERNEL_GENERIC_PACKAGE_NAME} || exit 1
fi
# Build kernel-modules (for the just built generic kernel, but most of them
# will also work with the huge kernel):
KERNEL_MODULES_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=$TMP/package-kernel-source/usr/src/linux/.config BUILD=$BUILD ./kernel-modules.SlackBuild)
KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=$TMP/package-kernel-source/usr/src/linux/.config BUILD=$BUILD ./kernel-modules.SlackBuild
if [ -r ${TMP}/${KERNEL_MODULES_PACKAGE_NAME} ]; then
mv ${TMP}/${KERNEL_MODULES_PACKAGE_NAME} $OUTPUT
else
echo "kernel-modules build failed."
exit 1
fi
if [ "${INSTALL_PACKAGES}" = "YES" ]; then
installpkg ${OUTPUT}/${KERNEL_MODULES_PACKAGE_NAME} || exit 1
fi
# Build kernel-headers:
KERNEL_HEADERS_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux BUILD=$BUILD ./kernel-headers.SlackBuild)
KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux BUILD=$BUILD ./kernel-headers.SlackBuild
if [ -r ${TMP}/${KERNEL_HEADERS_PACKAGE_NAME} ]; then
mv ${TMP}/${KERNEL_HEADERS_PACKAGE_NAME} $OUTPUT
else
echo "kernel-headers build failed."
exit 1
fi
if [ "${INSTALL_PACKAGES}" = "YES" ]; then
upgradepkg --reinstall --install-new ${OUTPUT}/${KERNEL_HEADERS_PACKAGE_NAME} || exit 1
fi
# Update initrd:
if [ "${INSTALL_PACKAGES}" = "YES" ]; then
INITRD_VERSION="$(grep "Kernel Configuration" $TMP/package-kernel-source/usr/src/linux/.config | cut -f 3 -d ' ')"
INITRD_LOCALVERSION="$(cat $TMP/package-kernel-source/usr/src/linux/.config 2> /dev/null | grep CONFIG_LOCALVERSION= | cut -f 2 -d = | tr -d \")"
if [ -r /etc/mkinitrd.conf ]; then
mkinitrd -F /etc/mkinitrd.conf -k ${INITRD_VERSION}${INITRD_LOCALVERSION}
else # try this?
sh /usr/share/mkinitrd/mkinitrd_command_generator.sh -k ${INITRD_VERSION}${INITRD_LOCALVERSION} | sed "s/-c -k/-k/g" | bash
fi
fi
echo
echo "${recipe} kernel packages done!"
echo
done

View file

@ -1,158 +0,0 @@
#!/bin/sh
# Copyright 2018, 2020 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# To use this script, point it to a Linux kernel source tree and a .config
# file by setting the appropriate environment variables:
#
# KERNEL_SOURCE=/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-generic-4.14.23 ./kernel-generic.SlackBuild
#
# It can also build the huge (or any other) kernel:
#
# KERNEL_NAME=huge KERNEL_SOURCE=/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-huge-4.14.23 ./kernel-generic.SlackBuild
#
# By default, it will call the package "kernel-generic" and use the source and
# .config already in /usr/src/linux (if possible).
cd $(dirname $0) ; CWD=$(pwd)
KERNEL_NAME=${KERNEL_NAME:-generic}
KERNEL_SOURCE=${KERNEL_SOURCE:-/usr/src/linux}
KERNEL_CONFIG=${KERNEL_CONFIG:-/usr/src/linux/.config}
CONFIG_SUFFIX=${CONFIG_SUFFIX:-}
BUILD=${BUILD:-1}
if [ ! -r "${KERNEL_CONFIG}" ]; then
echo "Error: the KERNEL_CONFIG environment variable needs to be set to the"
echo ".config file to be used to build this kernel. Example:"
echo "KERNEL_NAME=generic KERNEL_SOURCE=/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-generic-4.14.23 ./kernel-generic.SlackBuild"
exit 1
fi
if [ ! -d "${KERNEL_SOURCE}" ]; then
echo "Error: kernel source directory ${KERNEL_SOURCE} does not exist."
exit 1
fi
# Get the kernel version from the kernel Makefile:
VERSION=$(grep "^VERSION = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^PATCHLEVEL = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^SUBLEVEL = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev)$(grep "^EXTRAVERSION = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev)
# Set LOCALVERSION to the value found inside the .config:
LOCALVERSION="$(cat ${KERNEL_SOURCE}/.config 2> /dev/null | grep CONFIG_LOCALVERSION= | cut -f 2 -d = | tr -d \")"
# The default kernel arch is x86 for all 32-bit and 64-bit x86:
if [ -z "${KERNEL_ARCH}" ]; then
case "$(uname -m)" in
i?86) KERNEL_ARCH=x86 ;;
x86_64) KERNEL_ARCH=x86 ;;
# Use uname -m for all other archs:
*) KERNEL_ARCH=$(uname -m) ;;
esac
fi
# If this variable is set to an output directory, we will also put copies of
# System.map.gz, bzImage, and config in there:
KERNEL_OUTPUT_DIRECTORY=${KERNEL_OUTPUT_DIRECTORY:-}
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
# We will need to copy the config and run make oldconfig and make
# prepare in order to generate kernel/bounds.s, where we can find
# the true $PACKAGE_ARCH.
if [ ! "${KERNEL_CONFIG}" = "${KERNEL_SOURCE}/.config" ]; then
cp -a ${KERNEL_CONFIG} ${KERNEL_SOURCE}/.config
fi
cd ${KERNEL_SOURCE}
make oldconfig 1> /dev/null 2> /dev/null
make prepare 1> /dev/null 2> /dev/null
PACKAGE_ARCH=$(cat kernel/bounds.s | grep -w "\-march=.*" | tr " " "\n" | grep -w "\-march=.*" | cut -f 2 -d = | tr - _)
echo "kernel-${KERNEL_NAME}${LOCALVERSION}-$(echo ${VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-${PACKAGE_ARCH}-$BUILD.txz"
exit 0
fi
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-kernel-${KERNEL_NAME}
rm -rf $PKG
mkdir -p $TMP $PKG
# Set the variable $KERNEL_CLEAN to anything to run "make clean" before the
# build. Default is to start compiling in the tree as we found it.
if [ ! -z "${KERNEL_CLEAN}" ]; then
( cd ${KERNEL_SOURCE}
echo "Cleaning kernel source (make clean)..."
make clean
# Make sure header files aren't missing...
make prepare
# Don't package the kernel in the sources:
find . -name "*Image" -exec rm "{}" \+
# No need for these:
rm -f .config.old .version
find . -name "*.cmd" -exec rm -f "{}" \+
rm .*.d
)
fi
# Copy the .config into the kernel source directory (unless it's there already)
if [ ! "${KERNEL_CONFIG}" = "${KERNEL_SOURCE}/.config" ]; then
echo "Copying the .config file to the kernel source tree:"
cp -a --verbose ${KERNEL_CONFIG} ${KERNEL_SOURCE}/.config
fi
( cd ${KERNEL_SOURCE}
echo "Running make oldconfig..."
make oldconfig
echo "Building kernel..."
make $NUMJOBS bzImage || make bzImage || exit 1
# Output files to a directory, if requested:
if [ ! -z "${KERNEL_OUTPUT_DIRECTORY}" ]; then
echo "Copying files to ${KERNEL_OUTPUT_DIRECTORY}..."
mkdir -p ${KERNEL_OUTPUT_DIRECTORY}
rm -f ${KERNEL_OUTPUT_DIRECTORY}/*
cp -a --verbose System.map ${KERNEL_OUTPUT_DIRECTORY}
cp -a --verbose .config ${KERNEL_OUTPUT_DIRECTORY}/config
cp -a --verbose arch/${KERNEL_ARCH}/boot/bzImage ${KERNEL_OUTPUT_DIRECTORY}
gzip -9 ${KERNEL_OUTPUT_DIRECTORY}/System.map
fi
echo "Preparing the package in $PKG..."
mkdir -p $PKG/boot
cp -a --verbose System.map $PKG/boot/System.map-${KERNEL_NAME}${LOCALVERSION}-${VERSION}${LOCALVERSION}
cp -a --verbose .config $PKG/boot/config-${KERNEL_NAME}${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}
cp -a --verbose arch/${KERNEL_ARCH}/boot/bzImage $PKG/boot/vmlinuz-${KERNEL_NAME}${LOCALVERSION}-${VERSION}${LOCALVERSION}
# Make symlinks:
ln -sf System.map-${KERNEL_NAME}${LOCALVERSION}-${VERSION}${LOCALVERSION} $PKG/boot/System.map
ln -sf config-${KERNEL_NAME}${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} $PKG/boot/config
ln -sf vmlinuz-${KERNEL_NAME}${LOCALVERSION}-${VERSION}${LOCALVERSION} $PKG/boot/vmlinuz
ln -sf vmlinuz-${KERNEL_NAME}${LOCALVERSION}-${VERSION}${LOCALVERSION} $PKG/boot/vmlinuz-${KERNEL_NAME}${LOCALVERSION}
) || exit 1
# Fetch the kernel architecture from the source tree:
cd ${KERNEL_SOURCE}
PACKAGE_ARCH=$(cat kernel/bounds.s | grep -w "\-march=.*" | tr " " "\n" | grep -w "\-march=.*" | cut -f 2 -d = | tr - _)
mkdir $PKG/install
if [ -r $CWD/slack-desc/slack-desc.kernel-${KERNEL_NAME}${LOCALVERSION}.${PACKAGE_ARCH} ]; then
cat $CWD/slack-desc/slack-desc.kernel-${KERNEL_NAME}${LOCALVERSION}.${PACKAGE_ARCH} > $PKG/install/slack-desc
else
cat $CWD/slack-desc/slack-desc.kernel-template | sed "s/%PACKAGE_NAME%/kernel-${KERNEL_NAME}${LOCALVERSION}/g" > $PKG/install/slack-desc
fi
# Make the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/kernel-${KERNEL_NAME}${LOCALVERSION}-$(echo ${VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-${PACKAGE_ARCH}-$BUILD.txz

View file

@ -1,90 +0,0 @@
#!/bin/sh
# Copyright 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# To use this script, point it to a Linux kernel source tree, and it will make
# the kernel-headers package using the .config to get all needed package
# version information:
#
# KERNEL_SOURCE=/usr/src/linux ./kernel-headers.SlackBuild
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=${PKGNAM:-kernel-headers}
BUILD=${BUILD:-1}
KERNEL_SOURCE=${KERNEL_SOURCE:-/usr/src/linux}
if [ -z "${HEADERS_ARCH}" ]; then
case "$(uname -m)" in
i?86) HEADERS_ARCH=x86 ;;
x86_64) HEADERS_ARCH=x86 ;;
# Use uname -m for all other archs:
*) HEADERS_ARCH=$(uname -m) ;;
esac
fi
if [ ! -d "${KERNEL_SOURCE}" ]; then
echo "Error: kernel source directory ${KERNEL_SOURCE} does not exist."
exit 1
elif [ ! -r ${KERNEL_SOURCE}/.config ]; then
echo "Error: a .config was not found in ${KERNEL_SOURCE}."
exit 1
fi
# Get the kernel version from the kernel Makefile:
VERSION=$(grep "^VERSION = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^PATCHLEVEL = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^SUBLEVEL = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev)$(grep "^EXTRAVERSION = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev)
# Set LOCALVERSION to the value found inside the .config:
LOCALVERSION="$(cat ${KERNEL_SOURCE}/.config 2> /dev/null | grep CONFIG_LOCALVERSION= | cut -f 2 -d = | tr -d \")"
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "kernel-headers-$(echo ${VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-${HEADERS_ARCH}-$BUILD.txz"
exit 0
fi
rm -rf $PKG
mkdir -p $TMP $PKG
mkdir -p $PKG/usr
# Generate the kernel headers and clean them up:
( cd ${KERNEL_SOURCE}
echo "Generating headers from the Linux kernel source tree in ${KERNEL_SOURCE}:"
make headers_install ARCH=${HEADERS_ARCH} INSTALL_HDR_PATH=$PKG/usr
cd $PKG/usr/include
# You won't want these files. The ones in libdrm work better.
rm -rf drm
# This next part seems pretty much cosmetic, but since we've been doing this
# for a long time (and others also do), we'll stick with it:
mv asm asm-${HEADERS_ARCH}
ln -sf asm-${HEADERS_ARCH} asm
# Remove unneeded dotfiles:
find . -name ".??*" -exec rm -f {} \+
)
mkdir -p $PKG/install
cat $CWD/slack-desc/slack-desc.kernel-headers > $PKG/install/slack-desc
# Make the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/kernel-headers-$(echo ${VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-${HEADERS_ARCH}-$BUILD.txz

View file

@ -1,135 +0,0 @@
#!/bin/sh
# Copyright 2018, 2020 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# To use this script, point it to a Linux kernel source tree and a .config
# file by setting the appropriate environment variables:
#
# KERNEL_SOURCE=/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-generic-4.14.23 ./kernel-modules.SlackBuild
#
# By default, it will use the source and .config already in /usr/src/linux (if possible).
# KERNEL_NAME is optional, and we don't use it. Define it to "-name" if
# you'd like an extra string after "kernel" in the package name
# (i.e. "kernel-name-modules").
cd $(dirname $0) ; CWD=$(pwd)
KERNEL_NAME=${KERNEL_NAME:-}
KERNEL_SOURCE=${KERNEL_SOURCE:-/usr/src/linux}
KERNEL_CONFIG=${KERNEL_CONFIG:-/usr/src/linux/.config}
BUILD=${BUILD:-1}
if [ ! -r "${KERNEL_CONFIG}" ]; then
echo "Error: the KERNEL_CONFIG environment variable needs to be set to the"
echo ".config file to be used to build these modules. Example:"
echo "KERNEL_SOURCE=/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-generic-4.14.23 ./kernel-modules.SlackBuild"
exit 1
fi
if [ ! -d "${KERNEL_SOURCE}" ]; then
echo "Error: kernel source directory ${KERNEL_SOURCE} does not exist."
exit 1
fi
# Get the kernel version from the kernel Makefile:
VERSION=$(grep "^VERSION = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^PATCHLEVEL = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^SUBLEVEL = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev)$(grep "^EXTRAVERSION = " ${KERNEL_SOURCE}/Makefile | rev | cut -f 1 -d ' ' | rev)
# Set LOCALVERSION to the value found inside the .config:
LOCALVERSION="$(cat ${KERNEL_SOURCE}/.config 2> /dev/null | grep CONFIG_LOCALVERSION= | cut -f 2 -d = | tr -d \")"
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
# We will need to copy the config and run make oldconfig and make
# prepare in order to generate kernel/bounds.s, where we can find
# the true $PACKAGE_ARCH.
if [ ! "${KERNEL_CONFIG}" = "${KERNEL_SOURCE}/.config" ]; then
cp -a ${KERNEL_CONFIG} ${KERNEL_SOURCE}/.config
fi
cd ${KERNEL_SOURCE}
make oldconfig 1> /dev/null 2> /dev/null
make prepare 1> /dev/null 2> /dev/null
PACKAGE_ARCH=$(cat kernel/bounds.s | grep -w "\-march=.*" | tr " " "\n" | grep -w "\-march=.*" | cut -f 2 -d = | tr - _)
echo "kernel${KERNEL_NAME}-modules${LOCALVERSION}-$(echo ${VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-${PACKAGE_ARCH}-$BUILD.txz"
exit 0
fi
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-kernel${KERNEL_NAME}-modules
rm -rf $PKG
mkdir -p $TMP $PKG
# Set the variable $KERNEL_CLEAN to anything to run "make clean" before the
# build. Default is to start compiling in the tree as we found it.
if [ ! -z "${KERNEL_CLEAN}" ]; then
( cd ${KERNEL_SOURCE}
echo "Cleaning kernel source (make clean)..."
make clean
# Make sure header files aren't missing...
make prepare
# Don't package the kernel in the sources:
find . -name "*Image" -exec rm "{}" \+
# No need for these:
rm -f .config.old .version
find . -name "*.cmd" -exec rm -f "{}" \+
rm .*.d
)
fi
# Copy the .config into the kernel source directory (unless it's there already)
if [ ! "${KERNEL_CONFIG}" = "${KERNEL_SOURCE}/.config" ]; then
echo "Copying the .config file to the kernel source tree:"
cp -a --verbose ${KERNEL_CONFIG} ${KERNEL_SOURCE}/.config
fi
( cd ${KERNEL_SOURCE}
echo "Running make oldconfig..."
make oldconfig
echo "Running a preliminary make (needed to create modules.builtin.modinfo)..."
make $NUMJOBS || exit 1
echo "Building kernel modules..."
make $NUMJOBS modules || exit 1
echo "Installing kernel modules to $PKG..."
make INSTALL_MOD_PATH=$PKG modules_install || exit 1
# Fix build and source symlinks if they are pointing into /tmp:
( cd $PKG/lib/modules/${VERSION}${LOCALVERSION}
for symlink in build source ; do
target=$(readlink $symlink)
if echo $target | grep -q "^/tmp/package-kernel-source/" ; then
rm -f $symlink
ln -sf $(echo $target | sed "s|/tmp/package-kernel-source/|/|g") $symlink
fi
done
)
depmod -b $PKG -a ${VERSION}${LOCALVERSION}
) || exit 1
mkdir $PKG/install
cat $CWD/slack-desc/slack-desc.kernel-modules-template | sed "s/%PACKAGE_NAME%/kernel${KERNEL_NAME}-modules${LOCALVERSION}/g" > $PKG/install/slack-desc
# Fetch the kernel architecture from the source tree:
cd ${KERNEL_SOURCE}
PACKAGE_ARCH=$(cat kernel/bounds.s | grep -w "\-march=.*" | tr " " "\n" | grep -w "\-march=.*" | cut -f 2 -d = | tr - _)
# Make the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/kernel${KERNEL_NAME}-modules${LOCALVERSION}-$(echo ${VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-${PACKAGE_ARCH}-$BUILD.txz

View file

@ -1,176 +0,0 @@
#!/bin/sh
# Copyright 2018, 2020 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=${PKGNAM:-kernel-source}
BUILD=${BUILD:-1}
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
# If a $VERSION is not passed to this script, use the newest linux-*.tar.xz
# found in this directory:
VERSION=${VERSION:-$(/bin/ls -t linux-*.tar.?z | head -n 1 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
if ! /bin/ls linux-*.tar.?z 1> /dev/null 2> /dev/null ; then
echo "Error: kernel source not found. (/bin/ls linux-*.tar.?z)"
fi
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$(uname -m)" in
# Use uname -m for all archs:
*) ARCH=$(uname -m) ;;
esac
fi
# Kernel extraversion, such as "-smp" on 32-bit. There's usually no need to set
# this unless you're using something unusual. We use it to find which .config
# file to use, but we'll then use whatever CONFIG_LOCALVERSION is set to
# inside the .config.
LOCALVERSION=${LOCALVERSION:-""}
# If KERNEL_CONFIG (name of kernel .config file in ./kernel-configs to use)
# has not been passed to this script, then we will select one. We will prefer
# to use a generic, SMP-supporting .config with a version number exactly
# matching the kernel sources. But if there's no exact version match, we will
# start with the newest .config we can find that's of the appropriate type.
if [ -z "${KERNEL_CONFIG}" ]; then # figure out the best matching .config
if [ "$ARCH" = "x86_64" ]; then
CONFIG_SUFFIX=".x64"
fi
if [ -z "${LOCALVERSION}" ]; then
if echo $ARCH | grep -q -E "i?86$" ; then
# Default to SMP extraversion on 32-bit:
LOCALVERSION="-smp"
fi
fi
if [ -r "$CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}$LOCALVERSION${CONFIG_SUFFIX}" ]; then
# Exact match!
KERNEL_CONFIG="config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}"
else # no exact match, so find newest with the same name:
FIND_MATCH="$(/bin/ls -t $CWD/kernel-configs/config-generic${LOCALVERSION}-*${LOCALVERSION}${CONFIG_SUFFIX} 2> /dev/null | head -n 1)"
if [ -r "${FIND_MATCH}" ]; then
KERNEL_CONFIG="$(basename ${FIND_MATCH})"
unset FIND_MATCH
else
echo "Error: no matching .config file could be found for this kernel. Tried:"
echo " $CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} (not found)"
exit 1
fi
fi
else # We were given a name to use:
if [ ! -r "$CWD/kernel-configs/${KERNEL_CONFIG}" ]; then
echo "Error: specified kernel .config $CWD/kernel-configs/${KERNEL_CONFIG} was not found."
exit 1
fi
fi
# Set LOCALVERSION to the value found inside the .config:
LOCALVERSION="$(cat $CWD/kernel-configs/${KERNEL_CONFIG} | grep CONFIG_LOCALVERSION= | cut -f 2 -d = | tr -d \")"
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
# We will have to extract and patch the kernel sources to find out the kernel version:
TEMPDIR=$(mktemp -d)
cd $TEMPDIR
tar xf $CWD/linux-${VERSION}.tar.?z || exit 1
cd linux*
if [ -d $CWD/patches-${VERSION} ]; then
zcat $CWD/patches-${VERSION}/*.gz | patch -p1 --backup --suffix=.orig 1> /dev/null 2> /dev/null || exit 1
fi
PACKAGE_VERSION=$(grep "^VERSION = " Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^PATCHLEVEL = " Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^SUBLEVEL = " Makefile | rev | cut -f 1 -d ' ' | rev)$(grep "^EXTRAVERSION = " Makefile | rev | cut -f 1 -d ' ' | rev)
cd $CWD
rm -rf $TEMPDIR
echo "kernel-source-$(echo ${PACKAGE_VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-noarch-$BUILD.txz"
exit 0
fi
echo "Using kernel config: $CWD/kernel-configs/${KERNEL_CONFIG}"
rm -rf $PKG
mkdir -p $TMP $PKG
mkdir -p $PKG/usr/src
echo "Untarring $CWD/linux-${VERSION}.tar.?z in $PKG/usr/src..."
( cd $PKG/usr/src
tar xf $CWD/linux-${VERSION}.tar.?z || exit 1
echo "Making /usr/src/linux symlink..."
ln -sf linux-* linux
cd linux-*
if [ -d $CWD/patches-${VERSION} ]; then
echo "Applying kernel patches in $CWD/patches-${VERSION} and copying patches to $PKG/usr/src/linux-${VERSION}..."
zcat $CWD/patches-${VERSION}/*.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1
cp -a $CWD/patches-${VERSION}/*.gz .
fi
echo "Copying $CWD/kernel-configs/${KERNEL_CONFIG} to .config..."
cp -a $CWD/kernel-configs/${KERNEL_CONFIG} .config
echo "Fixing permissions/ownership..."
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
) || exit 1
# Kernel is now ready to configure. We will also build this kernel so that
# the installed kernel source package is fully configured, and building an
# out-of-tree module (such as the NVIDIA driver) won't require the user
# to build the kernel sources first.
( cd $PKG/usr/src/linux-${VERSION}
echo "Making oldconfig..."
make oldconfig
if [ ! -r $CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} ]; then
echo "Saving new .config as: $CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}"
cp -a .config $CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}
fi
echo "Building kernel and modules (needed before clean for building NVIDIA to work)..."
make ${NUMJOBS} || exit 1
make ${NUMJOBS} modules || exit 1
echo "Cleaning up..."
make clean
# Make sure header files aren't missing...
make prepare
# Don't package the kernel in the sources:
find . -name "*Image" -exec rm "{}" \+
# No need for these:
rm -f .config.old .version
find . -name "*.cmd" -exec rm -f "{}" \+
rm .*.d
# Still some dotfiles laying around... probably fine though
) || exit 1
cd $PKG/usr/src/linux-${VERSION}
# Use the version number found in the Makefile in the package name. This is not
# always the same as the version in the source tarball's filename. For example,
# linux-4.14.tar.xz will have 4.14.0 as the version in the Makefile:
PACKAGE_VERSION=$(grep "^VERSION = " Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^PATCHLEVEL = " Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^SUBLEVEL = " Makefile | rev | cut -f 1 -d ' ' | rev)$(grep "^EXTRAVERSION = " Makefile | rev | cut -f 1 -d ' ' | rev)
mkdir $PKG/install
cat $CWD/slack-desc/slack-desc.kernel-source > $PKG/install/slack-desc
# Make the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/kernel-source-$(echo ${PACKAGE_VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-noarch-$BUILD.txz

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-generic-smp: kernel-generic-smp (a general purpose SMP Linux kernel)
kernel-generic-smp:
kernel-generic-smp: This is a Linux kernel with built-in support for most disk
kernel-generic-smp: controllers. To use filesystems, or to load support for a SCSI or
kernel-generic-smp: other controller, then you'll need to load one or more kernel
kernel-generic-smp: modules using an initial ramdisk, or initrd. For more information
kernel-generic-smp: about creating an initrd, see the README.initrd file in the /boot
kernel-generic-smp: directory.
kernel-generic-smp:
kernel-generic-smp: SMP is "Symmetric multiprocessing", or multiple CPU/core support.
kernel-generic-smp:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-generic: kernel-generic (a general purpose single processor Linux kernel)
kernel-generic:
kernel-generic: A Linux kernel with built-in support for most disk controllers.
kernel-generic: For filesystem support, or if you need to load support for a SCSI or
kernel-generic: other controller, then you'll need to load one or more kernel modules
kernel-generic: using an initial ramdisk, or initrd. For more information about
kernel-generic: creating an initrd, see the README.initrd file in the /boot directory.
kernel-generic:
kernel-generic:
kernel-generic:
kernel-generic:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-generic: kernel-generic (a general purpose SMP Linux kernel)
kernel-generic:
kernel-generic: This is a Linux kernel with built-in support for most disk
kernel-generic: controllers. To use filesystems, or to load support for a SCSI or
kernel-generic: other controller, then you'll need to load one or more kernel
kernel-generic: modules using an initial ramdisk, or initrd. For more information
kernel-generic: about creating an initrd, see the README.initrd file in the /boot
kernel-generic: directory.
kernel-generic:
kernel-generic: SMP is "Symmetric multiprocessing", or multiple CPU/core support.
kernel-generic:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-headers: kernel-headers (Linux kernel include files)
kernel-headers:
kernel-headers: These are the include files from the Linux kernel.
kernel-headers:
kernel-headers: You'll need these to compile most system software for Linux.
kernel-headers:
kernel-headers:
kernel-headers:
kernel-headers:
kernel-headers:
kernel-headers:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-huge-smp: kernel-huge-smp (a fully-loaded SMP Linux kernel)
kernel-huge-smp:
kernel-huge-smp: This is a Linux kernel with built-in support for most disk
kernel-huge-smp: controllers. If you're looking for a more stripped down kernel
kernel-huge-smp: (this one contains everything but the kitchen sink ;-), then install
kernel-huge-smp: the kernel-generic-smp in the /boot directory along with an initrd to
kernel-huge-smp: load support for your boot device and filesystem. For instructions
kernel-huge-smp: on the initrd, see README.initrd in the /boot directory.
kernel-huge-smp:
kernel-huge-smp: SMP is "Symmetric multiprocessing", or multiple CPU/core support.
kernel-huge-smp:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-huge: kernel-huge (a fully-loaded single processor Linux kernel)
kernel-huge:
kernel-huge: This is a Linux kernel with built-in support for most disk controllers
kernel-huge: and filesystems. If you're looking for a more stripped down kernel
kernel-huge: (this one contains everything but the kitchen sink ;-), then install
kernel-huge: the kernel-generic from the /boot directory along with an initrd to
kernel-huge: load support for your boot device and filesystem. For instructions
kernel-huge: on the initrd, see README.initrd in the /boot directory.
kernel-huge:
kernel-huge:
kernel-huge:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-huge: kernel-huge (a fully-loaded SMP Linux kernel)
kernel-huge:
kernel-huge: This is a Linux kernel with built-in support for most disk
kernel-huge: controllers. If you're looking for a more stripped down kernel
kernel-huge: (this one contains everything but the kitchen sink ;-), then install
kernel-huge: the kernel-generic in the /boot directory along with an initrd to
kernel-huge: load support for your boot device and filesystem. For instructions
kernel-huge: on the initrd, see README.initrd in the /boot directory.
kernel-huge:
kernel-huge: SMP is "Symmetric multiprocessing", or multiple CPU/core support.
kernel-huge:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
%PACKAGE_NAME%: %PACKAGE_NAME% (Linux kernel modules)
%PACKAGE_NAME%:
%PACKAGE_NAME%: Kernel modules are pieces of code that can be loaded and unloaded into
%PACKAGE_NAME%: the kernel upon demand. They extend the functionality of the kernel
%PACKAGE_NAME%: without the need to reboot the system. These modules provide support
%PACKAGE_NAME%: for hardware such as USB devices, RAID controllers, network
%PACKAGE_NAME%: interfaces, and display devices, or add other additional capabilities
%PACKAGE_NAME%: to the kernel.
%PACKAGE_NAME%:
%PACKAGE_NAME%:
%PACKAGE_NAME%:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|' on
# the right side marks the last column you can put a character in. You must make
# exactly 11 lines for the formatting to be correct. It's also customary to
# leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-source: kernel-source (Linux kernel source)
kernel-source:
kernel-source: Source code for Linus Torvalds' Linux kernel.
kernel-source:
kernel-source: This is the complete and unmodified source code for the Linux kernel.
kernel-source:
kernel-source:
kernel-source:
kernel-source:
kernel-source:
kernel-source:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|' on
# the right side marks the last column you can put a character in. You must make
# exactly 11 lines for the formatting to be correct. It's also customary to
# leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
kernel-source: kernel-source (Linux kernel source)
kernel-source:
kernel-source: Source code for Linus Torvalds' Linux kernel.
kernel-source:
kernel-source: This is the complete and unmodified source code for the Linux kernel.
kernel-source:
kernel-source:
kernel-source:
kernel-source:
kernel-source:
kernel-source:

View file

@ -1,19 +0,0 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
%PACKAGE_NAME%: %PACKAGE_NAME% (a Linux kernel)
%PACKAGE_NAME%:
%PACKAGE_NAME%: This is a Linux kernel with built-in support for most disk
%PACKAGE_NAME%: controllers. To use filesystems, or to load support for a SCSI or
%PACKAGE_NAME%: other controller, then you'll need to load one or more kernel
%PACKAGE_NAME%: modules using an initial ramdisk, or initrd. For more information
%PACKAGE_NAME%: about creating an initrd, see the README.initrd file in the /boot
%PACKAGE_NAME%: directory.
%PACKAGE_NAME%:
%PACKAGE_NAME%:
%PACKAGE_NAME%: