1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-01-14 08:01:11 +01:00
slackware-current/source/n/php/php.SlackBuild
Patrick J Volkerding ad0df123cf Tue Oct 22 18:48:37 UTC 2019
a/btrfs-progs-5.3-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20191022_2b016af-noarch-1.txz:  Upgraded.
d/parallel-20191022-noarch-1.txz:  Upgraded.
l/glib2-2.62.2-x86_64-1.txz:  Upgraded.
l/python-pillow-6.2.1-x86_64-1.txz:  Upgraded.
n/php-7.3.11-x86_64-1.txz:  Upgraded.
  This update fixes bugs and a security issue:
  FPM: env_path_info underflow in fpm_main.c can lead to RCE.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043
  (* Security fix *)
x/xkeyboard-config-2.28-noarch-1.txz:  Upgraded.
xap/mozilla-firefox-68.2.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.2.0/releasenotes/
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11758
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
  (* Security fix *)
2019-10-23 08:59:48 +02:00

325 lines
9.5 KiB
Bash
Executable file

#!/bin/bash
# Build and package mod_php on Slackware.
# by: David Cantrell <david@slackware.com>
# Modified for PHP 4-5 by volkerdi@slackware.com
# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017 Patrick Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=php
VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
ALPINE=2.21
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) export ARCH=i586 ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$( uname -m ) ;;
esac
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-php/
rm -rf $PKG
mkdir -p $TMP $PKG
if [ "$ARCH" = "i386" ]; then
SLKCFLAGS="-O2 -march=i386 -mcpu=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i486" ]; then
SLKCFLAGS="-O2 -march=i486 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
# we need to compile alpine to get c-client.a for IMAP support:
IMAPLIBDIR=/usr/local/lib${LIBDIRSUFFIX}/c-client
if [ -r $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a ]; then
echo "Using IMAP library:"
ls -l $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a
sleep 5
else
( cd $CWD/../alpine ; VERSION=${ALPINE} ; ./alpine.SlackBuild || exit 1 ) || exit 1
( cd $TMP/alpine-${ALPINE}/imap/c-client
strip -g c-client.a
mkdir -p $IMAPLIBDIR/lib${LIBDIRSUFFIX}
cp c-client.a $IMAPLIBDIR/lib${LIBDIRSUFFIX}
mkdir -p $IMAPLIBDIR/include
cp *.h $IMAPLIBDIR/include
)
fi
mkdir -p $PKG/etc/httpd
mkdir -p $PKG/etc/php.d
# A trick from DaMouse to enable building php into $PKG.
# We'll remove this later on.
cat /etc/httpd/original/httpd.conf > $PKG/etc/httpd/httpd.conf
if [ ! -e /etc/httpd/original/httpd.conf ]; then
echo "FATAL: no /etc/httpd/original/httpd.conf found."
exit 1
fi
cd $TMP
rm -rf php-$VERSION
tar xvf $CWD/php-$VERSION.tar.xz || exit 1
cd php-$VERSION || exit 1
# cleanup:
find . -name "*.orig" -delete
# Add missing(?) PEAR modules back:
if [ -d php-$VERSION/pear/packages ]; then
( cd php-$VERSION/pear/packages
cp -a $CWD/pear/*.bz2 . 2> /dev/null
bzip2 -d *.bz2 2> /dev/null
)
fi
if [ "$ARCH" = "s390" ]; then
zcat $CWD/php.configure.s390.diff.gz | patch -p1 || exit
fi
# Fixup perms/owners:
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
find . -name "*.h" -exec chmod 644 {} \+
# Sometimes they ship a few of these:
find . -name "*.orig" -exec rm {} \+
# Patch ini files:
zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose php.ini-production || exit 1
zcat $CWD/php-fpm.conf.diff.gz | patch -p1 --verbose || exit 1
# Install the build folder into /usr/lib$LIBDIRSUFFIX/php/build
# and adapt phpize accordingly:
sed -i "s|build$|php/build|" scripts/Makefile.frag
sed -i "s|build\"$|php/build\"|" scripts/phpize.in
# NOTE: Added -DU_USING_ICU_NAMESPACE=1 to CXXFLAGS, which should be a temporary
# requirement. See the link below:
# http://site.icu-project.org/download/61#TOC-Migration-Issues
# Generic "kitchen sink" configure function, with as many things as possible (and
# maybe then some ;-) compiled as shared extensions:
EXTENSION_DIR=/usr/lib${LIBDIRSUFFIX}/php/extensions \
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS -DU_USING_ICU_NAMESPACE=1" \
./configure \
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
--with-libdir=lib${LIBDIRSUFFIX} \
--localstatedir=/var \
--sysconfdir=/etc \
--datarootdir=/usr/share \
--datadir=/usr/share \
--infodir=/usr/info \
--mandir=/usr/man \
--with-apxs2=/usr/bin/apxs \
--enable-fpm \
--with-fpm-user=apache \
--with-fpm-group=apache \
--enable-maintainer-zts \
--enable-pcntl \
--enable-mbregex \
--enable-tokenizer=shared \
--with-config-file-scan-dir=/etc/php.d \
--with-config-file-path=/etc \
--with-layout=PHP \
--disable-sigchild \
--enable-xml \
--with-libxml-dir=/usr \
--with-xmlrpc=shared \
--enable-simplexml \
--enable-xmlreader=shared \
--enable-dom=shared \
--enable-filter \
--disable-debug \
--with-openssl=shared \
--with-pcre-regex=/usr \
--with-zlib=shared,/usr \
--enable-bcmath=shared \
--with-bz2=shared,/usr \
--enable-calendar=shared \
--enable-ctype=shared \
--with-curl=shared \
--enable-dba=shared \
--with-gdbm=/usr \
--with-db4=/usr \
--enable-exif=shared \
--enable-ftp=shared \
--with-gd=shared \
--with-jpeg-dir=/usr \
--with-png-dir=/usr \
--with-zlib-dir=/usr \
--with-xpm-dir=/usr \
--with-freetype-dir=/usr \
--with-gettext=shared,/usr \
--with-gmp=shared,/usr \
--with-iconv=shared \
--with-imap-ssl=/usr \
--with-imap=$IMAPLIBDIR \
--with-ldap=shared \
--enable-mbstring=shared \
--enable-hash \
--enable-mysqlnd=shared \
--with-mysqli=shared,mysqlnd \
--with-mysql-sock=/var/run/mysql/mysql.sock \
--with-iodbc=shared,/usr \
--enable-pdo=shared \
--with-pdo-mysql=shared,mysqlnd \
--with-pdo-sqlite=shared,/usr \
--with-pdo-odbc=shared,iODBC,/usr \
--with-pspell=shared,/usr \
--with-enchant=shared,/usr \
--enable-shmop=shared \
--with-snmp=shared,/usr \
--enable-soap=shared \
--enable-sockets \
--with-sqlite3=shared \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-wddx=shared \
--with-xsl=shared,/usr \
--enable-zip=shared \
--with-tsrm-pthreads \
--enable-intl=shared \
--enable-opcache \
--enable-shared=yes \
--enable-static=no \
--with-gnu-ld \
--with-pic \
--enable-phpdbg \
--with-sodium \
--with-password-argon2 \
--without-readline \
--with-libedit \
--build=$ARCH-slackware-linux || exit 1
# I am told this option is worse than nothing. :-)
# --enable-safe-mode
#
# I would recommend *against* and will take no responbility for turning on
# "safe" mode.
make $NUMJOBS || make || exit 1
make install INSTALL_ROOT=$PKG || exit 1
mkdir -p $PKG/etc/{rc.d,php-fpm.d}
cp sapi/fpm/init.d.php-fpm $PKG/etc/rc.d/rc.php-fpm.new
chmod 644 $PKG/etc/rc.d/rc.php-fpm.new
# PHP (used to) install Pear with some strange permissions.
chmod 755 $PKG/usr/bin/pear
# PHP sometimes puts junk in the root directory:
( cd $PKG
rm -rf .channels .depdb .depdblock .filemap .lock .registry
)
# We do not package static extension libraries:
rm -f $PKG/usr/lib${LIBDIRSUFFIX}/php/extensions/*.a
# Fix $PKG/usr/lib/php perms:
( cd $PKG/usr/lib${LIBDIRSUFFIX}/php
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
)
mkdir -p $PKG/usr/doc/php-$VERSION
cp -a \
CODING_STANDARDS CREDITS EXTENSIONS INSTALL LICENSE NEWS README* TODO* UPGRADING* \
sapi/cgi/README.FastCGI \
$PKG/usr/doc/php-$VERSION
chown -R root:root $PKG/usr/doc/php-$VERSION
chmod 644 $PKG/usr/doc/php-$VERSION/UPGRADING*
mkdir -p $PKG/etc/httpd
cat $CWD/mod_php.conf.example | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" \
> $PKG/etc/httpd/mod_php.conf.new
chmod 644 $PKG/etc/httpd/*
chown root:root $PKG/etc/httpd/*
cp -a php.ini-development php.ini-production $PKG/etc
chmod 755 $PKG/etc/php.d $PKG/etc/php-fpm.d $PKG/etc/httpd
chown root:root $PKG/etc/*
# This can go now.
rm -f $PKG/etc/httpd/httpd*
# Session directory for PHP:
mkdir -p $PKG/var/lib/php
chmod 770 $PKG/var/lib/php
chown root:apache $PKG/var/lib/php
# Strip ELF objects.
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
gzip -9 $PKG/usr/man/man?/*.?
mkdir -p $PKG/install
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
cat $CWD/slack-desc > $PKG/install/slack-desc
#if [ -d "$IMAPLIBDIR" ]; then
# ( cd $IMAPLIBDIR && rm -rf * )
# rmdir $IMAPLIBDIR
#fi
cd $PKG
/sbin/makepkg -l y -c n $TMP/php-$VERSION-$ARCH-$BUILD.txz