slackware-current/patches/source/util-linux/util-linux.SlackBuild
Patrick J Volkerding c9881ad979 Tue Feb 15 20:00:48 UTC 2022
patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz:  Rebuilt.
  If root's mailbox did not already exist, it would be created with insecure
  permissions leading to possible local information disclosure. This update
  ensures that a new mailbox will be created with proper permissions and
  ownership, and corrects the permissions on an existing mailbox if they are
  found to be incorrect. Thanks to Martin for the bug report.
  (* Security fix *)
patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz:  Upgraded.
  This release fixes a security issue in chsh(1) and chfn(8):
  By default, these utilities had been linked with libreadline, which allows
  the INPUTRC environment variable to be abused to produce an error message
  containing data from an arbitrary file. So, don't link these utilities with
  libreadline as it does not use secure_getenv() (or a similar concept), or
  sanitize the config file path to avoid vulnerabilities that could occur in
  set-user-ID or set-group-ID programs.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563
  (* Security fix *)
2022-02-16 13:29:58 +01:00

382 lines
12 KiB
Bash
Executable file

#!/bin/bash
# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2018, 2020, 2021, 2022 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Slackware build script for util-linux
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=util-linux
VERSION=${VERSION:-$(echo util-linux*.tar.xz | cut -d - -f 3 | rev | cut -f 3- -d . | rev)}
BUILD=${BUILD:-1_slack15.0}
ADJTIMEXVERS=1.29
SETSERIALVERS=2.17
ZIPTOOLVERS=1.4.0
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) export ARCH=i586 ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$( uname -m ) ;;
esac
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
TMP=${TMP:-/tmp}
PKG=$TMP/package-util-linux
rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP || exit 1
rm -rf util-linux-$VERSION
tar xvf $CWD/util-linux-$VERSION.tar.xz || exit 1
cd util-linux-$VERSION || exit 1
chown -R root.root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
# Choose correct options depending on whether PAM is installed:
if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then
LOGIN_OPTIONS=""
# By default, don't use the util-linux version of /bin/su:
SHIP_SU=${SHIP_SU:-NO}
# Add /etc/pam.d config files:
rm -rf $PKG/etc/pam.d
mkdir -p $PKG/etc/pam.d
for file in $CWD/pam.d/* ; do
cp -a ${file} $PKG/etc/pam.d/
done
if [ "$SHIP_SU" = "YES" ]; then
# Add su default file to ensure using ENV_SUPATH with 'su':
mkdir -p $PKG/etc/default
cp -a $CWD/su.default $PKG/etc/default/su.new
chown root:root $PKG/etc/default/su.new
chmod 644 $PKG/etc/default/su.new
# Add su /etc/pam.d files:
cp -a $CWD/pam.d-su/* $PKG/etc/pam.d/
fi
# Ensure correct perms/ownership on files in /etc/pam.d/:
chown root:root $PKG/etc/pam.d/*
chmod 644 $PKG/etc/pam.d/*
# Don't clobber existing config files:
find $PKG/etc/pam.d -type f -exec mv {} {}.new \;
else
# Don't use the util-linux version of /bin/su.
# It can't be built without PAM anyway.
SHIP_SU=NO
LOGIN_OPTIONS="--disable-login"
fi
# Changing the fdisk -l output (this was done prior to util-linux-ng) broke
# our installation scripts, so we have changed the name of partition type
# 83 back to "Linux swap":
zcat $CWD/util-linux.fdisk-no-solaris.diff.gz | patch -p1 --verbose || exit 1
# Revert to the behavior of earlier versions of fdisk which did not list the
# /dev/ram* devices in 'fdisk -l' output:
zcat $CWD/util-linux.do.not.list.ram.devices.diff.gz | patch -p1 --verbose || exit 1
# This just call the configure script with $1 either being 2 for python2
# or 3 for python3.
#
# The releasenotes say to use --runstatedir, but it doesn't work and the
# configure script fails. So we'll leave things using localstatedir, but
# check again later:
#
# --runstatedir=/run
configure_with_python(){
./configure \
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
--sysconfdir=/etc \
--localstatedir=/var \
--mandir=/usr/man \
--infodir=/usr/info \
--docdir=/usr/doc/util-linux-$VERSION \
--disable-static \
--enable-agetty \
--enable-fdformat \
--enable-kill \
--disable-last \
--enable-libmount-support-mtab \
--enable-line \
--enable-mesg \
--enable-partx \
--enable-pg \
--disable-raw \
--enable-rename \
$LOGIN_OPTIONS \
--enable-schedutils \
--enable-wall \
--enable-write \
--enable-use-tty-group \
--enable-libblkid \
--enable-libmount \
--enable-libuuid \
--disable-uuidd \
--with-python=$1 \
--build=$ARCH-slackware-linux
}
CFLAGS="$SLKCFLAGS" \
configure_with_python 2 || exit 1
make $NUMJOBS || make || exit 1
make install $NUMJOBS DESTDIR=$PKG || exit 1
# These need to be setuid root to work properly (only built for PAM):
if [ -r $PKG/usr/bin/chfn ]; then
chmod 4711 $PKG/usr/bin/chfn
fi
if [ -r $PKG/usr/bin/chsh ]; then
chmod 4711 $PKG/usr/bin/chsh
fi
# Build python3 bindings for libmount:
make clean
CFLAGS="$SLKCFLAGS" \
configure_with_python 3 || exit 1
make $NUMJOBS \
install-pylibmountexecLTLIBRARIES \
install-pylibmountexecPYTHON \
DESTDIR=$PKG || exit 1
# Remove all overlap with the shadow package, since --disable-login doesn't quite do that:
rm $PKG/sbin/nologin $PKG/usr/man/man8/nologin.8 $PKG/sbin/sulogin $PKG/usr/man/man8/sulogin.8
# If we aren't shipping su, remove the files:
if [ "$SHIP_SU" = "NO" ]; then
rm -f $PKG/bin/su
rm -f $PKG/usr/man/man1/su.1
rm -f $PKG/usr/share/bash-completion/completions/runuser
rm -f $PKG/usr/share/bash-completion/completions/su
fi
# Move the libblkid, libfdisk, libmount, libsmartcols, and
# libuuid libraries to /lib${LIBSUFFIX}:
mkdir -p $PKG/lib${LIBDIRSUFFIX}
( cd $PKG/usr/lib${LIBDIRSUFFIX}
mv libblkid.so.1* $PKG/lib${LIBDIRSUFFIX}
mv libfdisk.so.1* $PKG/lib${LIBDIRSUFFIX}
mv libmount.so.1* $PKG/lib${LIBDIRSUFFIX}
mv libsmartcols.so.1* $PKG/lib${LIBDIRSUFFIX}
mv libuuid.so.1* $PKG/lib${LIBDIRSUFFIX}
rm -f libblkid.so libfdisk.so libmount.so libsmartcols.so libuuid.so
ln -sf ../../lib${LIBDIRSUFFIX}/libblkid.so.1 libblkid.so
ln -sf ../../lib${LIBDIRSUFFIX}/libfdisk.so.1 libfdisk.so
ln -sf ../../lib${LIBDIRSUFFIX}/libmount.so.1 libmount.so
ln -sf ../../lib${LIBDIRSUFFIX}/libsmartcols.so.1 libsmartcols.so
ln -sf ../../lib${LIBDIRSUFFIX}/libuuid.so.1 libuuid.so
)
# Moving things around that have been in the same place
# for 15 years is, IMHO, not a wise idea AT ALL.
# If this had to be moved, some place out of /usr might
# have shown a grain of insight...
if [ -r $PKG/usr/sbin/fdformat ]; then
mkdir -p $PKG/usr/bin
mv $PKG/usr/sbin/fdformat $PKG/usr/bin/fdformat
# Now since stuff will start looking in this new place,
# we have no choice but to link these:
( cd $PKG/usr/sbin
ln -sf ../bin/fdformat .
)
fi
# Add the rc.setterm init script to set default terminal attributes:
mkdir -p $PKG/etc/rc.d
cp -a $CWD/rc.setterm $PKG/etc/rc.d/rc.setterm.new
chown root:root $PKG/etc/rc.d/rc.setterm.new
chmod 755 $PKG/etc/rc.d/rc.setterm.new
# ddate.{1,c} taken from https://github.com/bo0ts/ddate:
cp -a $CWD/ddate.? .
cc -O -o ddate ddate.c
cp -a ddate $PKG/usr/bin
cat ddate.1 > $PKG/usr/man/man1/ddate.1
chown root:root $PKG/usr/bin/ddate
# Build ziptool (install as jaztool to avoid conflict with libzip):
cd $TMP || exit 1
rm -rf ziptool-$ZIPTOOLVERS
tar xvf $CWD/ziptool-$ZIPTOOLVERS.tar.xz || exit 1
cd ziptool-$ZIPTOOLVERS || exit 1
zcat $CWD/ziptool-fix_build.patch.gz | patch -p1 || exit 1
mkdir scsi
cat $CWD/scsi_ioctl.h > scsi/scsi_ioctl.h
chown -R root:root .
make || exit 1
strip ziptool
cat ziptool > $PKG/sbin/jaztool
chmod 0755 $PKG/sbin/jaztool
mkdir -p $PKG/usr/doc/ziptool-$ZIPTOOLVERS
cp -a README $PKG/usr/doc/ziptool-$ZIPTOOLVERS
chmod 644 $PKG/usr/doc/ziptool-$ZIPTOOLVERS/*
cat ziptool.1.gz > $PKG/usr/man/man1/jaztool.1.gz
# Build bsdstrings
cd $TMP || exit 1
rm -rf bsdstrings
tar xvf $CWD/bsdstrings.tar.gz || exit 1
cd bsdstrings || exit 1
zcat $CWD/bsdstrings-util-linux_overflow.diff.gz | patch -p1 --verbose || exit 1
make || exit 1
strip strings
cat strings > $PKG/usr/bin/strings-BSD
chmod 0755 $PKG/usr/bin/strings-BSD
cat strings.1 | gzip -9c > $PKG/usr/man/man1/strings-BSD.1.gz
# Build adjtimex
cd $TMP || exit 1
rm -rf adjtimex-$ADJTIMEXVERS
tar xvf $CWD/adjtimex_${ADJTIMEXVERS}.orig.tar.gz || exit 1
cd adjtimex-$ADJTIMEXVERS || exit 1
chown -R root:root .
zcat $CWD/adjtimex_1.29-2.2.diff.gz | patch -p1 || exit 1
CFLAGS=-O2 ./configure --prefix=/usr || exit 1
make || exit 1
strip adjtimex
cat adjtimex > $PKG/sbin/adjtimex
chmod 0755 $PKG/sbin/adjtimex
cat adjtimex.8 | gzip -9c > $PKG/usr/man/man8/adjtimex.8.gz
mkdir -p $PKG/usr/doc/adjtimex-$ADJTIMEXVERS
cp -a COPYING COPYRIGHT README README.ru adjtimex.lsm \
$PKG/usr/doc/adjtimex-$ADJTIMEXVERS
# Build setserial
cd $TMP || exit 1
rm -rf setserial-$SETSERIALVERS
tar xvf $CWD/setserial-$SETSERIALVERS.tar.gz || exit 1
cd setserial-$SETSERIALVERS || exit 1
chown -R root:root .
zcat $CWD/setserial-rc.serial.diff.gz | patch -E -p1 --verbose || exit 1
zcat $CWD/setserial-undef_TIOCGHAYESESP.diff.gz | patch -E -p1 --verbose || exit 1
# The original config.{guess,sub} do not work on x86_64
cp -p /usr/share/libtool/config/config.{guess,sub} .
./configure --prefix=/usr || exit 1
make || exit 1
strip setserial
cat setserial > $PKG/sbin/setserial
chmod 0755 $PKG/sbin/setserial
mkdir -p $PKG/etc/rc.d
cat rc.serial > $PKG/etc/rc.d/rc.serial.new
cat serial.conf > $PKG/etc/serial.conf.new
cat setserial.8 | gzip -9c > $PKG/usr/man/man8/setserial.8.gz
# These have always traditionally been available before /usr
# might be mounted:
( cd $PKG/usr/bin
mv getopt setterm $PKG/bin
cd $PKG/usr/bin
ln -s ../../bin/getopt .
ln -s ../../bin/setterm .
)
cd $TMP/util-linux-$VERSION # Go back home :)
# Now let's add some important symlinks :)
( cd $PKG/sbin
ln -s ../bin/mount .
ln -s ../bin/umount .
#ln -s ziptool jaztool
ln -s hwclock clock
cd $PKG/usr/sbin
ln -s ../../sbin/cfdisk .
ln -s ../../sbin/ctrlaltdel .
ln -s ../../sbin/sfdisk .
cd $PKG/usr/bin
ln -s ../sbin/readprofile .
# tunelp was removed by upstream:
#ln -s ../sbin/tunelp .
ln -s ../../bin/more .
cd $PKG/usr/man/man1
#ln -s ziptool.1 jaztool.1
cd $PKG/usr/man/man8
ln -s hwclock.8 clock.8
)
find $PKG | xargs file | grep -e "executable" -e "shared object" \
| grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
# Don't ship .la files:
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
# Compress and if needed symlink the man pages:
if [ -d $PKG/usr/man ]; then
( cd $PKG/usr/man
for manpagedir in $(find . -type d -name "man*") ; do
( cd $manpagedir
for eachpage in $( find . -type l -maxdepth 1) ; do
ln -s $( readlink $eachpage ).gz $eachpage.gz
rm $eachpage
done
gzip -9 *.?
)
done
)
fi
# Compress info page and remove dir file
rm $PKG/usr/info/dir
gzip -9 $PKG/usr/info/*
mkdir -p $PKG/usr/doc/util-linux-$VERSION
cp -a AUTHORS COPYING* DEPRECATED NEWS README* \
Documentation/releases/v${VERSION}-ReleaseNotes \
Documentation/licenses/* Documentation/{TODO,*.txt} \
$PKG/usr/doc/util-linux-$VERSION
mkdir $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
cd $PKG
/sbin/makepkg -l y -c n $TMP/util-linux-$VERSION-$ARCH-$BUILD.txz