mirror of
git://slackware.nl/current.git
synced 2024-12-27 09:59:16 +01:00
4967f0e2be
a/elilo-3.16-x86_64-18.txz: Rebuilt.
eliloconfig: if we don't find initrd-generic.img, try to fall back on
/boot/initrd.gz. Thanks to rworkman.
a/kernel-firmware-20241022_e1d9577-noarch-1.txz: Upgraded.
a/kernel-generic-6.11.5-x86_64-1.txz: Upgraded.
a/less-668-x86_64-1.txz: Upgraded.
a/openssl11-solibs-1.1.1zb-x86_64-1.txz: Upgraded.
a/sysvinit-3.11-x86_64-1.txz: Upgraded.
a/usbutils-018-x86_64-1.txz: Upgraded.
d/kernel-headers-6.11.5-x86-1.txz: Upgraded.
d/parallel-20241022-noarch-1.txz: Upgraded.
d/swig-4.3.0-x86_64-1.txz: Upgraded.
k/kernel-source-6.11.5-noarch-1.txz: Upgraded.
l/libvisio-0.1.8-x86_64-1.txz: Upgraded.
l/python-trove-classifiers-2024.10.21.16-x86_64-1.txz: Upgraded.
n/openssl11-1.1.1zb-x86_64-1.txz: Upgraded.
Apply patch to fix a security issue:
Harden BN_GF2m_poly2arr against misuse.
This CVE was fixed by the 1.1.1zb release that is only available to
subscribers to OpenSSL's premium extended support. The patch was prepared
by backporting from the OpenSSL-3.0 repo. The reported version number has
been updated so that vulnerability scanners calm down.
Thanks to Ken Zalewski for the patch!
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-9143
(* Security fix *)
xap/gucharmap-16.0.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-128.3.3esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/128.3.3esr/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
150 lines
5.5 KiB
Bash
Executable file
150 lines
5.5 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Copyright 2013, 2014, 2016, 2017, 2018, 2019, 2022, 2024 Patrick J. Volkerding, Sebeka, MN, USA
|
|
# All rights reserved.
|
|
#
|
|
# Redistribution and use of this script, with or without modification, is
|
|
# permitted provided that the following conditions are met:
|
|
#
|
|
# 1. Redistributions of this script must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED
|
|
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
|
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
|
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
|
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
|
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
cd $(dirname $0) ; CWD=$(pwd)
|
|
|
|
PKGNAM=elilo
|
|
VERSION=${VERSION:-$(echo $PKGNAM*.tar.?z* | rev | cut -f 2 -d - | rev)}
|
|
BUILD=${BUILD:-18}
|
|
|
|
if [ -z "$ARCH" ]; then
|
|
case "$( uname -m )" in
|
|
i?86) ARCH=i686 ;;
|
|
arm*) ARCH=arm ;;
|
|
*) ARCH=$( uname -m ) ;;
|
|
esac
|
|
fi
|
|
|
|
TMP=${TMP:-/tmp}
|
|
PKG=$TMP/package-$PKGNAM
|
|
|
|
if [ "$ARCH" = "i686" ]; then
|
|
SLKCFLAGS="-O2 -march=pentium4 -mtune=generic"
|
|
LIBDIRSUFFIX=""
|
|
elif [ "$ARCH" = "x86_64" ]; then
|
|
SLKCFLAGS="-O2 -march=x86-64 -mtune=generic -fPIC"
|
|
LIBDIRSUFFIX="64"
|
|
else
|
|
SLKCFLAGS="-O2"
|
|
LIBDIRSUFFIX=""
|
|
fi
|
|
|
|
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
|
|
# the name of the created package would be, and then exit. This information
|
|
# could be useful to other scripts.
|
|
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
|
|
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
|
|
exit 0
|
|
fi
|
|
|
|
rm -rf $PKG
|
|
mkdir -p $TMP $PKG $OUTPUT
|
|
cd $TMP
|
|
rm -rf elilo
|
|
mkdir elilo
|
|
cd elilo
|
|
tar xvf $CWD/${PKGNAM}-$VERSION-all.tar.?z* || exit 1
|
|
tar xvf elilo-${VERSION}-source.tar.gz || exit 1
|
|
|
|
# The tarball extracted below contains rebuilt versions of the x86_64 and
|
|
# ia32 elilo, which were extracted from $TMP/elilo/elilo-${VERSION}-source/
|
|
# after building under both architectures. This approach simplifies making
|
|
# changes to other parts of the package without needlessly complicating
|
|
# things, as the loaders themselves seldom need to be rebuilt. Besides,
|
|
# elilo can be rather fragile, so we don't want to rebuild it without a
|
|
# good reason and risk breaking it.
|
|
#
|
|
# These EFI binaries were built with Slackware 14.2. Newer compilers might
|
|
# cause bloat, or other issues.
|
|
tar xvf $CWD/elilo.loader.binaries.tar.xz || exit 1
|
|
|
|
chown -R root:root .
|
|
chmod -R u+w,go+r-w,a-s .
|
|
cd elilo-${VERSION}-source || cd elilo || exit
|
|
|
|
sed -i "s,/usr/lib,/usr/lib${LIBDIRSUFFIX},g" Make.defaults
|
|
sed -i "s,EFICRT0.*= /usr/lib${LIBDIRSUFFIX},EFICRT0 = /usr/lib${LIBDIRSUFFIX}/gnuefi,g" Make.defaults
|
|
sed -i "s,dpkg-architecture -qDEB_BUILD_ARCH,uname -m,g" Make.defaults
|
|
|
|
# Fix collision with StrnCpy() function in both elilo and gnu-efi:
|
|
grep -r -l StrnCpy * | xargs sed -i "s/StrnCpy/elilo_StrnCpy/g"
|
|
|
|
# Increase kernel size limit from 8MB to 16MB (nobody will ever need more than 640K ;-):
|
|
zcat $CWD/elilo.double.kernel.size.limit.diff.gz | patch -p1 --verbose || exit 1
|
|
|
|
# Disable the Confidential Computing blob which was leading to boot failures
|
|
# with the 5.19.0 kernel and the EFI stub enabled:
|
|
zcat $CWD/elilo.zeroes.cc_blob_address.diff.gz | patch -p1 --verbose || exit 1
|
|
|
|
# We will build the tools from source.
|
|
# However, we will package the pre-built EFI binaries, since we would
|
|
# like to include both 32-bit and 64-bit x86 EFI loaders in the
|
|
# finished package.
|
|
# To build everything, you'll need to *not* change into the tools directory,
|
|
# instead running "make" here in the top-level. Please note that due to
|
|
# memory exhaustion issues, to build the 32-bit loader you will need to
|
|
# use a 32-bit userspace with an x86_64 kernel.
|
|
cd tools
|
|
make || exit 1
|
|
cd ..
|
|
|
|
# Install the files in the package directory:
|
|
mkdir -p $PKG/usr/sbin
|
|
cp tools/eliloalt $PKG/usr/sbin
|
|
|
|
# Install eliloconfig, a simple setup script:
|
|
cp -a $CWD/eliloconfig $PKG/usr/sbin
|
|
chown root:root $PKG/usr/sbin/eliloconfig
|
|
chmod 755 $PKG/usr/sbin/eliloconfig
|
|
mkdir -p $PKG/var/log/setup
|
|
cp -a $CWD/setup.ll.eliloconfig $PKG/var/log/setup
|
|
chown root:root $PKG/var/log/setup/setup.ll.eliloconfig
|
|
chmod 755 $PKG/var/log/setup/setup.ll.eliloconfig
|
|
|
|
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
|
|
cp -a \
|
|
ChangeLog LIMITATIONS README README.gnu-efi TODO docs/* \
|
|
examples \
|
|
$PKG/usr/doc/$PKGNAM-$VERSION
|
|
|
|
# Since it might not be safe to strip the EFI binaries, do this now:
|
|
( cd $PKG
|
|
find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
|
find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
|
|
)
|
|
|
|
cd ..
|
|
|
|
# Install EFI bootloaders in /boot:
|
|
mkdir $PKG/boot
|
|
# The ia32 version is pretty much useless, since 32-bit UEFI is nowhere to be
|
|
# found. Maybe it would help old 32-bit Intel Macs though?
|
|
cp -a elilo*ia32.efi $PKG/boot/elilo-ia32.efi
|
|
# Itanium binary isn't needed here.
|
|
#cp -a elilo*ia64.efi $PKG/boot/elilo-ia64.efi
|
|
cp -a elilo*x86_64.efi $PKG/boot/elilo-x86_64.efi
|
|
|
|
mkdir -p $PKG/install
|
|
cat $CWD/slack-desc > $PKG/install/slack-desc
|
|
|
|
cd $PKG
|
|
/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
|