* [PATCH 1/2] Add new package libseccomp
@ 2019-04-13 14:55 Jonatan Schlag
2019-04-13 14:55 ` [PATCH 2/2] Enable seccomp support for qemu Jonatan Schlag
2019-04-13 15:35 ` [PATCH 1/2] Add new package libseccomp Michael Tremer
0 siblings, 2 replies; 4+ messages in thread
From: Jonatan Schlag @ 2019-04-13 14:55 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 5839 bytes --]
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
config/rootfiles/packages/libseccomp | 34 ++++++++++++++
lfs/libseccomp | 87 ++++++++++++++++++++++++++++++++++++
make.sh | 1 +
3 files changed, 122 insertions(+)
create mode 100644 config/rootfiles/packages/libseccomp
create mode 100644 lfs/libseccomp
diff --git a/config/rootfiles/packages/libseccomp b/config/rootfiles/packages/libseccomp
new file mode 100644
index 0000000..3e68549
--- /dev/null
+++ b/config/rootfiles/packages/libseccomp
@@ -0,0 +1,34 @@
+usr/bin/scmp_sys_resolver
+#usr/include/seccomp.h
+#usr/lib/libseccomp.la
+usr/lib/libseccomp.so
+usr/lib/libseccomp.so.2
+usr/lib/libseccomp.so.2.4.0
+#usr/lib/pkgconfig/libseccomp.pc
+#usr/share/man/man1/scmp_sys_resolver.1
+#usr/share/man/man3/seccomp_api_get.3
+#usr/share/man/man3/seccomp_api_set.3
+#usr/share/man/man3/seccomp_arch_add.3
+#usr/share/man/man3/seccomp_arch_exist.3
+#usr/share/man/man3/seccomp_arch_native.3
+#usr/share/man/man3/seccomp_arch_remove.3
+#usr/share/man/man3/seccomp_arch_resolve_name.3
+#usr/share/man/man3/seccomp_attr_get.3
+#usr/share/man/man3/seccomp_attr_set.3
+#usr/share/man/man3/seccomp_export_bpf.3
+#usr/share/man/man3/seccomp_export_pfc.3
+#usr/share/man/man3/seccomp_init.3
+#usr/share/man/man3/seccomp_load.3
+#usr/share/man/man3/seccomp_merge.3
+#usr/share/man/man3/seccomp_release.3
+#usr/share/man/man3/seccomp_reset.3
+#usr/share/man/man3/seccomp_rule_add.3
+#usr/share/man/man3/seccomp_rule_add_array.3
+#usr/share/man/man3/seccomp_rule_add_exact.3
+#usr/share/man/man3/seccomp_rule_add_exact_array.3
+#usr/share/man/man3/seccomp_syscall_priority.3
+#usr/share/man/man3/seccomp_syscall_resolve_name.3
+#usr/share/man/man3/seccomp_syscall_resolve_name_arch.3
+#usr/share/man/man3/seccomp_syscall_resolve_name_rewrite.3
+#usr/share/man/man3/seccomp_syscall_resolve_num_arch.3
+#usr/share/man/man3/seccomp_version.3
diff --git a/lfs/libseccomp b/lfs/libseccomp
new file mode 100644
index 0000000..d577793
--- /dev/null
+++ b/lfs/libseccomp
@@ -0,0 +1,87 @@
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 2.4.0
+
+THISAPP = libseccomp-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = libseccomp
+PAK_VER = 1
+
+DEPS = ""
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 91625d78af26c646b03be3de58e71988
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar vxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --disable-static
+
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
diff --git a/make.sh b/make.sh
index de973c6..fd85b03 100755
--- a/make.sh
+++ b/make.sh
@@ -1410,6 +1410,7 @@ buildipfire() {
lfsmake2 spice
lfsmake2 sdl
lfsmake2 libusbredir
+ lfsmake2 libseccomp
lfsmake2 qemu
lfsmake2 sane
lfsmake2 netpbm
--
1.8.3.1
^ permalink raw reply [flat|nested] 4+ messages in thread* [PATCH 2/2] Enable seccomp support for qemu
2019-04-13 14:55 [PATCH 1/2] Add new package libseccomp Jonatan Schlag
@ 2019-04-13 14:55 ` Jonatan Schlag
2019-04-13 15:35 ` [PATCH 1/2] Add new package libseccomp Michael Tremer
1 sibling, 0 replies; 4+ messages in thread
From: Jonatan Schlag @ 2019-04-13 14:55 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1180 bytes --]
Fixes: #11941
Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
lfs/qemu | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/qemu b/lfs/qemu
index 015837a..d18b49c 100644
--- a/lfs/qemu
+++ b/lfs/qemu
@@ -33,9 +33,9 @@ DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
SUP_ARCH = i586 x86_64
PROG = qemu
-PAK_VER = 23
+PAK_VER = 24
-DEPS = "libusbredir sdl spice"
+DEPS = "libusbredir sdl spice libseccomp"
###############################################################################
# Top-level Rules
@@ -82,7 +82,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \
--localstatedir=/var --enable-kvm --disable-bluez --disable-attr \
--target-list="i386-linux-user x86_64-linux-user arm-linux-user i386-softmmu x86_64-softmmu arm-softmmu" \
- --extra-cflags="$(CFLAGS)" --enable-spice --enable-usb-redir
+ --extra-cflags="$(CFLAGS)" --enable-spice --enable-usb-redir --enable-seccomp
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
--
1.8.3.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] Add new package libseccomp
2019-04-13 14:55 [PATCH 1/2] Add new package libseccomp Jonatan Schlag
2019-04-13 14:55 ` [PATCH 2/2] Enable seccomp support for qemu Jonatan Schlag
@ 2019-04-13 15:35 ` Michael Tremer
2019-04-22 18:47 ` Michael Tremer
1 sibling, 1 reply; 4+ messages in thread
From: Michael Tremer @ 2019-04-13 15:35 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 6556 bytes --]
Thanks for sending in this patch.
Did you check that nothing else links against this library?
I would guess that OpenSSH links against this when it finds it. So this library is probably best in the core system.
You are also packaging the *.so file which is a development file and not needed here.
Best,
-Michael
> On 13 Apr 2019, at 15:55, Jonatan Schlag <jonatan.schlag(a)ipfire.org> wrote:
>
> Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
> ---
> config/rootfiles/packages/libseccomp | 34 ++++++++++++++
> lfs/libseccomp | 87 ++++++++++++++++++++++++++++++++++++
> make.sh | 1 +
> 3 files changed, 122 insertions(+)
> create mode 100644 config/rootfiles/packages/libseccomp
> create mode 100644 lfs/libseccomp
>
> diff --git a/config/rootfiles/packages/libseccomp b/config/rootfiles/packages/libseccomp
> new file mode 100644
> index 0000000..3e68549
> --- /dev/null
> +++ b/config/rootfiles/packages/libseccomp
> @@ -0,0 +1,34 @@
> +usr/bin/scmp_sys_resolver
> +#usr/include/seccomp.h
> +#usr/lib/libseccomp.la
> +usr/lib/libseccomp.so
> +usr/lib/libseccomp.so.2
> +usr/lib/libseccomp.so.2.4.0
> +#usr/lib/pkgconfig/libseccomp.pc
> +#usr/share/man/man1/scmp_sys_resolver.1
> +#usr/share/man/man3/seccomp_api_get.3
> +#usr/share/man/man3/seccomp_api_set.3
> +#usr/share/man/man3/seccomp_arch_add.3
> +#usr/share/man/man3/seccomp_arch_exist.3
> +#usr/share/man/man3/seccomp_arch_native.3
> +#usr/share/man/man3/seccomp_arch_remove.3
> +#usr/share/man/man3/seccomp_arch_resolve_name.3
> +#usr/share/man/man3/seccomp_attr_get.3
> +#usr/share/man/man3/seccomp_attr_set.3
> +#usr/share/man/man3/seccomp_export_bpf.3
> +#usr/share/man/man3/seccomp_export_pfc.3
> +#usr/share/man/man3/seccomp_init.3
> +#usr/share/man/man3/seccomp_load.3
> +#usr/share/man/man3/seccomp_merge.3
> +#usr/share/man/man3/seccomp_release.3
> +#usr/share/man/man3/seccomp_reset.3
> +#usr/share/man/man3/seccomp_rule_add.3
> +#usr/share/man/man3/seccomp_rule_add_array.3
> +#usr/share/man/man3/seccomp_rule_add_exact.3
> +#usr/share/man/man3/seccomp_rule_add_exact_array.3
> +#usr/share/man/man3/seccomp_syscall_priority.3
> +#usr/share/man/man3/seccomp_syscall_resolve_name.3
> +#usr/share/man/man3/seccomp_syscall_resolve_name_arch.3
> +#usr/share/man/man3/seccomp_syscall_resolve_name_rewrite.3
> +#usr/share/man/man3/seccomp_syscall_resolve_num_arch.3
> +#usr/share/man/man3/seccomp_version.3
> diff --git a/lfs/libseccomp b/lfs/libseccomp
> new file mode 100644
> index 0000000..d577793
> --- /dev/null
> +++ b/lfs/libseccomp
> @@ -0,0 +1,87 @@
> +###############################################################################
> +# #
> +# IPFire.org - A linux based firewall #
> +# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
> +# #
> +# This program is free software: you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation, either version 3 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# This program is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> +# #
> +###############################################################################
> +
> +###############################################################################
> +# Definitions
> +###############################################################################
> +
> +include Config
> +
> +VER = 2.4.0
> +
> +THISAPP = libseccomp-$(VER)
> +DL_FILE = $(THISAPP).tar.gz
> +DL_FROM = $(URL_IPFIRE)
> +DIR_APP = $(DIR_SRC)/$(THISAPP)
> +TARGET = $(DIR_INFO)/$(THISAPP)
> +PROG = libseccomp
> +PAK_VER = 1
> +
> +DEPS = ""
> +
> +###############################################################################
> +# Top-level Rules
> +###############################################################################
> +
> +objects = $(DL_FILE)
> +
> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> +
> +$(DL_FILE)_MD5 = 91625d78af26c646b03be3de58e71988
> +
> +install : $(TARGET)
> +
> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> +
> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
> +
> +md5 : $(subst %,%_MD5,$(objects))
> +
> +dist:
> + @$(PAK)
> +
> +###############################################################################
> +# Downloading, checking, md5sum
> +###############################################################################
> +
> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> + @$(CHECK)
> +
> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
> + @$(LOAD)
> +
> +$(subst %,%_MD5,$(objects)) :
> + @$(MD5)
> +
> +###############################################################################
> +# Installation Details
> +###############################################################################
> +
> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> + @$(PREBUILD)
> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar vxf $(DIR_DL)/$(DL_FILE)
> + cd $(DIR_APP) && ./configure \
> + --prefix=/usr \
> + --disable-static
> +
> + cd $(DIR_APP) && make $(MAKETUNING)
> + cd $(DIR_APP) && make install
> + @rm -rf $(DIR_APP)
> + @$(POSTBUILD)
> diff --git a/make.sh b/make.sh
> index de973c6..fd85b03 100755
> --- a/make.sh
> +++ b/make.sh
> @@ -1410,6 +1410,7 @@ buildipfire() {
> lfsmake2 spice
> lfsmake2 sdl
> lfsmake2 libusbredir
> + lfsmake2 libseccomp
> lfsmake2 qemu
> lfsmake2 sane
> lfsmake2 netpbm
> --
> 1.8.3.1
>
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH 1/2] Add new package libseccomp
2019-04-13 15:35 ` [PATCH 1/2] Add new package libseccomp Michael Tremer
@ 2019-04-22 18:47 ` Michael Tremer
0 siblings, 0 replies; 4+ messages in thread
From: Michael Tremer @ 2019-04-22 18:47 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 6972 bytes --]
Hi,
I checked and OpenSSH seems to have an own implementation.
So I merged this and we will see :)
I also made the *.so change.
-Michael
> On 13 Apr 2019, at 16:35, Michael Tremer <michael.tremer(a)ipfire.org> wrote:
>
> Thanks for sending in this patch.
>
> Did you check that nothing else links against this library?
>
> I would guess that OpenSSH links against this when it finds it. So this library is probably best in the core system.
>
> You are also packaging the *.so file which is a development file and not needed here.
>
> Best,
> -Michael
>
>> On 13 Apr 2019, at 15:55, Jonatan Schlag <jonatan.schlag(a)ipfire.org> wrote:
>>
>> Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
>> ---
>> config/rootfiles/packages/libseccomp | 34 ++++++++++++++
>> lfs/libseccomp | 87 ++++++++++++++++++++++++++++++++++++
>> make.sh | 1 +
>> 3 files changed, 122 insertions(+)
>> create mode 100644 config/rootfiles/packages/libseccomp
>> create mode 100644 lfs/libseccomp
>>
>> diff --git a/config/rootfiles/packages/libseccomp b/config/rootfiles/packages/libseccomp
>> new file mode 100644
>> index 0000000..3e68549
>> --- /dev/null
>> +++ b/config/rootfiles/packages/libseccomp
>> @@ -0,0 +1,34 @@
>> +usr/bin/scmp_sys_resolver
>> +#usr/include/seccomp.h
>> +#usr/lib/libseccomp.la
>> +usr/lib/libseccomp.so
>> +usr/lib/libseccomp.so.2
>> +usr/lib/libseccomp.so.2.4.0
>> +#usr/lib/pkgconfig/libseccomp.pc
>> +#usr/share/man/man1/scmp_sys_resolver.1
>> +#usr/share/man/man3/seccomp_api_get.3
>> +#usr/share/man/man3/seccomp_api_set.3
>> +#usr/share/man/man3/seccomp_arch_add.3
>> +#usr/share/man/man3/seccomp_arch_exist.3
>> +#usr/share/man/man3/seccomp_arch_native.3
>> +#usr/share/man/man3/seccomp_arch_remove.3
>> +#usr/share/man/man3/seccomp_arch_resolve_name.3
>> +#usr/share/man/man3/seccomp_attr_get.3
>> +#usr/share/man/man3/seccomp_attr_set.3
>> +#usr/share/man/man3/seccomp_export_bpf.3
>> +#usr/share/man/man3/seccomp_export_pfc.3
>> +#usr/share/man/man3/seccomp_init.3
>> +#usr/share/man/man3/seccomp_load.3
>> +#usr/share/man/man3/seccomp_merge.3
>> +#usr/share/man/man3/seccomp_release.3
>> +#usr/share/man/man3/seccomp_reset.3
>> +#usr/share/man/man3/seccomp_rule_add.3
>> +#usr/share/man/man3/seccomp_rule_add_array.3
>> +#usr/share/man/man3/seccomp_rule_add_exact.3
>> +#usr/share/man/man3/seccomp_rule_add_exact_array.3
>> +#usr/share/man/man3/seccomp_syscall_priority.3
>> +#usr/share/man/man3/seccomp_syscall_resolve_name.3
>> +#usr/share/man/man3/seccomp_syscall_resolve_name_arch.3
>> +#usr/share/man/man3/seccomp_syscall_resolve_name_rewrite.3
>> +#usr/share/man/man3/seccomp_syscall_resolve_num_arch.3
>> +#usr/share/man/man3/seccomp_version.3
>> diff --git a/lfs/libseccomp b/lfs/libseccomp
>> new file mode 100644
>> index 0000000..d577793
>> --- /dev/null
>> +++ b/lfs/libseccomp
>> @@ -0,0 +1,87 @@
>> +###############################################################################
>> +# #
>> +# IPFire.org - A linux based firewall #
>> +# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>> +# #
>> +# This program is free software: you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation, either version 3 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# This program is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
>> +# #
>> +###############################################################################
>> +
>> +###############################################################################
>> +# Definitions
>> +###############################################################################
>> +
>> +include Config
>> +
>> +VER = 2.4.0
>> +
>> +THISAPP = libseccomp-$(VER)
>> +DL_FILE = $(THISAPP).tar.gz
>> +DL_FROM = $(URL_IPFIRE)
>> +DIR_APP = $(DIR_SRC)/$(THISAPP)
>> +TARGET = $(DIR_INFO)/$(THISAPP)
>> +PROG = libseccomp
>> +PAK_VER = 1
>> +
>> +DEPS = ""
>> +
>> +###############################################################################
>> +# Top-level Rules
>> +###############################################################################
>> +
>> +objects = $(DL_FILE)
>> +
>> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>> +
>> +$(DL_FILE)_MD5 = 91625d78af26c646b03be3de58e71988
>> +
>> +install : $(TARGET)
>> +
>> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
>> +
>> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
>> +
>> +md5 : $(subst %,%_MD5,$(objects))
>> +
>> +dist:
>> + @$(PAK)
>> +
>> +###############################################################################
>> +# Downloading, checking, md5sum
>> +###############################################################################
>> +
>> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
>> + @$(CHECK)
>> +
>> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
>> + @$(LOAD)
>> +
>> +$(subst %,%_MD5,$(objects)) :
>> + @$(MD5)
>> +
>> +###############################################################################
>> +# Installation Details
>> +###############################################################################
>> +
>> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> + @$(PREBUILD)
>> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar vxf $(DIR_DL)/$(DL_FILE)
>> + cd $(DIR_APP) && ./configure \
>> + --prefix=/usr \
>> + --disable-static
>> +
>> + cd $(DIR_APP) && make $(MAKETUNING)
>> + cd $(DIR_APP) && make install
>> + @rm -rf $(DIR_APP)
>> + @$(POSTBUILD)
>> diff --git a/make.sh b/make.sh
>> index de973c6..fd85b03 100755
>> --- a/make.sh
>> +++ b/make.sh
>> @@ -1410,6 +1410,7 @@ buildipfire() {
>> lfsmake2 spice
>> lfsmake2 sdl
>> lfsmake2 libusbredir
>> + lfsmake2 libseccomp
>> lfsmake2 qemu
>> lfsmake2 sane
>> lfsmake2 netpbm
>> --
>> 1.8.3.1
>>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-04-22 18:47 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-13 14:55 [PATCH 1/2] Add new package libseccomp Jonatan Schlag
2019-04-13 14:55 ` [PATCH 2/2] Enable seccomp support for qemu Jonatan Schlag
2019-04-13 15:35 ` [PATCH 1/2] Add new package libseccomp Michael Tremer
2019-04-22 18:47 ` Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox