Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org --- config/rootfiles/packages/libseccomp | 34 ++++++++++++++ lfs/libseccomp | 87 ++++++++++++++++++++++++++++++++++++ make.sh | 1 + 3 files changed, 122 insertions(+) create mode 100644 config/rootfiles/packages/libseccomp create mode 100644 lfs/libseccomp
diff --git a/config/rootfiles/packages/libseccomp b/config/rootfiles/packages/libseccomp new file mode 100644 index 0000000..3e68549 --- /dev/null +++ b/config/rootfiles/packages/libseccomp @@ -0,0 +1,34 @@ +usr/bin/scmp_sys_resolver +#usr/include/seccomp.h +#usr/lib/libseccomp.la +usr/lib/libseccomp.so +usr/lib/libseccomp.so.2 +usr/lib/libseccomp.so.2.4.0 +#usr/lib/pkgconfig/libseccomp.pc +#usr/share/man/man1/scmp_sys_resolver.1 +#usr/share/man/man3/seccomp_api_get.3 +#usr/share/man/man3/seccomp_api_set.3 +#usr/share/man/man3/seccomp_arch_add.3 +#usr/share/man/man3/seccomp_arch_exist.3 +#usr/share/man/man3/seccomp_arch_native.3 +#usr/share/man/man3/seccomp_arch_remove.3 +#usr/share/man/man3/seccomp_arch_resolve_name.3 +#usr/share/man/man3/seccomp_attr_get.3 +#usr/share/man/man3/seccomp_attr_set.3 +#usr/share/man/man3/seccomp_export_bpf.3 +#usr/share/man/man3/seccomp_export_pfc.3 +#usr/share/man/man3/seccomp_init.3 +#usr/share/man/man3/seccomp_load.3 +#usr/share/man/man3/seccomp_merge.3 +#usr/share/man/man3/seccomp_release.3 +#usr/share/man/man3/seccomp_reset.3 +#usr/share/man/man3/seccomp_rule_add.3 +#usr/share/man/man3/seccomp_rule_add_array.3 +#usr/share/man/man3/seccomp_rule_add_exact.3 +#usr/share/man/man3/seccomp_rule_add_exact_array.3 +#usr/share/man/man3/seccomp_syscall_priority.3 +#usr/share/man/man3/seccomp_syscall_resolve_name.3 +#usr/share/man/man3/seccomp_syscall_resolve_name_arch.3 +#usr/share/man/man3/seccomp_syscall_resolve_name_rewrite.3 +#usr/share/man/man3/seccomp_syscall_resolve_num_arch.3 +#usr/share/man/man3/seccomp_version.3 diff --git a/lfs/libseccomp b/lfs/libseccomp new file mode 100644 index 0000000..d577793 --- /dev/null +++ b/lfs/libseccomp @@ -0,0 +1,87 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 2.4.0 + +THISAPP = libseccomp-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = libseccomp +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 91625d78af26c646b03be3de58e71988 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar vxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --disable-static + + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index de973c6..fd85b03 100755 --- a/make.sh +++ b/make.sh @@ -1410,6 +1410,7 @@ buildipfire() { lfsmake2 spice lfsmake2 sdl lfsmake2 libusbredir + lfsmake2 libseccomp lfsmake2 qemu lfsmake2 sane lfsmake2 netpbm
Fixes: #11941
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org --- lfs/qemu | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/qemu b/lfs/qemu index 015837a..d18b49c 100644 --- a/lfs/qemu +++ b/lfs/qemu @@ -33,9 +33,9 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = i586 x86_64 PROG = qemu -PAK_VER = 23 +PAK_VER = 24
-DEPS = "libusbredir sdl spice" +DEPS = "libusbredir sdl spice libseccomp"
############################################################################### # Top-level Rules @@ -82,7 +82,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \ --localstatedir=/var --enable-kvm --disable-bluez --disable-attr \ --target-list="i386-linux-user x86_64-linux-user arm-linux-user i386-softmmu x86_64-softmmu arm-softmmu" \ - --extra-cflags="$(CFLAGS)" --enable-spice --enable-usb-redir + --extra-cflags="$(CFLAGS)" --enable-spice --enable-usb-redir --enable-seccomp cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install
Thanks for sending in this patch.
Did you check that nothing else links against this library?
I would guess that OpenSSH links against this when it finds it. So this library is probably best in the core system.
You are also packaging the *.so file which is a development file and not needed here.
Best, -Michael
On 13 Apr 2019, at 15:55, Jonatan Schlag jonatan.schlag@ipfire.org wrote:
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org
config/rootfiles/packages/libseccomp | 34 ++++++++++++++ lfs/libseccomp | 87 ++++++++++++++++++++++++++++++++++++ make.sh | 1 + 3 files changed, 122 insertions(+) create mode 100644 config/rootfiles/packages/libseccomp create mode 100644 lfs/libseccomp
diff --git a/config/rootfiles/packages/libseccomp b/config/rootfiles/packages/libseccomp new file mode 100644 index 0000000..3e68549 --- /dev/null +++ b/config/rootfiles/packages/libseccomp @@ -0,0 +1,34 @@ +usr/bin/scmp_sys_resolver +#usr/include/seccomp.h +#usr/lib/libseccomp.la +usr/lib/libseccomp.so +usr/lib/libseccomp.so.2 +usr/lib/libseccomp.so.2.4.0 +#usr/lib/pkgconfig/libseccomp.pc +#usr/share/man/man1/scmp_sys_resolver.1 +#usr/share/man/man3/seccomp_api_get.3 +#usr/share/man/man3/seccomp_api_set.3 +#usr/share/man/man3/seccomp_arch_add.3 +#usr/share/man/man3/seccomp_arch_exist.3 +#usr/share/man/man3/seccomp_arch_native.3 +#usr/share/man/man3/seccomp_arch_remove.3 +#usr/share/man/man3/seccomp_arch_resolve_name.3 +#usr/share/man/man3/seccomp_attr_get.3 +#usr/share/man/man3/seccomp_attr_set.3 +#usr/share/man/man3/seccomp_export_bpf.3 +#usr/share/man/man3/seccomp_export_pfc.3 +#usr/share/man/man3/seccomp_init.3 +#usr/share/man/man3/seccomp_load.3 +#usr/share/man/man3/seccomp_merge.3 +#usr/share/man/man3/seccomp_release.3 +#usr/share/man/man3/seccomp_reset.3 +#usr/share/man/man3/seccomp_rule_add.3 +#usr/share/man/man3/seccomp_rule_add_array.3 +#usr/share/man/man3/seccomp_rule_add_exact.3 +#usr/share/man/man3/seccomp_rule_add_exact_array.3 +#usr/share/man/man3/seccomp_syscall_priority.3 +#usr/share/man/man3/seccomp_syscall_resolve_name.3 +#usr/share/man/man3/seccomp_syscall_resolve_name_arch.3 +#usr/share/man/man3/seccomp_syscall_resolve_name_rewrite.3 +#usr/share/man/man3/seccomp_syscall_resolve_num_arch.3 +#usr/share/man/man3/seccomp_version.3 diff --git a/lfs/libseccomp b/lfs/libseccomp new file mode 100644 index 0000000..d577793 --- /dev/null +++ b/lfs/libseccomp @@ -0,0 +1,87 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +###############################################################################
+############################################################################### +# Definitions +###############################################################################
+include Config
+VER = 2.4.0
+THISAPP = libseccomp-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = libseccomp +PAK_VER = 1
+DEPS = ""
+############################################################################### +# Top-level Rules +###############################################################################
+objects = $(DL_FILE)
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+$(DL_FILE)_MD5 = 91625d78af26c646b03be3de58e71988
+install : $(TARGET)
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+md5 : $(subst %,%_MD5,$(objects))
+dist:
- @$(PAK)
+############################################################################### +# Downloading, checking, md5sum +###############################################################################
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
- @$(CHECK)
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
- @$(LOAD)
+$(subst %,%_MD5,$(objects)) :
- @$(MD5)
+############################################################################### +# Installation Details +###############################################################################
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
- @$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar vxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && ./configure \
--prefix=/usr \--disable-static- cd $(DIR_APP) && make $(MAKETUNING)
- cd $(DIR_APP) && make install
- @rm -rf $(DIR_APP)
- @$(POSTBUILD)
diff --git a/make.sh b/make.sh index de973c6..fd85b03 100755 --- a/make.sh +++ b/make.sh @@ -1410,6 +1410,7 @@ buildipfire() { lfsmake2 spice lfsmake2 sdl lfsmake2 libusbredir
- lfsmake2 libseccomp lfsmake2 qemu lfsmake2 sane lfsmake2 netpbm
-- 1.8.3.1
Hi,
I checked and OpenSSH seems to have an own implementation.
So I merged this and we will see :)
I also made the *.so change.
-Michael
On 13 Apr 2019, at 16:35, Michael Tremer michael.tremer@ipfire.org wrote:
Thanks for sending in this patch.
Did you check that nothing else links against this library?
I would guess that OpenSSH links against this when it finds it. So this library is probably best in the core system.
You are also packaging the *.so file which is a development file and not needed here.
Best, -Michael
On 13 Apr 2019, at 15:55, Jonatan Schlag jonatan.schlag@ipfire.org wrote:
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org
config/rootfiles/packages/libseccomp | 34 ++++++++++++++ lfs/libseccomp | 87 ++++++++++++++++++++++++++++++++++++ make.sh | 1 + 3 files changed, 122 insertions(+) create mode 100644 config/rootfiles/packages/libseccomp create mode 100644 lfs/libseccomp
diff --git a/config/rootfiles/packages/libseccomp b/config/rootfiles/packages/libseccomp new file mode 100644 index 0000000..3e68549 --- /dev/null +++ b/config/rootfiles/packages/libseccomp @@ -0,0 +1,34 @@ +usr/bin/scmp_sys_resolver +#usr/include/seccomp.h +#usr/lib/libseccomp.la +usr/lib/libseccomp.so +usr/lib/libseccomp.so.2 +usr/lib/libseccomp.so.2.4.0 +#usr/lib/pkgconfig/libseccomp.pc +#usr/share/man/man1/scmp_sys_resolver.1 +#usr/share/man/man3/seccomp_api_get.3 +#usr/share/man/man3/seccomp_api_set.3 +#usr/share/man/man3/seccomp_arch_add.3 +#usr/share/man/man3/seccomp_arch_exist.3 +#usr/share/man/man3/seccomp_arch_native.3 +#usr/share/man/man3/seccomp_arch_remove.3 +#usr/share/man/man3/seccomp_arch_resolve_name.3 +#usr/share/man/man3/seccomp_attr_get.3 +#usr/share/man/man3/seccomp_attr_set.3 +#usr/share/man/man3/seccomp_export_bpf.3 +#usr/share/man/man3/seccomp_export_pfc.3 +#usr/share/man/man3/seccomp_init.3 +#usr/share/man/man3/seccomp_load.3 +#usr/share/man/man3/seccomp_merge.3 +#usr/share/man/man3/seccomp_release.3 +#usr/share/man/man3/seccomp_reset.3 +#usr/share/man/man3/seccomp_rule_add.3 +#usr/share/man/man3/seccomp_rule_add_array.3 +#usr/share/man/man3/seccomp_rule_add_exact.3 +#usr/share/man/man3/seccomp_rule_add_exact_array.3 +#usr/share/man/man3/seccomp_syscall_priority.3 +#usr/share/man/man3/seccomp_syscall_resolve_name.3 +#usr/share/man/man3/seccomp_syscall_resolve_name_arch.3 +#usr/share/man/man3/seccomp_syscall_resolve_name_rewrite.3 +#usr/share/man/man3/seccomp_syscall_resolve_num_arch.3 +#usr/share/man/man3/seccomp_version.3 diff --git a/lfs/libseccomp b/lfs/libseccomp new file mode 100644 index 0000000..d577793 --- /dev/null +++ b/lfs/libseccomp @@ -0,0 +1,87 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +###############################################################################
+############################################################################### +# Definitions +###############################################################################
+include Config
+VER = 2.4.0
+THISAPP = libseccomp-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = libseccomp +PAK_VER = 1
+DEPS = ""
+############################################################################### +# Top-level Rules +###############################################################################
+objects = $(DL_FILE)
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+$(DL_FILE)_MD5 = 91625d78af26c646b03be3de58e71988
+install : $(TARGET)
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+md5 : $(subst %,%_MD5,$(objects))
+dist:
- @$(PAK)
+############################################################################### +# Downloading, checking, md5sum +###############################################################################
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
- @$(CHECK)
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
- @$(LOAD)
+$(subst %,%_MD5,$(objects)) :
- @$(MD5)
+############################################################################### +# Installation Details +###############################################################################
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
- @$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar vxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && ./configure \
--prefix=/usr \--disable-static- cd $(DIR_APP) && make $(MAKETUNING)
- cd $(DIR_APP) && make install
- @rm -rf $(DIR_APP)
- @$(POSTBUILD)
diff --git a/make.sh b/make.sh index de973c6..fd85b03 100755 --- a/make.sh +++ b/make.sh @@ -1410,6 +1410,7 @@ buildipfire() { lfsmake2 spice lfsmake2 sdl lfsmake2 libusbredir
- lfsmake2 libseccomp
lfsmake2 qemu lfsmake2 sane lfsmake2 netpbm -- 1.8.3.1
-
Jonatan Schlag -
Michael Tremer