* [git.ipfire.org] IPFire 3.x development tree branch, master, updated. 89c1bf358652b9518e8104285c58cc8305c62cae
@ 2023-03-13 14:38 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2023-03-13 14:38 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 11316 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 3.x development tree".
The branch, master has been updated
via 89c1bf358652b9518e8104285c58cc8305c62cae (commit)
via 41c50d77850ca048346c29db0cdf9b6fb625db6e (commit)
via 268c12c936f051589b8f77583f1470a3be0a62b2 (commit)
via a8172e14a048e1439a28beb63645915b9b3fa1ba (commit)
via 870c2f84fe7153055cbfd4b63f8bd8f77fe9bce0 (commit)
via ffaa94deb97e2fe6576a4bf5f48b0f565d866beb (commit)
via 12f231c48e81c85a83af69e7a6445ba7d6601c33 (commit)
via 19a99d48925b477ab527c0a80735dc4c731743ea (commit)
from cd1320f79f73492864c08631169f3ac358dfb0cc (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 89c1bf358652b9518e8104285c58cc8305c62cae
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Sun Mar 12 11:06:17 2023 +0100
krb5: Proper harden some binaries
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 41c50d77850ca048346c29db0cdf9b6fb625db6e
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Sun Mar 12 11:05:09 2023 +0100
krb5: Use macro logic to build the package
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 268c12c936f051589b8f77583f1470a3be0a62b2
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Sun Mar 12 10:53:20 2023 +0100
vim: Do not strip binaries during install
We need the symbols for our hardening checks. They anyway will be
stripped afterwards and packed into the debuginfo packages.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a8172e14a048e1439a28beb63645915b9b3fa1ba
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Sun Mar 12 10:46:45 2023 +0100
nfs-utils: Do not strip binary during installation
We need the symbols for our hardening checks. The files anyway
will be stripped afterwards and those symbols will be packed into
the debuginfo packages.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 870c2f84fe7153055cbfd4b63f8bd8f77fe9bce0
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Sun Mar 12 10:28:09 2023 +0100
openldap: Do not strip binaries during install
We need those symbols for our hardening checks. The binaries
anyway will be stripped afterwards and the debug symbols will
be used for the debuginfo packages.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit ffaa94deb97e2fe6576a4bf5f48b0f565d866beb
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Sun Mar 12 10:07:41 2023 +0100
pth: Drop package
This package is very outdated and not longer used
by any of our software.
So it is safe to drop it.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 12f231c48e81c85a83af69e7a6445ba7d6601c33
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Sun Mar 12 10:07:14 2023 +0100
libassuan: Does not longer depend on pth-devel
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 19a99d48925b477ab527c0a80735dc4c731743ea
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Sun Mar 12 10:06:30 2023 +0100
gpgme: Does not longer depend on pth-devel
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
gpgme/gpgme.nm | 3 +-
krb5/krb5.nm | 24 +++++++--------
libassuan/libassuan.nm | 3 +-
nfs-utils/nfs-utils.nm | 4 +--
openldap/openldap.nm | 6 +++-
pth/patches/pth-2.0.5-parallelfix.patch0 | 15 ---------
pth/pth.nm | 52 --------------------------------
vim/vim.nm | 5 ++-
8 files changed, 25 insertions(+), 87 deletions(-)
delete mode 100644 pth/patches/pth-2.0.5-parallelfix.patch0
delete mode 100644 pth/pth.nm
Difference in files:
diff --git a/gpgme/gpgme.nm b/gpgme/gpgme.nm
index 4c4239b14..837dbeb8e 100644
--- a/gpgme/gpgme.nm
+++ b/gpgme/gpgme.nm
@@ -5,7 +5,7 @@
name = gpgme
version = 1.18.0
-release = 1
+release = 2
groups = Applications/System
url = https://www.gnupg.org/related_software/gpgme/
@@ -30,7 +30,6 @@ build
libassuan-devel
libgpg-error-devel
pkg-config
- pth-devel
which
end
diff --git a/krb5/krb5.nm b/krb5/krb5.nm
index e2132afc0..9113a4a55 100644
--- a/krb5/krb5.nm
+++ b/krb5/krb5.nm
@@ -7,7 +7,7 @@ name = krb5
version = %{ver_maj}.%{ver_min}
ver_maj = 1.20
ver_min = 1
-release = 2
+release = 3
groups = System/Libraries
url = https://web.mit.edu/kerberos/www/
@@ -23,6 +23,8 @@ end
source_dl = https://web.mit.edu/kerberos/dist/krb5/%{ver_maj}/
build
+ DIR_APP = %{DIR_SRC}/%{thisapp}/src
+
requires
autoconf
automake
@@ -56,19 +58,17 @@ build
--with-crypto-impl=openssl \
--with-pam
- build
- cd %{DIR_APP}/src
-
- ./configure \
- %{configure_options}
-
- make %{PARALLELISMFLAGS}
+ configure_cmds
+ # Add additional compiler flags to proper harden the binaries.
+ sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \
+ clients/kpasswd/Makefile
+ sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \
+ appl/simple/server/Makefile
+ sed -i '/^CFLAGS =/ s/$/ -fno-builtin-exit -D__noreturn__=/' \
+ appl/sample/sserver/Makefile
end
- install
- # Install krb5
- make -C src install DESTDIR=%{BUILDROOT}
-
+ install_cmds
# Sample KDC config files (bundled kdc.conf and kadm5.acl).
mkdir -pv %{BUILDROOT}%{localstatedir}/kerberos/krb5kdc
install -pm 600 %{DIR_SOURCE}/kdc.conf %{BUILDROOT}%{localstatedir}/kerberos/krb5kdc/
diff --git a/libassuan/libassuan.nm b/libassuan/libassuan.nm
index d390b7c4d..f15e54b7d 100644
--- a/libassuan/libassuan.nm
+++ b/libassuan/libassuan.nm
@@ -5,7 +5,7 @@
name = libassuan
version = 2.5.5
-release = 1
+release = 2
groups = System/Libraries
url = https://www.gnupg.org/
@@ -27,7 +27,6 @@ sources = %{thisapp}.tar.bz2
build
requires
libgpg-error-devel >= 1.28
- pth-devel
end
end
diff --git a/nfs-utils/nfs-utils.nm b/nfs-utils/nfs-utils.nm
index f68819792..771c47636 100644
--- a/nfs-utils/nfs-utils.nm
+++ b/nfs-utils/nfs-utils.nm
@@ -5,7 +5,7 @@
name = nfs-utils
version = 2.6.2
-release = 3
+release = 4
groups = Networking/Tools
url = http://nfs.sourceforge.net/
@@ -70,7 +70,7 @@ build
mkdir -pv %{BUILDROOT}/var/lib/nfs/v4recovery
mkdir -pv %{BUILDROOT}/etc/exports.d
- install -s -m 755 tools/rpcdebug/rpcdebug %{BUILDROOT}%{sbindir}
+ install -m 755 tools/rpcdebug/rpcdebug %{BUILDROOT}%{sbindir}
install -m 644 utils/mount/nfsmount.conf %{BUILDROOT}%{sysconfdir}
mkdir -pv %{BUILDROOT}/var/lib/nfs/rpc_pipefs
diff --git a/openldap/openldap.nm b/openldap/openldap.nm
index 847d13fc4..afda58701 100644
--- a/openldap/openldap.nm
+++ b/openldap/openldap.nm
@@ -5,7 +5,7 @@
name = openldap
version = 2.6.4
-release = 1.1
+release = 2
groups = System/Daemons
url = https://www.openldap.org/
@@ -54,6 +54,10 @@ build
%{create_user}
end
+ # Do not strip the binaries during install.
+ make_install_targets += \
+ STRIP_OPTS=
+
install_cmds
mv -v %{BUILDROOT}%{libdir}/slapd %{BUILDROOT}/usr/sbin/slapd
ln -svf slapd %{BUILDROOT}/usr/sbin/slapacl
diff --git a/pth/patches/pth-2.0.5-parallelfix.patch0 b/pth/patches/pth-2.0.5-parallelfix.patch0
deleted file mode 100644
index a305f5933..000000000
--- a/pth/patches/pth-2.0.5-parallelfix.patch0
+++ /dev/null
@@ -1,15 +0,0 @@
---- Makefile.in.orig 2005-11-08 05:58:55.000000000 +1100
-+++ Makefile.in 2005-11-08 06:29:02.000000000 +1100
-@@ -148,10 +148,9 @@
-
- # be aware of libtool when building the objects
- .SUFFIXES:
--.SUFFIXES: .c .o .lo
--.c.o:
-+%.o: %.c $(TARGET_PREQ)
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $<
--.c.lo:
-+%.lo: %.c $(TARGET_PREQ)
- $(LIBTOOL) --mode=compile --quiet $(CC) -c $(CPPFLAGS) $(CFLAGS) $<
-
- # the default target
diff --git a/pth/pth.nm b/pth/pth.nm
deleted file mode 100644
index 013137870..000000000
--- a/pth/pth.nm
+++ /dev/null
@@ -1,52 +0,0 @@
-###############################################################################
-# IPFire.org - An Open Source Firewall Solution #
-# Copyright (C) - IPFire Development Team <info(a)ipfire.org> #
-###############################################################################
-
-name = pth
-version = 2.0.7
-release = 3.1
-
-groups = System/Libraries
-url = http://www.gnu.org/software/pth
-license = GPLv3+
-summary = GNU Pth - The GNU Portable Threads.
-
-description
- The Pth package contains a very portable POSIX/ANSI-C based library for \
- Unix platforms which provides non-preemptive priority-based scheduling for \
- multiple threads of execution (multithreading) inside event-driven \
- applications.
-end
-
-source_dl = ftp://ftp.gnu.org/gnu/pth/
-
-build
- requires
- libtool
- end
-
- configure_options += \
- --disable-static \
- --mandir=/usr/share/man
-
- prepare_cmds
- %{MACRO_FIX_AUTOTOOLS}
- end
-
- test
- make check
- end
-end
-
-packages
- package %{name}
-
- package %{name}-devel
- template DEVEL
- end
-
- package %{name}-debuginfo
- template DEBUGINFO
- end
-end
diff --git a/vim/vim.nm b/vim/vim.nm
index d1a86190f..7efb260e0 100644
--- a/vim/vim.nm
+++ b/vim/vim.nm
@@ -8,7 +8,7 @@ major_ver = 8
minor_ver = 0
patchlevel = 1184
version = %{major_ver}.%{minor_ver}.%{patchlevel}
-release = 1
+release = 2
groups = Applications/Editors
url = http://www.vim.org
@@ -44,6 +44,9 @@ build
echo '#define SYS_VIMRC_FILE "%{sysconfdir}/vimrc"' >> src/feature.h
end
+ make_install_targets += \
+ STRIP=/usr/bin/true
+
install_cmds
ln -sfv vim %{BUILDROOT}%{bindir}/vi
hooks/post-receive
--
IPFire 3.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2023-03-13 14:38 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-13 14:38 [git.ipfire.org] IPFire 3.x development tree branch, master, updated. 89c1bf358652b9518e8104285c58cc8305c62cae Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox