diff options
author | Sergei Trofimovich <slyfox@gentoo.org> | 2019-02-02 20:07:03 +0000 |
---|---|---|
committer | Sergei Trofimovich <slyfox@gentoo.org> | 2019-02-02 20:07:03 +0000 |
commit | 0e5f4be65afbd78b427fde3116ad74057e3297a4 (patch) | |
tree | f6c006290bf12bc205afec6670d012aa333ee1fa /sys-devel | |
parent | media-fonts/polarsys-b612-fonts: keyworded 1.003 for ppc, bug #676536 (diff) | |
download | gentoo-0e5f4be65afbd78b427fde3116ad74057e3297a4.tar.gz gentoo-0e5f4be65afbd78b427fde3116ad74057e3297a4.tar.bz2 gentoo-0e5f4be65afbd78b427fde3116ad74057e3297a4.zip |
sys-devel/autogen: fix RPATH poisoning, bug #676692
autogen sets '-no-install' on installed binaries:
autogen_LDFLAGS = ... -no-install
columns_LDFLAGS = -no-install
getdefs_LDFLAGS = -no-install
Reported-by: Progenyx
Closes: https://bugs.gentoo.org/676692
Package-Manager: Portage-2.3.59, Repoman-2.3.12
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Diffstat (limited to 'sys-devel')
-rw-r--r-- | sys-devel/autogen/autogen-5.18.16-r1.ebuild | 56 | ||||
-rw-r--r-- | sys-devel/autogen/files/autogen-5.18.16-rpath.patch | 80 |
2 files changed, 136 insertions, 0 deletions
diff --git a/sys-devel/autogen/autogen-5.18.16-r1.ebuild b/sys-devel/autogen/autogen-5.18.16-r1.ebuild new file mode 100644 index 000000000000..b45f7a1bc1ab --- /dev/null +++ b/sys-devel/autogen/autogen-5.18.16-r1.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit toolchain-funcs + +DESCRIPTION="Program and text file generation" +HOMEPAGE="https://www.gnu.org/software/autogen/" +SRC_URI="mirror://gnu/${PN}/rel${PV}/${P}.tar.xz + https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob_plain;f=lib/verify.h;h=3b57ddee0acffd23cc51bc8910a15cf879f90619;hb=537a5511ab0b1326e69b32f87593a50aedb8a589 -> ${P}-gnulib-3b57ddee0acffd23cc51bc8910a15cf879f90619-lib-verify.h" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x64-macos ~x86-macos" +IUSE="libopts static-libs" + +RDEPEND=">=dev-scheme/guile-2.0:= + dev-libs/libxml2" +DEPEND="${RDEPEND}" + +PATCHES=( + "${FILESDIR}"/${PN}-5.18.16-no-werror.patch + "${FILESDIR}"/${PN}-5.18.16-rpath.patch +) + +src_prepare() { + # no-werror.patch fixes both configure{.ac,} + # avoid configure echeck + touch -r configure.ac orig.configure.ac || die + touch -r configure orig.configure || die + + default + + touch -r orig.configure.ac configure.ac || die + touch -r orig.configure configure || die + + # missing tarball file + cp "${DISTDIR}"/${P}-gnulib-3b57ddee0acffd23cc51bc8910a15cf879f90619-lib-verify.h autoopts/verify.h || die +} + +src_configure() { + # suppress possibly incorrect -R flag + export ag_cv_test_ldflags= + + econf $(use_enable static-libs static) +} + +src_install() { + default + find "${D}" -name '*.la' -delete || die + + if ! use libopts ; then + rm "${ED}"/usr/share/autogen/libopts-*.tar.gz || die + fi +} diff --git a/sys-devel/autogen/files/autogen-5.18.16-rpath.patch b/sys-devel/autogen/files/autogen-5.18.16-rpath.patch new file mode 100644 index 000000000000..8d2019121eb1 --- /dev/null +++ b/sys-devel/autogen/files/autogen-5.18.16-rpath.patch @@ -0,0 +1,80 @@ +https://bugs.gentoo.org/676692 + +'make install' actually installs 'getdefs', 'columns', 'autogen' +and gentoo's 'scanelf' QA checker tool detects it as: + + * QA Notice: The following files contain insecure RUNPATHs + * Please file a bug about this at https://bugs.gentoo.org/ + * with the maintainer of the package. + * /tmp/portage/sys-devel/autogen-5.18.16/image/usr/bin/getdefs + * RPATH: /tmp/portage/sys-devel/autogen-5.18.16/work/autogen-5.18.16/autoopts/.libs + * /tmp/portage/sys-devel/autogen-5.18.16/image/usr/bin/columns + * RPATH: /tmp/portage/sys-devel/autogen-5.18.16/work/autogen-5.18.16/autoopts/.libs + * /tmp/portage/sys-devel/autogen-5.18.16/image/usr/bin/autogen + * RPATH: /tmp/portage/sys-devel/autogen-5.18.16/work/autogen-5.18.16/autoopts/.libs +--- a/agen5/Makefile.am ++++ b/agen5/Makefile.am +@@ -63,7 +63,7 @@ SNV_LIB = $(top_builddir)/snprintfv/libsnprintfv.la + nodist_autogen_SOURCES = ag.c + autogen_SOURCES = $(gen_csrc) + autogen_LDADD = $(LO_LIB) $(SNV_LIB) $(GUILE_LIBS) +-autogen_LDFLAGS = $(DYNAMIC_AG) $(AG_STATIC_AUTOGEN) -no-install ++autogen_LDFLAGS = $(DYNAMIC_AG) $(AG_STATIC_AUTOGEN) + autogen_CFLAGS = $(GUILE_CFLAGS) + stamp_script = $(srcdir)/mk-stamps.sh + +--- a/agen5/Makefile.in ++++ b/agen5/Makefile.in +@@ -482,7 +482,7 @@ SNV_LIB = $(top_builddir)/snprintfv/libsnprintfv.la + nodist_autogen_SOURCES = ag.c + autogen_SOURCES = $(gen_csrc) + autogen_LDADD = $(LO_LIB) $(SNV_LIB) $(GUILE_LIBS) +-autogen_LDFLAGS = $(DYNAMIC_AG) $(AG_STATIC_AUTOGEN) -no-install ++autogen_LDFLAGS = $(DYNAMIC_AG) $(AG_STATIC_AUTOGEN) + autogen_CFLAGS = $(GUILE_CFLAGS) + stamp_script = $(srcdir)/mk-stamps.sh + AM_YFLAGS = -d +--- a/columns/Makefile.am ++++ b/columns/Makefile.am +@@ -20,7 +20,7 @@ + ## with this program. If not, see <http://www.gnu.org/licenses/>. + + bin_PROGRAMS = columns +-columns_LDFLAGS = -no-install ++#columns_LDFLAGS = -no-install + csrc = opts.h columns.c opts.c + nodist_columns_SOURCES = cols.c + +--- a/columns/Makefile.in ++++ b/columns/Makefile.in +@@ -389,7 +389,7 @@ target_vendor = @target_vendor@ + top_build_prefix = @top_build_prefix@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ +-columns_LDFLAGS = -no-install ++#columns_LDFLAGS = -no-install + csrc = opts.h columns.c opts.c + nodist_columns_SOURCES = cols.c + LO_LIB = $(top_builddir)/autoopts/libopts.la +--- a/getdefs/Makefile.am ++++ b/getdefs/Makefile.am +@@ -23,7 +23,7 @@ + TARG = getdefs + + bin_PROGRAMS = getdefs +-getdefs_LDFLAGS = -no-install ++#getdefs_LDFLAGS = -no-install + gdsrcs = getdefs.h proto.h gdemit.c gdinit.c getdefs.c + getdefs_SOURCES = proto.h + BUILT_SOURCES = gd.c +--- a/getdefs/Makefile.in ++++ b/getdefs/Makefile.in +@@ -434,7 +434,7 @@ top_build_prefix = @top_build_prefix@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ + TARG = getdefs +-getdefs_LDFLAGS = -no-install ++#getdefs_LDFLAGS = -no-install + gdsrcs = getdefs.h proto.h gdemit.c gdinit.c getdefs.c + getdefs_SOURCES = proto.h + BUILT_SOURCES = gd.c |