various upgrades

2022-03-31 04:00:18 +03:00 · 2022-03-31 04:00:18 +03:00 · 9b7cb1fa1e
parent 8f1f6b0026
commit 9b7cb1fa1e
26 changed files with 390 additions and 70 deletions
--- a/filesystem/PKGBUILD
+++ b/filesystem/PKGBUILD
@ -2,11 +2,12 @@
 # JOBoRun		: Jwm OpenBox Obarun RUNit
 # Maintainer	: Joe Bo Run <joborun@disroot.org>
 # PkgSource		: url="https://gittea.disroot.org/joborun-pkg/jobcore/$pkgname"
+# Website		: https://pozol.eu
 #-----------------------------------------| DESCRIPTION |---------------------------------------

 pkgname=filesystem
 pkgver=2022.01.01
-pkgrel=04
+pkgrel=05
 pkgdesc='Base Joborun Linux file system'
 arch=('x86_64')
 groups=( jobbot )
@ -122,25 +123,24 @@ package() {
 license=('GPL')

 sha256sums=(e03bede3d258d680548696623d5979c6edf03272e801a813c81ba5a5c64f4f82 # crypttab
-	e54626e74ed8fee4173b62a545ab1c3a3a069e4217a0ee8fc398d9933e9c1696 # fstab
-#	# group --> added tty:5 games-->ninjaneedsit gshadow alike
+	115d324c8518affc7bec5559579d85f8f5491646b6110ea9567a586a26a76da9 # fstab
 	df57d376582518cd5c02cd776cf81c4780c4854ca33f28f7f7bd846f8d4bde15 # group
 	5003d01f30a868d6e79010a9313d43481701b5c59fbe7252fb33760d043878f1 # gshadow
 	250cfbb9a2b5e3cc9879ab2080eb3c7875fbe66eb375ce3f96eee335654a4979 # host.conf
 	8a63876eaf11641bbecdf2dea934c14e730dd4daceb32a5b172d08887a263f73 # hosts
-	8f7885ff199a832b8550fbcd0e43ef786e75f7a9e0b5acdf16f049bf62318b27 # issue
+	54a29f40c2c922f8f138e99d2be6789bd5557d09d4a60feebc431e08b7a3edb3 # issue
 	dad04a370e488aa85fb0a813a5c83cf6fd981ce01883fc59685447b092de84b5 # ld.so.conf
 	6c17fa911c82c27a30414624cdb32b44a76e60304cb875dc794bb9ee7aac21d4 # locale.sh
-	408a8949aab4756ff2b43512f1c93dc0a4727f35f260a7643068781225cafdb9 # motd
-	b3f9aca43fd990384741213c747f856ae166b254475bb42c4dac676bd7fdde5a # nsswitch.conf
-	5b24a881c5eb48b31d3a5c55112b208639421d2857460ca7edb4f1cd3669c2ab # os-release
+	82a515684ea07e2a2d1df9a5b5d281d4daca16a581fefdf7221fbe4a808e7a94 # motd
+	581a292aeae5e125f8527fef41a839c6c3d6f81f853c49c476b6ab25e20917ef # nsswitch.conf
+	b5ad863843339840665b80b21656bc04402a824c01f9bc5c3e5974c8182113f5 # os-release
 	aa9df866acb6a56ad72aca7cd215642ed8c55ba9a01d205c667ed082bc997568 # passwd
 	5e4088ad8d0853d390fa303f6be8c3f69c33834200cba9e90f7849f1993ca8d0 # profile
-	77bba6e7f545eeffee6a4395b51c9c1b87a39a0494c11fb225c6e666e4f93997 # resolv.conf
+	26edd9af76f4b8a7a5094d45179099ddcd950d05140cf3b856da50263fba98a3 # resolv.conf
 	d88be2b45b43605ff31dd83d6a138069b6c2e92bc8989b7b9ab9eba8da5f8c7b # securetty
 	1d77352db51f1edc46eb868307530d1c02de1ee77cfa14902bc0430aad91384b # shadow
 	268e414ace5dd1579e5a3085a45a969c3d580d734182166f85d02411d3be6f7d # shells
-	e0a505d9d42acd716d5a2f4e82d83a5d8b2337ead6faf87b826caa8137873640 # sysusers
+	ec207f224fdd6f29d2a333b2e9be211ef44f21a2bff0c0c6d7ea6d1b72b70eee # sysusers
 	618ac097441c1f2daffc9967e5c3cd18ea8866f776db62d04bf401c53907b1c9 # tmpfiles
-	90fb123aa8c0176bc144322b585bb889181c437542ddbe546af43e11b95be6ab) #  modprobe.d.usb-load-ehci-first
-
+	90fb123aa8c0176bc144322b585bb889181c437542ddbe546af43e11b95be6ab) # modprobe.d.usb-load-ehci-first
+	
--- a/filesystem/fstab
+++ b/filesystem/fstab
@ -2,3 +2,4 @@
 # See fstab(5) for details.

 # <file system> <dir> <type> <options> <dump> <pass>
+tmpfs	/tmp	tmpfs	defaults,nosuid,nodev	0	0
--- a/filesystem/issue
+++ b/filesystem/issue
@ -1,10 +1,13 @@

-   ______________________________________________________
-   __                                                  __
-   __                welcome to joborun                __
-   __                  based on obarun                 __
-   __           runit + s6 + 66 on clean root          __
-   ______________________________________________________
+    ....::::::     ...     :::::::.      ...    :::::::..   ..'    ::::::.    :::.
+   ;;;;;;;;;```.;;;;;;;.  `;;;'';;'  .;;;;;;;.,;;;;``;;;;  ,;;     ;;;`;;;;,  `;;;
+   ''`  `[[.  ,[["' `"\[[, [[[__[[\.,[["' `"\[[,[[[,/[[['  [['     [[[ `[[[[[. '[[
+  ,,,    `$$  $$$,    `$$$ $$""""Y$$$$$,    `$$$$$$$$$c'   $$     ,$$$  $$$'"Y$c$$
+  888boood88  "888,_ _,88P_88o,,od8P"888,_ _,88P888b'"88bo,88.   .d888  888   "Y88
+  "MMMMMMMM"    "YMMMMMP" ""YUMMMP"   "YMMMMMP"`MMMM   "W"  "YmmMMMM""  MMM    `YM
+
+    JObORun is built from source without systemd and libs, no internal zstd or ipv6
+
+    joborun  \r (\l) \d \t \s

-   joborun  \r (\l) \d \t \s 

--- a/filesystem/motd
+++ b/filesystem/motd
@ -1,4 +1,5 @@

+
 	  ....::::::     ...     :::::::.      ...    :::::::..    ...    ::::::.    :::.
 	 ;;;;;;;;;````.;;;;;;;.  `;;;'';;'  .;;;;;;;.,;;;;``;;;;  ,;;     ;;;`;;;;,  `;;;
 	 ''`  `[[.   ,[["' `"\[[, [[[__[[\.,[["' `"\[[,[[[,/[[['  [['     [[[ `[[[[[. '[[
@ -8,3 +9,4 @@


 Enter your username and password below:
+
--- a/filesystem/nsswitch.conf
+++ b/filesystem/nsswitch.conf
@ -17,3 +17,4 @@ ethers: files
 rpc: files

 netgroup: files
+
--- a/filesystem/os-release
+++ b/filesystem/os-release
@ -3,8 +3,8 @@ PRETTY_NAME="joborun on obarun"
 ID=joborun
 ID_LIKE=arch
 ANSI_COLOR="38;2;23;147;209"
-HOME_URL="https://joborun.eu/"
-DOCUMENTATION_URL="https://wiki.joborun.eu/"
-SUPPORT_URL="https://gitea.disroot.org/joborun/"
-BUG_REPORT_URL="https://gitea.disroot.org/joborun/"
+HOME_URL="http://pozol.eu/"
+DOCUMENTATION_URL="https://git.disroot.org/joborun/web/src/branch/main/index.md"
+SUPPORT_URL="https://www.reddit.com/r/joborun/"
+BUG_REPORT_URL="https://gitea.disroot.org/joborun-pkg/"
 LOGO=joborun-logo
--- a/filesystem/resolv.conf
+++ b/filesystem/resolv.conf
@ -1,15 +1,17 @@
 # This file was generated by OpenNIC 2019-Apr-26 06:46 UTC
 # and shows the most reliable servers near you.
 # You may retrieve updates automatically by using:
-#   wget --inet4-only "https://api.opennicproject.org/geoip?resolv"
+#wget --inet4-only "https://api.opennicproject.org/geoip?resolv"
+#Using 116.203.98.109 as API host
+#https://api.opennicproject.org/geoip/?list&ipv=4&res=200&adm=0&bl&wl
 domain opennic.glue
 search opennic.gluenameserver 192.71.245.208
-nameserver 94.247.43.254
-nameserver 167.86.112.174
-nameserver 51.91.152.156
-nameserver 51.178.92.105
+nameserver 144.24.181.253
+nameserver 79.133.199.87
+nameserver 89.163.140.67
 nameserver 194.36.144.87
-nameserver 91.217.137.37
-nameserver 192.3.165.37
-nameserver 159.89.120.99
+nameserver 94.247.43.254
+nameserver 192.71.166.92
+nameserver 130.61.117.123
+nameserver 195.10.195.195
 rotate
--- a/filesystem/sysusers
+++ b/filesystem/sysusers
@ -36,7 +36,6 @@ u bin 1 - -
 u daemon 2 - -
 u mail 8 - /var/spool/mail
 u ftp 14 - /srv/ftp
-u s6log 19:19 "S6 log user" -
 u http 33 - /srv/http

 # default membership
--- a/groff/PKGBUILD
+++ b/groff/PKGBUILD
@ -6,7 +6,7 @@

 pkgname=groff
 pkgver=1.22.4
-pkgrel=06
+pkgrel=07
 pkgdesc='GNU troff text-formatting system'
 arch=('x86_64')
 url='https://www.gnu.org/software/groff/groff.html'
--- a/groff/PKGBUILD-arch
+++ b/groff/PKGBUILD-arch
@ -2,7 +2,7 @@

 pkgname=groff
 pkgver=1.22.4
-pkgrel=6
+pkgrel=7
 pkgdesc='GNU troff text-formatting system'
 arch=('x86_64')
 url='https://www.gnu.org/software/groff/groff.html'
--- a/libarchive/0001-ZIP-reader-fix-possible-out-of-bounds-read-in-zipx_l.patch
+++ b/libarchive/0001-ZIP-reader-fix-possible-out-of-bounds-read-in-zipx_l.patch
@ -0,0 +1,27 @@
+From cfaa28168a07ea4a53276b63068f94fce37d6aff Mon Sep 17 00:00:00 2001
+From: Tim Kientzle <kientzle@acm.org>
+Date: Thu, 24 Mar 2022 10:35:00 +0100
+Subject: [PATCH 1/1] ZIP reader: fix possible out-of-bounds read in
+ zipx_lzma_alone_init()
+
+Fixes #1672
+---
+ libarchive/archive_read_support_format_zip.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c
+index 38ada70b..9d6c900b 100644
+--- a/libarchive/archive_read_support_format_zip.c
+++ b/libarchive/archive_read_support_format_zip.c
+@@ -1667,7 +1667,7 @@ zipx_lzma_alone_init(struct archive_read *a, struct zip *zip)
+ 	 */
+ 
+ 	/* Read magic1,magic2,lzma_params from the ZIPX stream. */
+-	if((p = __archive_read_ahead(a, 9, NULL)) == NULL) {
+	if(zip->entry_bytes_remaining < 9 || (p = __archive_read_ahead(a, 9, NULL)) == NULL) {
+ 		archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
+ 		    "Truncated lzma data");
+ 		return (ARCHIVE_FATAL);
+-- 
+2.35.1
+
--- a/libarchive/PKGBUILD
+++ b/libarchive/PKGBUILD
@ -14,7 +14,14 @@ depends=('acl' 'libacl.so' 'bzip2' 'expat' 'lz4' 'openssl' 'xz' 'zlib')
 # 'zstd')
 provides=('libarchive.so')
 #options=('debug')
-source=("https://github.com/${pkgname}/${pkgname}/releases/download/v${pkgver}/${pkgname}-${pkgver}.tar.xz"{,.asc})
+source=("https://github.com/${pkgname}/${pkgname}/releases/download/v${pkgver}/${pkgname}-${pkgver}.tar.xz"{,.asc}
+        '0001-ZIP-reader-fix-possible-out-of-bounds-read-in-zipx_l.patch')
+
+prepare() {
+  cd "${pkgname}-${pkgver}"
+
+  patch -Np1 < ../0001-ZIP-reader-fix-possible-out-of-bounds-read-in-zipx_l.patch
+}

 build() {
  cd $pkgname-$pkgver 
@ -47,4 +54,5 @@ license=('BSD')
 validpgpkeys=('A5A45B12AD92D964B89EEE2DEC560C81CEC2276E') # Martin Matuska <mm@FreeBSD.org>

 sha256sums=(df283917799cb88659a5b33c0a598f04352d61936abcd8a48fe7b64e74950de7 # libarchive-3.6.0.tar.xz
-	75d1524d2aba1bed0d7ad3e38807d94b595c2bbbd4a14bb860f7d4a494a12f2c) # libarchive-3.6.0.tar.xz.asc
+	75d1524d2aba1bed0d7ad3e38807d94b595c2bbbd4a14bb860f7d4a494a12f2c # libarchive-3.6.0.tar.xz.asc
+	fb0ccefdce771ac1f19e4d2f991f6ed4201313f55af0dcbb3abb0e7b0f25696e) # 0001-ZIP-reader-fix-possible-out-of-bounds-read-in-zipx_l.patch
--- a/libarchive/PKGBUILD-arch
+++ b/libarchive/PKGBUILD-arch
@ -3,7 +3,7 @@

 pkgname=libarchive
 pkgver=3.6.0
-pkgrel=1
+pkgrel=2
 pkgdesc='Multi-format archive and compression library'
 arch=('x86_64')
 url='https://libarchive.org/'
@ -12,9 +12,17 @@ depends=('acl' 'libacl.so' 'bzip2' 'expat' 'lz4' 'openssl' 'xz' 'zlib' 'zstd')
 provides=('libarchive.so')
 options=('debug')
 validpgpkeys=('A5A45B12AD92D964B89EEE2DEC560C81CEC2276E') # Martin Matuska <mm@FreeBSD.org>
-source=("https://github.com/${pkgname}/${pkgname}/releases/download/v${pkgver}/${pkgname}-${pkgver}.tar.xz"{,.asc})
+source=("https://github.com/${pkgname}/${pkgname}/releases/download/v${pkgver}/${pkgname}-${pkgver}.tar.xz"{,.asc}
+        '0001-ZIP-reader-fix-possible-out-of-bounds-read-in-zipx_l.patch')
 sha256sums=('df283917799cb88659a5b33c0a598f04352d61936abcd8a48fe7b64e74950de7'
-            'SKIP')
+            'SKIP'
+            'fb0ccefdce771ac1f19e4d2f991f6ed4201313f55af0dcbb3abb0e7b0f25696e')
+
+prepare() {
+  cd "${pkgname}-${pkgver}"
+
+  patch -Np1 < ../0001-ZIP-reader-fix-possible-out-of-bounds-read-in-zipx_l.patch
+}

 build() {
  cd "${pkgname}-${pkgver}"
--- a/libarchive/deps
+++ b/libarchive/deps
@ -1 +1,2 @@

+
--- a/libarchive/time
+++ b/libarchive/time
@ -1,3 +1,4 @@
-real	1m52.496s
-user	3m43.426s
-sys	0m18.310s
+
+real	1m23.821s
+user	3m3.636s
+sys	0m17.039s
--- a/mdadm/PKGBUILD
+++ b/mdadm/PKGBUILD
@ -7,7 +7,7 @@

 pkgname=mdadm
 pkgver=4.2
-pkgrel=01
+pkgrel=02
 pkgdesc='A tool for managing/monitoring Linux md device arrays, also known as Software RAID w/o systemd'
 arch=('x86_64')
 url='https://git.kernel.org/pub/scm/utils/mdadm'
@ -15,6 +15,7 @@ makedepends=('git')
 depends=('glibc')
 replaces=('raidtools')
 backup=('etc/mdadm.conf')
+optdepends=('bash: mdcheck')
 source=("git+https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git#tag=${pkgname}-${pkgver}?signed"
        'disable-werror.patch'
 	'mdadm.conf'
@ -37,6 +38,7 @@ package() {
  make INSTALL=/usr/bin/install BINDIR=/usr/bin DESTDIR="$pkgdir" UDEVDIR=/usr/lib/udev install
  install -D -m644 ../mdadm.conf "$pkgdir"/etc/mdadm.conf
  install -D -m644 ../mdadm_udev_install "$pkgdir"/usr/lib/initcpio/install/mdadm_udev
+  install -D -m755 misc/mdcheck "$pkgdir"/usr/share/mdadm/mdcheck
  ln -s mdadm_udev "$pkgdir"/usr/lib/initcpio/install/mdadm
 }

--- a/mdadm/PKGBUILD-arch
+++ b/mdadm/PKGBUILD-arch
@ -3,13 +3,14 @@

 pkgname=mdadm
 pkgver=4.2
-pkgrel=1
+pkgrel=2
 pkgdesc='A tool for managing/monitoring Linux md device arrays, also known as Software RAID'
 arch=('x86_64')
 license=('GPL')
 url='https://git.kernel.org/pub/scm/utils/mdadm'
 makedepends=('git')
 depends=('glibc' 'systemd')
+optdepends=('bash: mdcheck')
 replaces=('raidtools')
 backup=('etc/mdadm.conf')
 validpgpkeys=('6A86B80E1D22F21D0B26BA75397D82E0531A9C91') # Jes Sorensen
@ -39,5 +40,6 @@ package() {
  make SYSTEMD_DIR="$pkgdir"/usr/lib/systemd/system install-systemd
  install -D -m644 ../mdadm.conf "$pkgdir"/etc/mdadm.conf
  install -D -m644 ../mdadm_udev_install "$pkgdir"/usr/lib/initcpio/install/mdadm_udev
+  install -D -m755 misc/mdcheck "$pkgdir"/usr/share/mdadm/mdcheck
  ln -s mdadm_udev "$pkgdir"/usr/lib/initcpio/install/mdadm
 }
--- a/mdadm/time
+++ b/mdadm/time
@ -1,3 +1,4 @@
-real	0m14.789s
-user	0m27.562s
-sys	0m1.215s
+
+real	0m24.292s
+user	0m28.227s
+sys	0m1.637s
--- a/nss/PKGBUILD
+++ b/nss/PKGBUILD
@ -7,7 +7,7 @@

 pkgbase=nss
 pkgname=(nss ca-certificates-mozilla)
-pkgver=3.76
+pkgver=3.76.1
 pkgrel=01
 pkgdesc="Network Security Services - zstd mandatory here!"
 # experiment without zstd
@ -15,7 +15,7 @@ url="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS"
 arch=(x86_64)
 depends=(nspr sqlite zlib sh 'p11-kit>=0.23.19')
 makedepends=(perl python gyp mercurial)
-_revision=b5b9832a38988f8b6ad58c81235ee85a62bdc8e0
+_revision=0e6c67470eed5044ace519e2405ddfa7186f0dc2
 source=("hg+https://hg.mozilla.org/projects/nss#revision=$_revision"
        certdata2pem.py
 	bundle.sh)
--- a/nss/PKGBUILD-arch.new
+++ b/nss/PKGBUILD-arch.new
@ -0,0 +1,100 @@
+# Maintainer: Jan Alexander Steffens (heftig) <heftig@archlinux.org>
+# Contributor: Jan de Groot <jgc@archlinux.org>
+
+pkgbase=nss
+pkgname=(nss ca-certificates-mozilla)
+pkgver=3.76.1
+pkgrel=1
+pkgdesc="Network Security Services"
+url="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS"
+arch=(x86_64)
+license=(MPL GPL)
+depends=(nspr sqlite zlib sh 'p11-kit>=0.23.19')
+makedepends=(perl python gyp mercurial)
+_revision=0e6c67470eed5044ace519e2405ddfa7186f0dc2
+source=("hg+https://hg.mozilla.org/projects/nss#revision=$_revision"
+        certdata2pem.py bundle.sh)
+sha256sums=('SKIP'
+            'd2a1579dae05fd16175fac27ef08b54731ecefdf414085c610179afcf62b096c'
+            '3bfadf722da6773bdabdd25bdf78158648043d1b7e57615574f189a88ca865dd')
+
+pkgver() {
+  cd nss
+  hg id -t -r. | sed 's/^NSS_//;s/_RTM$//;s/_/./g'
+}
+
+prepare() {
+  mkdir -p certs
+  ln -srft certs nss/lib/ckfw/builtins/{certdata.txt,nssckbi.h}
+}
+
+build() {
+  cd certs
+  ../certdata2pem.py
+
+  cd ..
+  ./bundle.sh
+
+  cd nss
+  ./build.sh \
+    --target x64 \
+    --opt \
+    --system-sqlite \
+    --system-nspr \
+    --enable-libpkix \
+    --disable-tests
+}
+
+package_nss() {
+  local nsprver="$(pkg-config --modversion nspr)"
+  local libdir=/usr/lib
+
+  sed nss/pkg/pkg-config/nss.pc.in \
+    -e "s,%libdir%,$libdir,g" \
+    -e "s,%prefix%,/usr,g" \
+    -e "s,%exec_prefix%,/usr/bin,g" \
+    -e "s,%includedir%,/usr/include/nss,g" \
+    -e "s,%NSPR_VERSION%,$nsprver,g" \
+    -e "s,%NSS_VERSION%,$pkgver,g" |
+    install -Dm644 /dev/stdin "$pkgdir$libdir/pkgconfig/nss.pc"
+
+  ln -s nss.pc "$pkgdir$libdir/pkgconfig/mozilla-nss.pc"
+
+  install -Dt "$pkgdir$libdir" dist/Release/lib/*.so
+
+  local vmajor vminor vpatch
+  { read vmajor; read vminor; read vpatch; } \
+    < <(awk '/#define.*NSS_V(MAJOR|MINOR|PATCH)/ {print $3}' nss/lib/nss/nss.h)
+
+  sed nss/pkg/pkg-config/nss-config.in \
+    -e "s,@libdir@,$libdir,g" \
+    -e "s,@prefix@,/usr/bin,g" \
+    -e "s,@exec_prefix@,/usr/bin,g" \
+    -e "s,@includedir@,/usr/include/nss,g" \
+    -e "s,@MOD_MAJOR_VERSION@,$vmajor,g" \
+    -e "s,@MOD_MINOR_VERSION@,$vminor,g" \
+    -e "s,@MOD_PATCH_VERSION@,$vpatch,g" |
+    install -D /dev/stdin "$pkgdir/usr/bin/nss-config"
+
+  install -Dt "$pkgdir/usr/bin" \
+    dist/Release/bin/{*util,shlibsign,signtool,signver,ssltap}
+
+  install -Dt "$pkgdir/usr/include/nss" -m644 dist/public/nss/*.h
+
+  install -Dt "$pkgdir/usr/share/man/man1" -m644 \
+    nss/doc/nroff/{*util,signtool,signver,ssltap}.1
+
+  # Replace built-in trust with p11-kit connection
+  ln -s pkcs11/p11-kit-trust.so "$pkgdir$libdir/p11-kit-trust.so"
+  ln -sf p11-kit-trust.so "$pkgdir$libdir/libnssckbi.so"
+}
+
+package_ca-certificates-mozilla() {
+  pkgdesc="Mozilla's set of trusted CA certificates"
+  depends=('ca-certificates-utils>=20181109-3')
+
+  install -Dm644 ca-bundle.trust.p11-kit \
+    "$pkgdir/usr/share/ca-certificates/trust-source/mozilla.trust.p11-kit"
+}
+
+# vim:set sw=2 et:
--- a/nss/time
+++ b/nss/time
@ -1,3 +1,5 @@
-real	7m23.299s
-user	4m34.575s
-sys	0m17.848s
+
+real	7m12.919s
+user	4m0.203s
+sys	0m18.311s
+
--- a/pacman/PKGBUILD
+++ b/pacman/PKGBUILD
@ -7,7 +7,7 @@

 pkgname=pacman
 pkgver=6.0.1
-pkgrel=07
+pkgrel=08
 pkgdesc="A library-based package manager with dependency support"
 arch=('x86_64')
 url="https://www.archlinux.org/pacman/"
@ -46,7 +46,7 @@ build() {

  meson --prefix=/usr \
 	--buildtype=plain \
-	-Ddoc=enabled \
+	-Ddoc=disabled \
 	-Ddoxygen=enabled \
 	-Dscriptlet-shell=/usr/bin/bash \
 	-Dldconfig=/usr/bin/ldconfig \
@ -88,4 +88,4 @@ sha256sums=(0db61456e56aa49e260e891c0b025be210319e62b15521f29d3e93b00d3bf731 # p
 	7d0aee976c9c71fcf7c96ef1d99aa76efe47d8c1f4451842d6d159ec7deb4278 # libmakepkg-add-extra-buildflags-only-when-buildflags.patch
 	5b43e26a76be3ed10a69d4bfb2be48db8cce359baf46583411c7f124737ebe6a # make-link-time-optimization-flags-configurable.patch
 	aa2e113eba452b9d9fef85aa87333370ae2d3bb0e06df4b0776e04c3ec76d028 # pacman.conf
-	9610c7c1d3c58359d88ee0b266766c002f1b0109ddc7a1cea36b35f2ef6d0079) # makepkg.conf
+	7e1af6a61b1b8565b5d608ba77b435e55585ad8acb7b106585458124a020c462) # makepkg.conf
--- a/pacman/makepkg.conf
+++ b/pacman/makepkg.conf
@ -9,10 +9,10 @@
 #
 #-- The download utilities that makepkg should use to acquire sources
 #  Format: 'protocol::agent'
-DLAGENTS=('file::/usr/bin/curl -gqC - -o %o %u'
-          'ftp::/usr/bin/curl -gqfC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u'
-          'http::/usr/bin/curl -gqb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
-          'https::/usr/bin/curl -gqb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
+DLAGENTS=('file::/usr/bin/curl -qgC - -o %o %u'
+          'ftp::/usr/bin/curl -qgfC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u'
+          'http::/usr/bin/curl -qgb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'https::/usr/bin/curl -qgb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
          'rsync::/usr/bin/rsync --no-motd -z %u %o'
          'scp::/usr/bin/scp -C %u %o')

@ -43,12 +43,13 @@ CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fexceptions \
        -fstack-clash-protection -fcf-protection"
 CXXFLAGS="$CFLAGS -Wp,-D_GLIBCXX_ASSERTIONS"
 LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
+LTOFLAGS="-flto=auto"
 #RUSTFLAGS="-C opt-level=2"
 #-- Make Flags: change this for DistCC/SMP systems
 #MAKEFLAGS="-j2"
 #-- Debugging flags
-DEBUG_CFLAGS="-g -fvar-tracking-assignments"
-DEBUG_CXXFLAGS="-g -fvar-tracking-assignments"
+DEBUG_CFLAGS="-g"
+DEBUG_CXXFLAGS="$DEBUG_CFLAGS"
 #DEBUG_RUSTFLAGS="-C debuginfo=2"

 #########################################################################
@ -59,7 +60,7 @@ DEBUG_CXXFLAGS="-g -fvar-tracking-assignments"
 #  A negated environment option will do the opposite of the comments below.
 #
 #-- distcc:   Use the Distributed C/C++/ObjC compiler
-- color:    Colorize output messages
+#-- color:    Colorize output messages
 #-- ccache:   Use ccache to cache compilation
 #-- check:    Run the check() function if present in the PKGBUILD
 #-- sign:     Generate PGP signature file
@ -121,11 +122,11 @@ DBGSRCDIR="/usr/src/debug"
 #-- Source cache: specify a fixed directory where source files will be cached
 #SRCDEST=/home/sources
 #-- Source packages: specify a fixed directory where all src packages will be placed
-#SRCPKGDEST=/home/srcpackages
+SRCPKGDEST=/src/pkg/
 #-- Log files: specify a fixed directory where all log files will be placed
 #LOGDEST=/home/makepkglogs
 #-- Packager: name/email of the person or organization building packages
-PACKAGER="joborun@disroot.org"
+PACKAGER="joborun <joborun@disroot.org>"
 #-- Specify a key to use for package signing
 #GPGKEY=""

@ -135,7 +136,7 @@ PACKAGER="joborun@disroot.org"
 #
 COMPRESSGZ=(gzip -c -f -n)
 COMPRESSBZ2=(bzip2 -c -f)
-COMPRESSXZ=(xz -7 -T0 -c -z -)
+COMPRESSXZ=(xz -T0 -c -z -)
 COMPRESSLRZ=(lrzip -q)
 COMPRESSLZO=(lzop -q)
 COMPRESSZ=(compress -c -f)
@ -157,4 +158,4 @@ SRCEXT='.src.tar.gz'
 #########################################################################
 #
 #-- Command used to run pacman as root, instead of trying sudo and su
-#PACMAN_AUTH=()
+PACMAN_AUTH=(pkg)
--- a/pacman/makepkg.conf-arch.new
+++ b/pacman/makepkg.conf-arch.new
@ -0,0 +1,159 @@
+#!/hint/bash
+#
+# /etc/makepkg.conf
+#
+
+#########################################################################
+# SOURCE ACQUISITION
+#########################################################################
+#
+#-- The download utilities that makepkg should use to acquire sources
+#  Format: 'protocol::agent'
+DLAGENTS=('file::/usr/bin/curl -qgC - -o %o %u'
+          'ftp::/usr/bin/curl -qgfC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u'
+          'http::/usr/bin/curl -qgb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'https::/usr/bin/curl -qgb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'rsync::/usr/bin/rsync --no-motd -z %u %o'
+          'scp::/usr/bin/scp -C %u %o')
+
+# Other common tools:
+# /usr/bin/snarf
+# /usr/bin/lftpget -c
+# /usr/bin/wget
+
+#-- The package required by makepkg to download VCS sources
+#  Format: 'protocol::package'
+VCSCLIENTS=('bzr::bzr'
+            'fossil::fossil'
+            'git::git'
+            'hg::mercurial'
+            'svn::subversion')
+
+#########################################################################
+# ARCHITECTURE, COMPILE FLAGS
+#########################################################################
+#
+CARCH="x86_64"
+CHOST="x86_64-pc-linux-gnu"
+
+#-- Compiler and Linker Flags
+#CPPFLAGS=""
+CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fexceptions \
+        -Wp,-D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security \
+        -fstack-clash-protection -fcf-protection"
+CXXFLAGS="$CFLAGS -Wp,-D_GLIBCXX_ASSERTIONS"
+LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
+LTOFLAGS="-flto=auto"
+#RUSTFLAGS="-C opt-level=2"
+#-- Make Flags: change this for DistCC/SMP systems
+#MAKEFLAGS="-j2"
+#-- Debugging flags
+DEBUG_CFLAGS="-g"
+DEBUG_CXXFLAGS="$DEBUG_CFLAGS"
+#DEBUG_RUSTFLAGS="-C debuginfo=2"
+
+#########################################################################
+# BUILD ENVIRONMENT
+#########################################################################
+#
+# Makepkg defaults: BUILDENV=(!distcc !color !ccache check !sign)
+#  A negated environment option will do the opposite of the comments below.
+#
+#-- distcc:   Use the Distributed C/C++/ObjC compiler
+#-- color:    Colorize output messages
+#-- ccache:   Use ccache to cache compilation
+#-- check:    Run the check() function if present in the PKGBUILD
+#-- sign:     Generate PGP signature file
+#
+BUILDENV=(!distcc color !ccache check !sign)
+#
+#-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
+#-- specify a space-delimited list of hosts running in the DistCC cluster.
+#DISTCC_HOSTS=""
+#
+#-- Specify a directory for package building.
+#BUILDDIR=/tmp/makepkg
+
+#########################################################################
+# GLOBAL PACKAGE OPTIONS
+#   These are default values for the options=() settings
+#########################################################################
+#
+# Makepkg defaults: OPTIONS=(!strip docs libtool staticlibs emptydirs !zipman !purge !debug !lto)
+#  A negated option will do the opposite of the comments below.
+#
+#-- strip:      Strip symbols from binaries/libraries
+#-- docs:       Save doc directories specified by DOC_DIRS
+#-- libtool:    Leave libtool (.la) files in packages
+#-- staticlibs: Leave static library (.a) files in packages
+#-- emptydirs:  Leave empty directories in packages
+#-- zipman:     Compress manual (man and info) pages in MAN_DIRS with gzip
+#-- purge:      Remove files specified by PURGE_TARGETS
+#-- debug:      Add debugging flags as specified in DEBUG_* variables
+#-- lto:        Add compile flags for building with link time optimization
+#
+OPTIONS=(strip docs !libtool !staticlibs emptydirs zipman purge !debug !lto)
+
+#-- File integrity checks to use. Valid: md5, sha1, sha224, sha256, sha384, sha512, b2
+INTEGRITY_CHECK=(sha256)
+#-- Options to be used when stripping binaries. See `man strip' for details.
+STRIP_BINARIES="--strip-all"
+#-- Options to be used when stripping shared libraries. See `man strip' for details.
+STRIP_SHARED="--strip-unneeded"
+#-- Options to be used when stripping static libraries. See `man strip' for details.
+STRIP_STATIC="--strip-debug"
+#-- Manual (man and info) directories to compress (if zipman is specified)
+MAN_DIRS=({usr{,/local}{,/share},opt/*}/{man,info})
+#-- Doc directories to remove (if !docs is specified)
+DOC_DIRS=(usr/{,local/}{,share/}{doc,gtk-doc} opt/*/{doc,gtk-doc})
+#-- Files to be removed from all packages (if purge is specified)
+PURGE_TARGETS=(usr/{,share}/info/dir .packlist *.pod)
+#-- Directory to store source code in for debug packages
+DBGSRCDIR="/usr/src/debug"
+
+#########################################################################
+# PACKAGE OUTPUT
+#########################################################################
+#
+# Default: put built package and cached source in build directory
+#
+#-- Destination: specify a fixed directory where all packages will be placed
+#PKGDEST=/home/packages
+#-- Source cache: specify a fixed directory where source files will be cached
+#SRCDEST=/home/sources
+#-- Source packages: specify a fixed directory where all src packages will be placed
+#SRCPKGDEST=/home/srcpackages
+#-- Log files: specify a fixed directory where all log files will be placed
+#LOGDEST=/home/makepkglogs
+#-- Packager: name/email of the person or organization building packages
+#PACKAGER="John Doe <john@doe.com>"
+#-- Specify a key to use for package signing
+#GPGKEY=""
+
+#########################################################################
+# COMPRESSION DEFAULTS
+#########################################################################
+#
+COMPRESSGZ=(gzip -c -f -n)
+COMPRESSBZ2=(bzip2 -c -f)
+COMPRESSXZ=(xz -c -z -)
+COMPRESSZST=(zstd -c -z -q -)
+COMPRESSLRZ=(lrzip -q)
+COMPRESSLZO=(lzop -q)
+COMPRESSZ=(compress -c -f)
+COMPRESSLZ4=(lz4 -q)
+COMPRESSLZ=(lzip -c -f)
+
+#########################################################################
+# EXTENSION DEFAULTS
+#########################################################################
+#
+PKGEXT='.pkg.tar.zst'
+SRCEXT='.src.tar.gz'
+
+#########################################################################
+# OTHER
+#########################################################################
+#
+#-- Command used to run pacman as root, instead of trying sudo and su
+#PACMAN_AUTH=()
--- a/util-linux/PKGBUILD
+++ b/util-linux/PKGBUILD
@ -7,7 +7,7 @@
 pkgbase=util-linux
 pkgname=(util-linux util-linux-libs)
 _pkgmajor=2.38
-_realver=${_pkgmajor}-rc4
+_realver=${_pkgmajor}
 pkgver=${_realver/-/}
 pkgrel=01
 pkgdesc='Miscellaneous system utilities for Linux w/o systemd'
@ -115,8 +115,8 @@ license=('GPL2')

 validpgpkeys=('B0C64D14301CC6EFAEDF60E4E4B71D5EEC39C284')  # Karel Zak

-sha256sums=(90166b32dd4327fb2222af59870a36dc126e9aa84305e36abca8be287ff7c147 # util-linux-2.38-rc4.tar.xz
-	0e0db92bb1838f78f65246bf4402035f56b3da4b6196a3e38ecd252c49328ea7 # util-linux-2.38-rc4.tar.sign
+sha256sums=(6d111cbe4d55b336db2f1fbeffbc65b89908704c01136371d32aa9bec373eb64 # util-linux-2.38.tar.xz
+	ed4212398acad78c428b5d8b940398c884b919053181cd4d89bcb81db938ca5b # util-linux-2.38.tar.sign
 	99cd77f21ee44a0c5e57b0f3670f711a00496f198fc5704d7e44f5d817c81a0f # pam-login
 	57e057758944f4557762c6def939410c04ca5803cbdd2bfa2153ce47ffe7a4af # pam-common
 	48d6fba767631e3dd3620cf02a71a74c5d65a525d4c4ce4b5a0b7d9f41ebfea1 # pam-runuser
--- a/util-linux/PKGBUILD-arch
+++ b/util-linux/PKGBUILD-arch
@ -5,7 +5,7 @@
 pkgbase=util-linux
 pkgname=(util-linux util-linux-libs)
 _pkgmajor=2.38
-_realver=${_pkgmajor}-rc4
+_realver=${_pkgmajor}
 pkgver=${_realver/-/}
 pkgrel=1
 pkgdesc='Miscellaneous system utilities for Linux'
@ -21,7 +21,7 @@ source=("https://www.kernel.org/pub/linux/utils/util-linux/v${_pkgmajor}/${pkgba
        '60-rfkill.rules'
        'rfkill-unblock_.service'
        'rfkill-block_.service')
-sha256sums=('90166b32dd4327fb2222af59870a36dc126e9aa84305e36abca8be287ff7c147'
+sha256sums=('6d111cbe4d55b336db2f1fbeffbc65b89908704c01136371d32aa9bec373eb64'
            'SKIP'
            '99cd77f21ee44a0c5e57b0f3670f711a00496f198fc5704d7e44f5d817c81a0f'
            '57e057758944f4557762c6def939410c04ca5803cbdd2bfa2153ce47ffe7a4af'