104 lines
3.1 KiB
Text
104 lines
3.1 KiB
Text
# Maintainer: David Runge <dvzrv@archlinux.org>
|
|
# Contributor: Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
|
|
# Contributor: Allan McRae <allan@archlinux.org>
|
|
# Contributor: Hugo Doria <hugo@archlinux.org>
|
|
|
|
pkgname=libcap
|
|
pkgver=2.70
|
|
pkgrel=1
|
|
pkgdesc="POSIX 1003.1e capabilities"
|
|
arch=(x86_64)
|
|
url="https://sites.google.com/site/fullycapable/"
|
|
license=('BSD-3-Clause OR GPL-2.0-only')
|
|
depends=(
|
|
gcc-libs
|
|
glibc
|
|
pam
|
|
)
|
|
makedepends=(
|
|
go
|
|
linux-api-headers
|
|
)
|
|
provides=(
|
|
libcap.so
|
|
libpsx.so
|
|
)
|
|
# we can not use LTO as otherwise we get no reproducible package with full RELRO
|
|
options=(!lto)
|
|
source=(
|
|
https://kernel.org/pub/linux/libs/security/linux-privs/${pkgname}2/$pkgname-$pkgver.tar.{xz,sign}
|
|
libcap-2.69-cgo_flags.patch # provide flags to go build (sent upstream)
|
|
)
|
|
sha512sums=('4e0bf0efeccb654c409afe9727b2b53c1d4da8190d7a0a9848fc52550ff3e13502add3eacde04a68a5b7bec09e91df487f64c5746ba987f873236a9e53b3d4e8'
|
|
'SKIP'
|
|
'f1e301370b1af91d6cdca2433fcfc60f35ccfdfca7a7ce00a0b0ddfb54d67ed1b7e0a52094010c92514460bd142d12bb29eb28c13d9e7da9b92e4b61b6300d2f')
|
|
b2sums=('77b72acee53032117ea481e3380d1b497f9264b6193b9523542508c7c3e46070248ca4ed910d35809ce6e52caa60cbb31edb125c47221627eeda35c61bd0914b'
|
|
'SKIP'
|
|
'535fe70e39caeccb4b71fe0b6329e37b88b69d18361595e78171e3d148370553a055c81e4e691c5b43e54d5c2789fe5390287a1f23efc4529246877eaf8821e5')
|
|
# NOTE: contacted upstream on 2024-05-19 about unsafe (and differing) key for signed git tags and use of SHA-1 binding signatures in key used for custom source tarballs in the hopes of them using a new key in the future
|
|
validpgpkeys=(38A644698C69787344E954CE29EE848AE2CCF3F4) # Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
# NOTE: with CGO_ENABLED we need all relevant make options in build(), check() and package() otherwise the package is not reproducible
|
|
_common_make_options=(
|
|
CGO_CPPFLAGS="$CPPFLAGS"
|
|
CGO_CFLAGS="$CFLAGS"
|
|
CGO_CXXFLAGS="$CXXFLAGS"
|
|
CGO_LDFLAGS="$LDFLAGS"
|
|
CGO_REQUIRED="1"
|
|
GOFLAGS="-buildmode=pie -mod=readonly -modcacherw"
|
|
GO_BUILD_FLAGS="-ldflags '-compressdwarf=false -linkmode=external'"
|
|
)
|
|
|
|
prepare() {
|
|
# ensure to use CGO_ENABLED all the way (so that we can have full RELRO)
|
|
patch -Np1 -d $pkgname-$pkgver -i ../libcap-2.69-cgo_flags.patch
|
|
}
|
|
|
|
build() {
|
|
export GOPATH="$srcdir"
|
|
|
|
local make_options=(
|
|
"${_common_make_options[@]}"
|
|
DYNAMIC=yes
|
|
KERNEL_HEADERS=/usr/include
|
|
lib=lib
|
|
prefix=/usr
|
|
sbindir=bin
|
|
-C $pkgname-$pkgver
|
|
)
|
|
|
|
make "${make_options[@]}"
|
|
}
|
|
|
|
check() {
|
|
export GOPATH="$srcdir"
|
|
|
|
local make_options=(
|
|
"${_common_make_options[@]}"
|
|
test
|
|
-k
|
|
-C $pkgname-$pkgver
|
|
)
|
|
|
|
make "${make_options[@]}"
|
|
}
|
|
|
|
package() {
|
|
export GOPATH="$srcdir"
|
|
|
|
local make_options=(
|
|
"${_common_make_options[@]}"
|
|
DESTDIR="$pkgdir"
|
|
RAISE_SETFCAP=no
|
|
lib=lib
|
|
prefix=/usr
|
|
sbindir=bin
|
|
install
|
|
-C $pkgname-$pkgver
|
|
)
|
|
|
|
make "${make_options[@]}"
|
|
install -vDm 644 $pkgname-$pkgver/{CHANGELOG,README} -t "$pkgdir/usr/share/doc/$pkgname/"
|
|
install -vDm 644 $pkgname-$pkgver/License -t "$pkgdir/usr/share/licenses/$pkgname/"
|
|
install -vDm 644 $pkgname-$pkgver/pam_cap/capability.conf -t "$pkgdir/usr/share/doc/$pkgname/examples/"
|
|
}
|