This allows setting flags for PaX on select binaries. Two new variables
are introduced for packages: NOT_PAX_ASLR_SAFE and NOT_PAX_MPROTECT_SAFE.
They both expect a list of binaries are known to not support PaX ASLR
and/or PaX MPROTECT, respectively.
"Please commit" wiz@
with what packages such as multimedia/ffmpeg2 expect, and as so few
packages have texi2html in USE_TOOLS it may be causing more problems
that it is worth to save a few dependencies. PR#51113.
script included in the ocaml-findlib package) and removes the need to call
said script explicitly from PLIST.
Packages that use findlib will now automatically add directories that are
in OCAML_FINDLIB_DIRS (set by default to $(OCAML_SITELIBDIR)/${PKGBASE})
to the file ${PREFIX}/lib/ocaml/ld.conf. This behaviour can be disabled by
undefining OCAML_FINDLIB_REGISTER.
been broken due to NATIVE_MACHINE_ARCH no longer being set to x86_64. Fix
this by introducing HOST_MACHINE_ARCH which refers to the underlying host
architecture rather than bmake's native architecture, thus differentiating
between cross-compiling and multilib.
This is currently only set on Linux as the only OPSYS which currently
requires such a test, but can be expanded to other OPSYS as necessary.
This allows fixing an issue with PKGSRC_MKPIE, where "gcc source.c" would
not work. Some packages rely on this test to determine if a working
compiler is available.
- change Linux x86 from sun-jdk6 to oracle-jdk8
- change SunOS x86 from openjdk7 to openjdk8
- change DragonFly from openjdk7 to openjdk8
leave Darwin at sun-jdk6 for now, not sure how the builtin stuff works ...
- No _GCC_* anything in mk/bsd.prefs.mk;
- No compiler flags in platform files.
Tested again on NetBSD/amd64, with and without cwrappers, with the same
outcome.
With feedback from jperkin@
- Revisit (and rename) support for FORTIFY as PKGSRC_USE_FORTIFY (instead
of PKGSRC_USE_FORT) for easier support outside NetBSD/gcc;
- PKGSRC_USE_SSP is no longer enabled by default when PKGSRC_USE_FORTIFY
is enabled;
- PKGSRC_MKPIE builds executables as PIE (to leverage userland ASLR)
- PKGSRC_USE_RELRO builds with a read-only GOT to prevent some exploits
from functioning.
Tested on NetBSD/amd64 by myself, in every combination, with and without
pkgtools/cwrappers. MKPIE is not supported at the moment with cwrappers.
Also, MKPIE is known to still break a number of packages when enabled (and
actually supported).
Tested on SunOS by jperkin@, thank you!
As discussed on tech-pkg@, the default behavior is not changed, except
where noted above.
ok bsiegert@
It turns out a handful of AIX binutil-like utilities are particular
about type of object files they should examine. Instead of piping
through flags for each utility everywhere, it is easier to just export
'OBJECT_MODE=[32|64]' instead.
From Eric N. Vander Weele.
AIX is particular about the type of object files `ar` should examine.
This should be set explicitly to coincide with the user's defined $ABI.
Contributed by Eric N. Vander Weele.
conflict with pkgsrc versions of those packages, and do not interact well
with the wrappers anyway as cmake will perform simple file-based tests for
headers but the compiler will be unable to find them.
overrides for libtool. This allows us to easily get the fixed version
from our libtool in place without having to hunt down for the specific
bugs in random places. Disable the override explicitly in clisp, which
installs a copy without explicitly depending on libtool at run time.
ocaml.mk. It was becoming more trouble than it was worth: only a minority
of packages used it, and it only made Makefiles more confusing.
(I've left out some packages: these will be updated forthwith)
look for print/texlive/*.mk files for help.
Now documentation regarding TeX packages for pkgsrc MAINTAINERs and
developers is easily accessible via the "help" target.
ok wiz@
Up to now, using subst.mk may have led to file corruption during active
package development. This happened when a sed(1) command had a syntax
error, in which case the whole sed(1) command was terminated, leaving an
empty original file behind.
This commit changes that behavior by applying the sed(1) commands to
the original file and saving the result in a temporary file. Only
after that succeeded is the original file overwritten.
During this rewrite, SUBST_POSTCMD has been removed, since it was
only used in one place (mk/wrapper), and since it relied on the exact
sequence of the internal commands. No package in either main pkgsrc
or pkgsrc-wip uses this variable right now.
Previously there were at least 5 different ways MACHINE_ARCH could be set,
some statically and some at run time, and in many cases these settings
differed, leading to issues at pkg_add time where there was conflict
between the setting encoded into the package and that used by pkg_install.
Instead, move to a single source of truth where the correct value based on
the host and the chosen (or default) ABI is determined in the bootstrap
script. The value can still be overridden in mk.conf if necessary, e.g.
for cross-compiling.
ABI is now set by default and if unset a default is calculated based on
MACHINE_ARCH. This fixes some OS, e.g. Linux, where the wrong default was
previously chosen.
As a result of the refactoring there is no need for LOWER_ARCH, with
references to it replaced by MACHINE_ARCH. SPARC_TARGET_ARCH is also
removed.
This goes as far back as 2001 (mk.conf.example) but there should not be any
reason to explicitly set CFLAGS for specific packages. In practice this
even fixes support for global CFLAGS in www/apache{22,24}.
ok gdt@
and checksum scripts.
Fixes the problem where DISTINFO_FILE=../../foo/bar/distinfo doesn't
work without having an extraneous and ugly ${.CURDIR} stuffed into it
by hand.
of software such as Ruby to build on Tiger/PowerPC.
Tested with & without on a G4 with Tiger & Leopard.
It was not needed on Leopard as the linker defaults to a target of 10.5 &
setting it back broke the bootstrap process.
Reviewed by wiz@ long ago.
The find-prefix infrastructure was required in a pkgviews world where
packages installed from pkgsrc could have different installation
prefixes, and this was a way for a dependency prefix to be determined.
Now that pkgviews has been removed there is no longer any need for the
overhead of this infrastructure. Instead we use BUILDLINK_PREFIX.pkg
for dependencies pulled in via buildlink, or LOCALBASE/PREFIX where the
dependency is coming from pkgsrc.
Provides a reasonable performance win due to the reduction of `pkg_info
-qp` calls, some of which were redundant anyway as they were duplicating
the same information provided by BUILDLINK_PREFIX.pkg.
for the memoent:
Because multiple versions of wxGTK cannot currently coexist, the
strategy is to use a single version, with each package building with
it if possible and failing otherwise.
Thanks gdt@ for comments and corrections.
TOOLS_PATH.readelf is set. This is a PKG_DEVELOPER feature and it's
likely the developer is smart enough to either have it already available
in $PATH or be able to install it (e.g. via devel/binutils) if required.
