diff options
author | Stephan Eisvogel | 2017-05-28 18:08:57 +0200 |
---|---|---|
committer | Stephan Eisvogel | 2017-05-28 18:08:57 +0200 |
commit | 6d5a9ff651a4c4fa6933bf2eb2a8c47415234795 (patch) | |
tree | b476f322eaf2cd405a6b6d2ab37e895d619897b7 /PKGBUILD | |
parent | 660eeb459aa19f296e479954cd13175553b1e892 (diff) | |
download | aur-6d5a9ff651a4c4fa6933bf2eb2a8c47415234795.tar.gz |
Fixed protobuf-c-text and most warnings
Diffstat (limited to 'PKGBUILD')
-rw-r--r-- | PKGBUILD | 62 |
1 files changed, 51 insertions, 11 deletions
@@ -1,16 +1,25 @@ # Maintainer: Stephan Eisvogel <eisvogel at embinet dot de> pkgname=nsjail-git -pkgver=r426.0585f08 +pkgver=r437.8e00976 pkgrel=1 pkgdesc="A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)" arch=('x86_64') url="http://nsjail.com" license=('Apache') -makedepends=('git' 'autoconf-archive>2016.03.20' 'doxygen' 're2c' 'check>=0.9.4') -#depends=('libnl>=3' 'protobuf-c') -depends=('libnl>=3') -source=("${pkgname}::git+git://github.com/google/nsjail.git") -sha256sums=('SKIP') +makedepends=('git' 'autoconf-archive>2016.03.20' 'doxygen' 'graphviz' 're2c' 'check>=0.9.4') +depends=('libnl>=3' 'protobuf-c') +source=("${pkgname}::git+git://github.com/google/nsjail.git#commit=8e00976f4976bb546e669fa2b3a586abba8ef4cd" + "https://github.com/trustm3/external_protobuf-c-text/commit/c37f8708d847319921a3fba7d6863103f6b801e2.patch" + "https://github.com/trustm3/external_protobuf-c-text/commit/620db2f1a5bf9a1468a2f54ef904977133267aa2.patch" + "https://github.com/trustm3/external_protobuf-c-text/commit/ccb50d69f833b4417ba66690a0257a8a64eab6ec.patch" + "https://github.com/trustm3/external_protobuf-c-text/commit/b79ba3f1cd350a9ebc4929fa9d63368b460b8877.patch" + "https://github.com/trustm3/external_protobuf-c-text/commit/6a8727066180615e7767b550b491e4ef4d0db514.patch") +sha256sums=('SKIP' + 'ff97c12f9415cc662fb688111c8bc0e7136ff0fb7651e24eaa80bf10c3d62685' + '50cc5cb09e47ddaaf666541e231429311313233a98ead550b1d46ddc0863ef1b' + '78b4e3c5d66b7e26e25c91f62f2a3fc599356bddac8cb174a2d708d5fc2d997a' + '970a3b464e63f5b544fb5e41f7aa6cee13161f12f79d002086fc2aab6aa765f5' + 'd9289f5b146a036dfafaa7b0cc6ecca73ab32b454ef1bef5c512874391174df2') provides=('nsjail') pkgver() { @@ -20,24 +29,55 @@ pkgver() { prepare() { cd "${srcdir}/${pkgname}" + + # Populate kafel and protobuf-c-text submodules git submodule update --init + + # Package maintainer fixes + + # Fix automake breakage sed -i '/^include am\/aminclude_doxygen.am/c@DX_RULES@' protobuf-c-text/Makefile.am + # Fix wrong variable usage sed -i 's/\$(GREP) \/libdata\//\$GREP \/libdata\//' protobuf-c-text/configure.ac + # Delete stack protector flag, Arch has its own through makepkg sed -i 's/-fstack-protector-all //' Makefile + # Introduce EXTRA_FLAGS to preserve makepkg CFLAGS + sed -i '/CC ?= gcc/aEXTRA_CFLAGS := $(CFLAGS)' Makefile + # Build protobuf-c-text with with different CFLAGS (libs need PIC instead of PIE etc.) + sed -i 's/-fPIC/\$(EXTRA_CFLAGS) -fPIC/' Makefile + # Fix bison warning + cd kafel + sed -i '/if (!ctxt->lexical_error) {/aYYUSE(scanner);' src/parser.y + cd .. + + # 3rd party fixes + + cd protobuf-c-text + # Added Android.mk file for integration into Android build system and fixed includes + patch -Np1 -i "$srcdir/c37f8708d847319921a3fba7d6863103f6b801e2.patch" + # Fix wrong integer en- and decoding in protobuf-c-text library + patch -Np1 -i "$srcdir/620db2f1a5bf9a1468a2f54ef904977133267aa2.patch" + # Added sanity check for size passed to memcpy + patch -Np1 -i "$srcdir/ccb50d69f833b4417ba66690a0257a8a64eab6ec.patch" + # esc_str: escape with octal as unsigned (buffer overflow otherwise) + patch -Np1 -i "$srcdir/b79ba3f1cd350a9ebc4929fa9d63368b460b8877.patch" + # Fixes bad mallocs and memcpys caused by invalid input + patch -Np1 -i "$srcdir/6a8727066180615e7767b550b491e4ef4d0db514.patch" } package() { cd "${srcdir}/${pkgname}" - # Build without protobuf-c-text support for now, because of build bugs - make USE_PROTOBUF=no + make install -d "${pkgdir}/etc/nsjail" install -d "${pkgdir}/usr/share/${pkgname}/examples" - install -Ds nsjail "${pkgdir}/usr/bin/nsjail" + install -D nsjail "${pkgdir}/usr/bin/nsjail" install -m644 configs/*.cfg "${pkgdir}/usr/share/${pkgname}/examples" install -m644 LICENSE CONTRIBUTING README.md "${pkgdir}/usr/share/${pkgname}/" echo > "${pkgdir}/etc/nsjail/.placeholder" - echo -e "\nTip: Your kernel should have CONFIG_USER_NS=y to chroot as a normal user." - echo -e " Verify using e.g. this command: zgrep CONFIG_USER_NS /proc/config.gz\n" + echo -e "\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" + echo -e "Tip: Your kernel should have CONFIG_USER_NS=y to chroot as a normal user." + echo -e " Verify using e.g. this command: zgrep CONFIG_USER_NS /proc/config.gz" + echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n" } |