diff options
| -rw-r--r-- | .SRCINFO | 8 | ||||
| -rw-r--r-- | PKGBUILD | 16 | ||||
| -rw-r--r-- | README.md | 13 |
3 files changed, 29 insertions, 8 deletions
@@ -1,16 +1,16 @@ pkgbase = medivia pkgdesc = Client for medivia.online mmorpg server. - pkgver = 2.5.1 + pkgver = 2.9.2 pkgrel = 0 url = https://medivia.online/download arch = i686 arch = x86_64 license = unknown makedepends = chrpath - noextract = medivia-2.5.1.tar.gz - source = medivia-2.5.1.tar.gz::https://medivia.online/uploads/downloads/medivia-2.5.1-linux-32bits.tar.gz + noextract = medivia-2.9.2.tar.gz + source = medivia-2.9.2.tar.gz::https://medivia.online/uploads/downloads/medivia-2.9.2-linux-32bits.tar.gz source = medivia.desktop - md5sums = 8fdf6590b0c430dccf3f0bf7f32e34bc + md5sums = a15fe61553e4d26656c393cde0897291 md5sums = 2791be26444cdf1b14d8a49736a6bbb9 depends_i686 = libglvnd depends_x86_64 = lib32-libglvnd @@ -1,6 +1,6 @@ # Maintainer: Igor Deyashkin <igor_deyawka@mail.ru> pkgname="medivia" -pkgver="2.5.1" +pkgver="2.9.2" pkgrel=0 pkgdesc="Client for medivia.online mmorpg server." arch=('i686' 'x86_64') @@ -17,14 +17,24 @@ source=("$pkgname-$pkgver.tar.gz::https://medivia.online/uploads/downloads/mediv noextract=("$pkgname-$pkgver.tar.gz") # autofill using updpkgsums -md5sums=('8fdf6590b0c430dccf3f0bf7f32e34bc' +md5sums=('a15fe61553e4d26656c393cde0897291' '2791be26444cdf1b14d8a49736a6bbb9') prepare() { mkdir -p "$pkgname-$pkgver" bsdtar -xzf "$pkgname-$pkgver.tar.gz" -C "$pkgname-$pkgver" - chrpath -d "$pkgname-$pkgver/medivia" + # Rpath of the binary is "RPATH=$ORIGIN:/usr/local/lib:" and I replace it for just "RPATH=$ORIGIN" because we need + # $ORIGIN to search for the libfmod.so.11 included in the package in the executable directory. + + # scottmada [explained](https://www.lexaloffle.com/bbs/?pid=29296#p) this: + # > It means the binary looks for lib files in this directory before anywhere else. This is not a huge issue, as + # > ArchLinux do not use this directory normally, but as this directory is meant for system-wide libraries installed + # > by the user, a conflict could occur if the user would install there their own version of glibc (or malicious + # > software there). A simple fix would be to delete the RPATH from the binary using "chrpath" or "patchelf" + # > commands, after the build, but before the release. The /usr/local/lib is insecure and don't + + chrpath -r '$ORIGIN' "$pkgname-$pkgver/medivia" } package() { diff --git a/README.md b/README.md index 3196bb0fac48..4f83f905387e 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,17 @@ namcap medivia-2.4.0-1-x86_64.pkg.tar.xz makepkg --printsrcinfo > .SRCINFO ``` -`namcap` shows some errors and warnings thougt, but I can't figure out what I can ignore and what I shound fix. +`namcap` shows some errors and warnings thougt, but I can't figure out what I can ignore and what I shound fix. This is +the current warnings: + +``` +medivia E: ELF files outside of a valid path ('opt/'). +medivia W: ELF file ('opt/medivia/libfmod.so.11') has executable stack. +medivia W: ELF file ('opt/medivia/libfmod.so.11') lacks FULL RELRO, check LDFLAGS. +medivia W: ELF file ('opt/medivia/medivia') lacks FULL RELRO, check LDFLAGS. +medivia W: ELF file ('opt/medivia/medivia') lacks PIE. +medivia E: unknown is not a common license (it's not in /usr/share/licenses/common/) +medivia W: Referenced library 'libfmod.so.11' is an uninstalled dependency +``` This is my first package, so any criticism and suggestions is appreciated. |