diff --git a/srcpkgs/apparmor/patches/add-missing-typedef-definitions.patch b/srcpkgs/apparmor/patches/add-missing-typedef-definitions.patch new file mode 100644 index 00000000000..30925916350 --- /dev/null +++ b/srcpkgs/apparmor/patches/add-missing-typedef-definitions.patch @@ -0,0 +1,49 @@ +Source: Alpine Linux +Upstream: Unknown +Reason: Fixes compilation with musl libc +--- + +diff --git a/parser/missingdefs.h b/parser/missingdefs.h +new file mode 100644 +index 0000000..8097aef +--- /dev/null ++++ b/parser/missingdefs.h +@@ -0,0 +1,8 @@ ++#ifndef PARSER_MISSINGDEFS_H ++#define PARSER_MISSINGDEFS_H ++ ++typedef int (*__compar_fn_t) (const void *, const void *); ++typedef __compar_fn_t comparison_fn_t; ++typedef void (*__free_fn_t) (void *__nodep); ++ ++#endif +diff --git a/parser/parser_alias.c b/parser/parser_alias.c +index f5b6da4..d57f580 100644 +--- a/parser/parser_alias.c ++++ b/parser/parser_alias.c +@@ -25,6 +25,10 @@ + #include "parser.h" + #include "profile.h" + ++#ifndef __GLIBC__ ++#include "missingdefs.h" ++#endif ++ + struct alias_rule { + char *from; + char *to; +diff --git a/parser/parser_symtab.c b/parser/parser_symtab.c +index 3e667d8..e109f4d 100644 +--- a/parser/parser_symtab.c ++++ b/parser/parser_symtab.c +@@ -25,6 +25,10 @@ + #include "immunix.h" + #include "parser.h" + ++#ifndef __GLIBC__ ++#include "missingdefs.h" ++#endif ++ + enum var_type { + sd_boolean, + sd_set, diff --git a/srcpkgs/apparmor/patches/add-secure_getenv-scandirat.patch b/srcpkgs/apparmor/patches/add-secure_getenv-scandirat.patch new file mode 100644 index 00000000000..e9b6e9bc29f --- /dev/null +++ b/srcpkgs/apparmor/patches/add-secure_getenv-scandirat.patch @@ -0,0 +1,186 @@ +Source: Alpine Linux +Upstream: Unknown +Reason: Fixes compilation with musl libc +--- + +diff --git a/libraries/libapparmor/configure.ac b/libraries/libapparmor/configure.ac +index 479ba6d..979ed91 100644 +--- a/libraries/libapparmor/configure.ac ++++ b/libraries/libapparmor/configure.ac +@@ -81,7 +81,7 @@ AM_CONDITIONAL(HAVE_RUBY, test x$with_ruby = xyes) + AC_HEADER_STDC + AC_CHECK_HEADERS(unistd.h stdint.h syslog.h) + +-AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv]) ++AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv scandirat reallocarray]) + + AM_PROG_CC_C_O + AC_C_CONST +diff --git a/libraries/libapparmor/src/Makefile.am b/libraries/libapparmor/src/Makefile.am +index b9721fd..ed91a3c 100644 +--- a/libraries/libapparmor/src/Makefile.am ++++ b/libraries/libapparmor/src/Makefile.am +@@ -46,9 +46,9 @@ af_protos.h: /usr/include/netinet/in.h + LC_ALL=C sed -n -e "/IPPROTO_MAX/d" -e "s/^\#define[ \\t]\\+IPPROTO_\\([A-Z0-9_]\\+\\)\\(.*\\)$$/AA_GEN_PROTO_ENT(\\UIPPROTO_\\1, \"\\L\\1\")/p" $< > $@ + + lib_LTLIBRARIES = libapparmor.la +-noinst_HEADERS = grammar.h parser.h scanner.h af_protos.h private.h PMurHash.h ++noinst_HEADERS = grammar.h parser.h scanner.h af_protos.h secure_getenv.h scandirat.h private.h PMurHash.c + +-libapparmor_la_SOURCES = grammar.y libaalogparse.c kernel.c scanner.c private.c features.c kernel_interface.c policy_cache.c PMurHash.c ++libapparmor_la_SOURCES = grammar.y libaalogparse.c kernel.c scanner.c secure_getenv.c scandirat.c private.c features.c kernel_interface.c policy_cache.c PMurHash.c + libapparmor_la_LDFLAGS = -version-info $(AA_LIB_CURRENT):$(AA_LIB_REVISION):$(AA_LIB_AGE) -XCClinker -dynamic -pthread \ + -Wl,--version-script=$(top_srcdir)/src/libapparmor.map + +diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c +index bece09d..dd0e815 100644 +--- a/libraries/libapparmor/src/private.c ++++ b/libraries/libapparmor/src/private.c +@@ -39,10 +39,26 @@ + #ifdef HAVE___SECURE_GETENV + #define secure_getenv __secure_getenv + #else +- #error neither secure_getenv nor __secure_getenv is available ++ #include "secure_getenv.h" + #endif + #endif + ++#ifndef HAVE_SCANDIRAT ++#include "scandirat.h" ++#endif ++ ++ ++/* ++ * Allow libapparmor to build on older glibcs and other libcs that do ++ * not support reallocarray. ++ */ ++#ifndef HAVE_REALLOCARRY ++void *reallocarray(void *ptr, size_t nmemb, size_t size) ++{ ++ return realloc(ptr, nmemb * size); ++} ++#endif ++ + struct ignored_suffix_t { + const char * text; + int len; +diff --git a/libraries/libapparmor/src/scandirat.c b/libraries/libapparmor/src/scandirat.c +new file mode 100644 +index 0000000..c293014 +--- /dev/null ++++ b/libraries/libapparmor/src/scandirat.c +@@ -0,0 +1,62 @@ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "scandirat.h" ++ ++#ifndef HAVE_SCANDIRAT ++ ++int scandirat(int dir_fd, const char *dirp, struct dirent ***namelist, ++ int (*filter)(const struct dirent *), ++ int (*compar)(const struct dirent **, const struct dirent **)) ++{ ++ int fd; ++ DIR *d; ++ struct dirent *de, **names=0, **tmp; ++ size_t cnt=0, len=0; ++ int old_errno = errno; ++ ++ ++ fd = openat(dir_fd, dirp, O_RDONLY|O_CLOEXEC); ++ if (fd == -1) return -1; ++ ++ d = fdopendir(fd); ++ ++ if (!d) { ++ close(fd); ++ return -1; ++ } ++ ++ while ((errno=0), (de = readdir(d))) { ++ if (filter && !filter(de)) continue; ++ if (cnt >= len) { ++ len = 2*len+1; ++ if (len > SIZE_MAX/sizeof *names) break; ++ tmp = realloc(names, len * sizeof *names); ++ if (!tmp) break; ++ names = tmp; ++ } ++ names[cnt] = malloc(de->d_reclen); ++ if (!names[cnt]) break; ++ memcpy(names[cnt++], de, de->d_reclen); ++ } ++ ++ closedir(d); ++ ++ if (errno) { ++ if (names) while (cnt-->0) free(names[cnt]); ++ free(names); ++ return -1; ++ } ++ errno = old_errno; ++ ++ if (compar) qsort(names, cnt, sizeof *names, (int (*)(const void *, const void *))compar); ++ *namelist = names; ++ return cnt; ++} ++ ++#endif +diff --git a/libraries/libapparmor/src/scandirat.h b/libraries/libapparmor/src/scandirat.h +new file mode 100644 +index 0000000..a1c5dfe +--- /dev/null ++++ b/libraries/libapparmor/src/scandirat.h +@@ -0,0 +1,12 @@ ++#ifndef LIBAPPARMOR_SCANDIRAT_H ++#define LIBAPPARMOR_SCANDIRAT_H ++ ++#include ++ ++#ifndef HAVE_SCANDIRAT ++int scandirat(int dir_fd, const char *dirp, struct dirent ***namelist, ++ int (*filter)(const struct dirent *), ++ int (*compar)(const struct dirent **, const struct dirent **)); ++#endif ++ ++#endif +diff --git a/libraries/libapparmor/src/secure_getenv.c b/libraries/libapparmor/src/secure_getenv.c +new file mode 100644 +index 0000000..f6894cd +--- /dev/null ++++ b/libraries/libapparmor/src/secure_getenv.c +@@ -0,0 +1,14 @@ ++#include ++#include ++ ++#include "secure_getenv.h" ++ ++#ifndef HAVE_SECURE_GETENV ++char *secure_getenv(const char *name) ++{ ++ if (!getauxval(AT_SECURE)) { ++ return getenv(name); ++ } ++ return NULL; ++} ++#endif +diff --git a/libraries/libapparmor/src/secure_getenv.h b/libraries/libapparmor/src/secure_getenv.h +new file mode 100644 +index 0000000..b6269a8 +--- /dev/null ++++ b/libraries/libapparmor/src/secure_getenv.h +@@ -0,0 +1,8 @@ ++#ifndef LIBAPPARMOR_SECURE_GETENV_H ++#define LIBAPPARMOR_SECURE_GETENV_H ++ ++#ifndef HAVE_SECURE_GETENV ++char *secure_getenv(const char *name); ++#endif ++ ++#endif diff --git a/srcpkgs/apparmor/template b/srcpkgs/apparmor/template index 499d8309957..f396be4d2ae 100644 --- a/srcpkgs/apparmor/template +++ b/srcpkgs/apparmor/template @@ -1,21 +1,21 @@ # Template file for 'apparmor' pkgname=apparmor version=2.13.0 -revision=4 +revision=5 _short_ver=${version%\.*} wrksrc="${pkgname}-v${_short_ver}" configure_args="--prefix=/usr --with-perl --with-python" patch_args="-Np1" -hostmakedepends="bison flex autoconf automake libtool" -makedepends="perl python3-devel swig" +hostmakedepends="bison flex autoconf automake libtool swig" +makedepends="perl python3-devel" depends="runit-void-apparmor python3 libapparmor" -only_for_archs="x86_64 i686" short_desc="Mandatory access control to restrict programs" maintainer="Olivier Mauras " -license="GPL-3" +license="GPL-2.0-only, LGPL-2.1-only" homepage="https://gitlab.com/apparmor/apparmor" distfiles="https://gitlab.com/apparmor/apparmor/-/archive/v${_short_ver}/apparmor-v${_short_ver}.tar.gz" -checksum="fdafa0b71cbf574cce76a1ea1542b4540fa1c1040f80d0f0866fc0056ec37747" +checksum=fdafa0b71cbf574cce76a1ea1542b4540fa1c1040f80d0f0866fc0056ec37747 +nocross="requires running programs on the host" pre_build() { # Replace release profiles by our owns @@ -77,6 +77,7 @@ post_install() { } apparmor-vim_package() { + noarch=yes short_desc+=" - Vim syntax" depends="vim" pkg_install() {