From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id B33D31396D9 for ; Sun, 29 Oct 2017 14:52:04 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EDDB42BC0E4; Sun, 29 Oct 2017 14:52:03 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B77482BC0E4 for ; Sun, 29 Oct 2017 14:52:03 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 6CDF8341646 for ; Sun, 29 Oct 2017 14:51:59 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 03317828 for ; Sun, 29 Oct 2017 14:51:58 +0000 (UTC) From: "Fabian Groffen" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Fabian Groffen" Message-ID: <1509288683.d598b947524aaba3bda162fc0d2cc97a9e0dcef6.grobian@gentoo> Subject: [gentoo-commits] proj/portage:prefix commit in: / X-VCS-Repository: proj/portage X-VCS-Committer: grobian X-VCS-Committer-Name: Fabian Groffen X-VCS-Revision: d598b947524aaba3bda162fc0d2cc97a9e0dcef6 X-VCS-Branch: prefix Date: Sun, 29 Oct 2017 14:51:58 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: fcbc9690-1e23-491f-8988-8bcb5c34de0b X-Archives-Hash: 1e4066556f3066b0a8235900fd56387e commit: d598b947524aaba3bda162fc0d2cc97a9e0dcef6 Author: Fabian Groffen gentoo org> AuthorDate: Sun Oct 29 14:51:23 2017 +0000 Commit: Fabian Groffen gentoo org> CommitDate: Sun Oct 29 14:51:23 2017 +0000 URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=d598b947 Merge remote-tracking branch 'overlays-gentoo-org/master' into prefix .travis.yml | 2 + NEWS | 7 ++ RELEASE-NOTES | 21 +++++ bin/ebuild-helpers/prepstrip | 20 ++++- bin/install-qa-check.d/10ignored-flags | 5 +- bin/misc-functions.sh | 18 +++-- bin/postinst-qa-check.d/50gnome2-utils | 6 ++ bin/postinst-qa-check.d/50xdg-utils | 12 +++ bin/preinst-qa-check.d/50gnome2-utils | 1 + bin/preinst-qa-check.d/50xdg-utils | 1 + doc/config/bashrc.docbook | 15 ++++ man/ebuild.5 | 78 +----------------- man/emerge.1 | 2 +- man/make.conf.5 | 4 +- man/portage.5 | 14 ++-- pym/_emerge/BinpkgExtractorAsync.py | 26 +++--- pym/_emerge/depgraph.py | 45 ++++++++++- pym/_emerge/resolver/package_tracker.py | 87 +++++++++++++++----- pym/portage/checksum.py | 17 +++- pym/portage/dbapi/porttree.py | 123 ++++++++++++++++++++++++++--- pym/portage/elog/mod_echo.py | 4 +- pym/portage/package/ebuild/doebuild.py | 1 + pym/portage/sync/modules/rsync/rsync.py | 6 +- repoman/RELEASE-NOTES | 5 ++ repoman/setup.py | 2 +- setup.py | 2 +- src/portage_util_file_copy_reflink_linux.c | 99 +++++++++++++---------- 27 files changed, 435 insertions(+), 188 deletions(-) diff --cc bin/misc-functions.sh index 20fd4eef8,a02aa3bfd..702f1ff4a --- a/bin/misc-functions.sh +++ b/bin/misc-functions.sh @@@ -297,391 -256,12 +297,395 @@@ install_qa_check_misc() rm -f "${ED}"/usr/share/info/dir{,.gz,.bz2} || die "rm failed!" } +install_qa_check_macho() { + if ! has binchecks ${RESTRICT} ; then + # on Darwin, dynamic libraries are called .dylibs instead of + # .sos. In addition the version component is before the + # extension, not after it. Check for this, and *only* warn + # about it. Some packages do ship .so files on Darwin and make + # it work (ugly!). + rm -f "${T}/mach-o.check" + find ${ED%/} -name "*.so" -or -name "*.so.*" | \ + while read i ; do + [[ $(file $i) == *"Mach-O"* ]] && \ + echo "${i#${D}}" >> "${T}/mach-o.check" + done + if [[ -f ${T}/mach-o.check ]] ; then + f=$(< "${T}/mach-o.check") + __vecho -ne '\a\n' + eqawarn "QA Notice: Found .so dynamic libraries on Darwin:" + eqawarn " ${f//$'\n'/\n }" + fi + rm -f "${T}/mach-o.check" + + # The naming for dynamic libraries is different on Darwin; the + # version component is before the extention, instead of after + # it, as with .sos. Again, make this a warning only. + rm -f "${T}/mach-o.check" + find ${ED%/} -name "*.dylib.*" | \ + while read i ; do + echo "${i#${D}}" >> "${T}/mach-o.check" + done + if [[ -f "${T}/mach-o.check" ]] ; then + f=$(< "${T}/mach-o.check") + __vecho -ne '\a\n' + eqawarn "QA Notice: Found wrongly named dynamic libraries on Darwin:" + eqawarn " ${f// /\n }" + fi + rm -f "${T}/mach-o.check" + fi + + install_name_is_relative() { + case $1 in + "@executable_path/"*) return 0 ;; + "@loader_path"/*) return 0 ;; + "@rpath/"*) return 0 ;; + *) return 1 ;; + esac + } + + # While we generate the NEEDED files, check that we don't get kernel + # traps at runtime because of broken install_names on Darwin. + rm -f "${T}"/.install_name_check_failed + scanmacho -qyRF '%a;%p;%S;%n' "${D}" | { while IFS= read l ; do + arch=${l%%;*}; l=${l#*;} + obj="/${l%%;*}"; l=${l#*;} + install_name=${l%%;*}; l=${l#*;} + needed=${l%%;*}; l=${l#*;} + + ignore= + qa_var="QA_IGNORE_INSTALL_NAME_FILES_${ARCH/-/_}" + eval "[[ -n \${!qa_var} ]] && + QA_IGNORE_INSTALL_NAME_FILES=(\"\${${qa_var}[@]}\")" + + if [[ ${#QA_IGNORE_INSTALL_NAME_FILES[@]} -gt 1 ]] ; then + for x in "${QA_IGNORE_INSTALL_NAME_FILES[@]}" ; do + [[ ${obj##*/} == ${x} ]] && \ + ignore=true + done + else + local shopts=$- + set -o noglob + for x in ${QA_IGNORE_INSTALL_NAME_FILES} ; do + [[ ${obj##*/} == ${x} ]] && \ + ignore=true + done + set +o noglob + set -${shopts} + fi + + # See if the self-reference install_name points to an existing + # and to be installed file. This usually is a symlink for the + # major version. + if install_name_is_relative ${install_name} ; then + # try to locate the library in the installed image + local inpath=${install_name#@*/} + local libl + for libl in $(find "${ED}" -name "${inpath##*/}") ; do + if [[ ${libl} == */${inpath} ]] ; then + install_name=/${libl#${D}} + break + fi + done + fi + if [[ ! -e ${D}${install_name} ]] ; then + eqawarn "QA Notice: invalid self-reference install_name ${install_name} in ${obj}" + # remember we are in an implicit subshell, that's + # why we touch a file here ... ideally we should be + # able to die correctly/nicely here + [[ -z ${ignore} ]] && touch "${T}"/.install_name_check_failed + fi + + # this is ugly, paths with spaces won't work + for lib in ${needed//,/ } ; do + if [[ ${lib} == ${D}* ]] ; then + eqawarn "QA Notice: install_name references \${D}: ${lib} in ${obj}" + [[ -z ${ignore} ]] && touch "${T}"/.install_name_check_failed + elif [[ ${lib} == ${S}* ]] ; then + eqawarn "QA Notice: install_name references \${S}: ${lib} in ${obj}" + [[ -z ${ignore} ]] && touch "${T}"/.install_name_check_failed + elif ! install_name_is_relative ${lib} && [[ ! -e ${lib} && ! -e ${D}${lib} ]] ; then + eqawarn "QA Notice: invalid reference to ${lib} in ${obj}" + [[ -z ${ignore} ]] && touch "${T}"/.install_name_check_failed + fi + done + + # backwards compatibility + echo "${obj} ${needed}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED + # what we use + echo "${arch};${obj};${install_name};${needed}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED.MACHO.3 + done } + if [[ -f ${T}/.install_name_check_failed ]] ; then + # secret switch "allow_broken_install_names" to get + # around this and install broken crap (not a good idea) + has allow_broken_install_names ${FEATURES} || \ + die "invalid install_name found, your application or library will crash at runtime" + fi +} + +install_qa_check_pecoff() { + local _pfx_scan="readpecoff ${CHOST}" + + # this one uses readpecoff, which supports multiple prefix platforms! + # this is absolutely _not_ optimized for speed, and there may be plenty + # of possibilities by introducing one or the other cache! + if ! has binchecks ${RESTRICT}; then + # copied and adapted from the above scanelf code. + local qa_var insecure_rpath=0 tmp_quiet=${PORTAGE_QUIET} + local f x + + # display warnings when using stricter because we die afterwards + if has stricter ${FEATURES} ; then + unset PORTAGE_QUIET + fi + + local _exec_find_opt="-executable" + [[ ${CHOST} == *-winnt* ]] && _exec_find_opt='-name *.dll -o -name *.exe' + + # Make sure we disallow insecure RUNPATH/RPATH's + # Don't want paths that point to the tree where the package was built + # (older, broken libtools would do this). Also check for null paths + # because the loader will search $PWD when it finds null paths. + + f=$( + find "${ED}" -type f '(' ${_exec_find_opt} ')' -print0 | xargs -0 ${_pfx_scan} | \ + while IFS=";" read arch obj soname rpath needed ; do \ + echo "${rpath}" | grep -E "(${PORTAGE_BUILDDIR}|: |::|^:|^ )" > /dev/null 2>&1 \ + && echo "${obj}"; done; + ) + # Reject set*id binaries with $ORIGIN in RPATH #260331 + x=$( + find "${ED}" -type f '(' -perm -u+s -o -perm -g+s ')' -print0 | \ + xargs -0 ${_pfx_scan} | while IFS=";" read arch obj soname rpath needed; do \ + echo "${rpath}" | grep '$ORIGIN' > /dev/null 2>&1 && echo "${obj}"; done; + ) + if [[ -n ${f}${x} ]] ; then + __vecho -ne '\a\n' + eqawarn "QA Notice: The following files contain insecure RUNPATH's" + eqawarn " Please file a bug about this at http://bugs.gentoo.org/" + eqawarn " with the maintaining herd of the package." + eqawarn "${f}${f:+${x:+\n}}${x}" + __vecho -ne '\a\n' + if [[ -n ${x} ]] || has stricter ${FEATURES} ; then + insecure_rpath=1 + else + eqawarn "cannot automatically fix runpaths on interix platforms!" + fi + fi + + rm -f "${PORTAGE_BUILDDIR}"/build-info/NEEDED + rm -f "${PORTAGE_BUILDDIR}"/build-info/NEEDED.PECOFF.1 + + # Save NEEDED information after removing self-contained providers + find "${ED}" -type f '(' ${_exec_find_opt} ')' -print0 | xargs -0 ${_pfx_scan} | { while IFS=';' read arch obj soname rpath needed; do + # need to strip image dir from object name. + obj="/${obj#${D}}" + if [ -z "${rpath}" -o -n "${rpath//*ORIGIN*}" ]; then + # object doesn't contain $ORIGIN in its runpath attribute + echo "${obj} ${needed}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED + echo "${arch};${obj};${soname};${rpath};${needed}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED.PECOFF.1 + else + dir=${obj%/*} + # replace $ORIGIN with the dirname of the current object for the lookup + opath=$(echo :${rpath}: | sed -e "s#.*:\(.*\)\$ORIGIN\(.*\):.*#\1${dir}\2#") + sneeded=$(echo ${needed} | tr , ' ') + rneeded="" + for lib in ${sneeded}; do + found=0 + for path in ${opath//:/ }; do + [ -e "${ED}/${path}/${lib}" ] && found=1 && break + done + [ "${found}" -eq 0 ] && rneeded="${rneeded},${lib}" + done + rneeded=${rneeded:1} + if [ -n "${rneeded}" ]; then + echo "${obj} ${rneeded}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED + echo "${arch};${obj};${soname};${rpath};${rneeded}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED.PECOFF.1 + fi + fi + done } + + if [[ ${insecure_rpath} -eq 1 ]] ; then + die "Aborting due to serious QA concerns with RUNPATH/RPATH" + elif [[ -n ${die_msg} ]] && has stricter ${FEATURES} ; then + die "Aborting due to QA concerns: ${die_msg}" + fi + + local _so_ext='.so*' + + case "${CHOST}" in + *-winnt*) _so_ext=".dll" ;; # no "*" intentionally! + esac + + # Run some sanity checks on shared libraries + for d in "${ED}"lib* "${ED}"usr/lib* ; do + [[ -d "${d}" ]] || continue + f=$(find "${d}" -name "lib*${_so_ext}" -print0 | \ + xargs -0 ${_pfx_scan} | while IFS=";" read arch obj soname rpath needed; \ + do [[ -z "${soname}" ]] && echo "${obj}"; done) + if [[ -n ${f} ]] ; then + __vecho -ne '\a\n' + eqawarn "QA Notice: The following shared libraries lack a SONAME" + eqawarn "${f}" + __vecho -ne '\a\n' + sleep 1 + fi + + f=$(find "${d}" -name "lib*${_so_ext}" -print0 | \ + xargs -0 ${_pfx_scan} | while IFS=";" read arch obj soname rpath needed; \ + do [[ -z "${needed}" ]] && echo "${obj}"; done) + if [[ -n ${f} ]] ; then + __vecho -ne '\a\n' + eqawarn "QA Notice: The following shared libraries lack NEEDED entries" + eqawarn "${f}" + __vecho -ne '\a\n' + sleep 1 + fi + done + + PORTAGE_QUIET=${tmp_quiet} + fi +} + +install_qa_check_xcoff() { + if ! has binchecks ${RESTRICT}; then + local tmp_quiet=${PORTAGE_QUIET} + local queryline deplib + local insecure_rpath_list= undefined_symbols_list= + + # display warnings when using stricter because we die afterwards + if has stricter ${FEATURES} ; then + unset PORTAGE_QUIET + fi + + rm -f "${PORTAGE_BUILDDIR}"/build-info/NEEDED.XCOFF.1 + + local neededfd + for neededfd in {3..1024} none; do ( : <&${neededfd} ) 2>/dev/null || break; done + [[ ${neededfd} != none ]] || die "cannot find free file descriptor handle" + + eval "exec ${neededfd}>\"${PORTAGE_BUILDDIR}\"/build-info/NEEDED.XCOFF.1" || die "cannot open ${PORTAGE_BUILDDIR}/build-info/NEEDED.XCOFF.1" + + ( # work around a problem in /usr/bin/dump (used by aixdll-query) + # dumping core when path names get too long. + cd "${ED}" >/dev/null && + find . -not -type d -exec \ + aixdll-query '{}' FILE MEMBER FLAGS FORMAT RUNPATH DEPLIBS ';' + ) > "${T}"/needed 2>/dev/null + + # Symlinking shared archive libraries is not a good idea on aix, + # as there is nothing like "soname" on pure filesystem level. + # So we create a copy instead of the symlink. + local prev_FILE= + local FILE MEMBER FLAGS FORMAT RUNPATH DEPLIBS + while read queryline + do + FILE= MEMBER= FLAGS= FORMAT= RUNPATH= DEPLIBS= + eval ${queryline} + FILE=${FILE#./} + + if [[ ${prev_FILE} != ${FILE} ]]; then + if [[ " ${FLAGS} " == *" SHROBJ "* && -h ${ED}${FILE} ]]; then + prev_FILE=${FILE} + local target=$(readlink "${ED}${FILE}") + if [[ ${target} == /* ]]; then + target=${D}${target} + else + target=${FILE%/*}/${target} + fi + rm -f "${ED}${FILE}" || die "cannot prune ${FILE}" + cp -f "${ED}${target}" "${ED}${FILE}" || die "cannot copy ${target} to ${FILE}" + fi + fi + done <"${T}"/needed + + prev_FILE= + while read queryline + do + FILE= MEMBER= FLAGS= FORMAT= RUNPATH= DEPLIBS= + eval ${queryline} + FILE=${FILE#./} + + if [[ -n ${MEMBER} && ${prev_FILE} != ${FILE} ]]; then + # Save NEEDED information for each archive library stub + # even if it is static only: the already installed archive + # may contain shared objects to be preserved. + echo "${FORMAT##* }${FORMAT%%-*};${EPREFIX}/${FILE};${FILE##*/};;" >&${neededfd} + fi + prev_FILE=${FILE} + + # shared objects have both EXEC and SHROBJ flags, + # while executables have EXEC flag only. + [[ " ${FLAGS} " == *" EXEC "* ]] || continue + + # Make sure we disallow insecure RUNPATH's + # Don't want paths that point to the tree where the package was built + # (older, broken libtools would do this). Also check for null paths + # because the loader will search $PWD when it finds null paths. + # And we really want absolute paths only. + if [[ -n $(echo ":${RUNPATH}:" | grep -E "(${PORTAGE_BUILDDIR}|::|:[^/])") ]]; then + insecure_rpath_list="${insecure_rpath_list}\n${FILE}${MEMBER:+[${MEMBER}]}" + fi + + local needed= + [[ -n ${MEMBER} ]] && needed=${FILE##*/} + for deplib in ${DEPLIBS}; do + eval deplib=${deplib} + if [[ ${deplib} == '.' || ${deplib} == '..' ]]; then + # Although we do have runtime linking, we don't want undefined symbols. + # AIX does indicate this by needing either '.' or '..' + undefined_symbols_list="${undefined_symbols_list}\n${FILE}" + else + needed="${needed}${needed:+,}${deplib}" + fi + done + + FILE=${EPREFIX}/${FILE} + + [[ -n ${MEMBER} ]] && MEMBER="[${MEMBER}]" + # Save NEEDED information + echo "${FORMAT##* }${FORMAT%%-*};${FILE}${MEMBER};${FILE##*/}${MEMBER};${RUNPATH};${needed}" >&${neededfd} + done <"${T}"/needed + + eval "exec ${neededfd}>&-" || die "cannot close handle to ${PORTAGE_BUILDDIR}/build-info/NEEDED.XCOFF.1" + + if [[ -n ${undefined_symbols_list} ]]; then + __vecho -ne '\a\n' + eqawarn "QA Notice: The following files contain undefined symbols." + eqawarn " Please file a bug about this at http://bugs.gentoo.org/" + eqawarn " with 'prefix' as the maintaining herd of the package." + eqawarn "${undefined_symbols_list}" + __vecho -ne '\a\n' + fi + + if [[ -n ${insecure_rpath_list} ]] ; then + __vecho -ne '\a\n' + eqawarn "QA Notice: The following files contain insecure RUNPATH's" + eqawarn " Please file a bug about this at http://bugs.gentoo.org/" + eqawarn " with 'prefix' as the maintaining herd of the package." + eqawarn "${insecure_rpath_list}" + __vecho -ne '\a\n' + if has stricter ${FEATURES} ; then + insecure_rpath=1 + fi + fi + + if [[ ${insecure_rpath} -eq 1 ]] ; then + die "Aborting due to serious QA concerns with RUNPATH/RPATH" + elif [[ -n ${die_msg} ]] && has stricter ${FEATURES} ; then + die "Aborting due to QA concerns: ${die_msg}" + fi + + PORTAGE_QUIET=${tmp_quiet} + fi +} + + preinst_qa_check() { + postinst_qa_check preinst + } + postinst_qa_check() { - local d f paths qa_checks=() + local d f paths qa_checks=() PORTAGE_QA_PHASE=${1:-postinst} if ! ___eapi_has_prefix_variables; then local EPREFIX= EROOT=${ROOT} fi