From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6DCA71584AD for ; Sun, 04 May 2025 06:37:38 +0000 (UTC) Received: from lists.gentoo.org (bobolink.gentoo.org [140.211.166.189]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) (Authenticated sender: relay-lists.gentoo.org@gentoo.org) by smtp.gentoo.org (Postfix) with ESMTPSA id 48F76343146 for ; Sun, 04 May 2025 06:37:38 +0000 (UTC) Received: from bobolink.gentoo.org (localhost [127.0.0.1]) by bobolink.gentoo.org (Postfix) with ESMTP id 3FDAE11036F; Sun, 04 May 2025 06:37:37 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bobolink.gentoo.org (Postfix) with ESMTPS id 3901711036D for ; Sun, 04 May 2025 06:37:37 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id D20C6343130 for ; Sun, 04 May 2025 06:37:36 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 49EE2266C for ; Sun, 04 May 2025 06:37:35 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1746339840.e017fc0ff411e3f5cb9752c035d32c60a9b1f31a.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/man-db/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-apps/man-db/Manifest sys-apps/man-db/man-db-2.13.1.ebuild X-VCS-Directories: sys-apps/man-db/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: e017fc0ff411e3f5cb9752c035d32c60a9b1f31a X-VCS-Branch: master Date: Sun, 04 May 2025 06:37:35 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: cd9a27f9-407a-48a5-9869-043724c14549 X-Archives-Hash: fdede44b28372336fd6258ae17e1f191 commit: e017fc0ff411e3f5cb9752c035d32c60a9b1f31a Author: Sam James gentoo org> AuthorDate: Sun May 4 06:24:00 2025 +0000 Commit: Sam James gentoo org> CommitDate: Sun May 4 06:24:00 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e017fc0f sys-apps/man-db: add 2.13.1 Signed-off-by: Sam James gentoo.org> sys-apps/man-db/Manifest | 1 + sys-apps/man-db/man-db-2.13.1.ebuild | 216 +++++++++++++++++++++++++++++++++++ 2 files changed, 217 insertions(+) diff --git a/sys-apps/man-db/Manifest b/sys-apps/man-db/Manifest index e931cd39b124..8f63442b4893 100644 --- a/sys-apps/man-db/Manifest +++ b/sys-apps/man-db/Manifest @@ -1 +1,2 @@ DIST man-db-2.13.0.tar.xz 2071032 BLAKE2B 7ce91a7abc6d3bbd92d4707f13caacd8ab5caee0502a2b115f8aa53f4d38df05b0e03346f70584618cce6f5457113e826828a02b847bff57abd6ba6ec1b2d407 SHA512 612ce39bb1e11aa7797e8e3a26f06a7154c48a13b2d74217c2c6701e0d33fa8f77ae2b8c9ee84353e364d16918f884115f2dfbf3cd743edd4ed32b763b87f723 +DIST man-db-2.13.1.tar.xz 2110328 BLAKE2B f0f61bbd91992e2be8343459addca4bb9892ad4887756a1e58e8dccf71d30fd4bfd105739f1c730d7e73088825508566c9c29e74a59d78453055db25c7a929c6 SHA512 9b39f512fe940e648ca7f47803f42e473064253b67eb96995d28da30fd322de31a4466bf821e9391e6041af2318a6d2c2d74102b73f4b42a63966b41d2df0578 diff --git a/sys-apps/man-db/man-db-2.13.1.ebuild b/sys-apps/man-db/man-db-2.13.1.ebuild new file mode 100644 index 000000000000..c59cd5f04b80 --- /dev/null +++ b/sys-apps/man-db/man-db-2.13.1.ebuild @@ -0,0 +1,216 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit systemd prefix tmpfiles + +DESCRIPTION="A man replacement that utilizes dbm instead of flat files" +HOMEPAGE="https://gitlab.com/man-db/man-db https://www.nongnu.org/man-db/" +if [[ ${PV} == *9999 ]] ; then + inherit autotools git-r3 + EGIT_REPO_URI="https://gitlab.com/man-db/man-db" +else + inherit libtool + # TODO: Change tarballs to gitlab too...? + SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +LICENSE="GPL-3" +SLOT="0" +IUSE="+manpager nls +seccomp selinux static-libs zlib" + +CDEPEND=" + >=dev-libs/libpipeline-1.5.0 + >=sys-apps/groff-1.20.0 + sys-libs/gdbm:= + seccomp? ( sys-libs/libseccomp ) + zlib? ( sys-libs/zlib ) +" +DEPEND="${CDEPEND}" +BDEPEND=" + app-arch/xz-utils + virtual/pkgconfig + nls? ( + >=app-text/po4a-0.45 + sys-devel/gettext + virtual/libiconv + virtual/libintl + ) +" +RDEPEND=" + ${CDEPEND} + acct-group/man + acct-user/man + selinux? ( sec-policy/selinux-mandb ) +" +PDEPEND="manpager? ( app-text/manpager )" + +PATCHES=( + "${FILESDIR}"/man-db-2.9.3-sandbox-env-tests.patch +) + +QA_CONFIG_IMPL_DECL_SKIP=( + # gnulib FPs + unreachable MIN alignof static_assert +) + +src_unpack() { + if [[ ${PV} == *9999 ]] ; then + git-r3_src_unpack + + # We need to mess with gnulib + EGIT_REPO_URI="https://git.savannah.gnu.org/r/gnulib.git" \ + EGIT_CHECKOUT_DIR="${WORKDIR}/gnulib" \ + git-r3_src_unpack + else + default + fi +} + +src_prepare() { + default + + if [[ ${PV} == *9999 ]] ; then + local bootstrap_opts=( + --gnulib-srcdir=../gnulib + --no-bootstrap-sync + --copy + --no-git + ) + AUTORECONF="/bin/true" \ + LIBTOOLIZE="/bin/true" \ + sh ./bootstrap "${bootstrap_opts[@]}" || die + + eautoreconf + else + elibtoolize + fi + + hprefixify src/man_db.conf.in + if use prefix ; then + { + echo "#" + echo "# Added settings for Gentoo Prefix" + [[ ${CHOST} == *-darwin* ]] && \ + echo "MANDATORY_MANPATH ${EPREFIX}/MacOSX.sdk/usr/share/man" + echo "MANDATORY_MANPATH /usr/share/man" + } >> src/man_db.conf.in + fi +} + +src_configure() { + # Set sections we want to search by default + local sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o" + sections+=" 1x 2x 3x 4x 5x 6x 7x 8x" + case ${CHOST} in + *-solaris*) + # Solaris tends to use sections named after the pkgs that + # owns them, in particular for libc functions we want those + # sections + local s + for s in $(cd /usr/share/man/ && echo man*) ; do + s=${s#man} + [[ " ${sections} " != *" ${s} "* ]] && sections+=" ${s}" + done + ;; + esac + + export ac_cv_lib_z_gzopen=$(usex zlib) + local myeconfargs=( + --with-systemdtmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d + --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" + --disable-setuid # bug #662438 + $(use_enable !prefix cache-owner man) # bug #917024 + --with-sections="${sections}" + + $(use_enable nls) + $(use_enable static-libs static) + $(use_with seccomp libseccomp) + + --with-db=gdbm + ) + + case ${CHOST} in + *-solaris*|*-darwin*) + myeconfargs+=( + $(use_with nls libiconv-prefix "${EPREFIX}"/usr) + $(use_with nls libintl-prefix "${EPREFIX}"/usr) + ) + ;; + esac + + econf "${myeconfargs[@]}" + + # Disable color output from groff so that the manpager can add it. bug #184604 + if use manpager; then + sed -i \ + -e '/^#DEFINE.*\<[nt]roff\>/{s:^#::;s:$: -c:}' \ + src/man_db.conf || die + fi + + cat > 15man-db <<-EOF || die + SANDBOX_PREDICT="/var/cache/man" + EOF +} + +src_install() { + default + dodoc docs/{HACKING.md,TODO} + find "${ED}" -type f -name "*.la" -delete || die + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/man-db.cron-r1 man-db # bug #289884 + + insinto /etc/sandbox.d + doins 15man-db +} + +pkg_preinst() { + local cachedir="${EROOT}/var/cache/man" + # If the system was already exploited, and the attacker is hiding in the + # cachedir of the old man-db, let's wipe them out. + # see bug #602588 comment 18 + local _replacing_version= + local _setgid_vuln=0 + for _replacing_version in ${REPLACING_VERSIONS} ; do + if ver_test '2.7.6.1-r2' -le "${_replacing_version}" ; then + debug-print "Skipping security bug #602588 ... existing installation (${_replacing_version}) should not be affected!" + else + _setgid_vuln=1 + debug-print "Applying cleanup for security bug #602588" + fi + done + [[ ${_setgid_vuln} -eq 1 ]] && rm -rf "${cachedir}" + + # Fall back to recreating the cachedir + if [[ ! -d ${cachedir} ]] ; then + mkdir -p "${cachedir}" || die + chown man:man "${cachedir}" || die + fi + + # Update the whatis cache + if [[ -f ${cachedir}/whatis ]] ; then + einfo "Cleaning ${cachedir} from sys-apps/man" + find "${cachedir}" -type f '!' '(' -name index.bt -o -name index.db ')' -delete + fi +} + +pkg_postinst() { + tmpfiles_process man-db.conf + + if [[ -n "${REPLACING_VERSIONS}" ]] ; then + local _replacing_version= + + for _replacing_version in ${REPLACING_VERSIONS} ; do + if [[ $(ver_cut 2 ${_replacing_version}) -lt 7 ]] ; then + einfo "Rebuilding man-db from scratch with new database format!" + su man -s /bin/sh -c 'mandb --quiet --create' 2>/dev/null + + # No need to run it again if we hit one + break + fi + done + fi +}