diff options
author | Eric Hameleers <alien@slackware.com> | 2021-08-01 09:31:24 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2021-08-01 09:31:24 +0000 |
commit | 4d3f6d4f93bd0e0a5d8f9deaaf5b05905a94829a (patch) | |
tree | 90ebe1165e7364c3e49abba49b9ff7cddece28ed | |
parent | 95fee8eb38800e5ea8306c09891555756fe9e003 (diff) | |
download | asb-4d3f6d4f93bd0e0a5d8f9deaaf5b05905a94829a.tar.gz asb-4d3f6d4f93bd0e0a5d8f9deaaf5b05905a94829a.tar.xz |
Initial revision
-rw-r--r-- | softhsm/build/README.Slackware | 25 | ||||
-rw-r--r-- | softhsm/build/patches/softhsm-2.6.1-rh1831086-exit.patch | 72 | ||||
-rw-r--r-- | softhsm/build/slack-desc | 19 | ||||
-rwxr-xr-x | softhsm/build/softhsm.SlackBuild | 256 | ||||
-rw-r--r-- | xca/build/slack-desc | 19 | ||||
-rwxr-xr-x | xca/build/xca.SlackBuild | 270 |
6 files changed, 661 insertions, 0 deletions
diff --git a/softhsm/build/README.Slackware b/softhsm/build/README.Slackware new file mode 100644 index 00000000..866edcc5 --- /dev/null +++ b/softhsm/build/README.Slackware @@ -0,0 +1,25 @@ +SoftHSM has been configured to store sensitive data in non-page RAM +(i.e. memory that is not swapped out to disk). This is the default and +most secure configuration. +Slackware, however, is not configured to support this model +in non-privileged accounts (i.e. user accounts). + +You can check the setting on your system by running the following +command in a shell: + + ulimit -l + +If this does not return "unlimited" and you plan to run SoftHSM from +non-privileged accounts then you should edit the configuration file +/etc/security/limits.conf (Slackware 15 with PAM). + +You will need to add the following lines to this file: + +#<domain> <type> <item> <value> +* - memlock unlimited + +Alternatively, you can elect to disable this feature of SoftHSM by +re-running configure with the option "--disable-non-paged-memory". +Please be advised that this may seriously degrade the security of +SoftHSM. + diff --git a/softhsm/build/patches/softhsm-2.6.1-rh1831086-exit.patch b/softhsm/build/patches/softhsm-2.6.1-rh1831086-exit.patch new file mode 100644 index 00000000..9ce241c5 --- /dev/null +++ b/softhsm/build/patches/softhsm-2.6.1-rh1831086-exit.patch @@ -0,0 +1,72 @@ +diff --git a/src/lib/crypto/OSSLCryptoFactory.cpp b/src/lib/crypto/OSSLCryptoFactory.cpp +index 32daca2..ace4bcb 100644 +--- a/src/lib/crypto/OSSLCryptoFactory.cpp ++++ b/src/lib/crypto/OSSLCryptoFactory.cpp +@@ -226,31 +226,49 @@ err: + // Destructor + OSSLCryptoFactory::~OSSLCryptoFactory() + { +-#ifdef WITH_GOST +- // Finish the GOST engine +- if (eg != NULL) ++ bool ossl_shutdown = false; ++ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++ // OpenSSL 1.1.0+ will register an atexit() handler to run ++ // OPENSSL_cleanup(). If that has already happened we must ++ // not attempt to free any ENGINEs because they'll already ++ // have been destroyed and the use-after-free would cause ++ // a deadlock or crash. ++ // ++ // Detect that situation because reinitialisation will fail ++ // after OPENSSL_cleanup() has run. ++ (void)ERR_set_mark(); ++ ossl_shutdown = !OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_RDRAND, NULL); ++ (void)ERR_pop_to_mark(); ++#endif ++ if (!ossl_shutdown) + { +- ENGINE_finish(eg); +- ENGINE_free(eg); +- eg = NULL; +- } ++#ifdef WITH_GOST ++ // Finish the GOST engine ++ if (eg != NULL) ++ { ++ ENGINE_finish(eg); ++ ENGINE_free(eg); ++ eg = NULL; ++ } + #endif + +- // Finish the rd_rand engine +- ENGINE_finish(rdrand_engine); +- ENGINE_free(rdrand_engine); +- rdrand_engine = NULL; ++ // Finish the rd_rand engine ++ ENGINE_finish(rdrand_engine); ++ ENGINE_free(rdrand_engine); ++ rdrand_engine = NULL; + ++ // Recycle locks ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++ if (setLockingCallback) ++ { ++ CRYPTO_set_locking_callback(NULL); ++ } ++#endif ++ } + // Destroy the one-and-only RNG + delete rng; + +- // Recycle locks +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) +- if (setLockingCallback) +- { +- CRYPTO_set_locking_callback(NULL); +- } +-#endif + for (unsigned i = 0; i < nlocks; i++) + { + MutexFactory::i()->recycleMutex(locks[i]); diff --git a/softhsm/build/slack-desc b/softhsm/build/slack-desc new file mode 100644 index 00000000..a6921dd5 --- /dev/null +++ b/softhsm/build/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +softhsm: softhsm (software-based pkcs#11 store) +softhsm: +softhsm: SoftHSM is an implementation of a cryptographic store +softhsm: accessible through a PKCS#11 interface. +softhsm: You can use it to explore PKCS#11 without having an actual +softhsm: Hardware Security Module (HSM). +softhsm: It is being developed as a part of the OpenDNSSEC project. +softhsm: +softhsm: +softhsm: See also: https://www.opendnssec.org/softhsm/ +softhsm: diff --git a/softhsm/build/softhsm.SlackBuild b/softhsm/build/softhsm.SlackBuild new file mode 100755 index 00000000..4ffb0bd1 --- /dev/null +++ b/softhsm/build/softhsm.SlackBuild @@ -0,0 +1,256 @@ +#!/bin/sh +# $Id$ +# Copyright 2021 Eric Hameleers, Eindhoven, NL +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- +# +# Slackware SlackBuild script +# =========================== +# By: Eric Hameleers <alien@slackware.com> +# For: softhsm +# Descr: software-based pkcs#11 store +# URL: https://www.opendnssec.org/softhsm/ +# Build needs: +# Needs: +# Changelog: +# 2.6.1-1: 30/Jul/2021 by Eric Hameleers <alien@slackware.com> +# * Initial build. +# +# Run 'sh softhsm.SlackBuild' to build a Slackware package. +# The package (.t?z) and .txt file as well as build logs are created in /tmp . +# Install the package using 'installpkg' or 'upgradepkg --install-new'. +# +# ----------------------------------------------------------------------------- + +PRGNAM=softhsm +VERSION=${VERSION:-2.6.1} +BUILD=${BUILD:-1} +NUMJOBS=${NUMJOBS:-" -j$(nproc) "} +TAG=${TAG:-alien} + +DOCS="*.md NEWS LICENSE" + +# OpenSSL in Slackware before 15.0 does not support EdDSA cypher suites: +if [ $(cat /etc/os-release |grep VERSION= |cut -d'"' -f2 |cut -d. -f1) -ge 15 ] +then + USE_EDDSA="--enable-eddsa" +else + USE_EDDSA=" " +fi + +# Where do we look for sources? +SRCDIR=$(cd $(dirname $0); pwd) + +# Place to build (TMP) package (PKG) and output (OUTPUT) the program: +TMP=${TMP:-/tmp/build} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +SOURCE="$SRCDIR/${PRGNAM}-${VERSION}.tar.gz" +SRCURL="https://dist.opendnssec.org/source/${PRGNAM}-${VERSION}.tar.gz" + +## +## --- with a little luck, you won't have to edit below this point --- ## +## + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i586 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi +# Set CFLAGS/CXXFLAGS and LIBDIRSUFFIX: +case "$ARCH" in + i?86) SLKCFLAGS="-O2 -march=${ARCH} -mtune=i686" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + x86_64) SLKCFLAGS="-O2 -fPIC" + SLKLDFLAGS="-L/usr/lib64"; LIBDIRSUFFIX="64" + ;; + armv7hl) SLKCFLAGS="-O2 -march=armv7-a -mfpu=vfpv3-d16" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + *) SLKCFLAGS=${SLKCFLAGS:-"-O2"} + SLKLDFLAGS=${SLKLDFLAGS:-""}; LIBDIRSUFFIX=${LIBDIRSUFFIX:-""} + ;; +esac + +case "$ARCH" in + arm*) TARGET=$ARCH-slackware-linux-gnueabi ;; + *) TARGET=$ARCH-slackware-linux ;; +esac + +# Exit the script on errors: +set -e +trap 'echo "$0 FAILED at line ${LINENO}" | tee $OUTPUT/error-${PRGNAM}.log' ERR +# Catch unitialized variables: +set -u +P1=${1:-1} + +# Save old umask and set to 0022: +_UMASK_=$(umask) +umask 0022 + +# Create working directories: +mkdir -p $OUTPUT # place for the package to be saved +mkdir -p $TMP/tmp-$PRGNAM # location to build the source +mkdir -p $PKG # place for the package to be built +rm -rf $PKG/* # always erase old package's contents +rm -rf $TMP/tmp-$PRGNAM/* # remove the remnants of previous build +rm -rf $OUTPUT/{checkout,configure,make,install,error,makepkg,patch}-$PRGNAM.log + # remove old log files + +# Source file availability: +if ! [ -f ${SOURCE} ]; then + echo "Source '$(basename ${SOURCE})' not available yet..." + # Check if the $SRCDIR is writable at all - if not, download to $OUTPUT + [ -w "$SRCDIR" ] || SOURCE="$OUTPUT/$(basename $SOURCE)" + if [ -f ${SOURCE} ]; then echo "Ah, found it!"; continue; fi + if ! [ "x${SRCURL}" == "x" ]; then + echo "Will download file to $(dirname $SOURCE)" + wget --no-check-certificate -nv -T 20 -O "${SOURCE}" "${SRCURL}" || true + if [ $? -ne 0 -o ! -s "${SOURCE}" ]; then + echo "Downloading '$(basename ${SOURCE})' failed... aborting the build." + mv -f "${SOURCE}" "${SOURCE}".FAIL + exit 1 + fi + else + echo "File '$(basename ${SOURCE})' not available... aborting the build." + exit 1 + fi +fi + +if [ "$P1" == "--download" ]; then + echo "Download complete." + exit 0 +fi + +# --- PACKAGE BUILDING --- + +echo "++" +echo "|| $PRGNAM-$VERSION" +echo "++" + +cd $TMP/tmp-$PRGNAM +echo "Extracting the source archive(s) for $PRGNAM..." +tar -xvf ${SOURCE} +cd ${PRGNAM}-${VERSION} + +# Prevent deadlock/crash in openssl routine: +cat $SRCDIR/patches/softhsm-2.6.1-rh1831086-exit.patch | patch -p1 --verbose \ + 2>&1 | tee $OUTPUT/patch-${PRGNAM}.log + +chown -R root:root . +chmod -R u+w,go+r-w,a+rX-st . + +echo Building ... +LDFLAGS="$SLKLDFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX}/pkcs11 \ + --datarootdir=/usr/share \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PRGNAM-$VERSION \ + --with-p11-kit=/usr/share/p11-kit/modules \ + --with-migrate \ + --enable-visibility \ + --enable-ecc \ + --disable-gost \ + ${USE_EDDSA} \ + --program-prefix= \ + --program-suffix= \ + --build=$TARGET \ + 2>&1 | tee $OUTPUT/configure-${PRGNAM}.log + +make $NUMJOBS 2>&1 | tee $OUTPUT/make-${PRGNAM}.log +make DESTDIR=$PKG install 2>&1 | tee $OUTPUT/install-${PRGNAM}.log + +# Expose the library which is used by applications that want to access +# the cryptographic store through the SoftHSM PKCS#11 interface: +mkdir $PKG/usr/lib${LIBDIRSUFFIX}/softhsm +ln -s ../pkcs11/libsofthsm2.so $PKG/usr/lib${LIBDIRSUFFIX}/softhsm/ +ln -s pkcs11/libsofthsm2.so $PKG/usr/lib${LIBDIRSUFFIX}/ + +# Do not clobber the configuration file: +mv $PKG/etc/softhsm2.conf{,.new} + +# Add this to the doinst.sh: +mkdir -p $PKG/install +cat <<EOINS >> $PKG/install/doinst.sh +# Handle the incoming configuration files: +config() { + for infile in \$1; do + NEW="\$infile" + OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then + # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... + done +} +config etc/softhsm2.conf.new + +EOINS + +# Add documentation: +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a $DOCS $PKG/usr/doc/$PRGNAM-$VERSION || true +cat $SRCDIR/$(basename $0) > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +chown -R root:root $PKG/usr/doc/$PRGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries (if any): +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Add a package description: +mkdir -p $PKG/install +cat $SRCDIR/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg --linkadd y --chown n $OUTPUT/${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.${PKGTYPE:-txz} 2>&1 | tee $OUTPUT/makepkg-${PRGNAM}.log +cd $OUTPUT +md5sum ${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.${PKGTYPE:-txz} > ${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.${PKGTYPE:-txz}.md5 +cd - +cat $PKG/install/slack-desc | grep "^${PRGNAM}" > $OUTPUT/${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txt + +# Restore the original umask: +umask ${_UMASK_} + diff --git a/xca/build/slack-desc b/xca/build/slack-desc new file mode 100644 index 00000000..f6fb569f --- /dev/null +++ b/xca/build/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +xca: xca (GUI for your own Certificate Authority) +xca: +xca: XCA is intended for creating and managing X.509 certificates, +xca: certificate requests, RSA, DSA and EC private keys, smartcards +xca: and CRLs. Customisable templates can be used for certificate or +xca: request generation. +xca: All cryptographic data is stored in a SQL database. +xca: Everything that is needed for a Certificate Authority is implemented. +xca: +xca: See also: https://hohnstaedt.de/xca/ +xca: diff --git a/xca/build/xca.SlackBuild b/xca/build/xca.SlackBuild new file mode 100755 index 00000000..ca95eede --- /dev/null +++ b/xca/build/xca.SlackBuild @@ -0,0 +1,270 @@ +#!/bin/sh +# $Id$ +# Copyright 2021 Eric Hameleers, Eindhoven, NL +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- +# +# Slackware SlackBuild script +# =========================== +# By: Eric Hameleers <alien@slackware.com> +# For: xca +# Descr: GUI for your own Certificate Authority +# URL: https://hohnstaedt.de/xca/ +# Build needs: +# Needs: +# Changelog: +# 2.4.0-1: 31/jul/2021 by Eric Hameleers <alien@slackware.com> +# * Initial build. +# +# Run 'sh xca.SlackBuild' to build a Slackware package. +# The package (.t?z) and .txt file as well as build logs are created in /tmp . +# Install the package using 'installpkg' or 'upgradepkg --install-new'. +# +# ----------------------------------------------------------------------------- + +PRGNAM=xca +VERSION=${VERSION:-2.4.0} +BUILD=${BUILD:-1} +NUMJOBS=${NUMJOBS:-" -j$(nproc) "} +TAG=${TAG:-alien} + +DOCS="AUTHORS COPYRIGHT INSTALL README.md VERSION changelog" + +# Where do we look for sources? +SRCDIR=$(cd $(dirname $0); pwd) + +# Place to build (TMP) package (PKG) and output (OUTPUT) the program: +TMP=${TMP:-/tmp/build} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +SOURCE="$SRCDIR/${PRGNAM}-${VERSION}.tar.gz" +SRCURL="https://github.com/chris2511/${PRGNAM}/releases/download/RELEASE.${VERSION}/${PRGNAM}-${VERSION}.tar.gz" + +## +## --- with a little luck, you won't have to edit below this point --- ## +## + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i586 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi +# Set CFLAGS/CXXFLAGS and LIBDIRSUFFIX: +case "$ARCH" in + i?86) SLKCFLAGS="-O2 -march=${ARCH} -mtune=i686" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + x86_64) SLKCFLAGS="-O2 -fPIC" + SLKLDFLAGS="-L/usr/lib64"; LIBDIRSUFFIX="64" + ;; + armv7hl) SLKCFLAGS="-O2 -march=armv7-a -mfpu=vfpv3-d16" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + *) SLKCFLAGS=${SLKCFLAGS:-"-O2"} + SLKLDFLAGS=${SLKLDFLAGS:-""}; LIBDIRSUFFIX=${LIBDIRSUFFIX:-""} + ;; +esac + +case "$ARCH" in + arm*) TARGET=$ARCH-slackware-linux-gnueabi ;; + *) TARGET=$ARCH-slackware-linux ;; +esac + +# Exit the script on errors: +set -e +trap 'echo "$0 FAILED at line ${LINENO}" | tee $OUTPUT/error-${PRGNAM}.log' ERR +# Catch unitialized variables: +set -u +P1=${1:-1} + +# Save old umask and set to 0022: +_UMASK_=$(umask) +umask 0022 + +# Create working directories: +mkdir -p $OUTPUT # place for the package to be saved +mkdir -p $TMP/tmp-$PRGNAM # location to build the source +mkdir -p $PKG # place for the package to be built +rm -rf $PKG/* # always erase old package's contents +rm -rf $TMP/tmp-$PRGNAM/* # remove the remnants of previous build +rm -rf $OUTPUT/{checkout,configure,make,install,error,makepkg,patch}-$PRGNAM.log + # remove old log files + +# Source file availability: +if ! [ -f ${SOURCE} ]; then + echo "Source '$(basename ${SOURCE})' not available yet..." + # Check if the $SRCDIR is writable at all - if not, download to $OUTPUT + [ -w "$SRCDIR" ] || SOURCE="$OUTPUT/$(basename $SOURCE)" + if [ -f ${SOURCE} ]; then echo "Ah, found it!"; continue; fi + if ! [ "x${SRCURL}" == "x" ]; then + echo "Will download file to $(dirname $SOURCE)" + wget --no-check-certificate -nv -T 20 -O "${SOURCE}" "${SRCURL}" || true + if [ $? -ne 0 -o ! -s "${SOURCE}" ]; then + echo "Downloading '$(basename ${SOURCE})' failed... aborting the build." + mv -f "${SOURCE}" "${SOURCE}".FAIL + exit 1 + fi + else + echo "File '$(basename ${SOURCE})' not available... aborting the build." + exit 1 + fi +fi + +if [ "$P1" == "--download" ]; then + echo "Download complete." + exit 0 +fi + +# --- PACKAGE BUILDING --- + +echo "++" +echo "|| $PRGNAM-$VERSION" +echo "++" + +cd $TMP/tmp-$PRGNAM +echo "Extracting the source archive(s) for $PRGNAM..." +tar -xvf ${SOURCE} +cd ${PRGNAM}-${VERSION} +chown -R root:root . +chmod -R u+w,go+r-w,a+rX-st . + +echo Building ... +LDFLAGS="$SLKLDFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PRGNAM-$VERSION \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --with-openssl \ + --program-prefix= \ + --program-suffix= \ + --build=$TARGET \ + 2>&1 | tee $OUTPUT/configure-${PRGNAM}.log + +make $NUMJOBS 2>&1 | tee $OUTPUT/make-${PRGNAM}.log +make DESTDIR=$PKG install 2>&1 | tee $OUTPUT/install-${PRGNAM}.log + +# Add this to the doinst.sh: +mkdir -p $PKG/install +cat <<EOINS >> $PKG/install/doinst.sh +# Handle the incoming configuration files: +config() { + for infile in \$1; do + NEW="\$infile" + OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then + # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... + done +} + +preserve_perms() { + NEW="\$1" + OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" + if [ -e \$OLD ]; then + cp -a \$OLD \${NEW}.incoming + cat \$NEW > \${NEW}.incoming + mv \${NEW}.incoming \$NEW + fi + config \$NEW +} + +# Examples of how to handle your '.new' config files: +#preserve_perms etc/rc.d/rc.xca.new +#config etc/xca.conf.new + +# Update the desktop database: +if [ -x usr/bin/update-desktop-database ]; then + chroot . /usr/bin/update-desktop-database usr/share/applications > /dev/null 2>&1 +fi + +# Update hicolor theme cache: +if [ -d usr/share/icons/hicolor ]; then + if [ -x /usr/bin/gtk-update-icon-cache ]; then + chroot . /usr/bin/gtk-update-icon-cache -f -t usr/share/icons/hicolor 1> /dev/null 2> /dev/null + fi +fi + +# Update the mime database: +if [ -x usr/bin/update-mime-database ]; then + chroot . /usr/bin/update-mime-database usr/share/mime >/dev/null 2>&1 +fi + +EOINS + +# Add documentation: +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a $DOCS $PKG/usr/doc/$PRGNAM-$VERSION || true +cat $SRCDIR/$(basename $0) > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +chown -R root:root $PKG/usr/doc/$PRGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries (if any): +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Add a package description: +mkdir -p $PKG/install +cat $SRCDIR/slack-desc > $PKG/install/slack-desc +if [ -f $SRCDIR/doinst.sh ]; then + cat $SRCDIR/doinst.sh >> $PKG/install/doinst.sh +elif [ -f $SRCDIR/doinst.sh.gz ]; then + zcat $SRCDIR/doinst.sh.gz >> $PKG/install/doinst.sh +fi +if [ -f $SRCDIR/slack-required ]; then + cat $SRCDIR/slack-required > $PKG/install/slack-required +fi + +# Build the package: +cd $PKG +makepkg --linkadd y --chown n $OUTPUT/${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.${PKGTYPE:-txz} 2>&1 | tee $OUTPUT/makepkg-${PRGNAM}.log +cd $OUTPUT +md5sum ${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.${PKGTYPE:-txz} > ${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.${PKGTYPE:-txz}.md5 +cd - +cat $PKG/install/slack-desc | grep "^${PRGNAM}" > $OUTPUT/${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txt +if [ -f $PKG/install/slack-required ]; then + cat $PKG/install/slack-required > $OUTPUT/${PRGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.dep +fi + +# Restore the original umask: +umask ${_UMASK_} + |