###############################################################################
name = glibc
-version = 2.22
+version = 2.23
release = 1
maintainer = Michael Tremer <michael.tremer@ipfire.org>
build
# Optimize glibc for kernel
- OPTIMIZED_KERNEL = 2.6.32
+ OPTIMIZED_KERNEL = 3.2
requires
audit-devel
autoconf
automake
+ gcc >= 4.7
gettext
kernel-headers >= %{OPTIMIZED_KERNEL}
libcap-devel
libselinux-devel
+ libstdc++-static
texinfo
end
# program interpreter to /bin/bash in case another /bin/sh is installed.
sed -i 's|@BASH@|/bin/bash|' elf/ldd.bash.in
- # We don't install pt_chown(1) on the final system, so why install it to
- # $(TOOLS_DIR):
+ # We don't install pt_chown(1) on the final system
sed -e "/^install.*pt_chown/d" -i login/Makefile
# Build nscd with -fstack-protector-all, instead of -fstack-protector:
- sed -e "s/fstack-protector/&-all/" -i nscd/Makefile
+ sed -e "s/fstack-protector/&-strong/" -i nscd/Makefile
# Use gnu hash style
sed -i Makeconfig \
provides += ld-linux.so.3(GLIBC_2.4)
provides += ld-linux.so.3(GLIBC_PRIVATE)
end
+
+ conflicts
+ kernel < %{OPTIMIZED_KERNEL}
+ end
end
package glibc-common
+++ /dev/null
-From ee3d4021aaaeacff7cf2addcdaa48859fffba2aa Mon Sep 17 00:00:00 2001
-From: Andreas Schwab <schwab@redhat.com>
-Date: Thu, 3 Feb 2011 15:45:02 +0100
-Subject: [PATCH] Replace setuid by file capabilities
-
-* login/programs/pt_chown.c (main): Check for valid file
-descriptor instead of privileges. Be careful to drop all
-capabilities when not needed.
-
----
- ChangeLog | 6 ++++++
- login/programs/pt_chown.c | 14 +++++++++-----
- 3 files changed, 16 insertions(+), 6 deletions(-)
-
---- a/login/programs/pt_chown.c
-+++ b/login/programs/pt_chown.c
-@@ -28,6 +28,7 @@
- #include <string.h>
- #include <sys/stat.h>
- #include <unistd.h>
-+#include <fcntl.h>
- #ifdef HAVE_LIBCAP
- # include <sys/capability.h>
- # include <sys/prctl.h>
-@@ -142,7 +143,7 @@ main (int argc, char *argv[])
- uid_t uid = getuid ();
- int remaining;
-
-- if (argc == 1 && euid == 0)
-+ if (argc == 1 && fcntl (PTY_FILENO, F_GETFD) == 0)
- {
- #ifdef HAVE_LIBCAP
- /* Drop privileges. */
-@@ -175,6 +176,13 @@ main (int argc, char *argv[])
-
- /* We aren't going to be using privileges, so drop them right now. */
- setuid (uid);
-+#ifdef HAVE_LIBCAP
-+ cap_t caps = cap_init ();
-+ if (caps == NULL)
-+ error (1, errno, "cap_init");
-+ cap_set_proc (caps);
-+ cap_free (caps);
-+#endif
-
- /* Set locale via LC_ALL. */
- setlocale (LC_ALL, "");
-@@ -194,9 +202,5 @@ main (int argc, char *argv[])
- return EXIT_FAILURE;
- }
-
-- /* Check if we are properly installed. */
-- if (euid != 0)
-- error (FAIL_EXEC, 0, gettext ("needs to be installed setuid `root'"));
--
- return EXIT_SUCCESS;
- }