[people/ms/ipfire-3.x.git] / pkgs / glibc / glibc.nm

###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007, 2008, 2009 Michael Tremer & Christian Schmidt           #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

###############################################################################
# Definitions
###############################################################################

include $(PKGROOT)/Include

PKG_NAME       = glibc
PKG_VER        = 2.14
PKG_REL        = 1

# TODO tzdata

PKG_MAINTAINER = Michael Tremer <michael.tremer@ipfire.org>
PKG_GROUPS     = System/Base
PKG_URL        = http://sources.redhat.com/glibc/
PKG_LICENSE    = GPLv2+ LGPLv2+
PKG_SUMMARY    = The GNU libc libraries.

PKG_BUILD_DEPS+= audit-devel autoconf automake gettext libcap-devel \
	libselinux-devel texinfo

define PKG_DESCRIPTION
	The glibc package contains standard libraries which are used by \
	multiple programs on the system. In order to save disk space and \
	memory, as well as to make upgrading easier, common system code is \
	kept in one place and shared between programs. This particular package \
	contains the most important sets of shared libraries: the standard C \
	library and the standard math library. Without these two libraries, a \
	Linux system will not function.
endef

# Build glibc with custom cflags
GLIBC_FLAGS = -O3 -g -fasynchronous-unwind-tables -DNDEBUG -DPIC

ifeq "$(DISTRO_ARCH)" "i686"
	GLIBC_FLAGS += -march=i686 -mtune=generic
endif

ifeq "$(DISTRO_ARCH)" "x86_64"
	GLIBC_FLAGS += -mtune=generic
endif

export CFLAGS    = $(GLIBC_FLAGS)
export CXXFLAGS  = $(GLIBC_FLAGS)

GLIBC_TARGET_PLATFORM = $(subst -gnu,,$(DISTRO_MACHINE))
OPTIMIZED_KERNEL = 2.6.32

PKG_OBJECTS   += $(THISAPP).tar.xz

# $(THISAPP)-pt_pax-1.patch - Support for PT_PaX markings.

# $(THISAPP)-strlcpy_strlcat-1.patch
#	This patch adds the strlcpy and strlcat functions and manual pages to Glibc.
#	A paper written about these functions is available here:
#	http://www.courtesan.com/todd/papers/strlcpy.html. The Glibc project has
#	refused to add these functions, and that mail tread starts here:
#	http://sources.redhat.com/ml/libc-alpha/2000-08/msg00052.html. Linus Torvalds
#	has added a similar function to the Linux kernel, and that mail thread is
#	here: http://lwn.net/Articles/33814/. The strlcpy() and strlcat() functions
#	are replacements for strncpy() and strncat(). The controversy of these
#	functions is that strlcpy() and strlcat() copy the source data to the
#	destination buffer until the destination is full, and discards the rest of
#	the data if there is any. This means that these functions will never
#	overflow. The basis for the Glibc team's refusal to add these functions is
#	that they silently hide programing errors, and they have a higher performance
#	hit than strncpy() and strncat(). These functions should not be needed in a
#	perfect world, but were invented to deal with the real world. Many packages
#	will use these functions if they are found, such as Perl and many BLFS
#	packages. These functions do reduce buffer overflows, and so they are
#	recommended. After installing this patch no other effort is needed to use it.
#	Packages will use autotools to detect whether they are available or not.

# $(THISAPP)-asprintf_reset2null-1.patch
#	The asprintf(3) and vasprintf(3) functions are GNU extentions, not defined
#	by C or Posix standards. In Glibc these functions leave (char **strp) undefined
#	after an error. This patch resets (char **strp) to NULL after an error, for
#	sanity. 

# $(THISAPP)-issetugid-1.patch
#	This patch adds the issetugid() function, which is a front-end to the
#	__libc_enable_secure() dynamic linker private function. This function
#	reports whether the program is running with matching real and effective
#	ID's, or not, to determine whether the program is running with set-uid or
#	set-gid privileges. Many packages will search for issetugid() and use it if
#	found, such as Ncurses. This is safer than allowing each program to
#	determine privileges itself because it is tested at a lower level which is
#	not manipulatable by the user. Apply this patch with the following command: 

# $(THISAPP)-localedef_trampoline-1.patch
#	The next patch modifies the localedef program so it does not use GCC
#	Trampoline code (http://gcc.gnu.org/onlinedocs/gccint/Trampolines.html),
#	which relies on an executable stack to run. Without this patch the localedef
#	program will be killed if it is run on a kernel with PaX memory protection.
#	See http://pax.grsecurity.net/docs/pageexec.txt and
#	http://pax.grsecurity.net/docs/segmexec.txt for more information.

# $(THISAPP)-sanitize_env.patch
#	This patch resticts the environment, particularly with setuid programs. 

# $(THISAPP)-mktemp_urandom.patch
#	The patch modifies __gen_tempname(), used by the mk*temp()/tmpnam() family
#	of functions, to use /dev/urandom instead of hp-timing, gettimeofday(), or
#	getpid(): 

# $(THISAPP)-res_randomid.patch
#	The res_randomid() function is a pseudo-random number generator, using
#	getpid() for entropy. See: http://www.openbsd.org/advisories/res_random.txt
#	for the vulnerability. This patch uses /dev/urandom instead.

# $(THISAPP)-resolv_response_length.patch
#	This patch does a check on the buffer size of res_* functions.

QUALITY_AGENT_RPATH_ALLOW_ORIGIN=yes

define STAGE_PREPARE
	@cd $(DIR_SRC) && $(DO_EXTRACT) $(DIR_DL)/$(firstword $(PKG_OBJECTS))
	@mkdir $(DIR_SRC)/glibc-build

	# In the vi_VN.TCVN locale, bash enters an infinite loop at startup. It is
	# unknown whether this is a bash bug or a Glibc problem. Disable
	# installation of this locale in order to avoid the problem.
	cd $(DIR_APP) && sed -i '/vi_VN.TCVN/d' localedata/SUPPORTED

	# The ldd shell script contains Bash-specific syntax. Change its default
	# program interpreter to /bin/bash in case another /bin/sh is installed.
	cd $(DIR_APP) && sed -i 's|@BASH@|/bin/bash|' elf/ldd.bash.in

	$(DO_PATCHES)

	# We don't install pt_chown(1) on the final system, so why install it to
	# $(TOOLS_DIR):
	cd $(DIR_APP) && sed -e "/^install.*pt_chown/d" -i login/Makefile

	# Build nscd with -fstack-protector-all, instead of -fstack-protector:
	cd $(DIR_APP) && sed -e "s/fstack-protector/&-all/" -i nscd/Makefile

	# We don't need to set -march=i?86 in confparams because GCC was built with
	# --with-arch=i?86.

	cat $(DIR_SOURCE)/$(PKG_NAME)-stack_chk_fail.c \
		> $(DIR_APP)/debug/stack_chk_fail.c

	#cd $(DIR_APP) && \
	#	sed -e "s|libs -o|libs -L/usr/lib -Wl,-dynamic-linker=$(shell readelf -l /bin/sh | sed -n 's@.*interpret.*$(TOOLS_DIR)\(.*\)]$$@\1@p') -o|" \
	#	-i scripts/test-installation.pl

	# Use gnu hash style
	cd $(DIR_APP) && sed -i Makeconfig \
		-e "s/-Wl,--hash-style=both/-Wl,--hash-style=gnu -Wl,-O1/"

	# stdlib/tst-putenvmod is not linked against libc.
	cd $(DIR_APP) && sed -i stdlib/Makefile \
		-e "s/^CFLAGS-tst-putenvmod.c.*/& -fno-stack-protector/g"

	# stdio-common/bug22 hits timeout.
	cd $(DIR_APP) && sed -i stdio-common/bug22.c \
		-e "s/#define TIMEOUT.*/#define TIMEOUT 300/"

	# These tests don't work or need more investigation:
	cd $(DIR_APP) && sed -i dlfcn/Makefile -e "s/default //g"

	cd $(DIR_APP) && sed -i nptl/Makefile \
		-e "s/tst-mutex5 //g" \
		-e "s/tst-mutex5a //g" \
		-e "s/tst-cond11 //g" \
		-e "s/tst-rwlock6 //g" \
		-e "s/tst-rwlock7 //g" \
		-e "s/tst-sem5 //g" \
		-e "s/tst-cancelx4 //g" \
		-e "s/tst-cancelx5 //g" \
		-e "s/tst-cancelx10 //g" \
		-e "s/tst-cancelx18 //g" \
		-e "s/tst-signal1 //g"

	# These are known to fail on x86:
	cd $(DIR_APP) && sed -i rt/Makefile \
		-e "s/tst-cpuclock1 //g" \
		-e "s/tst-cpuclock2 //g"

	cd $(DIR_APP) && sed -i elf/Makefile \
		-e "s/tst-tls1 //g" \
		-e "s/tst-tls1-static //g" \
		-e "s/tst-tls2 //g" \
		-e "s/tst-tls2-static //g" \
		-e "s/tst-tls3 //g" \
		-e "s/resolvfail //g" \
		-e "s/constload1 //g" \
		-e "s/order //g" \
		-e "s/lateglobal //g" \
		-e "s/dblload //g" \
		-e "s/dblunload //g" \
		-e "s/reldep6 //g" \
		-e "s/circleload1 //g" \
		-e "s/tst-global1 //g" \
		-e "s/tst-audit2 //g" \
		-e "s/check-localplt //g" \
		-e "s/check-localplt.out$$//g"

	cd $(DIR_APP) && sed -i signal/Makefile \
		-e "s/tst-sigset2//g"

	#cd $(DIR_APP) && sed -i configure \
	#	-e "s/-Werror -fstack-protector/-fstack-protector/"
endef

define STAGE_BUILD
	cd $(DIR_SRC)/glibc-build && \
		CFLAGS="$(CFLAGS) -fno-asynchronous-unwind-tables" \
		../$(THISAPP)/configure \
			--build=$(GLIBC_TARGET_PLATFORM) \
			--host=$(GLIBC_TARGET_PLATFORM) \
			--prefix=/usr \
			--libexecdir=/usr/lib/glibc \
			--disable-profile \
			--enable-add-ons \
			--enable-kernel=$(OPTIMIZED_KERNEL) \
			--with-selinux \
			--disable-werror \
			--enable-bind-now \
			--enable-__thread \
			--enable-tls \
			--enable-experimental-malloc \
			--with-gd \
			--with-nss-crypt

	cd $(DIR_SRC)/glibc-build && sed -i config.make \
		-e "s/^build-pic-default=.*/build-pic-default=yes/"

	# Our GCC is already passing -fPIC, and that's all we want for the libraries.
	# LDFLAGS.so is appended to so we don't build shared libraries with
	# DT_TEXTREL (and to tell us if something goes wrong). For now we only build
	# the libraries, not the programs:
	echo "build-programs=no" \
		>> $(DIR_SRC)/glibc-build/configparms

	cd $(DIR_SRC)/glibc-build && make PARALLELMFLAGS=$(PARALLELISMFLAGS) \
		CFLAGS="$(CFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE" \
		CXXFLAGS="$(CXXFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE"

	# Then build the programs with hardening, so everything possible in
	# $(TOOLS_DIR) is hardened:
	echo "# Nothing in here :D" >  $(DIR_SRC)/glibc-build/configparms
	cd $(DIR_SRC)/glibc-build && make PARALLELMFLAGS=$(PARALLELISMFLAGS) \
		CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)"
endef

#define STAGE_TEST
#	cd $(DIR_SRC)/glibc-build && TIMEOUTFACTOR=16 make check \
#		CFLAGS="$(CFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE" \
#		CXXFLAGS="$(CXXFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE"
#endef

define STAGE_INSTALL
	cd $(DIR_SRC)/glibc-build && make install install_root=$(BUILDROOT)

	# Locales
	-mkdir -pv $(BUILDROOT)/usr/lib/locale
	# This would install all locales that are supported
	cd $(DIR_SRC)/glibc-build && make localedata/install-locales install_root=$(BUILDROOT)

	# Timezone
	cp -v --remove-destination $(BUILDROOT)/usr/share/zoneinfo/GMT $(BUILDROOT)/etc/localtime

	# Configuration
	cp -vf $(DIR_SOURCE)/{ld.so.conf,nsswitch.conf} $(BUILDROOT)/etc
	-mkdir -pv $(BUILDROOT)/etc/{default,ld.so.conf.d}
	install -p -m644 $(DIR_APP)/nis/nss $(BUILDROOT)/etc/default/nss

	# Remove unused binaries
	rm -vf $(BUILDROOT)/sbin/sln \
		$(BUILDROOT)/usr/bin/rpcinfo

	# Don't distribute linker cache
	rm -vf $(BUILDROOT)/etc/ld.so.cache

	# Include /usr/lib/gconv/gconv-modules.cache
	> $(BUILDROOT)/usr/lib/gconv/gconv-modules.cache
	chmod 644 $(BUILDROOT)/usr/lib/gconv/gconv-modules.cache

	strip -g $(BUILDROOT)/usr/lib/*.o

	# Move some libs to correct place
	mv -v $(BUILDROOT)/lib/lib{memusage,pcprofile}.so $(BUILDROOT)/usr/lib/
endef

### Packages

# glibc-common
PKG_PACKAGES  += $(PKG_NAME)-common
PKG_DEPS      += $(PKG_NAME)-common

define PKG_FILES-$(PKG_NAME)-common
	/usr/bin
	/usr/sbin
	/usr/share
	!/usr/share/zoneinfo
endef

# glibc-devel
PKG_PACKAGES  += $(PKG_NAME)-devel

PKG_SUMMARY-$(PKG_NAME)-devel = \
	Object files for development using standard C libraries.
PKG_GROUP-$(PKG_NAME)-devel = Development/Libraries
PKG_DEPS-$(PKG_NAME)-devel += $(PKG_NAME)-headers

define PKG_DESCRIPTION-$(PKG_NAME)-devel
	The glibc-devel package contains the object files necessary
	for developing programs which use the standard C libraries (which are
	used by nearly all programs).  If you are developing programs which
	will use the standard C libraries, your system needs to have these
	standard object files available in order to create the
	executables.

	Install glibc-devel if you are going to develop programs which will
	use the standard C libraries.
endef

PKG_FILES-$(PKG_NAME)-devel += /usr/lib/*.a /usr/lib/*.o

# glibc-headers
PKG_PACKAGES  += $(PKG_NAME)-headers

PKG_DEPS-$(PKG_NAME)-headers += kernel-headers

define PKG_DESCRIPTION-$(PKG_NAME)-heasders
	The glibc-headers package contains the header files necessary
	for developing programs which use the standard C libraries (which are
	used by nearly all programs).  If you are developing programs which
	will use the standard C libraries, your system needs to have these
	standard header files available in order to create the
	executables.

	Install glibc-headers if you are going to develop programs which will
	use the standard C libraries.
endef

define PKG_FILES-$(PKG_NAME)-headers
	/usr/include
	!/usr/include/linuxthreads
	!/usr/include/gnu/stubs-[32164]*.h
endef

# nscd
PKG_PACKAGES  += nscd

PKG_SUMMARY-nscd = A Name Service Caching Daemon (nscd).
PKG_GROUP-nscd   = System/Daemons

define PKG_DESCRIPTION-nscd
	Nscd caches name service lookups and can dramatically improve \
	performance with NIS+, and may help with DNS as well.
endef

define PKG_FILES-nscd
	/usr/sbin/nscd
endef

# glibc-utils
PKG_PACKAGES  += $(PKG_NAME)-utils

PKG_SUMMARY-$(PKG_NAME)-utils = Development utilities from GNU C library.
PKG_GROUP-$(PKG_NAME)-utils   = Development/Tools
define PKG_DESCRIPTION_$(PKG_NAME)-utils
	The glibc-utils package contains memusage, a memory usage profiler, \
	mtrace, a memory leak tracer and xtrace, a function call tracer \
	which can be helpful during program debugging.
endef

define PKG_FILES-$(PKG_NAME)-utils
	/usr/bin/memusage
	/usr/bin/memusagestat
	/usr/bin/mtrace
	/usr/bin/pcprofiledump
	/usr/bin/xtrace
	/usr/lib/libmemusage.so
	/usr/lib/libpcprofile.so
endef
Commit	Line	Data
166a6c21 MT	1	###############################################################################
	2	# #
	3	# IPFire.org - A linux based firewall #
	4	# Copyright (C) 2007, 2008, 2009 Michael Tremer & Christian Schmidt #
	5	# #
	6	# This program is free software: you can redistribute it and/or modify #
	7	# it under the terms of the GNU General Public License as published by #
	8	# the Free Software Foundation, either version 3 of the License, or #
	9	# (at your option) any later version. #
	10	# #
	11	# This program is distributed in the hope that it will be useful, #
	12	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	13	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	14	# GNU General Public License for more details. #
	15	# #
	16	# You should have received a copy of the GNU General Public License #
	17	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	18	# #
	19	###############################################################################
	20
	21	###############################################################################
	22	# Definitions
	23	###############################################################################
	24
a7c97434	25	include $(PKGROOT)/Include
166a6c21 MT	26
166a6c21 MT	27	PKG_NAME = glibc
eae7d017	28	PKG_VER = 2.14
ba8de1f5	29	PKG_REL = 1
7f617709 MT	30
7f617709 MT	31	# TODO tzdata
166a6c21 MT	32
166a6c21 MT	33	PKG_MAINTAINER = Michael Tremer <michael.tremer@ipfire.org>
bb7d617c	34	PKG_GROUPS = System/Base
166a6c21 MT	35	PKG_URL = http://sources.redhat.com/glibc/
	36	PKG_LICENSE = GPLv2+ LGPLv2+
	37	PKG_SUMMARY = The GNU libc libraries.
	38
7eaea6f8 MT	39	PKG_BUILD_DEPS+= audit-devel autoconf automake gettext libcap-devel \
7eaea6f8 MT	40	libselinux-devel texinfo
2777fcb0	41
166a6c21 MT	42	define PKG_DESCRIPTION
	43	The glibc package contains standard libraries which are used by \
	44	multiple programs on the system. In order to save disk space and \
	45	memory, as well as to make upgrading easier, common system code is \
	46	kept in one place and shared between programs. This particular package \
	47	contains the most important sets of shared libraries: the standard C \
	48	library and the standard math library. Without these two libraries, a \
	49	Linux system will not function.
	50	endef
	51
5a71f323 MT	52	# Build glibc with custom cflags
5a71f323 MT	53	GLIBC_FLAGS = -O3 -g -fasynchronous-unwind-tables -DNDEBUG -DPIC
0bed08cd	54
5a71f323 MT	55	ifeq "$(DISTRO_ARCH)" "i686"
	56	GLIBC_FLAGS += -march=i686 -mtune=generic
	57	endif
166a6c21	58
5a71f323 MT	59	ifeq "$(DISTRO_ARCH)" "x86_64"
	60	GLIBC_FLAGS += -mtune=generic
	61	endif
	62
	63	export CFLAGS = $(GLIBC_FLAGS)
	64	export CXXFLAGS = $(GLIBC_FLAGS)
	65
	66	GLIBC_TARGET_PLATFORM = $(subst -gnu,,$(DISTRO_MACHINE))
0e22dbe2	67	OPTIMIZED_KERNEL = 2.6.32
166a6c21	68
d9a1ddc1	69	PKG_OBJECTS += $(THISAPP).tar.xz
166a6c21	70
b2ec3c8a MT	71	# $(THISAPP)-pt_pax-1.patch - Support for PT_PaX markings.
	72
	73	# $(THISAPP)-strlcpy_strlcat-1.patch
	74	# This patch adds the strlcpy and strlcat functions and manual pages to Glibc.
	75	# A paper written about these functions is available here:
	76	# http://www.courtesan.com/todd/papers/strlcpy.html. The Glibc project has
	77	# refused to add these functions, and that mail tread starts here:
	78	# http://sources.redhat.com/ml/libc-alpha/2000-08/msg00052.html. Linus Torvalds
	79	# has added a similar function to the Linux kernel, and that mail thread is
	80	# here: http://lwn.net/Articles/33814/. The strlcpy() and strlcat() functions
	81	# are replacements for strncpy() and strncat(). The controversy of these
	82	# functions is that strlcpy() and strlcat() copy the source data to the
	83	# destination buffer until the destination is full, and discards the rest of
	84	# the data if there is any. This means that these functions will never
	85	# overflow. The basis for the Glibc team's refusal to add these functions is
	86	# that they silently hide programing errors, and they have a higher performance
	87	# hit than strncpy() and strncat(). These functions should not be needed in a
	88	# perfect world, but were invented to deal with the real world. Many packages
	89	# will use these functions if they are found, such as Perl and many BLFS
	90	# packages. These functions do reduce buffer overflows, and so they are
	91	# recommended. After installing this patch no other effort is needed to use it.
	92	# Packages will use autotools to detect whether they are available or not.
	93
	94	# $(THISAPP)-asprintf_reset2null-1.patch
	95	# The asprintf(3) and vasprintf(3) functions are GNU extentions, not defined
	96	# by C or Posix standards. In Glibc these functions leave (char **strp) undefined
	97	# after an error. This patch resets (char **strp) to NULL after an error, for
	98	# sanity.
	99
	100	# $(THISAPP)-issetugid-1.patch
	101	# This patch adds the issetugid() function, which is a front-end to the
	102	# __libc_enable_secure() dynamic linker private function. This function
	103	# reports whether the program is running with matching real and effective
	104	# ID's, or not, to determine whether the program is running with set-uid or
	105	# set-gid privileges. Many packages will search for issetugid() and use it if
	106	# found, such as Ncurses. This is safer than allowing each program to
	107	# determine privileges itself because it is tested at a lower level which is
	108	# not manipulatable by the user. Apply this patch with the following command:
	109
	110	# $(THISAPP)-localedef_trampoline-1.patch
	111	# The next patch modifies the localedef program so it does not use GCC
	112	# Trampoline code (http://gcc.gnu.org/onlinedocs/gccint/Trampolines.html),
	113	# which relies on an executable stack to run. Without this patch the localedef
	114	# program will be killed if it is run on a kernel with PaX memory protection.
	115	# See http://pax.grsecurity.net/docs/pageexec.txt and
	116	# http://pax.grsecurity.net/docs/segmexec.txt for more information.
	117
	118	# $(THISAPP)-sanitize_env.patch
	119	# This patch resticts the environment, particularly with setuid programs.
	120
	121	# $(THISAPP)-mktemp_urandom.patch
	122	# The patch modifies __gen_tempname(), used by the mk*temp()/tmpnam() family
	123	# of functions, to use /dev/urandom instead of hp-timing, gettimeofday(), or
	124	# getpid():
	125
	126	# $(THISAPP)-res_randomid.patch
	127	# The res_randomid() function is a pseudo-random number generator, using
	128	# getpid() for entropy. See: http://www.openbsd.org/advisories/res_random.txt
	129	# for the vulnerability. This patch uses /dev/urandom instead.
	130
	131	# $(THISAPP)-resolv_response_length.patch
	132	# This patch does a check on the buffer size of res_* functions.
166a6c21	133
370830cf	134	QUALITY_AGENT_RPATH_ALLOW_ORIGIN=yes
166a6c21	135
17c0ee8a MT	136	define STAGE_PREPARE
17c0ee8a MT	137	@cd $(DIR_SRC) && $(DO_EXTRACT) $(DIR_DL)/$(firstword $(PKG_OBJECTS))
166a6c21 MT	138	@mkdir $(DIR_SRC)/glibc-build
	139
	140	# In the vi_VN.TCVN locale, bash enters an infinite loop at startup. It is
	141	# unknown whether this is a bash bug or a Glibc problem. Disable
	142	# installation of this locale in order to avoid the problem.
	143	cd $(DIR_APP) && sed -i '/vi_VN.TCVN/d' localedata/SUPPORTED
	144
	145	# The ldd shell script contains Bash-specific syntax. Change its default
	146	# program interpreter to /bin/bash in case another /bin/sh is installed.
	147	cd $(DIR_APP) && sed -i 's\|@BASH@\|/bin/bash\|' elf/ldd.bash.in
	148
	149	$(DO_PATCHES)
	150
	151	# We don't install pt_chown(1) on the final system, so why install it to
	152	# $(TOOLS_DIR):
	153	cd $(DIR_APP) && sed -e "/^install.*pt_chown/d" -i login/Makefile
	154
166a6c21 MT	155	# Build nscd with -fstack-protector-all, instead of -fstack-protector:
	156	cd $(DIR_APP) && sed -e "s/fstack-protector/&-all/" -i nscd/Makefile
	157
	158	# We don't need to set -march=i?86 in confparams because GCC was built with
	159	# --with-arch=i?86.
	160
bceb6c91	161	cat $(DIR_SOURCE)/$(PKG_NAME)-stack_chk_fail.c \
166a6c21	162	> $(DIR_APP)/debug/stack_chk_fail.c
f1fdd4d6	163
7c1fc7a0 MT	164	#cd $(DIR_APP) && \
	165	# sed -e "s\|libs -o\|libs -L/usr/lib -Wl,-dynamic-linker=$(shell readelf -l /bin/sh \| sed -n 's@.interpret.$(TOOLS_DIR)\(.*\)]$$@\1@p') -o\|" \
	166	# -i scripts/test-installation.pl
8a346372	167
0bed08cd MT	168	# Use gnu hash style
	169	cd $(DIR_APP) && sed -i Makeconfig \
	170	-e "s/-Wl,--hash-style=both/-Wl,--hash-style=gnu -Wl,-O1/"
342b9bc7 MT	171
	172	# stdlib/tst-putenvmod is not linked against libc.
	173	cd $(DIR_APP) && sed -i stdlib/Makefile \
	174	-e "s/^CFLAGS-tst-putenvmod.c.*/& -fno-stack-protector/g"
	175
	176	# stdio-common/bug22 hits timeout.
	177	cd $(DIR_APP) && sed -i stdio-common/bug22.c \
	178	-e "s/#define TIMEOUT.*/#define TIMEOUT 300/"
ce136479 MT	179
	180	# These tests don't work or need more investigation:
	181	cd $(DIR_APP) && sed -i dlfcn/Makefile -e "s/default //g"
	182
	183	cd $(DIR_APP) && sed -i nptl/Makefile \
	184	-e "s/tst-mutex5 //g" \
	185	-e "s/tst-mutex5a //g" \
	186	-e "s/tst-cond11 //g" \
	187	-e "s/tst-rwlock6 //g" \
	188	-e "s/tst-rwlock7 //g" \
	189	-e "s/tst-sem5 //g" \
	190	-e "s/tst-cancelx4 //g" \
	191	-e "s/tst-cancelx5 //g" \
	192	-e "s/tst-cancelx10 //g" \
	193	-e "s/tst-cancelx18 //g" \
80ac1d2c	194	-e "s/tst-signal1 //g"
ce136479 MT	195
	196	# These are known to fail on x86:
	197	cd $(DIR_APP) && sed -i rt/Makefile \
	198	-e "s/tst-cpuclock1 //g" \
	199	-e "s/tst-cpuclock2 //g"
	200
	201	cd $(DIR_APP) && sed -i elf/Makefile \
	202	-e "s/tst-tls1 //g" \
	203	-e "s/tst-tls1-static //g" \
	204	-e "s/tst-tls2 //g" \
	205	-e "s/tst-tls2-static //g" \
	206	-e "s/tst-tls3 //g" \
	207	-e "s/resolvfail //g" \
	208	-e "s/constload1 //g" \
	209	-e "s/order //g" \
	210	-e "s/lateglobal //g" \
	211	-e "s/dblload //g" \
	212	-e "s/dblunload //g" \
	213	-e "s/reldep6 //g" \
	214	-e "s/circleload1 //g" \
	215	-e "s/tst-global1 //g" \
	216	-e "s/tst-audit2 //g" \
	217	-e "s/check-localplt //g" \
	218	-e "s/check-localplt.out$$//g"
	219
80ac1d2c MT	220	cd $(DIR_APP) && sed -i signal/Makefile \
80ac1d2c MT	221	-e "s/tst-sigset2//g"
5a71f323 MT	222
	223	#cd $(DIR_APP) && sed -i configure \
	224	# -e "s/-Werror -fstack-protector/-fstack-protector/"
17c0ee8a	225	endef
166a6c21	226
17c0ee8a	227	define STAGE_BUILD
166a6c21	228	cd $(DIR_SRC)/glibc-build && \
5a71f323	229	CFLAGS="$(CFLAGS) -fno-asynchronous-unwind-tables" \
166a6c21	230	../$(THISAPP)/configure \
5a71f323 MT	231	--build=$(GLIBC_TARGET_PLATFORM) \
5a71f323 MT	232	--host=$(GLIBC_TARGET_PLATFORM) \
166a6c21 MT	233	--prefix=/usr \
	234	--libexecdir=/usr/lib/glibc \
	235	--disable-profile \
	236	--enable-add-ons \
	237	--enable-kernel=$(OPTIMIZED_KERNEL) \
2777fcb0	238	--with-selinux \
166a6c21 MT	239	--disable-werror \
166a6c21 MT	240	--enable-bind-now \
70b63715 MT	241	--enable-__thread \
	242	--enable-tls \
	243	--enable-experimental-malloc \
	244	--with-gd \
	245	--with-nss-crypt
	246
	247	cd $(DIR_SRC)/glibc-build && sed -i config.make \
	248	-e "s/^build-pic-default=.*/build-pic-default=yes/"
166a6c21 MT	249
	250	# Our GCC is already passing -fPIC, and that's all we want for the libraries.
	251	# LDFLAGS.so is appended to so we don't build shared libraries with
	252	# DT_TEXTREL (and to tell us if something goes wrong). For now we only build
	253	# the libraries, not the programs:
	254	echo "build-programs=no" \
	255	>> $(DIR_SRC)/glibc-build/configparms
	256
	257	cd $(DIR_SRC)/glibc-build && make PARALLELMFLAGS=$(PARALLELISMFLAGS) \
0bed08cd MT	258	CFLAGS="$(CFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE" \
0bed08cd MT	259	CXXFLAGS="$(CXXFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE"
166a6c21 MT	260
	261	# Then build the programs with hardening, so everything possible in
	262	# $(TOOLS_DIR) is hardened:
0bed08cd	263	echo "# Nothing in here :D" > $(DIR_SRC)/glibc-build/configparms
166a6c21 MT	264	cd $(DIR_SRC)/glibc-build && make PARALLELMFLAGS=$(PARALLELISMFLAGS) \
166a6c21 MT	265	CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)"
17c0ee8a	266	endef
166a6c21	267
7c1fc7a0 MT	268	#define STAGE_TEST
	269	# cd $(DIR_SRC)/glibc-build && TIMEOUTFACTOR=16 make check \
	270	# CFLAGS="$(CFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE" \
	271	# CXXFLAGS="$(CXXFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE"
	272	#endef
b6ca5178	273
17c0ee8a	274	define STAGE_INSTALL
166a6c21 MT	275	cd $(DIR_SRC)/glibc-build && make install install_root=$(BUILDROOT)
166a6c21 MT	276
166a6c21 MT	277	# Locales
166a6c21 MT	278	-mkdir -pv $(BUILDROOT)/usr/lib/locale
f1fdd4d6	279	# This would install all locales that are supported
166a6c21 MT	280	cd $(DIR_SRC)/glibc-build && make localedata/install-locales install_root=$(BUILDROOT)
166a6c21 MT	281
166a6c21 MT	282	# Timezone
	283	cp -v --remove-destination $(BUILDROOT)/usr/share/zoneinfo/GMT $(BUILDROOT)/etc/localtime
	284
	285	# Configuration
	286	cp -vf $(DIR_SOURCE)/{ld.so.conf,nsswitch.conf} $(BUILDROOT)/etc
7f617709 MT	287	-mkdir -pv $(BUILDROOT)/etc/{default,ld.so.conf.d}
7f617709 MT	288	install -p -m644 $(DIR_APP)/nis/nss $(BUILDROOT)/etc/default/nss
2cef8807 MT	289
2cef8807 MT	290	# Remove unused binaries
7f617709 MT	291	rm -vf $(BUILDROOT)/sbin/sln \
	292	$(BUILDROOT)/usr/bin/rpcinfo
	293
	294	# Don't distribute linker cache
	295	rm -vf $(BUILDROOT)/etc/ld.so.cache
	296
	297	# Include /usr/lib/gconv/gconv-modules.cache
	298	> $(BUILDROOT)/usr/lib/gconv/gconv-modules.cache
	299	chmod 644 $(BUILDROOT)/usr/lib/gconv/gconv-modules.cache
	300
	301	strip -g $(BUILDROOT)/usr/lib/*.o
	302
	303	# Move some libs to correct place
	304	mv -v $(BUILDROOT)/lib/lib{memusage,pcprofile}.so $(BUILDROOT)/usr/lib/
	305	endef
	306
	307	### Packages
	308
	309	# glibc-common
	310	PKG_PACKAGES += $(PKG_NAME)-common
	311	PKG_DEPS += $(PKG_NAME)-common
	312
	313	define PKG_FILES-$(PKG_NAME)-common
	314	/usr/bin
	315	/usr/sbin
	316	/usr/share
	317	!/usr/share/zoneinfo
	318	endef
	319
	320	# glibc-devel
	321	PKG_PACKAGES += $(PKG_NAME)-devel
	322
	323	PKG_SUMMARY-$(PKG_NAME)-devel = \
	324	Object files for development using standard C libraries.
	325	PKG_GROUP-$(PKG_NAME)-devel = Development/Libraries
	326	PKG_DEPS-$(PKG_NAME)-devel += $(PKG_NAME)-headers
	327
	328	define PKG_DESCRIPTION-$(PKG_NAME)-devel
	329	The glibc-devel package contains the object files necessary
	330	for developing programs which use the standard C libraries (which are
	331	used by nearly all programs). If you are developing programs which
	332	will use the standard C libraries, your system needs to have these
	333	standard object files available in order to create the
	334	executables.
	335
	336	Install glibc-devel if you are going to develop programs which will
	337	use the standard C libraries.
	338	endef
	339
	340	PKG_FILES-$(PKG_NAME)-devel += /usr/lib/.a /usr/lib/.o
	341
	342	# glibc-headers
	343	PKG_PACKAGES += $(PKG_NAME)-headers
	344
	345	PKG_DEPS-$(PKG_NAME)-headers += kernel-headers
	346
	347	define PKG_DESCRIPTION-$(PKG_NAME)-heasders
	348	The glibc-headers package contains the header files necessary
	349	for developing programs which use the standard C libraries (which are
	350	used by nearly all programs). If you are developing programs which
	351	will use the standard C libraries, your system needs to have these
	352	standard header files available in order to create the
	353	executables.
	354
355	Install glibc-headers if you are going to develop programs which will
356	use the standard C libraries.
357	endef
358
359	define PKG_FILES-$(PKG_NAME)-headers
360	/usr/include
361	!/usr/include/linuxthreads
362	!/usr/include/gnu/stubs-[32164]*.h
363	endef
364
365	# nscd
366	PKG_PACKAGES += nscd
367
368	PKG_SUMMARY-nscd = A Name Service Caching Daemon (nscd).
369	PKG_GROUP-nscd = System/Daemons
370
371	define PKG_DESCRIPTION-nscd
372	Nscd caches name service lookups and can dramatically improve \
373	performance with NIS+, and may help with DNS as well.
374	endef
375
376	define PKG_FILES-nscd
377	/usr/sbin/nscd
378	endef
379
380	# glibc-utils
381	PKG_PACKAGES += $(PKG_NAME)-utils
382
383	PKG_SUMMARY-$(PKG_NAME)-utils = Development utilities from GNU C library.
384	PKG_GROUP-$(PKG_NAME)-utils = Development/Tools
385	define PKG_DESCRIPTION_$(PKG_NAME)-utils
386	The glibc-utils package contains memusage, a memory usage profiler, \
387	mtrace, a memory leak tracer and xtrace, a function call tracer \
388	which can be helpful during program debugging.
389	endef
390
391	define PKG_FILES-$(PKG_NAME)-utils
7aad036c MT	392	/usr/bin/memusage
7aad036c MT	393	/usr/bin/memusagestat
7f617709 MT	394	/usr/bin/mtrace
	395	/usr/bin/pcprofiledump
	396	/usr/bin/xtrace
	397	/usr/lib/libmemusage.so
	398	/usr/lib/libpcprofile.so
17c0ee8a	399	endef