Package: guix-patches;
Reported by: Felix Lechner <felix.lechner <at> lease-up.com>
Date: Wed, 17 May 2023 04:20:02 UTC
Severity: normal
Tags: patch
Done: Josselin Poiret <dev <at> jpoiret.xyz>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 63545 in the body.
You can then email your comments to 63545 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#63545; Package guix-patches.
(Wed, 17 May 2023 04:20:02 GMT) Full text and rfc822 format available.Felix Lechner <felix.lechner <at> lease-up.com>:guix-patches <at> gnu.org.
(Wed, 17 May 2023 04:20:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Felix Lechner <felix.lechner <at> lease-up.com> To: guix-patches <at> gnu.org Cc: Felix Lechner <felix.lechner <at> lease-up.com> Subject: [PATCH 0/3] gnu: heimdal: Drop obsolete user tools. Date: Tue, 16 May 2023 21:19:39 -0700
This patch stops Guix from shipping user tools that, according to two Heimdal maintainers have been obsolete for over five years. While mostly harmless, those tools shadowed legitimate tools like 'su' from core-utils. [1] [1] https://lists.gnu.org/archive/html/guix-devel/2023-04/msg00364.html Felix Lechner (3): gnu: heimdal: Build from Git. gnu: heimdal: Drop obsolete and insecure user tools. gnu: heimdal: Re-indent code; no functional change. gnu/packages/kerberos.scm | 202 +++++++++++++++++++------------------- 1 file changed, 103 insertions(+), 99 deletions(-) base-commit: 6e38ec447f98383e0722ac300734f8d7c8c5c7b0 -- 2.40.1
guix-patches <at> gnu.org:bug#63545; Package guix-patches.
(Wed, 17 May 2023 04:22:01 GMT) Full text and rfc822 format available.Message #8 received at 63545 <at> debbugs.gnu.org (full text, mbox):
From: Felix Lechner <felix.lechner <at> lease-up.com> To: 63545 <at> debbugs.gnu.org Cc: Felix Lechner <felix.lechner <at> lease-up.com> Subject: [PATCH 1/3] gnu: heimdal: Build from Git. Date: Tue, 16 May 2023 21:20:55 -0700
This is in preparation to drop obsolete tools from the Automake files. The
tarball comes with a ./configure script. It was not clear to the author what
the best way was to run 'autoreconf -f -i' with the tarball in Guix's
gnu-build-system.
* gnu/packages/kerberos (heimdal): Build from Git; prepare to drop obsolete
tools from Automake.
---
gnu/packages/kerberos.scm | 39 +++++++++++++++++++++++----------------
1 file changed, 23 insertions(+), 16 deletions(-)
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index c553f8180a..af67bff6c9 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -56,6 +56,7 @@ (define-module (gnu packages kerberos)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix gexp)
+ #:use-module (guix git-download)
#:use-module (guix utils)
#:use-module (guix build-system gnu))
@@ -171,26 +172,22 @@ (define-public shishi
(license license:gpl3+)))
(define-public heimdal
+ (let ((commit "a6cf94577c0d1e5bca5304342e4ddffb18255afe")
+ (revision "1"))
(package
(name "heimdal")
- (version "7.8.0")
+ (version (git-version "7.8.0" revision commit))
(source (origin
- (method url-fetch)
- (uri (string-append
- "https://github.com/heimdal/heimdal/releases/download/"
- "heimdal-" version "/" "heimdal-" version ".tar.gz"))
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/heimdal/heimdal")
+ (commit commit)))
+ (file-name (git-file-name name version))
(sha256
(base32
- "0f4dblav859p5hn7b2jdj1akw6d8p32as6bj6zym19kghh3s51zx"))
+ "0df646hzi10s0w07kqzj10aniv6jsbmlpx6j3lqjvpsjpmm9lww9"))
(patches
- (search-patches "heimdal-CVE-2022-45142.patch"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- (substitute* "configure"
- (("User=.*$") "User=Guix\n")
- (("Host=.*$") "Host=GNU")
- (("Date=.*$") "Date=2022\n"))))))
+ (search-patches "heimdal-CVE-2022-45142.patch"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
@@ -224,6 +221,10 @@ (define-public heimdal
(add-before 'configure 'pre-configure
(lambda* (#:key inputs #:allow-other-keys)
(substitute* "configure"
+ ;; Reproducible build date, etc.
+ (("User=.*$") "User=Guix\n")
+ (("Host=.*$") "Host=GNU")
+ (("Date=.*$") "Date=2022\n")
;; The e2fsprogs input is included for libcom_err,
;; let's use it even if cross-compiling.
(("test \"\\$\\{krb_cv_com_err\\}\" = \"yes\"")
@@ -255,12 +256,17 @@ (define-public heimdal
(format #t "#!~a~%exit 1~%" (which "sh")))))))
;; Tests fail when run in parallel.
#:parallel-tests? #f))
- (native-inputs (list bison
+ (native-inputs (list autoconf
+ automake
+ bison
e2fsprogs ;for 'compile_et'
flex
+ libtool
texinfo
unzip ;for tests
pkg-config
+ perl
+ perl-json
python))
(inputs (list readline
bash-minimal
@@ -274,4 +280,5 @@ (define-public heimdal
(description
"Heimdal is an implementation of Kerberos 5 network authentication
service.")
- (license license:bsd-3)))
+ (license license:bsd-3))))
+
--
2.40.1
guix-patches <at> gnu.org:bug#63545; Package guix-patches.
(Wed, 17 May 2023 04:22:01 GMT) Full text and rfc822 format available.Message #11 received at 63545 <at> debbugs.gnu.org (full text, mbox):
From: Felix Lechner <felix.lechner <at> lease-up.com> To: 63545 <at> debbugs.gnu.org Cc: Felix Lechner <felix.lechner <at> lease-up.com> Subject: [PATCH 2/3] gnu: heimdal: Drop obsolete and insecure user tools. Date: Tue, 16 May 2023 21:20:56 -0700
According to messages from the Heimdal maintainers Brian May and Nico
Williams, no one should be using their version of 'su' anymore. It was deleted
from the development branch five years ago [1] and is only being shipped
because the 7.8.0 is based on an older, stable branch.
[1] https://github.com/heimdal/heimdal/commit/8a77f45aff366b1cd8c70c43ce63eb16a0c9839c
Following the directions from the maintainers, this commit drops all
executables built from the ./appl folder via deletion of that SUBDIR from
the top-level Makefile.am.
Unfortunately, the heimdal-discuss mailing list does not appear to have a
public archive. The relevant SMTP Message-Id was:
<MDAEMON-F202305111940.AA401569md5001000003030 <at> sequoia-grove.ad.secure-endpoints.com>
Since the 7.8.0 tarball shipped with all the files generated by 'autoreconf'
it seemed superior to build from Git instead. For that, please see the
preceeding commit.
* gnu/packages/kerberos.scm (heimdal): Drop obsolete and insecure user tools.
---
gnu/packages/kerberos.scm | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index af67bff6c9..cc5f3f9ef2 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -218,6 +218,12 @@ (define-public heimdal
"/libexec/heimdal")))
#~()))
#:phases (modify-phases %standard-phases
+ ;; Skip the appl folder as obsolete per message from Brian May <brian <at> linuxpenguins.xyz>
+ ;; <MDAEMON-F202305111940.AA401569md5001000003030 <at> sequoia-grove.ad.secure-endpoints.com>
+ (add-after 'unpack 'drop-obsolete-executables
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* '("Makefile.am")
+ (("appl") ""))))
(add-before 'configure 'pre-configure
(lambda* (#:key inputs #:allow-other-keys)
(substitute* "configure"
@@ -233,15 +239,6 @@ (define-public heimdal
;; which confuses heimdal.
(("ac_cv_prog_COMPILE_ET=\\$\\{with_cross_tools\\}compile_et")
"ac_cv_PROG_COMPILE_ET=compile_et"))
- (substitute* '("appl/afsutil/pagsh.c" "appl/su/su.c")
- (("/bin/sh")
- (search-input-file inputs "bin/sh"))
- ;; Use the cross-compiled bash instead of the
- ;; native bash (XXX shouldn't _PATH_BSHELL point
- ;; to a cross-compiled bash?).
- (("_PATH_BSHELL")
- (string-append
- "\"" (search-input-file inputs "bin/sh") "\"")))
(substitute* '("tools/Makefile.in")
(("/bin/sh") (which "sh")))))
(add-before 'check 'pre-check
--
2.40.1
guix-patches <at> gnu.org:bug#63545; Package guix-patches.
(Wed, 17 May 2023 04:22:02 GMT) Full text and rfc822 format available.Message #14 received at 63545 <at> debbugs.gnu.org (full text, mbox):
From: Felix Lechner <felix.lechner <at> lease-up.com> To: 63545 <at> debbugs.gnu.org Cc: Felix Lechner <felix.lechner <at> lease-up.com> Subject: [PATCH 3/3] gnu: heimdal: Re-indent code; no functional change. Date: Tue, 16 May 2023 21:20:57 -0700
* gnu/packages/kerberos (heimdal): Re-indent code; no functional change.
---
gnu/packages/kerberos.scm | 198 +++++++++++++++++++-------------------
1 file changed, 99 insertions(+), 99 deletions(-)
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index cc5f3f9ef2..3bfeefd558 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -174,108 +174,108 @@ (define-public shishi
(define-public heimdal
(let ((commit "a6cf94577c0d1e5bca5304342e4ddffb18255afe")
(revision "1"))
- (package
- (name "heimdal")
- (version (git-version "7.8.0" revision commit))
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/heimdal/heimdal")
- (commit commit)))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "0df646hzi10s0w07kqzj10aniv6jsbmlpx6j3lqjvpsjpmm9lww9"))
- (patches
- (search-patches "heimdal-CVE-2022-45142.patch"))))
- (build-system gnu-build-system)
- (arguments
- `(#:configure-flags
- ,#~(list
- ;; Avoid 7 MiB of .a files.
- "--disable-static"
+ (package
+ (name "heimdal")
+ (version (git-version "7.8.0" revision commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/heimdal/heimdal")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0df646hzi10s0w07kqzj10aniv6jsbmlpx6j3lqjvpsjpmm9lww9"))
+ (patches
+ (search-patches "heimdal-CVE-2022-45142.patch"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ ,#~(list
+ ;; Avoid 7 MiB of .a files.
+ "--disable-static"
- ;; Do not build libedit.
- (string-append
- "--with-readline-lib="
- (assoc-ref %build-inputs "readline") "/lib")
- (string-append
- "--with-readline-include="
- (assoc-ref %build-inputs "readline") "/include")
+ ;; Do not build libedit.
+ (string-append
+ "--with-readline-lib="
+ (assoc-ref %build-inputs "readline") "/lib")
+ (string-append
+ "--with-readline-include="
+ (assoc-ref %build-inputs "readline") "/include")
- ;; Do not build sqlite.
- (string-append
- "--with-sqlite3="
- (assoc-ref %build-inputs "sqlite"))
+ ;; Do not build sqlite.
+ (string-append
+ "--with-sqlite3="
+ (assoc-ref %build-inputs "sqlite"))
- #$@(if (%current-target-system)
- ;; The configure script is too pessimistic.
- ;; Setting this also resolves a linking error.
- #~("ac_cv_func_getpwnam_r_posix=yes"
- ;; Allow 'slc' and 'asn1_compile' to be found.
- (string-append "--with-cross-tools="
- #+(file-append this-package
- "/libexec/heimdal")))
- #~()))
- #:phases (modify-phases %standard-phases
- ;; Skip the appl folder as obsolete per message from Brian May <brian <at> linuxpenguins.xyz>
- ;; <MDAEMON-F202305111940.AA401569md5001000003030 <at> sequoia-grove.ad.secure-endpoints.com>
- (add-after 'unpack 'drop-obsolete-executables
- (lambda* (#:key inputs #:allow-other-keys)
- (substitute* '("Makefile.am")
- (("appl") ""))))
- (add-before 'configure 'pre-configure
- (lambda* (#:key inputs #:allow-other-keys)
- (substitute* "configure"
- ;; Reproducible build date, etc.
- (("User=.*$") "User=Guix\n")
- (("Host=.*$") "Host=GNU")
- (("Date=.*$") "Date=2022\n")
- ;; The e2fsprogs input is included for libcom_err,
- ;; let's use it even if cross-compiling.
- (("test \"\\$\\{krb_cv_com_err\\}\" = \"yes\"")
- ":")
- ;; Our 'compile_et' is not in --with-cross-tools,
- ;; which confuses heimdal.
- (("ac_cv_prog_COMPILE_ET=\\$\\{with_cross_tools\\}compile_et")
- "ac_cv_PROG_COMPILE_ET=compile_et"))
- (substitute* '("tools/Makefile.in")
- (("/bin/sh") (which "sh")))))
- (add-before 'check 'pre-check
- (lambda _
- ;; For 'getxxyyy-test'.
- (setenv "USER" (passwd:name (getpwuid (getuid))))
+ #$@(if (%current-target-system)
+ ;; The configure script is too pessimistic.
+ ;; Setting this also resolves a linking error.
+ #~("ac_cv_func_getpwnam_r_posix=yes"
+ ;; Allow 'slc' and 'asn1_compile' to be found.
+ (string-append "--with-cross-tools="
+ #+(file-append this-package
+ "/libexec/heimdal")))
+ #~()))
+ #:phases (modify-phases %standard-phases
+ ;; Skip the appl folder as obsolete per message from Brian May <brian <at> linuxpenguins.xyz>
+ ;; <MDAEMON-F202305111940.AA401569md5001000003030 <at> sequoia-grove.ad.secure-endpoints.com>
+ (add-after 'unpack 'drop-obsolete-executables
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* '("Makefile.am")
+ (("appl") ""))))
+ (add-before 'configure 'pre-configure
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "configure"
+ ;; Reproducible build date, etc.
+ (("User=.*$") "User=Guix\n")
+ (("Host=.*$") "Host=GNU")
+ (("Date=.*$") "Date=2022\n")
+ ;; The e2fsprogs input is included for libcom_err,
+ ;; let's use it even if cross-compiling.
+ (("test \"\\$\\{krb_cv_com_err\\}\" = \"yes\"")
+ ":")
+ ;; Our 'compile_et' is not in --with-cross-tools,
+ ;; which confuses heimdal.
+ (("ac_cv_prog_COMPILE_ET=\\$\\{with_cross_tools\\}compile_et")
+ "ac_cv_PROG_COMPILE_ET=compile_et"))
+ (substitute* '("tools/Makefile.in")
+ (("/bin/sh") (which "sh")))))
+ (add-before 'check 'pre-check
+ (lambda _
+ ;; For 'getxxyyy-test'.
+ (setenv "USER" (passwd:name (getpwuid (getuid))))
- ;; Skip 'db' and 'kdc' tests for now.
- ;; FIXME: figure out why 'kdc' tests fail.
- (with-output-to-file "tests/db/have-db.in"
- (lambda ()
- (format #t "#!~a~%exit 1~%" (which "sh")))))))
- ;; Tests fail when run in parallel.
- #:parallel-tests? #f))
- (native-inputs (list autoconf
- automake
- bison
- e2fsprogs ;for 'compile_et'
- flex
- libtool
- texinfo
- unzip ;for tests
- pkg-config
- perl
- perl-json
- python))
- (inputs (list readline
- bash-minimal
- bdb
- e2fsprogs ;for libcom_err
- libcap-ng
- openldap
- sqlite))
- (home-page "http://www.h5l.org/")
- (synopsis "Kerberos 5 network authentication")
- (description
- "Heimdal is an implementation of Kerberos 5 network authentication
+ ;; Skip 'db' and 'kdc' tests for now.
+ ;; FIXME: figure out why 'kdc' tests fail.
+ (with-output-to-file "tests/db/have-db.in"
+ (lambda ()
+ (format #t "#!~a~%exit 1~%" (which "sh")))))))
+ ;; Tests fail when run in parallel.
+ #:parallel-tests? #f))
+ (native-inputs (list autoconf
+ automake
+ bison
+ e2fsprogs ;for 'compile_et'
+ flex
+ libtool
+ texinfo
+ unzip ;for tests
+ pkg-config
+ perl
+ perl-json
+ python))
+ (inputs (list readline
+ bash-minimal
+ bdb
+ e2fsprogs ;for libcom_err
+ libcap-ng
+ openldap
+ sqlite))
+ (home-page "http://www.h5l.org/")
+ (synopsis "Kerberos 5 network authentication")
+ (description
+ "Heimdal is an implementation of Kerberos 5 network authentication
service.")
- (license license:bsd-3))))
+ (license license:bsd-3))))
--
2.40.1
guix-patches <at> gnu.org:bug#63545; Package guix-patches.
(Wed, 17 May 2023 20:21:02 GMT) Full text and rfc822 format available.Message #17 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Josselin Poiret <dev <at> jpoiret.xyz> To: Felix Lechner via Guix-patches via <guix-patches <at> gnu.org>, 63545 <at> debbugs.gnu.org Cc: Felix Lechner <felix.lechner <at> lease-up.com> Subject: Re: [bug#63545] [PATCH 1/3] gnu: heimdal: Build from Git. Date: Wed, 17 May 2023 22:20:19 +0200
[Message part 1 (text/plain, inline)]
Hi Felix, I am no user of Heimdal, but this looks good to me apart from some nitpicks below. Felix Lechner via Guix-patches via <guix-patches <at> gnu.org> writes: > (define-public heimdal > + (let ((commit "a6cf94577c0d1e5bca5304342e4ddffb18255afe") > + (revision "1")) No need to use commit+revision for fixed releases, unless upstream has the bad habit of moving their upstream tags. I see the tag heimdal-7.8.0, which you should use in (commit ...), possibly with (commit (string-append "heimdall-" version)). > (package > (name "heimdal") > - (version "7.8.0") > + (version (git-version "7.8.0" revision commit)) This would lead to a very ugly version string for what is actually 7.8.0, no need to change this. The other patches seem fine, although I think you don't need to go as far as make the indentation change its own patch (and by dropping the commit+revision thing, there shouldn't be one). I haven't tried building this yet though, will let QA go over it. Best, -- Josselin Poiret
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#63545; Package guix-patches.
(Wed, 17 May 2023 20:21:02 GMT) Full text and rfc822 format available.guix-patches <at> gnu.org:bug#63545; Package guix-patches.
(Mon, 29 May 2023 00:20:01 GMT) Full text and rfc822 format available.Message #23 received at 63545 <at> debbugs.gnu.org (full text, mbox):
From: Felix Lechner <felix.lechner <at> lease-up.com> To: 63545 <at> debbugs.gnu.org Cc: Josselin Poiret <dev <at> jpoiret.xyz>, Felix Lechner <felix.lechner <at> lease-up.com> Subject: [PATCH v2 1/2] gnu: heimdal: Run autoreconf. Date: Sun, 28 May 2023 17:19:17 -0700
* gnu/packages/kerberos.scm (heimdal): Run autoreconf.
---
Hi Josselin,
Thanks for your review! I sidestepped your suggestions by continuing
to build from the tarball, and running 'autoreconf.'
Kind regards
Felix
gnu/packages/kerberos.scm | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index c553f8180a..f06410b8f8 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -183,14 +183,7 @@ (define-public heimdal
(base32
"0f4dblav859p5hn7b2jdj1akw6d8p32as6bj6zym19kghh3s51zx"))
(patches
- (search-patches "heimdal-CVE-2022-45142.patch"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- (substitute* "configure"
- (("User=.*$") "User=Guix\n")
- (("Host=.*$") "Host=GNU")
- (("Date=.*$") "Date=2022\n"))))))
+ (search-patches "heimdal-CVE-2022-45142.patch"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
@@ -223,7 +216,12 @@ (define-public heimdal
#:phases (modify-phases %standard-phases
(add-before 'configure 'pre-configure
(lambda* (#:key inputs #:allow-other-keys)
+ (invoke (search-input-file inputs "bin/autoreconf") "--install" "--force")
(substitute* "configure"
+ ;; Reproducible build date, etc.
+ (("User=.*$") "User=Guix\n")
+ (("Host=.*$") "Host=GNU\n")
+ (("Date=.*$") "Date=2022\n")
;; The e2fsprogs input is included for libcom_err,
;; let's use it even if cross-compiling.
(("test \"\\$\\{krb_cv_com_err\\}\" = \"yes\"")
@@ -255,12 +253,17 @@ (define-public heimdal
(format #t "#!~a~%exit 1~%" (which "sh")))))))
;; Tests fail when run in parallel.
#:parallel-tests? #f))
- (native-inputs (list bison
+ (native-inputs (list autoconf
+ automake
+ bison
e2fsprogs ;for 'compile_et'
flex
+ libtool
texinfo
unzip ;for tests
pkg-config
+ perl
+ perl-json
python))
(inputs (list readline
bash-minimal
base-commit: d64d6ea2cf5a1be801be355031fb2cfa5901a92a
--
2.40.1
guix-patches <at> gnu.org:bug#63545; Package guix-patches.
(Mon, 29 May 2023 00:20:02 GMT) Full text and rfc822 format available.Message #26 received at 63545 <at> debbugs.gnu.org (full text, mbox):
From: Felix Lechner <felix.lechner <at> lease-up.com> To: 63545 <at> debbugs.gnu.org Cc: Josselin Poiret <dev <at> jpoiret.xyz>, Felix Lechner <felix.lechner <at> lease-up.com> Subject: [PATCH v2 2/2] gnu: heimdal: Drop obsolete and insecure user tools. Date: Sun, 28 May 2023 17:19:18 -0700
According to messages from the Heimdal maintainers Brian May and Nico
Williams, no one should be using their version of 'su' anymore. It was deleted
from the development branch five years ago [1] and is only being shipped
because the 7.8.0 is based on an older, stable branch.
[1] https://github.com/heimdal/heimdal/commit/8a77f45aff366b1cd8c70c43ce63eb16a0c9839c
Following the directions from the maintainers, this commit drops all
executables built from the ./appl folder via deletion of that SUBDIR from
the top-level Makefile.am.
Unfortunately, the heimdal-discuss mailing list does not appear to have a
public archive. The relevant SMTP Message-Id was:
<MDAEMON-F202305111940.AA401569md5001000003030 <at> sequoia-grove.ad.secure-endpoints.com>
Since the 7.8.0 tarball shipped with all the files generated by 'autoreconf'
it seemed superior to build from Git instead. For that, please see the
preceeding commit.
* gnu/packages/kerberos.scm (heimdal): Drop obsolete and insecure user tools.
---
gnu/packages/kerberos.scm | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index f06410b8f8..241881ea47 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -214,6 +214,12 @@ (define-public heimdal
"/libexec/heimdal")))
#~()))
#:phases (modify-phases %standard-phases
+ ;; Skip the appl folder as obsolete per message from Brian May <brian <at> linuxpenguins.xyz>
+ ;; <MDAEMON-F202305111940.AA401569md5001000003030 <at> sequoia-grove.ad.secure-endpoints.com>
+ (add-after 'unpack 'drop-obsolete-executables
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* '("Makefile.am")
+ (("appl") ""))))
(add-before 'configure 'pre-configure
(lambda* (#:key inputs #:allow-other-keys)
(invoke (search-input-file inputs "bin/autoreconf") "--install" "--force")
@@ -230,15 +236,6 @@ (define-public heimdal
;; which confuses heimdal.
(("ac_cv_prog_COMPILE_ET=\\$\\{with_cross_tools\\}compile_et")
"ac_cv_PROG_COMPILE_ET=compile_et"))
- (substitute* '("appl/afsutil/pagsh.c" "appl/su/su.c")
- (("/bin/sh")
- (search-input-file inputs "bin/sh"))
- ;; Use the cross-compiled bash instead of the
- ;; native bash (XXX shouldn't _PATH_BSHELL point
- ;; to a cross-compiled bash?).
- (("_PATH_BSHELL")
- (string-append
- "\"" (search-input-file inputs "bin/sh") "\"")))
(substitute* '("tools/Makefile.in")
(("/bin/sh") (which "sh")))))
(add-before 'check 'pre-check
--
2.40.1
Josselin Poiret <dev <at> jpoiret.xyz>:Felix Lechner <felix.lechner <at> lease-up.com>:Message #31 received at 63545-done <at> debbugs.gnu.org (full text, mbox):
From: Josselin Poiret <dev <at> jpoiret.xyz> To: Felix Lechner <felix.lechner <at> lease-up.com>, 63545-done <at> debbugs.gnu.org Cc: Felix Lechner <felix.lechner <at> lease-up.com> Subject: Re: [PATCH v2 1/2] gnu: heimdal: Run autoreconf. Date: Sun, 04 Jun 2023 11:39:43 +0200
[Message part 1 (text/plain, inline)]
Hi Felix, Felix Lechner <felix.lechner <at> lease-up.com> writes: > Hi Josselin, > > Thanks for your review! I sidestepped your suggestions by continuing > to build from the tarball, and running 'autoreconf.' > > Kind regards > Felix Thanks, pushed as d89247150fe6e97c2fceed8d578fd119a782624d. I removed the last sentence of the second commit message, as it was no longer applicable. Best, -- Josselin Poiret
[signature.asc (application/pgp-signature, inline)]
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Sun, 02 Jul 2023 11:24:07 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.