From 28475aa943148c605af8af10a1bb10dad7f64e8c Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Sat, 28 Jan 2017 20:18:57 -0500 Subject: add ~lukeshu/httpconnectd-git --- libre/systemd/PKGBUILD | 81 ++++++++++++++++++++++++++++---------------------- 1 file changed, 45 insertions(+), 36 deletions(-) (limited to 'libre/systemd/PKGBUILD') diff --git a/libre/systemd/PKGBUILD b/libre/systemd/PKGBUILD index faea533e0..e939c59a5 100644 --- a/libre/systemd/PKGBUILD +++ b/libre/systemd/PKGBUILD @@ -12,7 +12,7 @@ arch=('i686' 'x86_64' 'armv7h') url="https://www.github.com/systemd/systemd" makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam' 'libelf' 'intltool' 'iptables' 'kmod' 'libcap' 'libidn' 'libgcrypt' - 'libmicrohttpd' 'libxslt' 'util-linux' 'linux-libre-api-headers' + 'libmicrohttpd' 'libxslt' 'util-linux' 'linux-api-headers' 'python-lxml' 'quota-tools' 'shadow' 'git') makedepends_i686=('gnu-efi-libs') makedepends_x86_64=('gnu-efi-libs') @@ -73,45 +73,57 @@ _backports=( '3d4cf7de48a74726694abbaa09f9804b845ff3ba' # build-sys: check for lz4 in the old and new numbering scheme (#4717) ) -#_validate_tag() { -# local success fingerprint trusted status tag=v$pkgver -# -# parse_gpg_statusfile /dev/stdin < <(git verify-tag --raw "$tag" 2>&1) -# -# if (( ! success )); then -# error 'failed to validate tag %s\n' "$tag" -# return 1 -# fi -# -# if ! in_array "$fingerprint" "${validpgpkeys[@]}" && (( ! trusted )); then -# error 'unknown or untrusted public key: %s\n' "$fingerprint" -# return 1 -# fi -# -# case $status in -# 'expired') -# warning 'the signature has expired' -# ;; -# 'expiredkey') -# warning 'the key has expired' -# ;; -# esac -# -# return 0 -#} +_validate_tag() { + local success fingerprint trusted status tag=v$pkgver + + parse_gpg_statusfile /dev/stdin < <(git verify-tag --raw "$tag" 2>&1) + + if (( ! success )); then + error 'failed to validate tag %s\n' "$tag" + return 1 + fi + + if ! in_array "$fingerprint" "${validpgpkeys[@]}" && (( ! trusted )); then + error 'unknown or untrusted public key: %s\n' "$fingerprint" + return 1 + fi + + case $status in + 'expired') + warning 'the signature has expired' + ;; + 'expiredkey') + warning 'the key has expired' + ;; + esac + + return 0 +} prepare() { cd "$pkgbase" -# _validate_tag || return + _validate_tag || return if (( ${#_backports[*]} > 0 )); then git cherry-pick -n "${_backports[@]}" fi - # apply FSDG and another patches + # https://github.com/systemd/systemd/issues/4789 + patch -Np1 <../0001-nspawn-don-t-hide-bind-tmp-mounts.patch + + # these patches aren't upstream, but they make v232 more useable. + + # https://github.com/systemd/systemd/issues/4575 + patch -Np1 <../0001-disable-RestrictAddressFamilies-on-i686.patch + + # https://github.com/systemd/systemd/issues/4595 + # https://github.com/systemd/systemd/issues/3826 + patch -Np1 <../0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch + + # apply FSDG patches local patchfile - for patchfile in "$srcdir"/*.patch; do + for patchfile in "$srcdir"/????-FSDG-*.patch; do patch -Np1 -i "$patchfile" done @@ -132,18 +144,12 @@ build() { CXXFLAGS+=" -fno-lto" fi - local enable_gnuefi='' - if [ "$CARCH" != "armv7h" ]; then - enable_gnuefi='--enable-gnuefi' - fi - local configure_options=( --libexecdir=/usr/lib --localstatedir=/var --sysconfdir=/etc --enable-lz4 - $enable_gnuefi --disable-audit --disable-ima @@ -154,6 +160,9 @@ build() { --with-dbuspolicydir=/usr/share/dbus-1/system.d --without-kill-user-processes ) + if [ "$CARCH" != "armv7h" ]; then + configure_options+=(--enable-gnuefi) + fi ./configure "${configure_options[@]}" -- cgit v1.2.3