[arch-commits] Commit in usbguard/trunk (3 files)
Levente Polyak
anthraxx at archlinux.org
Sun Mar 14 11:47:05 UTC 2021
Date: Sunday, March 14, 2021 @ 11:47:05
Author: anthraxx
Revision: 409860
upgpkg: usbguard 1.0.0-2: use upstream patch files and add soname deps
The accepted PGP key has changed since 0.7.5, however there is no chain
of trust and the old maintainer isn't responsive and claims the key has
been destroyed and is lost. This is a very sad situation and basically
is a re bootstrap of the initial trust. This seems to be plausible as a
very long period of time has passed and an actual project compromise
could have bubbled up in the meanwhile -- we therefor assume there has
no compromise happened.
Modified:
usbguard/trunk/PKGBUILD
Deleted:
usbguard/trunk/fix-compilation-errors-with-PEGTL-3.2.0.patch
usbguard/trunk/increase-C++-version-to-c++17.patch
-----------------------------------------------+
PKGBUILD | 32 ++-
fix-compilation-errors-with-PEGTL-3.2.0.patch | 199 ------------------------
increase-C++-version-to-c++17.patch | 65 -------
3 files changed, 20 insertions(+), 276 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-03-14 10:39:18 UTC (rev 409859)
+++ PKGBUILD 2021-03-14 11:47:05 UTC (rev 409860)
@@ -3,30 +3,37 @@
pkgname=usbguard
pkgver=1.0.0
-pkgrel=1
+pkgrel=2
pkgdesc='Software framework for implementing USB device authorization policies'
url='https://github.com/USBGuard/usbguard'
arch=('x86_64')
license=('GPL2')
depends=('glibc' 'libqb' 'libqb.so' 'libsodium' 'libcap-ng' 'protobuf' 'polkit' 'dbus-glib'
- 'audit' 'libaudit.so' 'libseccomp' 'libseccomp.so')
-makedepends=('catch2' 'pegtl' 'libxslt' 'asciidoc' 'systemd')
+ 'audit' 'libaudit.so' 'libseccomp' 'libseccomp.so' 'libcap-ng.so' 'libgio-2.0.so'
+ 'libglib-2.0.so' 'libprotobuf.so')
+makedepends=('catch2' 'pegtl' 'libxslt' 'libxml2' 'asciidoc' 'systemd')
provides=('libusbguard.so')
backup=(etc/usbguard/usbguard-daemon.conf
etc/usbguard/rules.conf)
-source=(https://github.com/USBGuard/usbguard/releases/download/${pkgname}-${pkgver}/${pkgname}-${pkgver}.tar.gz{,.asc}
- increase-C++-version-to-c++17.patch
- fix-compilation-errors-with-PEGTL-3.2.0.patch)
+source=(https://github.com/USBGuard/usbguard/releases/download/usbguard-${pkgver}/usbguard-${pkgver}.tar.gz{,.asc}
+ usbguard-1.0.0-run-dir-pidfile.patch::https://github.com/USBGuard/usbguard/commit/6a596441eb91215898542bce4aadabfe396a3875.patch
+ usbguard-1.0.0-increase-C++-version-to-c++17.patch::https://github.com/USBGuard/usbguard/commit/8c86264986685bf646c65228abce2432e08e3c4c.patch
+ usbguard-1.0.0-fix-compilation-errors-with-PEGTL-3.2.0.patch::https://github.com/USBGuard/usbguard/commit/4bf21aedcb260314996f0fa521ef4a3a6ae4a2bb.patch)
sha512sums=('068a9be8bd5ea05efcdad79e2c4beb5e8b646b4703fbe1f8bb262e37ae9a6284a6eeb811a6bd441250a38bce1e45b7f44ad15726aa5963da2e1b56e85f5e16fd'
'SKIP'
- '4b17564e2b21f1378d6369536d47a658e5f018ea9aef47ff726c272d3d40ae5ffadd3ca5ff7304c916cbf169c288b38fb9280dab61ff2edf9e4878847085ae78'
- '31ebb71aa9c9d5dcec378d6974d63fe6f2675f748bdff6498a027f9840e0da03ad66c86d240eeccdceb4c1f2a966f6c528c8630226892d94271dac3ae11d1697')
-validpgpkeys=('DE78B93EAED8A620F5AA14DF52F7E84653274B59') # Radovan Sroka <rsroka at redhat.com>
+ '19075763f95625f61019764124bed97e300c55b54cf7092aaa64be2d4c431a276c38d57914556134061fe57fc2d01ac6ebeaed5b10659bbb1149c77e5ad93c68'
+ '647f209adf5611a1ca7a52fd30128e3ace85fb3e234d7dbc3755ecbb812c94496275bca27829200be0a3a212fb9ec00e40c9df5ef8820c7352fee6ce9be0e3de'
+ '8cf131ef73417245ed73297d09c2b5b3fa74c50fdccfca4bccc53b85de076b2a84b0a8024f7dfa1f02f7a92fffd34ea826039ad992add64cb45e1be6068041ea')
+validpgpkeys=(
+ 'DE78B93EAED8A620F5AA14DF52F7E84653274B59' # Radovan Sroka <rsroka at redhat.com>
+)
prepare() {
cd ${pkgname}-${pkgver}
- patch -Np1 -i ../increase-C++-version-to-c++17.patch
- patch -Np1 -i ../fix-compilation-errors-with-PEGTL-3.2.0.patch
+ patch -Np1 < ../usbguard-1.0.0-run-dir-pidfile.patch
+ patch -Np1 < ../usbguard-1.0.0-increase-C++-version-to-c++17.patch
+ # remove last 7 lines of pegtl submodule bump, we use a system package
+ patch -Np1 < <(head -n -7 ../usbguard-1.0.0-fix-compilation-errors-with-PEGTL-3.2.0.patch)
sed 's|/usr/include/catch|/usr/include/catch2|g' -i configure.ac
autoreconf -fiv
}
@@ -62,9 +69,10 @@
chmod 750 "${pkgdir}/etc/usbguard"
install -Dpm 600 usbguard-daemon.conf rules.conf -t "${pkgdir}/etc/usbguard"
- # completion
install -Dpm 644 scripts/bash_completion/usbguard -t "${pkgdir}/usr/share/bash-completion/completions"
install -Dpm 644 scripts/usbguard-zsh-completion "${pkgdir}/usr/share/zsh/site-functions/_usbguard"
+
+ install -Dm 644 CHANGELOG.md README.adoc -t "${pkgdir}/usr/share/doc/${pkgname}"
}
# vim: ts=2 sw=2 et:
Deleted: fix-compilation-errors-with-PEGTL-3.2.0.patch
===================================================================
--- fix-compilation-errors-with-PEGTL-3.2.0.patch 2021-03-14 10:39:18 UTC (rev 409859)
+++ fix-compilation-errors-with-PEGTL-3.2.0.patch 2021-03-14 11:47:05 UTC (rev 409860)
@@ -1,199 +0,0 @@
-From 1c5433ef01b69a0f4c6277c742d703889f9ffb00 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Zolt=C3=A1n=20Fridrich?= <zfridric at redhat.com>
-Date: Mon, 1 Mar 2021 16:25:03 +0100
-Subject: [PATCH] Fix Compilation errors with PEGTL 3.2.0 (#453)
-
-(cherry picked from commit 4bf21aedcb260314996f0fa521ef4a3a6ae4a2bb)
----
- configure.ac | 2 +-
- src/Library/RuleParser/Grammar.hpp | 46 +++++++++++-----------
- src/Library/UEventParser.cpp | 8 ++++
- src/Library/UMockdevDeviceDefinition.cpp | 20 +++++++---
- src/Library/public/usbguard/RuleParser.cpp | 12 ++++++
- 5 files changed, 58 insertions(+), 30 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index acca0e8..73021b6 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -768,7 +768,7 @@ echo " libseccomp: $libseccomp_summary"
- echo " libcap-ng: $libcap_ng_summary"
- echo " protobuf: $protobuf_summary"
- echo " Catch: $catch_summary"
--echo " PEGTL: $pegtl_summary; version <= 2.6.0: $have_pegtl_lte_260"
-+echo " PEGTL: $pegtl_summary; version <= 3.2.0: $have_pegtl_lte_320"
- echo " GDBus: $dbus_summary"
- echo " umockdev: $umockdev_summary"
- echo
-diff --git a/src/Library/RuleParser/Grammar.hpp b/src/Library/RuleParser/Grammar.hpp
-index c80eb2d..aebb727 100644
---- a/src/Library/RuleParser/Grammar.hpp
-+++ b/src/Library/RuleParser/Grammar.hpp
-@@ -34,29 +34,29 @@ namespace usbguard
- /*
- * Rule language keywords
- */
-- struct str_allow : TAOCPP_PEGTL_STRING("allow") {};
-- struct str_block : TAOCPP_PEGTL_STRING("block") {};
-- struct str_reject : TAOCPP_PEGTL_STRING("reject") {};
-- struct str_match : TAOCPP_PEGTL_STRING("match") {};
-- struct str_device : TAOCPP_PEGTL_STRING("device") {};
--
-- struct str_name : TAOCPP_PEGTL_STRING("name") {};
-- struct str_hash : TAOCPP_PEGTL_STRING("hash") {};
-- struct str_parent_hash : TAOCPP_PEGTL_STRING("parent-hash") {};
-- struct str_via_port : TAOCPP_PEGTL_STRING("via-port") {};
-- struct str_with_interface : TAOCPP_PEGTL_STRING("with-interface") {};
-- struct str_with_connect_type : TAOCPP_PEGTL_STRING("with-connect-type") {};
-- struct str_serial : TAOCPP_PEGTL_STRING("serial") {};
-- struct str_if : TAOCPP_PEGTL_STRING("if") {};
-- struct str_id : TAOCPP_PEGTL_STRING("id") {};
-- struct str_label : TAOCPP_PEGTL_STRING("label") {};
--
-- struct str_all_of : TAOCPP_PEGTL_STRING("all-of") {};
-- struct str_one_of : TAOCPP_PEGTL_STRING("one-of") {};
-- struct str_none_of : TAOCPP_PEGTL_STRING("none-of") {};
-- struct str_equals : TAOCPP_PEGTL_STRING("equals") {};
-- struct str_equals_ordered : TAOCPP_PEGTL_STRING("equals-ordered") {};
-- struct str_match_all: TAOCPP_PEGTL_STRING("match-all") {};
-+ struct str_allow : TAO_PEGTL_STRING("allow") {};
-+ struct str_block : TAO_PEGTL_STRING("block") {};
-+ struct str_reject : TAO_PEGTL_STRING("reject") {};
-+ struct str_match : TAO_PEGTL_STRING("match") {};
-+ struct str_device : TAO_PEGTL_STRING("device") {};
-+
-+ struct str_name : TAO_PEGTL_STRING("name") {};
-+ struct str_hash : TAO_PEGTL_STRING("hash") {};
-+ struct str_parent_hash : TAO_PEGTL_STRING("parent-hash") {};
-+ struct str_via_port : TAO_PEGTL_STRING("via-port") {};
-+ struct str_with_interface : TAO_PEGTL_STRING("with-interface") {};
-+ struct str_with_connect_type : TAO_PEGTL_STRING("with-connect-type") {};
-+ struct str_serial : TAO_PEGTL_STRING("serial") {};
-+ struct str_if : TAO_PEGTL_STRING("if") {};
-+ struct str_id : TAO_PEGTL_STRING("id") {};
-+ struct str_label : TAO_PEGTL_STRING("label") {};
-+
-+ struct str_all_of : TAO_PEGTL_STRING("all-of") {};
-+ struct str_one_of : TAO_PEGTL_STRING("one-of") {};
-+ struct str_none_of : TAO_PEGTL_STRING("none-of") {};
-+ struct str_equals : TAO_PEGTL_STRING("equals") {};
-+ struct str_equals_ordered : TAO_PEGTL_STRING("equals-ordered") {};
-+ struct str_match_all: TAO_PEGTL_STRING("match-all") {};
-
- /*
- * Generic rule attribute
-diff --git a/src/Library/UEventParser.cpp b/src/Library/UEventParser.cpp
-index 1fb23ec..fba90e1 100644
---- a/src/Library/UEventParser.cpp
-+++ b/src/Library/UEventParser.cpp
-@@ -28,7 +28,11 @@
-
- #include <fstream>
-
-+#if TAO_PEGTL_VERSION_MAJOR >= 3
-+#include <tao/pegtl/contrib/trace.hpp>
-+#else
- #include <tao/pegtl/contrib/tracer.hpp>
-+#endif
- using namespace tao;
-
- namespace usbguard
-@@ -130,7 +134,11 @@ namespace usbguard
- tao::pegtl::parse<G, UEventParser::actions>(in, uevent);
- }
- else {
-+#if TAO_PEGTL_VERSION_MAJOR >= 3
-+ tao::pegtl::complete_trace<G, UEventParser::actions>(in, uevent);
-+#else
- tao::pegtl::parse<G, UEventParser::actions, tao::pegtl::tracer>(in, uevent);
-+#endif
- }
- }
- catch (...) {
-diff --git a/src/Library/UMockdevDeviceDefinition.cpp b/src/Library/UMockdevDeviceDefinition.cpp
-index a8abb09..d63870e 100644
---- a/src/Library/UMockdevDeviceDefinition.cpp
-+++ b/src/Library/UMockdevDeviceDefinition.cpp
-@@ -26,7 +26,11 @@
- #include <Common/Utility.hpp>
-
- #include <tao/pegtl.hpp>
-+#if TAO_PEGTL_VERSION_MAJOR >= 3
-+#include <tao/pegtl/contrib/trace.hpp>
-+#else
- #include <tao/pegtl/contrib/tracer.hpp>
-+#endif
-
- namespace usbguard
- {
-@@ -49,12 +53,12 @@ namespace usbguard
- * S:linkname: device node symlink (without the /dev/ prefix); ignored right now.
- */
-
-- struct str_path_prefix : TAOCPP_PEGTL_STRING("P:") {};
-- struct str_property_prefix : TAOCPP_PEGTL_STRING("E:") {};
-- struct str_ascii_attr_prefix : TAOCPP_PEGTL_STRING("A:") {};
-- struct str_binary_attr_prefix : TAOCPP_PEGTL_STRING("H:") {};
-- struct str_link_prefix : TAOCPP_PEGTL_STRING("L:") {};
-- struct str_name_prefix : TAOCPP_PEGTL_STRING("N:") {};
-+ struct str_path_prefix : TAO_PEGTL_STRING("P:") {};
-+ struct str_property_prefix : TAO_PEGTL_STRING("E:") {};
-+ struct str_ascii_attr_prefix : TAO_PEGTL_STRING("A:") {};
-+ struct str_binary_attr_prefix : TAO_PEGTL_STRING("H:") {};
-+ struct str_link_prefix : TAO_PEGTL_STRING("L:") {};
-+ struct str_name_prefix : TAO_PEGTL_STRING("N:") {};
-
- struct line_rest
- : star<not_at<ascii::eol>, not_at<eof>, ascii::any> {};
-@@ -330,7 +334,11 @@ namespace usbguard
-
- try {
- tao::pegtl::string_input<> input(definitions_string, "<string>");
-+#if TAO_PEGTL_VERSION_MAJOR >= 3
-+ tao::pegtl::complete_trace<UMockdevParser::grammar, UMockdevParser::actions>(input, definitions, umockdev_name);
-+#else
- tao::pegtl::parse<UMockdevParser::grammar, UMockdevParser::actions, tao::pegtl::tracer>(input, definitions, umockdev_name);
-+#endif
- }
- catch (...) {
- USBGUARD_LOG(Error) << "UMockdevDeviceDefinition: " << "<string>" << ": parsing failed at line <LINE>";
-diff --git a/src/Library/public/usbguard/RuleParser.cpp b/src/Library/public/usbguard/RuleParser.cpp
-index 140bf14..288d81e 100644
---- a/src/Library/public/usbguard/RuleParser.cpp
-+++ b/src/Library/public/usbguard/RuleParser.cpp
-@@ -34,7 +34,11 @@
- #include <stdexcept>
- #include <stdlib.h>
-
-+#if TAO_PEGTL_VERSION_MAJOR >= 3
-+#include <tao/pegtl/contrib/trace.hpp>
-+#else
- #include <tao/pegtl/contrib/tracer.hpp>
-+#endif
-
- namespace usbguard
- {
-@@ -48,7 +52,11 @@ namespace usbguard
- tao::pegtl::parse<RuleParser::rule_grammar, RuleParser::rule_parser_actions>(input, rule);
- }
- else {
-+#if TAO_PEGTL_VERSION_MAJOR >= 3
-+ tao::pegtl::complete_trace<RuleParser::rule_grammar, RuleParser::rule_parser_actions>(input, rule);
-+#else
- tao::pegtl::parse<RuleParser::rule_grammar, RuleParser::rule_parser_actions, tao::pegtl::tracer>(input, rule);
-+#endif
- }
-
- return rule;
-@@ -56,7 +64,11 @@ namespace usbguard
- catch (const tao::pegtl::parse_error& ex) {
- RuleParserError error(rule_spec);
- error.setHint(ex.what());
-+#if TAO_PEGTL_VERSION_MAJOR >= 3
-+ error.setOffset(ex.positions().front().column);
-+#else
- error.setOffset(ex.positions[0].byte_in_line);
-+#endif
-
- if (!file.empty() || line != 0) {
- error.setFileInfo(file, line);
Deleted: increase-C++-version-to-c++17.patch
===================================================================
--- increase-C++-version-to-c++17.patch 2021-03-14 10:39:18 UTC (rev 409859)
+++ increase-C++-version-to-c++17.patch 2021-03-14 11:47:05 UTC (rev 409860)
@@ -1,65 +0,0 @@
-From 5197c44fcfca14fedf62264deb5b1a7c09cd958f Mon Sep 17 00:00:00 2001
-From: Zoltan Fridrich <zfridric at redhat.com>
-Date: Thu, 18 Feb 2021 12:54:24 +0100
-Subject: [PATCH] Increase C++ version to c++17
-
-(cherry picked from commit 8c86264986685bf646c65228abce2432e08e3c4c)
----
- README.adoc | 5 +++--
- configure.ac | 6 +++---
- 2 files changed, 6 insertions(+), 5 deletions(-)
-
-diff --git a/README.adoc b/README.adoc
-index ae4a6c2..3845ba5 100644
---- a/README.adoc
-+++ b/README.adoc
-@@ -15,7 +15,7 @@ image::https://img.shields.io/github/license/USBGuard/usbguard.svg[License, link
- == About
-
- USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system).
--Simply put, it is a USB device whitelisting tool.
-+Simply put, it is a USB device allowlisting tool.
-
- WARNING: The 0.x releases are not production ready packages.
- They serve for tech-preview and user feedback purposes only.
-@@ -35,7 +35,8 @@ Please share your feedback or request a feature in the Github issue trackers for
-
- == Compilation & Installation
-
--To compile the sources from a release tarball, you'll need the development files for:
-+To compile the source code, you will require at least C{plus}{plus}17. +
-+If you are compiling sources from a release tarball, you'll need the development files for:
-
- * https://github.com/ClusterLabs/libqb[libqb] - used for local UNIX socket based IPC
- * https://github.com/google/protobuf[protobuf] - used for IPC message (de)serialization
-diff --git a/configure.ac b/configure.ac
-index 9a337a1..acca0e8 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -54,7 +54,7 @@ AX_CHECK_COMPILE_FLAG([-Wno-implicit-fallthrough],
- #
- # Final project CXXFLAGS are set after configure checks.
- #
--CXXFLAGS="-std=c++11 $EXTERNAL_CXXFLAGS"
-+CXXFLAGS="-std=c++17 $EXTERNAL_CXXFLAGS"
- CFLAGS="-std=c99 $EXTERNAL_CFLAGS"
- CPPFLAGS="-DHAVE_BUILD_CONFIG_H $EXTERNAL_CPPFLAGS"
-
-@@ -350,7 +350,7 @@ if test "x$with_bundled_catch" = xyes; then
- catch_summary="bundled; $catch_CFLAGS $catch_LIBS"
- else
- SAVE_CPPFLAGS=$CPPFLAGS
-- CPPFLAGS="-std=c++11 $CPPFLAGS -I/usr/include/catch"
-+ CPPFLAGS="-std=c++17 $CPPFLAGS -I/usr/include/catch"
- AC_LANG_PUSH([C++])
- AC_CHECK_HEADER([catch.hpp], [], [AC_MSG_FAILURE(catch.hpp not found or not usable. Re-run with --with-bundled-catch to use the bundled library.)])
- AC_LANG_POP
-@@ -383,7 +383,7 @@ AC_SUBST([pegtl_AC_CFLAGS])
- AC_SUBST([pegtl_LIBS])
-
- SAVE_CPPFLAGS=$CPPFLAGS
--CPPFLAGS="-std=c++11 $CPPFLAGS $pegtl_AC_CFLAGS"
-+CPPFLAGS="-std=c++17 $CPPFLAGS $pegtl_AC_CFLAGS"
- AC_LANG_PUSH([C++])
- AC_CHECK_HEADER([tao/pegtl.hpp],
- [AC_DEFINE([HAVE_TAO_PEGTL_HPP], [1], [PEGTL header file with .hpp extension is present])],
More information about the arch-commits
mailing list