# $Id: PKGBUILD 203338 2014-01-08 11:40:24Z allan $ # Maintainer: Allan McRae # toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc # NOTE: valgrind requires rebuilt with each major glibc version # NOTE: adjust version in install script when locale files are updated pkgname=glibc pkgver=2.18 pkgrel=12 pkgdesc="GNU C Library" arch=('i686' 'x86_64') url="http://www.gnu.org/software/libc" license=('GPL' 'LGPL') groups=('base') depends=('linux-api-headers>=3.7' 'tzdata' 'filesystem>=2013.01') makedepends=('gcc>=4.7') backup=(etc/gai.conf etc/locale.gen etc/nscd.conf) options=('!strip' 'staticlibs') install=glibc.install source=(http://ftp.gnu.org/gnu/libc/${pkgname}-${pkgver}.tar.xz{,.sig} glibc-2.18-make-4.patch glibc-2.18-readdir_r-CVE-2013-4237.patch glibc-2.18-malloc-corrupt-CVE-2013-4332.patch glibc-2.18-strcoll-CVE-2012-4412+4424.patch glibc-2.18-ptr-mangle-CVE-2013-4788.patch glibc-2.18-getaddrinfo-CVE-2013-4458.patch glibc-2.18-getaddrinfo-assertion.patch glibc-2.18-scanf-parse-0e-0.patch glibc-2.18-strstr-hackfix.patch glibc-2.18-xattr-compat-hack.patch nscd.service nscd.tmpfiles locale.gen.txt locale-gen) md5sums=('88fbbceafee809e82efd52efa1e3c58f' 'SKIP' 'e1883c2d1b01ff73650db5f5bb5a5a52' '154da6bf5a5248f42a7bf5bf08e01a47' 'b79561ab9dce900e9bbeaf0d49927c2b' 'c7264b99d0f7e51922a4d3126182c40a' '9749ba386b08a8fe53e7ecede9bf2dfb' '71329fccb8eb583fb0d67b55f1e8df68' 'd4d86add33f22125777e0ecff06bc9bb' '01d19fe9b2aea489cf5651530e0369f2' '4441f6dfe7d75ced1fa75e54dd21d36e' '7ca96c68a37f2a4ab91792bfa0160a24' 'd5fab2cd3abea65aa5ae696ea4a47d6b' 'da662ca76e7c8d7efbc7986ab7acea2d' '07ac979b6ab5eeb778d55f041529d623' 'b5fd017036fb91199ee76f670da8c15b') prepare() { cd ${srcdir}/${pkgname}-${pkgver} # compatibility with make-4.0 (submitted upstream) patch -p1 -i $srcdir/glibc-2.18-make-4.patch # upstream commit 91ce4085 patch -p1 -i $srcdir/glibc-2.18-readdir_r-CVE-2013-4237.patch # upstream commits 1159a193, 55e17aad and b73ed247 patch -p1 -i $srcdir/glibc-2.18-malloc-corrupt-CVE-2013-4332.patch # upstream commits 1326ba1a, 141f3a77 and 303e567a patch -p1 -i $srcdir/glibc-2.18-strcoll-CVE-2012-4412+4424.patch # upstream commits c61b4d41 and 0b1f8e35 patch -p1 -i $srcdir/glibc-2.18-ptr-mangle-CVE-2013-4788.patch # upstream commit 7cbcdb36 patch -p1 -i $srcdir/glibc-2.18-getaddrinfo-CVE-2013-4458.patch # upstream commit 894f3f10 patch -p1 -i $srcdir/glibc-2.18-getaddrinfo-assertion.patch # upstream commit a4966c61 patch -p1 -i $srcdir/glibc-2.18-scanf-parse-0e-0.patch # hack fix for strstr issues on x86 patch -p1 -i $srcdir/glibc-2.18-strstr-hackfix.patch # hack fix for {linux,sys}/xattr.h incompatibility patch -p1 -i $srcdir/glibc-2.18-xattr-compat-hack.patch mkdir ${srcdir}/glibc-build } build() { cd ${srcdir}/glibc-build if [[ ${CARCH} = "i686" ]]; then # Hack to fix NPTL issues with Xen, only required on 32bit platforms # TODO: make separate glibc-xen package for i686 export CFLAGS="${CFLAGS} -mno-tls-direct-seg-refs" fi echo "slibdir=/usr/lib" >> configparms echo "sbindir=/usr/bin" >> configparms echo "rootsbindir=/usr/bin" >> configparms # remove hardening options for building libraries CFLAGS=${CFLAGS/-fstack-protector/} CPPFLAGS=${CPPFLAGS/-D_FORTIFY_SOURCE=2/} ${srcdir}/${pkgname}-${pkgver}/configure --prefix=/usr \ --libdir=/usr/lib --libexecdir=/usr/lib \ --with-headers=/usr/include \ --with-bugurl=https://bugs.archlinux.org/ \ --enable-add-ons=nptl,libidn \ --enable-obsolete-rpc \ --enable-kernel=2.6.32 \ --enable-bind-now --disable-profile \ --enable-stackguard-randomization \ --enable-lock-elision \ --enable-multi-arch # build libraries with hardening disabled echo "build-programs=no" >> configparms make # re-enable hardening for programs sed -i "/build-programs=/s#no#yes#" configparms echo "CC += -fstack-protector -D_FORTIFY_SOURCE=2" >> configparms echo "CXX += -fstack-protector -D_FORTIFY_SOURCE=2" >> configparms make # remove harding in preparation to run test-suite sed -i '4,6d' configparms } check() { # the linker commands need to be reordered - fixed in 2.19 LDFLAGS=${LDFLAGS/--as-needed,/} cd ${srcdir}/glibc-build make check } package() { cd ${srcdir}/glibc-build install -dm755 ${pkgdir}/etc touch ${pkgdir}/etc/ld.so.conf make install_root=${pkgdir} install rm -f ${pkgdir}/etc/ld.so.{cache,conf} install -dm755 ${pkgdir}/usr/lib/{locale,systemd/system,tmpfiles.d} install -m644 ${srcdir}/${pkgname}-${pkgver}/nscd/nscd.conf ${pkgdir}/etc/nscd.conf install -m644 ${srcdir}/nscd.service ${pkgdir}/usr/lib/systemd/system install -m644 ${srcdir}/nscd.tmpfiles ${pkgdir}/usr/lib/tmpfiles.d/nscd.conf install -m644 ${srcdir}/${pkgname}-${pkgver}/posix/gai.conf ${pkgdir}/etc/gai.conf install -m755 ${srcdir}/locale-gen ${pkgdir}/usr/bin # create /etc/locale.gen install -m644 ${srcdir}/locale.gen.txt ${pkgdir}/etc/locale.gen sed -e '1,3d' -e 's|/| |g' -e 's|\\| |g' -e 's|^|#|g' \ ${srcdir}/glibc-${pkgver}/localedata/SUPPORTED >> ${pkgdir}/etc/locale.gen # remove the static libraries that have a shared counterpart # libc, libdl, libm and libpthread are required for toolchain testsuites # in addition libcrypt appears widely required rm $pkgdir/usr/lib/lib{anl,BrokenLocale,nsl,resolv,rt,util}.a # Do not strip the following files for improved debugging support # ("improved" as in not breaking gdb and valgrind...): # ld-${pkgver}.so # libc-${pkgver}.so # libpthread-${pkgver}.so # libthread_db-1.0.so cd $pkgdir strip $STRIP_BINARIES usr/bin/{gencat,getconf,getent,iconv,iconvconfig} \ usr/bin/{ldconfig,locale,localedef,nscd,makedb} \ usr/bin/{pcprofiledump,pldd,rpcgen,sln,sprof} \ usr/lib/getconf/* [[ $CARCH = "i686" ]] && strip $STRIP_BINARIES usr/bin/lddlibc4 strip $STRIP_STATIC usr/lib/*.a strip $STRIP_SHARED usr/lib/{libanl,libBrokenLocale,libcidn,libcrypt}-*.so \ usr/lib/libnss_{compat,db,dns,files,hesiod,nis,nisplus}-*.so \ usr/lib/{libdl,libm,libnsl,libresolv,librt,libutil}-*.so \ usr/lib/{libmemusage,libpcprofile,libSegFault}.so \ usr/lib/{audit,gconv}/*.so }