GitList

SPECS/glibc/glibc.spec

56008e7b	%global security_hardening nonow
f4d17450	%define glibc_target_cpu %{_build} Summary: Main C library Name: glibc
92f724ea	Version: 2.26
f36af574	Release: 7%{?dist}
f4d17450	License: LGPLv2+ URL: http://www.gnu.org/software/libc Group: Applications/System Vendor: VMware, Inc. Distribution: Photon Source0: http://ftp.gnu.org/gnu/glibc/%{name}-%{version}.tar.xz
92f724ea	%define sha1 glibc=7cf7d521f5ebece5dd27cfb3ca5e5f6b84da4bfd
e0dd0ad9	Source1: locale-gen.sh Source2: locale-gen.conf
aa6f74ce	Patch0: http://www.linuxfromscratch.org/patches/downloads/glibc/glibc-2.25-fhs-1.patch
fc081194	Patch1: glibc-2.24-bindrsvport-blacklist.patch
9ec855f0	Patch2: 0001-Fix-range-check-in-do_tunable_update_val.patch Patch3: 0002-malloc-arena-fix.patch
53b5036a	Patch4: glibc-fix-CVE-2017-15670.patch Patch5: glibc-fix-CVE-2017-15804.patch
f4d17450	Provides: rtld(GNU_HASH)
fb821082	Requires: filesystem
f4d17450	%description This library provides the basic routines for allocating memory, searching directories, opening and closing files, reading and writing files, string handling, pattern matching, arithmetic, and so on. %package devel Summary: Header files for glibc Group: Applications/System
f27bda4f	Requires: %{name} = %{version}-%{release}
f4d17450	%description devel These are the header files of glibc. %package lang Summary: Additional language files for glibc Group: Applications/System
f27bda4f	Requires: %{name} = %{version}-%{release}
f4d17450	%description lang These are the additional language files of glibc.
f27bda4f	%package i18n Summary: Additional internationalization files for glibc Group: Applications/System Requires: %{name} = %{version}-%{release} %description i18n These are the additional internationalization files of glibc.
42e8b7da	%package iconv Summary: gconv modules for glibc Group: Applications/System Requires: %{name} = %{version}-%{release} %description iconv These is gconv modules for iconv() and iconv tools. %package tools Summary: tools for glibc Group: Applications/System Requires: %{name} = %{version}-%{release} %description tools Extra tools for glibc. %package nscd Summary: Name Service Cache Daemon Group: Applications/System Requires: %{name} = %{version}-%{release} %description nscd Name Service Cache Daemon
f4d17450	%prep %setup -q sed -i 's/\\$$(pwd)/`pwd`/' timezone/Makefile %patch0 -p1
a28f1f9a	%patch1 -p1
9ec855f0	%patch2 -p1 %patch3 -p1
53b5036a	%patch4 -p1 %patch5 -p1
f4d17450	install -vdm 755 %{_builddir}/%{name}-build # do not try to explicitly provide GLIBC_PRIVATE versioned libraries %define __find_provides %{_builddir}/%{name}-%{version}/find_provides.sh %define __find_requires %{_builddir}/%{name}-%{version}/find_requires.sh # create find-provides and find-requires script in order to ignore GLIBC_PRIVATE errors cat > find_provides.sh << _EOF #! /bin/sh if [ -d /tools ]; then /tools/lib/rpm/find-provides \| grep -v GLIBC_PRIVATE else %{_prefix}/lib/rpm/find-provides \| grep -v GLIBC_PRIVATE fi exit 0 _EOF chmod +x find_provides.sh cat > find_requires.sh << _EOF #! /bin/sh if [ -d /tools ]; then /tools/lib/rpm/find-requires %{buildroot} %{glibc_target_cpu} \| grep -v GLIBC_PRIVATE else %{_prefix}/lib/rpm/find-requires %{buildroot} %{glibc_target_cpu} \| grep -v GLIBC_PRIVATE fi _EOF chmod +x find_requires.sh #___EOF %build cd %{_builddir}/%{name}-build ../%{name}-%{version}/configure \ --prefix=%{_prefix} \ --disable-profile \ --enable-kernel=2.6.32 \ --enable-obsolete-rpc \
92f724ea	--enable-obsolete-nsl \ --enable-bind-now \
91efd6dc	--disable-experimental-malloc \
f4d17450	--disable-silent-rules
e0b3d3b1	# Sometimes we have false "out of memory" make error # just rerun/continue make to workaroung it. make %{?_smp_mflags} \|\| make %{?_smp_mflags} \|\| make %{?_smp_mflags}
78547c01
f4d17450	%install # Do not remove static libs
5258b786	pushd %{_builddir}/glibc-build
f4d17450	# Create directories make install_root=%{buildroot} install install -vdm 755 %{buildroot}%{_sysconfdir}/ld.so.conf.d install -vdm 755 %{buildroot}/var/cache/nscd install -vdm 755 %{buildroot}%{_libdir}/locale cp -v ../%{name}-%{version}/nscd/nscd.conf %{buildroot}%{_sysconfdir}/nscd.conf # Install locale generation script and config file
fe747196	cp -v %{SOURCE2} %{buildroot}%{_sysconfdir} cp -v %{SOURCE1} %{buildroot}/sbin
f4d17450	# Remove unwanted cruft rm -rf %{buildroot}%{_infodir} # Install configuration files cat > %{buildroot}%{_sysconfdir}/nsswitch.conf <<- "EOF" # Begin /etc/nsswitch.conf passwd: files group: files shadow: files hosts: files dns networks: files protocols: files services: files ethers: files rpc: files # End /etc/nsswitch.conf EOF cat > %{buildroot}%{_sysconfdir}/ld.so.conf <<- "EOF" # Begin /etc/ld.so.conf /usr/local/lib /opt/lib include /etc/ld.so.conf.d/*.conf EOF
5258b786	popd %find_lang %{name} --all-name
157f64c5	pushd localedata # Generate out of locale-archive an (en_US.) UTF-8 locale mkdir -p %{buildroot}/usr/lib/locale I18NPATH=. GCONV_PATH=../../glibc-build/iconvdata LC_ALL=C ../../glibc-build/locale/localedef --no-archive --prefix=%{buildroot} -A ../intl/locale.alias -i locales/en_US -c -f charmaps/UTF-8 en_US.UTF-8 mv %{buildroot}/usr/lib/locale/en_US.utf8 %{buildroot}/usr/lib/locale/en_US.UTF-8 popd
42e8b7da	# to do not depend on /bin/bash sed -i 's@#! /bin/bash@#! /bin/sh@' %{buildroot}/usr/bin/ldd sed -i 's@#!/bin/bash@#!/bin/sh@' %{buildroot}/usr/bin/tzselect
157f64c5
9ec855f0	%check cd %{_builddir}/glibc-build make %{?_smp_mflags} check \|\|:
96a6c448	# These 2 persistant false positives are OK
9ec855f0	# XPASS for: elf/tst-protected1a and elf/tst-protected1b [ `grep ^XPASS tests.sum \| wc -l` -ne 2 -a `grep "^XPASS: elf/tst-protected1[ab]" tests.sum \| wc -l` -ne 2 ] && exit 1 \|\|:
96a6c448	# FAIL (intermittent) in chroot but PASS in container: # posix/tst-spawn3 and stdio-common/test-vfprintf
9ec855f0	n=0 grep "^FAIL: posix/tst-spawn3" tests.sum >/dev/null && n=$((n+1)) \|\|: grep "^FAIL: stdio-common/test-vfprintf" tests.sum >/dev/null && n=$((n+1)) \|\|:
96a6c448	# FAIL always on overlayfs/aufs (in container) grep "^FAIL: posix/tst-dir" tests.sum >/dev/null && n=$((n+1)) \|\|:
8ddec20e	#https://sourceware.org/glibc/wiki/Testing/Testsuite grep "^FAIL: nptl/tst-eintr1" tests.sum >/dev/null && n=$((n+1)) \|\|: #This happens because the kernel fails to reap exiting threads fast enough, #eventually resulting an EAGAIN when pthread_create is called within the test.
9ec855f0	# check for exact 'n' failures [ `grep ^FAIL tests.sum \| wc -l` -ne $n ] && exit 1 \|\|:
beadc480
9d42f28e	%post -p /sbin/ldconfig
beadc480
9d42f28e	%postun -p /sbin/ldconfig
beadc480
f4d17450	%files %defattr(-,root,root)
157f64c5	%{_libdir}/locale/*
79159e5b	%dir %{_sysconfdir}/ld.so.conf.d %config(noreplace) %{_sysconfdir}/nsswitch.conf %config(noreplace) %{_sysconfdir}/ld.so.conf %config(noreplace) %{_sysconfdir}/rpc %config(missingok,noreplace) %{_sysconfdir}/ld.so.cache %config %{_sysconfdir}/locale-gen.conf
3560622c	/lib64/*
f36af574	%ifarch aarch64 %exclude /lib %endif
42e8b7da	%exclude /lib64/libpcprofile.so
9f3a1585	%{_lib64dir}/*.so
42e8b7da	/sbin/ldconfig /sbin/locale-gen.sh
f4d17450	%{_bindir}/* %{_libexecdir}/*
f27bda4f	%{_datadir}/i18n/charmaps/UTF-8.gz %{_datadir}/i18n/charmaps/ISO-8859-1.gz %{_datadir}/i18n/locales/en_US
157f64c5	%{_datarootdir}/locale/locale.alias
42e8b7da	%exclude %{_localstatedir}/lib/nss_db/Makefile %exclude /usr/bin/catchsegv %exclude /usr/bin/iconv
f269ffe9	%exclude /usr/bin/mtrace
42e8b7da	%exclude /usr/bin/pcprofiledump %exclude /usr/bin/pldd %exclude /usr/bin/rpcgen %exclude /usr/bin/sotruss %exclude /usr/bin/sprof %exclude /usr/bin/xtrace %files iconv %defattr(-,root,root) %{_lib64dir}/gconv/* /usr/bin/iconv /usr/sbin/iconvconfig %files tools %defattr(-,root,root) /usr/bin/catchsegv /usr/bin/mtrace /usr/bin/pcprofiledump /usr/bin/pldd /usr/bin/rpcgen /usr/bin/sotruss /usr/bin/sprof /usr/bin/xtrace /usr/sbin/zdump /usr/sbin/zic /sbin/sln %{_lib64dir}/audit/* /lib64/libpcprofile.so %files nscd %defattr(-,root,root) %config(noreplace) %{_sysconfdir}/nscd.conf /usr/sbin/nscd %dir %{_localstatedir}/cache/nscd
f4d17450
f27bda4f	%files i18n %defattr(-,root,root) %{_datadir}/i18n/charmaps/.gz %{_datadir}/i18n/locales/ %exclude %{_datadir}/i18n/charmaps/UTF-8.gz %exclude %{_datadir}/i18n/charmaps/ISO-8859-1.gz %exclude %{_datadir}/i18n/locales/en_US
f4d17450	%files devel %defattr(-,root,root)
f269ffe9	# TODO: Excluding for now to remove dependency on PERL # /usr/bin/mtrace
9f3a1585	%{_lib64dir}/.a %{_lib64dir}/.o
f4d17450	%{_includedir}/*
5258b786	%files -f %{name}.lang lang
f4d17450	%defattr(-,root,root)
5258b786
f4d17450	%changelog
f36af574	* Tue Nov 14 2017 Alexey Makhalov <amakhalov@vmware.com> 2.26-7 - Aarch64 support
53b5036a	* Wed Oct 25 2017 Xiaolin Li <xiaolinl@vmware.com> 2.26-6 - Fix CVE-2017-15670 and CVE-2017-15804
91efd6dc	* Tue Oct 10 2017 Alexey Makhalov <amakhalov@vmware.com> 2.26-5 - Compile out tcache.
8ddec20e	* Fri Sep 15 2017 Bo Gan <ganb@vmware.com> 2.26-4 - exclude tst-eintr1 per official wiki recommendation.
96a6c448	* Tue Sep 12 2017 Alexey Makhalov <amakhalov@vmware.com> 2.26-3 - Fix makecheck for run in docker.
9ec855f0	* Tue Aug 29 2017 Alexey Makhalov <amakhalov@vmware.com> 2.26-2 - Fix tunables setter. - Add malloc arena fix. - Fix makecheck.
92f724ea	* Tue Aug 15 2017 Alexey Makhalov <amakhalov@vmware.com> 2.26-1 - Version update
6f10a6b5	* Tue Aug 08 2017 Anish Swaminathan <anishs@vmware.com> 2.25-4 - Apply fix for CVE-2017-1000366
9d42f28e	* Thu May 4 2017 Bo Gan <ganb@vmware.com> 2.25-3 - Remove bash dependency in post/postun script
42e8b7da	* Fri Apr 21 2017 Alexey Makhalov <amakhalov@vmware.com> 2.25-2 - Added -iconv -tools and -nscd subpackages
aa6f74ce	* Wed Mar 22 2017 Alexey Makhalov <amakhalov@vmware.com> 2.25-1 - Version update
fc081194	* Wed Dec 14 2016 Alexey Makhalov <amakhalov@vmware.com> 2.24-1 - Version update * Wed Nov 23 2016 Alexey Makhalov <amakhalov@vmware.com> 2.22-13 - Install en_US.UTF-8 locale by default * Wed Nov 16 2016 Alexey Makhalov <amakhalov@vmware.com> 2.22-12 - Added i18n subpackage * Tue Oct 25 2016 Alexey Makhalov <amakhalov@vmware.com> 2.22-11 - Workaround for build failure with "out of memory" message * Wed Sep 28 2016 Alexey Makhalov <amakhalov@vmware.com> 2.22-10 - Added pthread_create-fix-use-after-free.patch * Tue Jun 14 2016 Divya Thaluru <dthaluru@vmware.com> 2.22-9 - Enabling rpm debug package and stripping the libraries * Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.22-8 - GA - Bump release of all rpms * Mon May 23 2016 Divya Thaluru <dthaluru@vmware.com> 2.22-7 - Added patch for CVE-2014-9761 * Mon Mar 21 2016 Alexey Makhalov <amakhalov@vmware.com> 2.22-6 - Security hardening: nonow * Fri Mar 18 2016 Anish Swaminathan <anishs@vmware.com> 2.22-5 - Change conf file qualifiers * Fri Mar 11 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.22-4 - Added patch for res_qeury assertion with bad dns config - Details: https://sourceware.org/bugzilla/show_bug.cgi?id=19791 * Tue Feb 16 2016 Anish Swaminathan <anishs@vmware.com> 2.22-3 - Added patch for CVE-2015-7547 * Mon Feb 08 2016 Anish Swaminathan <anishs@vmware.com> 2.22-2 - Added patch for bindresvport blacklist * Tue Jan 12 2016 Xiaolin Li <xiaolinl@vmware.com> 2.22-1 - Updated to version 2.22 * Tue Dec 1 2015 Divya Thaluru <dthaluru@vmware.com> 2.19-8 - Disabling rpm debug package and stripping the libraries * Wed Nov 18 2015 Divya Thaluru <dthaluru@vmware.com> 2.19-7 - Adding patch to close nss files database * Tue Nov 10 2015 Xiaolin Li <xiaolinl@vmware.com> 2.19-6 - Handled locale files with macro find_lang * Wed Aug 05 2015 Kumar Kaushik <kaushikk@vmware.com> 2.19-5 - Adding postun section for ldconfig. * Tue Jul 28 2015 Alexey Makhalov <amakhalov@vmware.com> 2.19-4 - Support glibc building against current rpm version. * Thu Jul 23 2015 Divya Thaluru <dthaluru@vmware.com> 2.19-3 - Packing locale-gen scripts * Mon May 18 2015 Touseef Liaqat <tliaqat@vmware.com> 2.19-2 - Update according to UsrMove. * Wed Nov 5 2014 Divya Thaluru <dthaluru@vmware.com> 2.19-1 - Initial build. First version