From patchwork Sat Sep 28 12:12:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Attila Lendvai X-Patchwork-Id: 31536 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 1B90C27BBEA; Sat, 28 Sep 2024 13:16:51 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-6.6 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,MAILING_LIST_MULTI, RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE, SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 74F3E27BBE9 for ; Sat, 28 Sep 2024 13:16:49 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1suWNJ-0004pm-Qe; Sat, 28 Sep 2024 08:16:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1suWNE-0004pW-Nx for guix-patches@gnu.org; Sat, 28 Sep 2024 08:16:35 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1suWNE-0003Q6-CQ for guix-patches@gnu.org; Sat, 28 Sep 2024 08:16:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:From:To:Subject; bh=4pYcStuZrMIHUPuSUbtXZO9M/NOxgJFJXQFM1xYieCI=; b=QnvVpfMlNXSJO3YqRxyw5Df69Bz9inEBIy85rzPXiic4suM54oVBCE2x1+pz7udz42nydRlk7jJrm5386O2EvC6zpBg6Fff8l+sSHmSgk8UzaqnpFSqkjGJt/k5SUli7OA5U4PlR7UKHUcD6bad5pXwWl5jpmhh0JaTOAILQtZmlN+vvCMNc2w7jcBw8dGpRL3j0hhJiRFv54Cm10b13tHmjFSclX4pwkktGS/3sop5LviKZjEG+YUSx03fPmVfmOtCj+ebJKHJZ2Y84ceRrGzf+4JaaAS5D+rt31/w1LRclzoerZtPY/V+jqfoYNgzTvKjnB1u7pQH1bZL1VpTznQ==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1suWNh-0001Cr-UM for guix-patches@gnu.org; Sat, 28 Sep 2024 08:17:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#73529] [PATCH core] gnu: patchelf: Build from git sources. Resent-From: attila.lendvai@gmail.com Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 28 Sep 2024 12:17:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 73529 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 73529@debbugs.gnu.org Cc: Attila Lendvai X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.17275257774493 (code B ref -1); Sat, 28 Sep 2024 12:17:01 +0000 Received: (at submit) by debbugs.gnu.org; 28 Sep 2024 12:16:17 +0000 Received: from localhost ([127.0.0.1]:53838 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1suWMz-0001AO-7E for submit@debbugs.gnu.org; Sat, 28 Sep 2024 08:16:17 -0400 Received: from lists.gnu.org ([209.51.188.17]:50312) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1suWMw-0001A7-C2 for submit@debbugs.gnu.org; Sat, 28 Sep 2024 08:16:15 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1suWMQ-0004no-PK for guix-patches@gnu.org; Sat, 28 Sep 2024 08:15:44 -0400 Received: from mail-wr1-x431.google.com ([2a00:1450:4864:20::431]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1suWMO-0003Oq-Se for guix-patches@gnu.org; Sat, 28 Sep 2024 08:15:42 -0400 Received: by mail-wr1-x431.google.com with SMTP id ffacd0b85a97d-37cc846fbc4so2092893f8f.2 for ; Sat, 28 Sep 2024 05:15:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1727525738; x=1728130538; darn=gnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=4pYcStuZrMIHUPuSUbtXZO9M/NOxgJFJXQFM1xYieCI=; b=kn1Rh5pI1ff+oAurbgVVrWKZCjLqExxWzC/Wf+oWYfFAvZinWu2+3/t6IMmcRWewf1 v1tHO8QDLXzzvNw0XPEHKbvti5UA8jLckn32C77UqphKuqdm4tWRK+Q/Tqo4p8XkUzed KoxKn8UEeW55rXGRti0HA0ZArISJjrmkrwNCyzHXhVoaHEStYGHgCUFXwYrCWXF8i/kG GLxtn0Iy7aeQScmZWR/lTdTgkSZlRom/MI+Xx6eY93YH0zb/s8tbya0sBkMwg7Y4SWGd gwB3/H9Gh7aXCLlpuwIW7hmrM4S+K/OjoyZ/QmcVcBqIK+uOEEBPEYJ/JSZ9BL2C2aU/ Ezzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727525738; x=1728130538; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=4pYcStuZrMIHUPuSUbtXZO9M/NOxgJFJXQFM1xYieCI=; b=e7eBqMCSHs17f5VV14AV6KjGxuDNvaQWEWCgv06r7ITvuzIwL0aLgdHXUSWxsSAGPe CemeNP5YdBWe2YG4loxX3KAZj2yUZXY57+sGwgjsXlryMUsyyk1KnBtFYX8lf2NIfMmo NSea9q2AW5BixLjWSiZFFWxUkvOTxOHRiYnrvSBCjlZ6UIi4r3n8qhNFpbs4MpLl1eyc C10wB+0h7AzmdafDHgEBfVa1NUXn/RV3spvY3hUIghAyrFXFftMK5e6tSgoQwNSkmJdR sXZe4+AmuivWHVOr1vR5iXPu5mTkQ67ho1ajxE0qnufgdG1cFZI9/6oukKIyLzkhgT/x RzCw== X-Gm-Message-State: AOJu0YwK/pwFDWhgMwcNx4eDkS15KEiCQ8X3l2kBWNHGAy6sceM6BAX/ X1zruRCye8JdDUt6WrnjZIH4OdOV+hy7vyFycD9p1CXVBcaoKKG3c4b+oA== X-Google-Smtp-Source: AGHT+IFjgpmnIJsb4UpLPSjjHsRSAnfe7ttkcGbZb9+nj4dWbv2cQjHyUsUysbFn2CRsEXb+BGlFng== X-Received: by 2002:a05:6000:257:b0:368:37ac:3f95 with SMTP id ffacd0b85a97d-37cd5aaf9c2mr3447741f8f.31.1727525738255; Sat, 28 Sep 2024 05:15:38 -0700 (PDT) Received: from lelap.lan (2a00-1f40-b161-3580--477.pool6.panelnet.hu. [2a00:1f40:b161:3580::477]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-37cd575c830sm4699185f8f.111.2024.09.28.05.15.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 28 Sep 2024 05:15:36 -0700 (PDT) From: attila.lendvai@gmail.com X-Google-Original-From: attila@lendvai.name Date: Sat, 28 Sep 2024 14:12:03 +0200 Message-ID: <91e06adbec896b8e685d7bc2501da3e7dc932233.1727525522.git.attila@lendvai.name> X-Mailer: git-send-email 2.46.0 MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::431; envelope-from=attila.lendvai@gmail.com; helo=mail-wr1-x431.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches From: Attila Lendvai Rationale: it makes it much easier to build a pending PR by using `(commit "pull/544/head")` in the origin, or in general to experiment with different patchelf versions. It also makes it more resilient against attacks hidden in release tarballs. Change-Id: I94eaedcd826c32b2c90823fe026718213f8d5962 --- sadly, this leads to endless rebuilds... gnu/packages/elf.scm | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) base-commit: 4f86fa20179ded1e6314eeba7da17309d501a32f diff --git a/gnu/packages/elf.scm b/gnu/packages/elf.scm index dc2db836321..21228a9d878 100644 --- a/gnu/packages/elf.scm +++ b/gnu/packages/elf.scm @@ -278,19 +278,19 @@ (define-public patchelf (name "patchelf") (version "0.18.0") (source (origin - (method url-fetch) - (uri (string-append - "https://github.com/NixOS/patchelf/releases/download/" - version - "/patchelf-" version ".tar.bz2")) - (sha256 - (base32 - "02s7ap86rx6yagfh9xwp96sgsj0p6hp99vhiq9wn4mxshakv4lhr")))) + (method git-fetch) + (uri (git-reference + (url "https://github.com/NixOS/patchelf") + (commit version))) + (file-name (git-file-name "patchelf" version)) + (sha256 + (base32 + "1v5mh8wdax4a97hw79nvzy0dixkbs0h487xkskkljkkdamq4rj5z")))) (build-system gnu-build-system) (arguments '(#:phases (modify-phases %standard-phases - (add-after 'unpack 'fix-tests + (add-after 'bootstrap 'fix-tests ;; Our GCC code ensures that RUNPATH is never empty, it includes ;; at least glibc/lib and gcc:lib/lib. (lambda* (#:key inputs #:allow-other-keys) @@ -298,8 +298,8 @@ (define-public patchelf ;; Disable checking for an empty runpath: (("^if test.*") "") ;; Find libgcc_s.so, which is necessary for the test: - (("/xxxxxxxxxxxxxxx") (string-append (assoc-ref inputs "gcc:lib") - "/lib"))) + (("/xxxxxxxxxxxxxxx") + (dirname (search-input-file inputs "/lib/libgcc_s.so")))) (substitute* "tests/replace-needed.sh" ;; This test assumes that only libc will be linked alongside ;; libfoo, but we also link libgcc_s. @@ -312,7 +312,10 @@ (define-public patchelf (substitute* "tests/Makefile.in" ((".*shared-rpath\\.sh \\.*") ""))))))) (native-inputs - `(("gcc:lib" ,gcc "lib"))) + (list + autoconf + automake + (list gcc "lib"))) (home-page "https://nixos.org/patchelf.html") (synopsis "Modify the dynamic linker and RPATH of ELF executables") (description