commit ef2d9e4739d3b2d228ee40b3ea11505f9490e6df
parent 0933f11c9553eb31a1426ce797a0f7346f97947f
Author: Jan Pobrislo <ccx@te2000.cz>
Date: Sat, 3 May 2025 16:25:13 +0000
easyseccomp
Diffstat:
13 files changed, 257 insertions(+), 20 deletions(-)
diff --git a/templates/pkg/containers.environment b/templates/pkg/containers.environment
@@ -15,3 +15,4 @@
#+{{pkg_install_name("getent")}}
#+{{pkg_install_name("fileset")}}
#+{{pkg_install_name("ccx-utils")}}
+#+{{pkg_install_name("easyseccomp")}}
diff --git a/variants/ccx-x86_64/containers.environment b/variants/ccx-x86_64/containers.environment
@@ -14,4 +14,5 @@
#+alpine-keys.dedc78b0b50e461d33a449adf40691698925b5eb9af8a6b69e7c0ece6b708ef4
#+getent.497826562f0e3021d114ff3f47654fa0b574041039df71dbc4e509d38fa55447
#+fileset.4e84d6846c9db82c5ad691b8a6b63b6364b367e84f9d1490b0942b3fa28f3737
-#+ccx-utils.ab28a8d701f60db69818ef22c546d02eca1ba3900bcdeaf5676bcc13d4b7f114-
\ No newline at end of file
+#+ccx-utils.ab28a8d701f60db69818ef22c546d02eca1ba3900bcdeaf5676bcc13d4b7f114
+#+easyseccomp.0d5b4a32695b27fb312959b8c2ee22a94de1a636c76daf51e756f8fbf355eb29+
\ No newline at end of file
diff --git a/variants/ccx-x86_64/default.environment b/variants/ccx-x86_64/default.environment
@@ -36,8 +36,8 @@
#+applyuidgid-caps.9856a13db04a0f0192c4208744de2c649db2ae721dc0d0dd37eb90346236a514
#+ccx-utils.ab28a8d701f60db69818ef22c546d02eca1ba3900bcdeaf5676bcc13d4b7f114
#+user-env.4e95a5387aa403e1d16a22254f21fb4cec046c69341a5eae764dd8126fb638a8
-#+system-config.f10ffa35e9efe8978d7946359541b06073f70eb53a5deec7df802e6660472939
-#+system-config-rc.e20c10f59b82e0bef21f3ff620feba0e0fcbfbad07cf73cee0b2b3d3eb3acc71
+#+system-config.2dde1683920ca0fc2211ead798a13a0e04a5343706bf4bd28c4ae7897490e5f1
+#+system-config-rc.9c23d873130070b782c7f3e8bf82296b70a9e9e49d5feb7983658ace8f239044
#+system-config-scripts.bdedb957b96fc1efd8259d16dac786d1d9c220dcde66996a16688989f104925d
-#+system-config-init.8d4a53628092661c15807e5cb86ab74ffad4e919b0832db088248890df3c5a44
+#+system-config-init.f4fba65bdccf3a757bd304e36dfb6b565be3921b0dde9f722b758e7468a8bf6a
#+system-config-zsh.250277c1fe17ccb13b5efbacd35ecb3b8342e30910cdd709f89475773bb7f309
\ No newline at end of file
diff --git a/variants/ccx-x86_64/easyseccomp b/variants/ccx-x86_64/easyseccomp
@@ -0,0 +1,117 @@
+#!/usr/bin/env pthbs-build
+#+musl-cross-make.98979eb41109d371f19d0637d51116db18c7aeef61fbf804a68094c22a302a78
+#+gnu-make.ba8d7c64a23885182fc1c9dc0331d52adcdbc45df6000fb81e8e1dd3ee05694b
+#+busybox.ee3440974794767b833fd3299226771f170d3f8601cf225cb884f0a513db8ab3
+#+busybox-diffutils.c2ebcfcad050ad71b8e30322a463b5c009f254c7a42e95c627d32665e17134dc
+#+m4.46e121f61e0af52abf876bf2688ecfe70eeb04185028d6adde0085e865fdfe75
+#+flex.322ebabc6eba6cdfd84b1b90f25790b8d917035872c2e6bb2f4c8e2f05eabcfd
+#+bison.1a189980b7909de4d49b57a4821f58147c2cc150fcd4227cb88b63342551a10f
+#@git:94422be00da71ff44c8ad1fe3455587c62ca29d3:easyseccomp
+
+build_env_static() {
+ export LD_LIBRARY_PATH="$pthbs_build_environment/library"
+ export CPATH="$pthbs_build_environment/include"
+ export LDFLAGS="-static -L$pthbs_build_environment/library $LDFLAGS"
+}
+autotools_config() {
+ prefix=/home/ccx/versions/$pthbs_package
+ ./configure -C \
+ --prefix="$prefix" \
+ --build="$(${CC:-gcc} -dumpmachine)" \
+ --bindir="$prefix/command" \
+ --sbindir="$prefix/command" \
+ --infodir="$prefix/info" \
+ --localedir="$prefix/locale" \
+ --mandir="$prefix/man" \
+ --libdir="$prefix/library" \
+ --docdir="$prefix/doc/easyseccomp" \
+ --datadir="$prefix/data" \
+ --datarootdir="$prefix/data" \
+ --localstatedir='/var/pthbs' \
+ "$@"
+
+}
+
+autotools() {
+ cd "$1"
+ shift
+ autotools_config "$@"
+ make -j${JOBS:-1} -l$((1+${JOBS:-1}))
+ make DESTDIR="$pthbs_destdir" install
+}
+
+autotools_static() {
+ build_env_static
+ autotools "$@" --enable-static --disable-shared
+}
+check_static() {
+ local exe || true
+ exe=$pthbs_destdir/'/home/ccx/versions'/$pthbs_package/$1
+ if ! test -f $exe; then
+ printf '%s\n' "Error: file '$1' doesn't exist!"
+ exit 1
+ fi
+ interp_info=$(readelf --string-dump=.interp "$exe") || exit $?
+ if test x '!=' "x$interp_info"; then
+ printf '%s\n' "Error: '$1' is a dynamic binary!"
+ exit 1
+ fi
+}
+
+
+autotools_static easyseccomp --disable-seccomp
+check_static command/easyseccomp
+
+
+
+cd "$pthbs_destdir/home/ccx/versions/$pthbs_package"
+find -type d -o -print | awk -F/ '
+BEGIN {
+}
+
+function r1(s) {
+ sub("^[.]/[^/]*", ".", s)
+ return s
+}
+function s1(repl, s) {
+ sub("^[.]/[^/]*", "./"repl, s)
+ return s
+}
+function link(src) {
+ x[$0]=0
+ printf "%s\t%s\n", $0, src
+ printf "genlinks >>%s\t%s<<\n", $0, src >>"/dev/stderr"
+}
+$1!="."{exit 1}
+
+
+$2 == "command" { link($0); next }
+$2 == "bin" { link(s1("command", $0)); next }
+
+$2 == "library.so" { link($0); next }
+$2 == "library" { link($0); next }
+$2 == "lib" && $NF ~ /\.l?a$/ { link(s1("library", $0)); next }
+$2 == "lib" && $NF ~ /\.so(|\..*)$/ { link(s1("library.so", $0)); next }
+
+$2 == "share" && $3 ~ /^(info|man|doc|icons|terminfo)$/ { link(r1($0)); next }
+
+$2 == "man" { link($0); next }
+$2 == "info" { link($0); next }
+$2 == "doc" { link($0); next }
+$2 == "icons" { link($0); next }
+$2 == "terminfo" { link($0); next }
+$2 == "data" { link($0); next }
+$2 == "include" { link($0); next }
+
+{ printf "genlinks ##%s## skipped\n", $0 >>"/dev/stderr" }
+
+END {
+ for(fname in x) { printf "DEBUG: x[\"%s\"]=\"%s\"\n", fname, x[fname] >"/dev/stderr" }
+ for(fname in x) {
+ if(x[fname]) {
+ printf "ERROR: missing expected file \"%s\"\n", fname >"/dev/stderr"
+ exit 3
+ }
+ }
+}' >.install-links.new
+mv .install-links.new .install-links
diff --git a/variants/ccx-x86_64/system-config b/variants/ccx-x86_64/system-config
@@ -52,7 +52,7 @@ printf '%s\n' >config/etc/skel/loginexec \
chmod +x config/etc/skel/loginexec
env 'pthbs_path_system-config'="$prefix" \
- 'pthbs_path_containers=/home/ccx/versions/env.c37d9d59b583c8dfeb1f45064530d5d933837a8aa56474fce9300cc903c55edd' \
+ 'pthbs_path_containers=/home/ccx/versions/env.a05c926c6053ec25eb2bb6e0e94071426cf796a9570f2552075aa925e751ba6c' \
'pthbs_path_mdevd=/home/ccx/versions/env.5049027ea8b6b4d373e16aadd3cdc63a940582ff297656e395f2131eef181671' \
make -j${JOBS:-1} -l$((1+${JOBS:-1})) all
diff --git a/variants/ccx-x86_64/system-config-init b/variants/ccx-x86_64/system-config-init
@@ -5,9 +5,9 @@
#+s6-portable-utils.1b8fd31be72bfe84afb28c3dfff03b1fc45121d11fc85f79c90f085fe61bc132
#+s6-linux-init.cd3e307b62e7dde98e1572eed297bd544e888d2589d4c1e7fd79271c4078ddf2
#+execline.1505a32c24aa5dbf362550f39283c9ff1936e717e5a82d220f8212cd9e604d8f
-#+system-config-rc.e20c10f59b82e0bef21f3ff620feba0e0fcbfbad07cf73cee0b2b3d3eb3acc71
+#+system-config-rc.9c23d873130070b782c7f3e8bf82296b70a9e9e49d5feb7983658ace8f239044
-s6rcdb=/home/ccx/versions/system-config-rc.e20c10f59b82e0bef21f3ff620feba0e0fcbfbad07cf73cee0b2b3d3eb3acc71/config/s6-rc-db
+s6rcdb=/home/ccx/versions/system-config-rc.9c23d873130070b782c7f3e8bf82296b70a9e9e49d5feb7983658ace8f239044/config/s6-rc-db
prefix=/home/ccx/versions/$pthbs_package
pkgdir="$pthbs_destdir/$prefix"
diff --git a/variants/ccx-x86_64/system-config-rc b/variants/ccx-x86_64/system-config-rc
@@ -3,7 +3,7 @@
#+busybox-diffutils.c2ebcfcad050ad71b8e30322a463b5c009f254c7a42e95c627d32665e17134dc
#+s6-rc.fecfa43aebb0615904e0e120b9ce8c0596c9b6c577611cbadc8fbaca75196ed9
#+fileset.4e84d6846c9db82c5ad691b8a6b63b6364b367e84f9d1490b0942b3fa28f3737
-#+system-config.f10ffa35e9efe8978d7946359541b06073f70eb53a5deec7df802e6660472939
+#+system-config.2dde1683920ca0fc2211ead798a13a0e04a5343706bf4bd28c4ae7897490e5f1
def_prefix() {
prefix=/home/ccx/versions/$pthbs_package
@@ -13,7 +13,7 @@ def_dest() {
}
def_dest
-src=/home/ccx/versions/system-config.f10ffa35e9efe8978d7946359541b06073f70eb53a5deec7df802e6660472939/config/s6-rc-source
+src=/home/ccx/versions/system-config.2dde1683920ca0fc2211ead798a13a0e04a5343706bf4bd28c4ae7897490e5f1/config/s6-rc-source
s6-rc-compile ./s6-rc-db "$src"
mkdir -p "$dest/config"
mv -v s6-rc-db "$dest/config/"
diff --git a/variants/root-x86_64/containers.environment b/variants/root-x86_64/containers.environment
@@ -14,4 +14,5 @@
#+alpine-keys.4ecd9fac6efcc329a98af1b0b1318771a77eb83ac10832c6e769ebf11c14cae1
#+getent.a4f1c1679ad9e6d4cd167e921ee8af0f7fce4a2b7886f96223b8c7fe1ba5ba97
#+fileset.7159458f5e8c9237e1e1708cafced263dd342d5fd24ccec97ae8092d9b1c5150
-#+ccx-utils.ccaa449ada3142ef075f3c80a6e475520219814490557f308ded4685231a70ac-
\ No newline at end of file
+#+ccx-utils.ccaa449ada3142ef075f3c80a6e475520219814490557f308ded4685231a70ac
+#+easyseccomp.b4babcb3c1d7ec13262d63622f6f20ff4e43391c61184cbec90dc85aad073933+
\ No newline at end of file
diff --git a/variants/root-x86_64/default.environment b/variants/root-x86_64/default.environment
@@ -36,8 +36,8 @@
#+applyuidgid-caps.2d571b717bda734b4464e7d3b36bb2c9eaa265fffd595bc090cbb137258121b8
#+ccx-utils.ccaa449ada3142ef075f3c80a6e475520219814490557f308ded4685231a70ac
#+user-env.8ad55eebe32b11f005f7b5c6dc204fdccc0a53cd7294f87c1e959ea47793dbca
-#+system-config.367b44e116525512392947a408ef5da9bf23cf478d0786d0da4c4bf8fbba2e07
-#+system-config-rc.60e723415e63cd223b89d06e18421755579381d86f662661c9341fa66a4691e6
+#+system-config.06258e20b94b4ce34c5323fcfa8687db97b75c25c7ca38ca279f59356519c85b
+#+system-config-rc.ae927f24f1457b0f8f916ccb4ac958195ac773af00708aab33ee98f15144b5f3
#+system-config-scripts.4c00e32b8c4f6feef53b562356abd54830cc7e889149e4f8bcb928d6e6e93378
-#+system-config-init.abb5f06ff2f5d6a33c17daca669f290f3a82bf81a690e09b84ffced431a2fbb4
+#+system-config-init.20d5c092cbf4a48ff2c07649a60c2f3d1e3d5c35f7484c773fe31d0d5442ba85
#+system-config-zsh.01286ec545c7035b2e08ded96e40b73f912f33fd7eec44993a1e93e12577dc0f
\ No newline at end of file
diff --git a/variants/root-x86_64/easyseccomp b/variants/root-x86_64/easyseccomp
@@ -0,0 +1,117 @@
+#!/usr/bin/env pthbs-build
+#+musl-cross-make.d0431fc0def788be03da43136972361827de52c8e6f0a6f3890dc57fe32e8ecc
+#+gnu-make.444e811a68f4f16724e21354b710fad3592e53a2dbf7c0c78658f3d4e7c8e465
+#+busybox.f4ef3d511c029095beda8d21dd48f7730bec63fb09792ca951402d6620338089
+#+busybox-diffutils.4a0933977737282afcd82b39d435b50946a700fe13472d24e4580a41fa852123
+#+m4.3cffaef6909a65493ddc9aba4c53f77dc594ff5ab8b58c57acaa34c654b09ff3
+#+flex.42bdab01fb2083e92a4417d5fb289c468b9a1a5b8092904b965455b74559262f
+#+bison.d9992ea20119a82e24982f67479e65e94ec0fdc686f024f0ed04e87c83a00ef0
+#@git:94422be00da71ff44c8ad1fe3455587c62ca29d3:easyseccomp
+
+build_env_static() {
+ export LD_LIBRARY_PATH="$pthbs_build_environment/library"
+ export CPATH="$pthbs_build_environment/include"
+ export LDFLAGS="-static -L$pthbs_build_environment/library $LDFLAGS"
+}
+autotools_config() {
+ prefix=/versions/$pthbs_package
+ ./configure -C \
+ --prefix="$prefix" \
+ --build="$(${CC:-gcc} -dumpmachine)" \
+ --bindir="$prefix/command" \
+ --sbindir="$prefix/command" \
+ --infodir="$prefix/info" \
+ --localedir="$prefix/locale" \
+ --mandir="$prefix/man" \
+ --libdir="$prefix/library" \
+ --docdir="$prefix/doc/easyseccomp" \
+ --datadir="$prefix/data" \
+ --datarootdir="$prefix/data" \
+ --localstatedir='/var/pthbs' \
+ "$@"
+
+}
+
+autotools() {
+ cd "$1"
+ shift
+ autotools_config "$@"
+ make -j${JOBS:-1} -l$((1+${JOBS:-1}))
+ make DESTDIR="$pthbs_destdir" install
+}
+
+autotools_static() {
+ build_env_static
+ autotools "$@" --enable-static --disable-shared
+}
+check_static() {
+ local exe || true
+ exe=$pthbs_destdir/'/versions'/$pthbs_package/$1
+ if ! test -f $exe; then
+ printf '%s\n' "Error: file '$1' doesn't exist!"
+ exit 1
+ fi
+ interp_info=$(readelf --string-dump=.interp "$exe") || exit $?
+ if test x '!=' "x$interp_info"; then
+ printf '%s\n' "Error: '$1' is a dynamic binary!"
+ exit 1
+ fi
+}
+
+
+autotools_static easyseccomp --disable-seccomp
+check_static command/easyseccomp
+
+
+
+cd "$pthbs_destdir/versions/$pthbs_package"
+find -type d -o -print | awk -F/ '
+BEGIN {
+}
+
+function r1(s) {
+ sub("^[.]/[^/]*", ".", s)
+ return s
+}
+function s1(repl, s) {
+ sub("^[.]/[^/]*", "./"repl, s)
+ return s
+}
+function link(src) {
+ x[$0]=0
+ printf "%s\t%s\n", $0, src
+ printf "genlinks >>%s\t%s<<\n", $0, src >>"/dev/stderr"
+}
+$1!="."{exit 1}
+
+
+$2 == "command" { link($0); next }
+$2 == "bin" { link(s1("command", $0)); next }
+
+$2 == "library.so" { link($0); next }
+$2 == "library" { link($0); next }
+$2 == "lib" && $NF ~ /\.l?a$/ { link(s1("library", $0)); next }
+$2 == "lib" && $NF ~ /\.so(|\..*)$/ { link(s1("library.so", $0)); next }
+
+$2 == "share" && $3 ~ /^(info|man|doc|icons|terminfo)$/ { link(r1($0)); next }
+
+$2 == "man" { link($0); next }
+$2 == "info" { link($0); next }
+$2 == "doc" { link($0); next }
+$2 == "icons" { link($0); next }
+$2 == "terminfo" { link($0); next }
+$2 == "data" { link($0); next }
+$2 == "include" { link($0); next }
+
+{ printf "genlinks ##%s## skipped\n", $0 >>"/dev/stderr" }
+
+END {
+ for(fname in x) { printf "DEBUG: x[\"%s\"]=\"%s\"\n", fname, x[fname] >"/dev/stderr" }
+ for(fname in x) {
+ if(x[fname]) {
+ printf "ERROR: missing expected file \"%s\"\n", fname >"/dev/stderr"
+ exit 3
+ }
+ }
+}' >.install-links.new
+mv .install-links.new .install-links
diff --git a/variants/root-x86_64/system-config b/variants/root-x86_64/system-config
@@ -52,7 +52,7 @@ printf '%s\n' >config/etc/skel/loginexec \
chmod +x config/etc/skel/loginexec
env 'pthbs_path_system-config'="$prefix" \
- 'pthbs_path_containers=/versions/env.9d57eec32f4103175737d3ed7f4e95fcd69d851a12d9bfcceb84f4abf7673d27' \
+ 'pthbs_path_containers=/versions/env.ddacf43c56d96eab0458aa2da69d487ff5b3448e93b6ab5b61cd79d28a8b5ec1' \
'pthbs_path_mdevd=/versions/env.699c310193b7957c8ec17e16d6846443f99c198e3e2ce6425066f4523de2cf1e' \
make -j${JOBS:-1} -l$((1+${JOBS:-1})) all
diff --git a/variants/root-x86_64/system-config-init b/variants/root-x86_64/system-config-init
@@ -5,9 +5,9 @@
#+s6-portable-utils.f6171ad521d6be72875f1d5c1b28f966662ba93cfe5790e1ef010f9e76211bc3
#+s6-linux-init.8fbed3537ce9accc1a31e36f4648d1a0df0f1d155fcfa8fb5b1079786cf1442c
#+execline.c89bee1b1207461afa2d2ab9250f0940a2a6bbca3e45bdd60037049a75f4adf9
-#+system-config-rc.60e723415e63cd223b89d06e18421755579381d86f662661c9341fa66a4691e6
+#+system-config-rc.ae927f24f1457b0f8f916ccb4ac958195ac773af00708aab33ee98f15144b5f3
-s6rcdb=/versions/system-config-rc.60e723415e63cd223b89d06e18421755579381d86f662661c9341fa66a4691e6/config/s6-rc-db
+s6rcdb=/versions/system-config-rc.ae927f24f1457b0f8f916ccb4ac958195ac773af00708aab33ee98f15144b5f3/config/s6-rc-db
prefix=/versions/$pthbs_package
pkgdir="$pthbs_destdir/$prefix"
diff --git a/variants/root-x86_64/system-config-rc b/variants/root-x86_64/system-config-rc
@@ -3,7 +3,7 @@
#+busybox-diffutils.4a0933977737282afcd82b39d435b50946a700fe13472d24e4580a41fa852123
#+s6-rc.c131bb99b2054bcd9705c5a5652822938265a8587a54d2894667b8b620815c7f
#+fileset.7159458f5e8c9237e1e1708cafced263dd342d5fd24ccec97ae8092d9b1c5150
-#+system-config.367b44e116525512392947a408ef5da9bf23cf478d0786d0da4c4bf8fbba2e07
+#+system-config.06258e20b94b4ce34c5323fcfa8687db97b75c25c7ca38ca279f59356519c85b
def_prefix() {
prefix=/versions/$pthbs_package
@@ -13,7 +13,7 @@ def_dest() {
}
def_dest
-src=/versions/system-config.367b44e116525512392947a408ef5da9bf23cf478d0786d0da4c4bf8fbba2e07/config/s6-rc-source
+src=/versions/system-config.06258e20b94b4ce34c5323fcfa8687db97b75c25c7ca38ca279f59356519c85b/config/s6-rc-source
s6-rc-compile ./s6-rc-db "$src"
mkdir -p "$dest/config"
mv -v s6-rc-db "$dest/config/"
