Commit graph

163 commits

Author SHA1 Message Date
Juan RP
e97de5b5d3 env/build: get rid of timestamp-macros.sh (dangling symlink). 2016-04-27 16:53:47 +02:00
Juan RP
882f23cf98 env/hardening: fix hardening on MIPS.
Thanks to @chneukirchen for finding the correct solution:

gcc sets -mno-shared by default when compiling non-PIC, and because
we are overriding the builtin specs, this internal rule set for gnu/mips
does not trigger:

gcc/config/mips/gnu-user.h:/* Default to -mno-shared for non-PIC.  */
gcc/config/mips/gnu-user.h:  " %{mshared|mno-shared|fpic|fPIC|fpie|fPIE:;:-mno-shared}"

So that we now use a specific specs file just for mips that sets -mshared for PIC.

This fixes building packages with hardening enabled for MIPS.
2016-04-27 15:01:40 +02:00
Juan RP
7e117fb96d env/hardening: reenable hardening for MIPS.
I just booted a full PIE base-system successfully on my CI20 Creator.

For now we set -fPIE again in C{,XX}FLAGS to fix the build in attr/acl/coreutils, etc.
2016-04-27 12:47:56 +02:00
Juan RP
d55d16482d env/hardening: disable PIE generally for MIPS.
PIE is currently broken in MIPS.
2016-04-26 09:41:28 +02:00
Alessio Sergi
0be83d098d xbps-src: switch PYPI_SITE to Warehouse (pypi.io) 2016-04-25 00:25:04 +02:00
Toyam Cox
f7cb309d20 build-style/cmake: Add cmake as hostmakedepends 2016-03-12 12:14:42 +00:00
Jürgen Buchmüller
c459dade15 gcc: add support for SOURCE_DATE_EPOCH environment
+ Create symlinks from gcc/patches/libcpp-source_date_epoch.patch to cross-*/files/
+ Make all the _apply_patch() functions the same
2016-03-08 13:49:52 +01:00
Jürgen Buchmüller
8ce51e70cf timestamp-macros: fix creation and add cleanup
As described in 
2016-03-07 09:46:34 +01:00
Enno Boland
0c4b812ad3 common/environment: fix error message 2016-03-06 14:10:41 +01:00
Enno Boland
15f26298aa common/environment: empty file before writing.
Emptying the headerfile before writing into it. This prevents
defining/undefining a macro multiple times.

addresses .
2016-03-06 13:07:11 +01:00
Enno Boland
d84d62940d common/environment: check if package is under version control.
only use git commit date for SOURCE_DATE_EPOCH if the template is under version
control.  Fall back to templates mtime if it's not managed by git.
2016-03-06 13:07:10 +01:00
Juan RP
00b8dd7e50 common/env/install: drop timestamp-macros.sh.
Why? because adding this to the install phase will change the compiler
flags that were used for configure/building and compilation will
happen twice.
2016-03-03 07:44:06 +01:00
Enno Boland
d285f4dcdb common/environment: only load git commit date when in chroot. 2016-03-02 07:47:35 +01:00
Enno Boland
a04687bf74 common: fix glibc
glibc is a wonderful library. Tidy and clean. To keep it that clean
it does such useful things as sorting the CFLAGS alphabeticly.
Unfortunately this breaks command line arguments that contain parameters
such as `-include /foo/bar`. This commit works around this flaw by
removing the space and using -include/foo/bar instead.
2016-03-01 20:52:44 +01:00
Enno Boland
b5e49c48e7 common: replace XBPS_COMMIT_TIMESTAMP by SOURCE_DATE_EPOCH
This way we are compatible to the Debians proposal. See [1].

[1] https://gcc.gnu.org/ml/gcc-patches/2015-06/msg02210.html
2016-03-01 18:27:49 +01:00
Enno Boland
69cb0beb58 environment/configure: move macro definition to a header file and include it.
This prevents escaping issues with command line options.
2016-03-01 18:08:56 +01:00
Enno Boland
995c356e30 Revert "common/environment: add missing backslashes for macro definitions."
This reverts commit c46b43df61.

lynx was complaining about missing " in the CFLAGS. apparently this is an error in the lynx
build system, not in the CFLAGS.
2016-03-01 17:50:06 +01:00
Enno Boland
c46b43df61 common/environment: add missing backslashes for macro definitions. 2016-03-01 17:45:42 +01:00
Enno Boland
3c04642877 environment/build: overwrite __DATE__, __TIME__, and __TIMESTAMP__ macros.
This commit overwrites timestamps that depend on timestamps with the
commit date of a package.
2016-03-01 15:33:09 +01:00
Enno Boland
144a59a796 srcpkgs: fix MOZILLA_SITE update checks. 2016-02-12 00:50:34 +01:00
Juan RP
3a40219469 env/hardening: fix inverted nopie setting on mips*-musl. 2015-12-12 08:36:51 +01:00
Juan RP
b53ac251ea env/hardening: handle {i686,mips,mipsel}-musl in a common place. 2015-12-12 08:32:38 +01:00
Christian Neukirchen
bb4c655c11 common/environment/install: add cross.sh and hardening.sh.
You are not supposed to compile in do_install(), but some Makefile
detect CFLAGS changes and then rebuild.
2015-12-11 13:58:44 +01:00
Christian Neukirchen
5745ea5b82 configure/hardening.sh: disable hardening on mipsel-musl. 2015-11-27 18:29:19 +01:00
Christian Neukirchen
4c4c82cb19 configure/gnu-configure-args.sh: match mipsel-musl. 2015-11-27 18:29:19 +01:00
Enno Boland
bd307bb9e2 Merge pull request from Gottox/conf_files-glob
globs files defined in conf_files=
2015-11-26 08:05:34 +01:00
Christian Neukirchen
e58a7b24e9 gccspecs/hardened-cc1: also pass -fPIE to cpp by default.
Note that -fPIE defines __PIC__ and __PIE__, so passing this on to
pure cpp(1)/gcc -E executions is relevant.

Found the hard way due to ccache breaking on i686 with precompiled
headers which used the non-PIC definitions in cpuid.h since header
precompilation doesn't read cc1_options.
2015-11-19 16:30:06 +01:00
Dominik Honnef
5accddbb26 go, build-style/go: set nopie=yes 2015-11-19 09:55:48 +01:00
Enno Boland
82b736b616 common: expand_destdir rewrite 2015-11-18 11:19:09 +01:00
Enno Boland
18e288fd2c common: remove unneccessary 'source's; move extglob.sh to install 2015-11-18 10:21:33 +01:00
Enno Boland
ef24b7b7cc common: move expand_destdir to environment/pkg; change lint check. 2015-11-18 10:21:33 +01:00
Juan RP
744acd0308 xbps-src: env/hardening: make sure to put pkg overrides at the end. 2015-11-17 17:24:54 +01:00
Juan RP
784f75931d xbps-src: move compiler/linker defaults to env/hardening.sh.
The user can still set his/her defaults via etc/conf, and per
package in the templates.
2015-11-17 17:13:12 +01:00
Juan RP
917024dd19 Merge pull request from Gottox/no-force_debug_pkgs
common/xbps-src: remove force_debug_pkgs variable
2015-11-17 16:54:10 +01:00
Juan RP
3fdad91bf9 xbps-src: make 'build_pie' the default; use 'nopie' to disable it.
Discussed with @chneukirchen.
2015-11-17 16:47:19 +01:00
Enno Boland
c7f2f9840f common/xbps-src: remove force_debug_pkgs variable 2015-11-17 15:36:51 +01:00
Juan RP
3e1154266f xbps-src: support "alternatives" from xbps-0.48. 2015-10-30 12:39:59 +01:00
Juan RP
bfcc741398 time: unbreak cross musl; set _GNU_SOURCE and override wait3 test.
Thanks @pullmoll
2015-10-28 17:12:38 +01:00
Juan RP
94cbb90877 env/autoconf_cache: ac_cv_strftime_extensions is supported in glibc and musl. 2015-10-23 14:27:12 +02:00
Juan RP
4bb30370dd xbps-src: set up C{,XX}FLAGS and LDFLAGS correctly for cross compilation.
This way there's no need to set LDFLAGS per-pkg just to fix cross compilation
in multiple packages.
2015-10-17 11:05:21 +02:00
Christian Neukirchen
5093d6b0c1 New build_style haskell-stack. 2015-09-14 16:13:13 +02:00
Juan RP
bcdacb66a0 xbps-src: replace basename(1) with ${var##*/}.
Reduce number of fork+exec due to using a subshell to execute basename(1).
2015-09-11 07:55:40 +02:00
Dominik Honnef
114c395bf9 build-style/go: support cross-compilation with cgo 2015-09-04 02:18:57 +02:00
Enno Boland
cc1e475bff libtar: fix cross compile 2015-09-03 00:12:41 +02:00
Dominik Honnef
2bb87e4e07 build-style/go: don't set GOBIN
Go 1.5 doesn't permit our use of GOBIN anymore, breaking
cross-compilation (for details, see
https://github.com/golang/go/issues/9769)

In retrospect, I'm not sure why we set GOBIN in the first place;
GOPATH/bin should suffice.

Closes 
2015-08-22 20:58:24 +02:00
Christian Neukirchen
e3da69248b common/environment/configure/build-pie.sh: pass -z relro -z now via $LDFLAGS for libtool to pick them up (see ). 2015-08-17 16:53:13 +02:00
Christian Neukirchen
56d1da3a3f environment/configure/build-pie.sh: enable hardening in CXXFLAGS too. 2015-08-13 13:50:23 +02:00
Juan RP
279ead0999 xbps-src: added XBPS_ALLOW_RESTRICTED conf option for restricted pkgs.
Such packages should set the `restricted' var to allow building a binary package.
Note that such packages do not allow redistribution of sources and binaries,
so that it's up to the user if (s)he wants to pkg it locally.
2015-07-26 10:22:35 +02:00
Juan RP
e03593db73 xbps-src: remove vestiges of the systemd-services hook. 2015-07-11 11:30:09 +02:00
Juan RP
db0f20706d env/setup/misc: switch GNU_SITE to http://ftp.gnu.org. 2015-06-25 07:06:25 +02:00