me
/
guix
Archived
1
0
Fork 0
Code

gnu: proot: Update to 5.2.0-alpha. 

This allows proot to be built for aarch64-linux and armhf-linux.

* gnu/packages/patches/proot-test-fhs.patch: Delete patch.
* gnu/local.mk (dist_patch_DATA): Un-register it.
* gnu/packages/linux.scm: Update to 5.2.0-alpha.
[patches]: Remove field.
[supported-system]: New field.
[tests?]: Disable for ARM-based systems.
[phases]{fix-fhs-assumptions-in-tests, set-shell-file-name}: Combine into...
{patch-sources}: ... this new phase.
{build-manpage}: New phase.
{check}: Add seccomp issue URL in comment.
[native-inputs]: Add coreutils issue URL in comment.  Add pkg-config and
python-docutils.
[inputs]: Add libarchive.
master
Maxim Cournoyer 2021-07-09 00:22:19 -04:00
parent 2d69073245
commit c881516d48
No known key found for this signature in database
GPG Key ID: 1260E46482E63562
3 changed files with 76 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
gnu/local.mk
View File

@ -1578,7 +1578,6 @@ dist_patch_DATA = \
%D%/packages/patches/procmail-ambiguous-getline-debian.patch \
%D%/packages/patches/procmail-CVE-2014-3618.patch \
%D%/packages/patches/procmail-CVE-2017-16844.patch \
%D%/packages/patches/proot-test-fhs.patch \
%D%/packages/patches/psm-arch.patch \
%D%/packages/patches/psm-disable-memory-stats.patch \
%D%/packages/patches/psm-ldflags.patch \

112
gnu/packages/linux.scm
View File

@ -163,7 +163,8 @@
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-2)
#:use-module (srfi srfi-26)
#:use-module (ice-9 match))
#:use-module (ice-9 match)
#:use-module (ice-9 regex))
(define-public (system->linux-architecture arch)
"Return the Linux architecture name for ARCH, a Guix system name such as
@ -6810,7 +6811,9 @@ userspace queueing component and the logging subsystem.")
(define-public proot
(package
(name "proot")
(version "5.1.0")
;; The last stable release was made in 2015, and fails to build for
;; the aarch64 platform.
(version "5.2.0-alpha")
(source
(origin
(method git-fetch)
@ -6819,30 +6822,33 @@ userspace queueing component and the logging subsystem.")
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
(base32 "0azsqis99gxldmbcg43girch85ysg4hwzf0h1b44bmapnsm89fbz"))
(patches (search-patches "proot-test-fhs.patch"))))
(base32 "09vp806y4hqfq2fn2hpi873rh4j6a3c572ph4mkirx1n32wj8srl"))))
(build-system gnu-build-system)
;; The powerpc64le-linux and mips64el-linux architectures are not
;; supported (see:
;; https://github.com/proot-me/proot/blob/master/src/arch.h#L51).
(supported-systems '("x86_64-linux" "i686-linux"
"armhf-linux" "aarch64-linux" "i586-gnu"))
(arguments
'(#:make-flags '("-C" "src")
;; Disable the test suite on ARM platforms, as there are too many
;; failures to keep track of (see for example:
;; https://github.com/proot-me/proot/issues/263).
`(#:tests? ,(not (string-match "^(arm|aarch64)"
(or (%current-target-system)
(%current-system))))
#:make-flags '("-C" "src")
#:phases (modify-phases %standard-phases
(delete 'configure)
(add-before 'build 'set-shell-file-name
(add-after 'unpack 'patch-sources
(lambda* (#:key inputs #:allow-other-keys)
(substitute* (find-files "src" "\\.[ch]$")
(("\"/bin/sh\"")
(string-append "\""
(assoc-ref inputs "bash")
"/bin/sh\"")))))
(add-before 'check 'fix-fhs-assumptions-in-tests
(lambda _
(substitute* "tests/test-c6b77b77.mk"
(("/bin/bash") (which "bash"))
(("/usr/bin/test") (which "test")))
(substitute* '("tests/test-16573e73.c")
(("/bin/([a-z-]+)" _ program)
(which program)))
(string-append "\"" (assoc-ref inputs "bash")
"/bin/sh\"")))
(substitute* (find-files "tests" "\\.sh$")
(substitute* "src/GNUmakefile"
(("/bin/echo") (which "echo")))
(substitute* (find-files "test" "\\.sh$")
;; Some of the tests try to "bind-mount" /bin/true.
(("-b /bin/true:")
(string-append "-b " (which "true") ":"))
@ -6852,27 +6858,63 @@ userspace queueing component and the logging subsystem.")
(("/bin/sh") (which "sh"))
;; Others assume /etc/fstab exists.
(("/etc/fstab") "/etc/passwd"))
(substitute* "tests/GNUmakefile"
(substitute* "test/GNUmakefile"
(("-b /bin:") "-b /gnu:"))
(substitute* "test/test-c6b77b77.mk"
(("/bin/bash") (which "bash"))
(("/usr/bin/test") (which "test")))
(substitute* "test/test-16573e73.c"
(("/bin/([a-z-]+)" _ program)
(which program)))
(substitute* "test/test-d2175fc3.sh"
(("\\^/bin/true\\$") "$(which true)"))
(substitute* "test/test-5467b986.sh"
(("-w /usr") "-w /gnu")
(("-w usr") "-w gnu")
(("/usr/share") "/gnu/store")
(("share") "store"))
(substitute* "test/test-092c5e26.sh"
(("-q echo ")
"-q $(which echo) "))
;; The following tests are known to fail (see:
;; https://github.com/proot-me/proot/issues/184).
(delete-file "test/test-0228fbe7.sh")
(delete-file "test/test-2db65cd2.sh")
;; This one fails with "bind: Address already in use"
;; (see: https://github.com/proot-me/proot/issues/260).
(delete-file "test/test-ssssssss.c")
;; This one fails on a waitpid call that returns 1 (see:
;; https://github.com/proot-me/proot/issues/261).
(delete-file "test/test-ptrace01.c")
;; XXX: This test fails in an obscure corner case, just
;; skip it.
(delete-file "tests/test-kkkkkkkk.c")))
(delete-file "test/test-kkkkkkkk.c")
;; The socket tests requires networking.
(for-each delete-file
(find-files "test" "test-socket.*\\.sh$"))))
(delete 'configure)
(add-after 'build 'build-manpage
(lambda _
(with-directory-excursion "doc"
(invoke "make" "proot/man.1" "SUFFIX=.py"))))
(replace 'check
(lambda* (#:key tests? #:allow-other-keys)
(when tests?
(let ((n (parallel-job-count)))
;; For some reason we get lots of segfaults with
;; seccomp support (x86_64, Linux-libre 4.11.0).
;; There are lots of segfaults with seccomp support
;; (x86_64, Linux-libre 4.11.0) (see:
;; https://github.com/proot-me/proot/issues/106).
(setenv "PROOT_NO_SECCOMP" "1")
;; Most of the tests expect "/bin" to be in $PATH so
;; they can run things that live in $ROOTFS/bin.
(setenv "PATH"
(string-append (getenv "PATH") ":/bin"))
(invoke "make" "check" "-C" "tests"
(invoke "make" "check" "-C" "test"
;;"V=1"
"-j" (number->string n))))))
(replace 'install
@ -6884,24 +6926,22 @@ userspace queueing component and the logging subsystem.")
;; build currently.)
(invoke "make" "-C" "src" "install"
(string-append "PREFIX=" out))
(mkdir-p man1)
(copy-file "doc/proot/man.1"
(string-append man1 "/proot.1"))))))))
(native-inputs `(("which" ,which)
;; For 'mcookie', used by some of the tests.
("util-linux" ,util-linux)
;; XXX: Choose the old coreutils because its 'stat'
;; program does not use statx(2) when running 'stat -c
;; %a' or similar, which PRoot doesn't properly support.
;; %a' or similar, which PRoot doesn't properly support
;; (see: https://github.com/proot-me/proot/issues/262).
("coreutils-old" ,coreutils-8.30)
;; XXX: 'test-c6b77b77.sh' runs 'make' and that leads
;; make 4.3 to segfault.
("make-old" ,gnu-make-4.2)))
(inputs `(("talloc" ,talloc)))
("pkg-config" ,pkg-config)
;; For rst2man, used to generate the manual page.
("python-docutils" ,python-docutils)))
(inputs `(("libarchive" ,libarchive)
("talloc" ,talloc)))
(home-page "https://github.com/proot-me/PRoot")
(synopsis "Unprivileged chroot, bind mount, and binfmt_misc")
(description

98
gnu/packages/patches/proot-test-fhs.patch
View File

@ -1,98 +0,0 @@
The test suite of PRoot makes many FHS assumptions, such as assuming
that /bin, /bin/true, and /usr exist. This patch fixes these assumptions.
--- source/tests/GNUmakefile 2017-05-11 15:26:36.899115484 +0200
+++ source/tests/GNUmakefile 2017-05-11 15:26:46.143063166 +0200
@@ -121,7 +121,7 @@ $(ROOTFS_DIR):
setup: $(ROOTFS_BIN)
$(ROOTFS)/bin/abs-true:
- @ln -fs /bin/true $@
+ @ln -fs `which true` $@
$(ROOTFS)/bin/rel-true:
@ln -fs ./true $@
--- source/tests/test-d2175fc3.sh 2017-05-11 15:36:53.727617010 +0200
+++ source/tests/test-d2175fc3.sh 2017-05-11 15:37:10.155523637 +0200
@@ -2,8 +2,8 @@ if [ ! -x ${ROOTFS}/bin/readlink ] || [
exit 125;
fi
-${PROOT} -r ${ROOTFS} /bin/readlink /bin/abs-true | grep '^/bin/true$'
+${PROOT} -r ${ROOTFS} /bin/readlink /bin/abs-true | grep "`which true`"
${PROOT} -r ${ROOTFS} /bin/readlink /bin/rel-true | grep '^\./true$'
-${PROOT} -b /:/host-rootfs -r ${ROOTFS} /bin/readlink /bin/abs-true | grep '^/bin/true$'
+${PROOT} -b /:/host-rootfs -r ${ROOTFS} /bin/readlink /bin/abs-true | grep "`which true`"
${PROOT} -b /:/host-rootfs -r ${ROOTFS} /bin/readlink /bin/rel-true | grep '^./true$'
--- source/tests/test-d1be631a.sh 2017-05-11 15:41:36.458008715 +0200
+++ source/tests/test-d1be631a.sh 2017-05-11 15:41:38.921994686 +0200
@@ -1,4 +1,4 @@
-if [ -z `which mknod`] || [ `id -u` -eq 0 ]; then
+if [ -z `which mknod` ] || [ `id -u` -eq 0 ]; then
exit 125;
fi
--- source/tests/test-5bed7141.c 2017-05-11 15:34:23.088472743 +0200
+++ source/tests/test-5bed7141.c 2017-05-11 15:34:27.052450235 +0200
@@ -80,7 +80,7 @@ int main(int argc, char *argv[])
exit(EXIT_FAILURE);
case 0: /* child */
- status = chdir("/usr");
+ status = chdir("/gnu");
if (status < 0) {
perror("chdir");
exit(EXIT_FAILURE);
--- a/tests/test-092c5e26.sh
+++ b/tests/test-092c5e26.sh
@@ -24,7 +24,7 @@ fi
unset LD_LIBRARY_PATH
-env PROOT_FORCE_FOREIGN_BINARY=1 PATH=/tmp:/bin:/usr/bin ${PROOT} -r ${ROOTFS} -q echo ${TMP} | grep "^-U LD_LIBRARY_PATH ${EXTRA}-0 /bin/argv0 /bin/argv0 ${TMP_ABS}$"
+env PROOT_FORCE_FOREIGN_BINARY=1 PATH=/tmp:/bin:/usr/bin:$(dirname $(which echo)) ${PROOT} -r ${ROOTFS} -q echo ${TMP} | grep "^-U LD_LIBRARY_PATH ${EXTRA}-0 /bin/argv0 /bin/argv0 ${TMP_ABS}$"
env PROOT_FORCE_FOREIGN_BINARY=1 ${PROOT} -r ${ROOTFS} -q echo ${TMP_ABS} | grep "^-U LD_LIBRARY_PATH ${EXTRA}-0 /bin/argv0 /bin/argv0 ${TMP_ABS}$"
cat > ${ROOTFS}/${TMP_ABS} <<EOF
@@ -34,7 +34,7 @@ chmod +x ${ROOTFS}/${TMP_ABS}
# Valgrind prepends "/bin/sh" in front of foreign binaries.
if ! $(echo ${PROOT} | grep -q valgrind); then
- env PATH=/tmp:/bin:/usr/bin ${PROOT} -r ${ROOTFS} -q echo ${TMP} | grep "^-U LD_LIBRARY_PATH -0 ${TMP} ${TMP_ABS}$"
+ env PATH=/tmp:/bin:/usr/bin:$(dirname $(which echo)) ${PROOT} -r ${ROOTFS} -q echo ${TMP} | grep "^-U LD_LIBRARY_PATH -0 ${TMP} ${TMP_ABS}$"
${PROOT} -r ${ROOTFS} -q echo ${TMP_ABS} | grep "^-U LD_LIBRARY_PATH -0 ${TMP_ABS} ${TMP_ABS}$"
fi
diff --git a/tests/test-5467b986.sh b/tests/test-5467b986.sh
index c6ac71a..f616f1e 100644
--- a/tests/test-5467b986.sh
+++ b/tests/test-5467b986.sh
@@ -30,8 +30,8 @@ ${PROOT} -v -1 -b /tmp:/b -b /tmp:/a -r ${ROOTFS} fchdir_getcwd /b | grep '^/[ab
! ${PROOT} -w /bin -r ${ROOTFS} fchdir_getcwd true
[ $? -eq 0 ]
-${PROOT} -v -1 -w /usr -r / ${ROOTFS}/bin/chdir_getcwd share | grep '^/usr/share$'
-${PROOT} -v -1 -w /usr -r / ${ROOTFS}/bin/fchdir_getcwd share | grep '^/usr/share$'
+${PROOT} -v -1 -w /gnu -r / ${ROOTFS}/bin/chdir_getcwd store | grep '^/gnu/store$'
+${PROOT} -v -1 -w /gnu -r / ${ROOTFS}/bin/fchdir_getcwd store | grep '^/gnu/store$'
-(cd /; ${PROOT} -v -1 -w usr -r / ${ROOTFS}/bin/chdir_getcwd share | grep '^/usr/share$')
-(cd /; ${PROOT} -v -1 -w usr -r / ${ROOTFS}/bin/fchdir_getcwd share | grep '^/usr/share$')
+(cd /; ${PROOT} -v -1 -w gnu -r / ${ROOTFS}/bin/chdir_getcwd store | grep '^/gnu/store$')
+(cd /; ${PROOT} -v -1 -w gnu -r / ${ROOTFS}/bin/fchdir_getcwd store | grep '^/gnu/store$')
--- a/tests/test-c15999f9.sh
+++ b/tests/test-c15999f9.sh
@@ -5,7 +5,7 @@ fi
TMP=/tmp/$(mcookie)
mkdir ${TMP}
-${PROOT} -b /bin/true:${TMP}/true /bin/true
+${PROOT} -b `which true`:${TMP}/true `which true`
! test -e ${TMP}/true
[ $? -eq 0 ]