gnu: heimdal: Drop obsolete and insecure user tools.

According to messages from the Heimdal maintainers Brian May and Nico Williams, no one should be using their version of 'su' anymore. It was deleted from the development branch five years ago [1] and is only being shipped because the 7.8.0 is based on an older, stable branch. [1] 8a77f45aff Following the directions from the maintainers, this commit drops all executables built from the ./appl folder via deletion of that SUBDIR from the top-level Makefile.am. Unfortunately, the heimdal-discuss mailing list does not appear to have a public archive. The relevant SMTP Message-Id was: <MDAEMON-F202305111940.AA401569md5001000003030@sequoia-grove.ad.secure-endpoints.com> * gnu/packages/kerberos.scm (heimdal): Drop obsolete and insecure user tools. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
2023-05-28 17:19:18 -07:00 · 2023-05-28 17:19:18 -07:00 · d89247150f
parent 94879ff743
commit d89247150f
1 changed files with 6 additions and 9 deletions
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@ -214,6 +214,12 @@ After installation, the system administrator should generate keys using
                                                   "/libexec/heimdal")))
                  #~()))
       #:phases (modify-phases %standard-phases
+                  ;; Skip the appl folder as obsolete per message from Brian May <brian@linuxpenguins.xyz>
+                  ;; <MDAEMON-F202305111940.AA401569md5001000003030@sequoia-grove.ad.secure-endpoints.com>
+                  (add-after 'unpack 'drop-obsolete-executables
+                    (lambda* (#:key inputs #:allow-other-keys)
+                      (substitute* '("Makefile.am")
+                        (("appl") ""))))
                  (add-before 'configure 'pre-configure
                    (lambda* (#:key inputs #:allow-other-keys)
                      (invoke (search-input-file inputs "bin/autoreconf") "--install" "--force")
@ -230,15 +236,6 @@ After installation, the system administrator should generate keys using
                        ;; which confuses heimdal.
                        (("ac_cv_prog_COMPILE_ET=\\$\\{with_cross_tools\\}compile_et")
                         "ac_cv_PROG_COMPILE_ET=compile_et"))
-                      (substitute* '("appl/afsutil/pagsh.c" "appl/su/su.c")
-                        (("/bin/sh")
-                         (search-input-file inputs "bin/sh"))
-                        ;; Use the cross-compiled bash instead of the
-                        ;; native bash (XXX shouldn't _PATH_BSHELL point
-                        ;; to a cross-compiled bash?).
-                        (("_PATH_BSHELL")
-                         (string-append
-                          "\"" (search-input-file inputs "bin/sh") "\"")))
                      (substitute* '("tools/Makefile.in")
                        (("/bin/sh") (which "sh")))))
                  (add-before 'check 'pre-check