forge/ayaports
1
0
Fork 0
Code Issues 14 Pull requests 8 Projects Releases Packages Wiki Activity Actions

user/qubes-vm-qrexec: new aport

Browse source
This commit is contained in:
Antoine Martin 2023-03-07 22:20:29 -05:00
parent 3841136929
commit cf0d372bc6
Signed by: forge
GPG key ID: D62A472A4AA7D541
3 changed files with 93 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
user/qubes-vm-qrexec/APKBUILD Normal file
View file

@ -0,0 +1,59 @@
# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
# Contributor: Antoine Martin (ayakael) <dev@ayakael.net>
pkgname=qubes-vm-qrexec
subpackages="$pkgname-openrc $pkgname-doc"
pkgver=4.1.20
_gittag="v$pkgver"
pkgrel=0
pkgdesc="The Qubes qrexec files (qube side)"
arch="x86_64"
url="https://github.com/QubesOS/qubes-core-qrexec"
license='GPL'
depends="qubes-libvchan-xen"
options="!check" # No testsuite
makedepends="
gcc
make
pandoc
pkgconf
py3-setuptools
lld
qubes-libvchan-xen-dev
"
source="
$pkgname-$_gittag.tar.gz::https://github.com/QubesOS/qubes-core-qrexec/archive/refs/tags/$_gittag.tar.gz
qubes-qrexec-agent.openrc
agent-qrexec-fork-server-undef-fortify-source.patch
"
builddir="$srcdir/qubes-core-qrexec-${_gittag/v}"
prepare() {
default_prepare
# remove all -Werror
msg "Eradicating -Werror..."
find . \( -name '*.mk' -o -name 'Make*' \) -exec sed -i -e 's/-Werror//g' {} +
}
build() {
make all-base
make all-vm
# change all shebangs to bash as expected
# shellcheck disable=SC2013
for i in $(grep '/bin/sh' -RlI .); do
sed -i 's|/bin/sh|/bin/bash|' "$i"
done
}
package() {
export LDFLAGS="$LDFLAGS -fuse-ld=lld"
make install-base DESTDIR="$pkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
make install-vm DESTDIR="$pkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
install -Dm 755 "$srcdir"/qubes-qrexec-agent.openrc "$pkgdir"/etc/init.d/qubes-qrexec-agent
}
sha512sums="
650d6ae2a48dddc8207b0b1466024fc2bc48b6d10f11ba35411fa1e44049ddc5d1fe9ca77d968598444db34bac8fb781b6fa4c837846af52161dbf246f3a99fb qubes-vm-qrexec-v4.1.20.tar.gz
e2dd5cace82e881c40d5d37c69f7327fbabde81c9d23283de23de9f1197b7b018ef07a8d90e95c61bd249426d9d8297e7cb372333245941ffa0682c90ea3461f qubes-qrexec-agent.openrc
69b88c8d344f0d575eac398937040ba39a0d8fb8ea0a2b160c48d84775e1da4e226a76f3c5d3be7b045f577b634bb35cd5c5536248e18117c4121a38f9f3bf13 agent-qrexec-fork-server-undef-fortify-source.patch
"

12
user/qubes-vm-qrexec/agent-qrexec-fork-server-undef-fortify-source.patch Normal file
View file

@ -0,0 +1,12 @@
diff --git a/agent/qrexec-fork-server.c b/agent/qrexec-fork-server.c
index e9bcab7..655d138 100644
--- a/agent/qrexec-fork-server.c
+++ b/agent/qrexec-fork-server.c
@@ -32,6 +32,7 @@
#include <libvchan.h>
#include "libqrexec-utils.h"
#include "qrexec-agent.h"
+#undef _FORTIFY_SOURCE
extern char **environ;
const bool qrexec_is_fork_server = true;

22
user/qubes-vm-qrexec/qubes-qrexec-agent.openrc Normal file
View file

@ -0,0 +1,22 @@
#!/sbin/openrc-run
name=$RC_SVCNAME
cfgfile="/etc/qubes/$RC_SVCNAME.conf"
command="/usr/lib/qubes/qrexec-agent"
command_args=""
command_user="root"
pidfile="/run/qubes/$RC_SVCNAME.pid"
start_stop_daemon_args=""
command_background="yes"
output_log="/var/log/qubes/$RC_SVCNAME.log"
error_log="/var/log/qubes/$RC_SVCNAME.err"
depend() {
need xendriverdomain
}
start_pre() {
/bin/sh -c '[ -e /dev/xen/evtchn ] || modprobe xen_evtchn'
checkpath --directory --owner $command_user:qubes --mode 0775 \
/run/qubes /var/log/qubes
}