summaryrefslogtreecommitdiff
blob: 795e71f73b1f7a72ddd248c002e7d6d58481d3c3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

EAPI=8

inherit systemd prefix tmpfiles

DESCRIPTION="A man replacement that utilizes dbm instead of flat files"
HOMEPAGE="https://gitlab.com/man-db/man-db https://www.nongnu.org/man-db/"
if [[ ${PV} == *9999 ]] ; then
	inherit autotools git-r3
	EGIT_REPO_URI="https://gitlab.com/man-db/man-db"
else
	# TODO: Change tarballs to gitlab too...?
	SRC_URI="mirror://nongnu/${PN}/${P}.tar.xz"
	KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
fi

LICENSE="GPL-3"
SLOT="0"
IUSE="+manpager nls +seccomp selinux static-libs zlib"

CDEPEND="
	>=dev-libs/libpipeline-1.5.0
	sys-apps/groff
	sys-libs/gdbm:=
	seccomp? ( sys-libs/libseccomp )
	zlib? ( sys-libs/zlib )"
DEPEND="${CDEPEND}"
BDEPEND="app-arch/xz-utils
	virtual/pkgconfig
	nls? (
		>=app-text/po4a-0.45
		sys-devel/gettext
		virtual/libiconv
		virtual/libintl
	)"
RDEPEND="${CDEPEND}
	acct-group/man
	acct-user/man
	selinux? ( sec-policy/selinux-mandb )"
PDEPEND="manpager? ( app-text/manpager )"

PATCHES=(
	"${FILESDIR}"/man-db-2.9.3-sandbox-env-tests.patch
)

src_unpack() {
	if [[ ${PV} == *9999 ]] ; then
		git-r3_src_unpack

		# We need to mess with gnulib
		EGIT_REPO_URI="https://git.savannah.gnu.org/r/gnulib.git" \
		EGIT_CHECKOUT_DIR="${WORKDIR}/gnulib" \
		git-r3_src_unpack
	else
		default
	fi
}

src_prepare() {
	default

	if [[ ${PV} == *9999 ]] ; then
		local bootstrap_opts=(
			--gnulib-srcdir=../gnulib
			--no-bootstrap-sync
			--copy
			--no-git
		)
		AUTORECONF="/bin/true" \
		LIBTOOLIZE="/bin/true" \
		sh ./bootstrap "${bootstrap_opts[@]}" || die

		eautoreconf
	fi

	hprefixify src/man_db.conf.in
	if use prefix ; then
		{
			echo "#"
			echo "# Added settings for Gentoo Prefix"
			[[ ${CHOST} == *-darwin* ]] && \
				echo "MANDATORY_MANPATH ${EPREFIX}/MacOSX.sdk/usr/share/man"
			echo "MANDATORY_MANPATH /usr/share/man"
		} >> src/man_db.conf.in
	fi
}

src_configure() {
	# Set sections we want to search by default
	local sections="1 1p 8 2 3 3p 4 5 6 7 9 0p tcl n l p o"
	sections+=" 1x 2x 3x 4x 5x 6x 7x 8x"
	case ${CHOST} in
		*-solaris*)
			# Solaris tends to use sections named after the pkgs that
			# owns them, in particular for libc functions we want those
			# sections
			local s
			for s in $(cd /usr/share/man/ && echo man*) ; do
				s=${s#man}
				[[ " ${sections} " != *" ${s} "* ]] && sections+=" ${s}"
			done
			;;
	esac

	export ac_cv_lib_z_gzopen=$(usex zlib)
	local myeconfargs=(
		--with-systemdtmpfilesdir="${EPREFIX}"/usr/lib/tmpfiles.d
		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
		--disable-setuid # bug #662438
		$(use_enable !prefix cache-owner man)  # bug #917024
		--with-sections="${sections}"

		$(use_enable nls)
		$(use_enable static-libs static)
		$(use_with seccomp libseccomp)

		--with-db=gdbm
	)

	case ${CHOST} in
		*-solaris*|*-darwin*)
			myeconfargs+=(
				$(use_with nls libiconv-prefix "${EPREFIX}"/usr)
				$(use_with nls libintl-prefix "${EPREFIX}"/usr)
			)
			;;
	esac

	econf "${myeconfargs[@]}"

	# Disable color output from groff so that the manpager can add it. bug #184604
	if use manpager; then
		sed -i \
			-e '/^#DEFINE.*\<[nt]roff\>/{s:^#::;s:$: -c:}' \
			src/man_db.conf || die
	fi

	cat > 15man-db <<-EOF || die
	SANDBOX_PREDICT="/var/cache/man"
	EOF
}

src_install() {
	default
	dodoc docs/{HACKING.md,TODO}
	find "${ED}" -type f -name "*.la" -delete || die

	exeinto /etc/cron.daily
	newexe "${FILESDIR}"/man-db.cron-r1 man-db # bug #289884

	insinto /etc/sandbox.d
	doins 15man-db
}

pkg_preinst() {
	local cachedir="${EROOT}/var/cache/man"
	# If the system was already exploited, and the attacker is hiding in the
	# cachedir of the old man-db, let's wipe them out.
	# see bug  #602588 comment 18
	local _replacing_version=
	local _setgid_vuln=0
	for _replacing_version in ${REPLACING_VERSIONS} ; do
		if ver_test '2.7.6.1-r2' -le "${_replacing_version}" ; then
			debug-print "Skipping security bug #602588 ... existing installation (${_replacing_version}) should not be affected!"
		else
			_setgid_vuln=1
			debug-print "Applying cleanup for security bug #602588"
		fi
	done
	[[ ${_setgid_vuln} -eq 1 ]] && rm -rf "${cachedir}"

	# Fall back to recreating the cachedir
	if [[ ! -d ${cachedir} ]] ; then
		mkdir -p "${cachedir}" || die
		chown man:man "${cachedir}" || die
	fi

	# Update the whatis cache
	if [[ -f ${cachedir}/whatis ]] ; then
		einfo "Cleaning ${cachedir} from sys-apps/man"
		find "${cachedir}" -type f '!' '(' -name index.bt -o -name index.db ')' -delete
	fi
}

pkg_postinst() {
	tmpfiles_process man-db.conf

	if [[ -n "${REPLACING_VERSIONS}" ]] ; then
		local _replacing_version=

		for _replacing_version in ${REPLACING_VERSIONS} ; do
			if [[ $(ver_cut 2 ${_replacing_version}) -lt 7 ]] ; then
				einfo "Rebuilding man-db from scratch with new database format!"
				su man -s /bin/sh -c 'mandb --quiet --create' 2>/dev/null

				# No need to run it again if we hit one
				break
			fi
		done
	fi
}