Move the config file generation to src_compile for most people to make binpkgs easier to deploy.

Package-Manager: portage-2.2.0_alpha51/cvs/Linux x86_64
author: Mike Frysinger <vapier@gentoo.org> 2011-09-02 17:47:17 +0000
committer: Mike Frysinger <vapier@gentoo.org> 2011-09-02 17:47:17 +0000
commit: c4c320f01d4e0a0d8f94bdb7cc5d3dfd0c802151 (patch)
tree: f1845a7c6e1fd49f96a2b1c5e23f93e636b2d006
parent: Version bump #381467 by teidakankan. Fixes rpath issues #328467 by William T... (diff)
download: historical-c4c320f01d4e0a0d8f94bdb7cc5d3dfd0c802151.tar.gz
historical-c4c320f01d4e0a0d8f94bdb7cc5d3dfd0c802151.tar.bz2
historical-c4c320f01d4e0a0d8f94bdb7cc5d3dfd0c802151.zip
4 files changed, 208 insertions, 7 deletions
diff --git a/app-misc/ca-certificates/ChangeLog b/app-misc/ca-certificates/ChangeLog
index 3145904fb103..38543210eeeb 100644
--- a/app-misc/ca-certificates/ChangeLog
+++ b/app-misc/ca-certificates/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for app-misc/ca-certificates
 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-misc/ca-certificates/ChangeLog,v 1.46 2011/09/01 14:14:07 chainsaw Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-misc/ca-certificates/ChangeLog,v 1.47 2011/09/02 17:47:17 vapier Exp $
+
+*ca-certificates-20110502-r2 (02 Sep 2011)
+
+  02 Sep 2011; Mike Frysinger <vapier@gentoo.org>
+  +files/ca-certificates-20090709-root.patch,
+  +ca-certificates-20110502-r2.ebuild:
+  Move the config file generation to src_compile for most people to make
+  binpkgs easier to deploy.
 
   01 Sep 2011; Tony Vroon <chainsaw@gentoo.org>
   ca-certificates-20110502-r1.ebuild:
diff --git a/app-misc/ca-certificates/Manifest b/app-misc/ca-certificates/Manifest
index b1da70fca9ca..84e244014efe 100644
--- a/app-misc/ca-certificates/Manifest
+++ b/app-misc/ca-certificates/Manifest
@@ -1,6 +1,7 @@
 -----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
+Hash: SHA256
 
+AUX ca-certificates-20090709-root.patch 2842 RMD160 cee480400c29c113b9478250997a0d08f18428aa SHA1 fc3305985dcc784387daccd2368a123546738312 SHA256 701da246597154c37b5c9ff6999730fe8b76fe10811f71b2d1eded50a2f4f175
 DIST ca-certificates_20090709_all.deb 154620 RMD160 d2e1b846341b2d7201675418b76f56f7decc929b SHA1 19790e219ee2c775f50d7ddd486ec60dfd0c7106 SHA256 de1e35997eb39c7ba5713f206aba034ff8ce8aa3aebebfc7eb1823de9968d767
 DIST ca-certificates_20110421_all.deb 176778 RMD160 504d592cc997c827da47699a3db5d4a25521a63a SHA1 863a3eabb7366e69942bfe10f6c2cd99c145d0b8 SHA256 a60a9c0faf1847df4553ce13ffe337412b88dd1b9d502741ac1760204c0bdda3
 DIST ca-certificates_20110502+nmu1_all.deb 174242 RMD160 7fbfff59c2dc2fae6127389464c01c1af9a32dc5 SHA1 141c8bf62f46043c52442d9bb58cc9bf74ed1b4c SHA256 d44284ee9b733b9890a54516f66b68a382ac5fb2c0bdceafed4cf229aa3b05a1
@@ -8,13 +9,14 @@ DIST ca-certificates_20110502_all.deb 175556 RMD160 22e74ea15def87024ee079191ad2
 EBUILD ca-certificates-20090709.ebuild 2126 RMD160 3d24608ff5c55225ed5c81a67857c0f8f78b81c2 SHA1 6ef2729547b0b7aea0308fc1a8017ff07602063b SHA256 86820ea4d33d9e0e779c0a0d631242b12821bf4135ec6bccd2c284e948c51b19
 EBUILD ca-certificates-20110421.ebuild 2119 RMD160 4d43af5a2d49eede27e6cd6b41568bfc45e655d9 SHA1 0c8c63fa35f9ab2f0bf8b867951647cba76e345f SHA256 1223e4710e2d72fbb97f93bfa77351912b20b6ea07e83c7672bd24b1d812a634
 EBUILD ca-certificates-20110502-r1.ebuild 2127 RMD160 268069f25fd98456375a0a850745fc96fe4fbd8a SHA1 68f7e3f70fa594d1aab7dba2981ffbb5874e34b2 SHA256 88d6fc0b8d0b58032f6346886238c02447a1487dfae0605dfb447d4e07f5549c
+EBUILD ca-certificates-20110502-r2.ebuild 2436 RMD160 12d19fb3bd0758437b5df365545cfe7c24f03186 SHA1 b784cd52953206eecd4a9cf12e66f9590b4658ab SHA256 d99644293dd83d11d0d4755cfb62951c21591d55386838378149260098ba6727
 EBUILD ca-certificates-20110502.ebuild 2120 RMD160 eff412c030efac5272b3109326d483857cb62f67 SHA1 533aa547d6360b0cd5af7b696763cd22d5e33abe SHA256 11ba88945cc66cc74f3e2236f0be28ed5e55162b7f1133929f7c4d6c7081dc05
-MISC ChangeLog 7268 RMD160 cb6c7535cc4cee6cacb761ba89c1ab581b7fc9f0 SHA1 b635e9df6bd3c7c8e9f22b8f24802bdc8d12a4f4 SHA256 72139d1521405dfdcf0c5ff153416987bb114ef6e47c0d90bc4c2ff794dcc51b
+MISC ChangeLog 7547 RMD160 7799ba0a5209654be11fca35afa28bb71dc8dc28 SHA1 59aa803bc1181e7de9a280e66ce2133cb394b0cc SHA256 c0a3b43978ca1d9af12deb2a3c0586eeb0872429d7d2e57844fe36490a99f709
 MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.18 (GNU/Linux)
+Version: GnuPG v2.0.17 (GNU/Linux)
 
-iEYEARECAAYFAk5fkzgACgkQp5vW4rUFj5ohHQCffV70acFzVpz4BXz0I+0DvgRu
-kw0AoKFYjja6Gdxezhf7sJtK8GPnBboo
-=JFmP
+iF4EAREIAAYFAk5hFqwACgkQaC/OocHi7JaaDQD/Y09w+Eta3xcWOHWx7/2MltwW
+9TQMr9NC171pWvHcRp4BAIWRxTmzWPS7MF90V5BcbaODzOb6I5rXif7ZugQRuUfG
+=64QX
 -----END PGP SIGNATURE-----
diff --git a/app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild b/app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild
new file mode 100644
index 000000000000..425ba1c81d9f
--- /dev/null
+++ b/app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild
@@ -0,0 +1,84 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-misc/ca-certificates/ca-certificates-20110502-r2.ebuild,v 1.1 2011/09/02 17:47:17 vapier Exp $
+
+EAPI="2"
+
+inherit eutils
+
+DESCRIPTION="Common CA Certificates PEM files"
+HOMEPAGE="http://packages.debian.org/sid/ca-certificates"
+SRC_URI="mirror://debian/pool/main/c/${PN}/${PN}_${PV}+nmu1_all.deb"
+
+LICENSE="MPL-1.1"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd"
+IUSE=""
+
+DEPEND="|| ( >=sys-apps/coreutils-6.10-r1 sys-apps/mktemp sys-freebsd/freebsd-ubin )"
+RDEPEND="${DEPEND}
+	dev-libs/openssl
+	sys-apps/debianutils"
+
+S=${WORKDIR}
+
+pkg_setup() {
+	# For the conversion to having it in CONFIG_PROTECT_MASK,
+	# we need to tell users about it once manually first.
+	[[ -f /etc/env.d/98ca-certificates ]] \
+		|| ewarn "You should run update-ca-certificates manually after etc-update"
+}
+
+src_unpack() {
+	unpack ${A}
+	unpack ./data.tar.gz
+	rm -f control.tar.gz data.tar.gz debian-binary
+}
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PN}-20090709-root.patch
+}
+
+src_compile() {
+	(
+	echo "# Automatically generated by ${CATEGORY}/${PF}"
+	echo "# $(date -u)"
+	echo "# Do not edit."
+	cd "${S}"/usr/share/ca-certificates
+	find * -name '*.crt' | LC_ALL=C sort
+	) > "${S}"/etc/ca-certificates.conf
+
+	"${S}"/usr/sbin/update-ca-certificates --root "${S}"
+}
+
+src_install() {
+	cp -pPR * "${D}"/ || die
+
+	mv "${D}"/usr/share/doc/{ca-certificates,${PF}} || die
+	prepalldocs
+
+	echo 'CONFIG_PROTECT_MASK="/etc/ca-certificates.conf"' > 98ca-certificates
+	doenvd 98ca-certificates
+}
+
+pkg_postinst() {
+	if [ -d "${ROOT}/usr/local/share/ca-certificates" ] ; then
+		# if the user has local certs, we need to rebuild again
+		# to include their stuff in the db.
+		# However it's too overzealous when the user has custom certs in place.
+		# --fresh is to clean up dangling symlinks
+		"${ROOT}"/usr/sbin/update-ca-certificates --root "${ROOT}"
+	fi
+
+	local c badcerts=0
+	for c in $(find -L "${ROOT}"etc/ssl/certs/ -type l) ; do
+		ewarn "Broken symlink for a certificate at $c"
+		badcerts=1
+	done
+	if [ $badcerts -eq 1 ]; then
+		ewarn "You MUST remove the above broken symlinks"
+		ewarn "Otherwise any SSL validation that use the directory may fail!"
+		ewarn "To batch-remove them, run:"
+		ewarn "find -L ${ROOT}etc/ssl/certs/ -type l -exec rm {} +"
+	fi
+}
diff --git a/app-misc/ca-certificates/files/ca-certificates-20090709-root.patch b/app-misc/ca-certificates/files/ca-certificates-20090709-root.patch
new file mode 100644
index 000000000000..72a4ba1a6ddb
--- /dev/null
+++ b/app-misc/ca-certificates/files/ca-certificates-20090709-root.patch
@@ -0,0 +1,107 @@
+--- a/usr/sbin/update-ca-certificates
++++ b/usr/sbin/update-ca-certificates
+@@ -23,6 +23,7 @@
+ 
+ verbose=0
+ fresh=0
++ROOT=""
+ while [ $# -gt 0 ];
+ do
+   case $1 in
+@@ -30,6 +31,9 @@
+   	verbose=1;;
+   --fresh|-f)
+ 	fresh=1;;
++  --root|-r)
++	ROOT=$(readlink -f "$2")
++	shift;;
+   --help|-h|*)
+-	echo "$0: [--verbose] [--fresh]"
++	echo "$0: [--verbose] [--fresh] [--root <dir>]"
+ 	exit;;
+@@ -37,11 +41,11 @@
+   shift
+ done
+ 
+-CERTSCONF=/etc/ca-certificates.conf
+-CERTSDIR=/usr/share/ca-certificates
+-LOCALCERTSDIR=/usr/local/share/ca-certificates
++CERTSCONF="$ROOT/etc/ca-certificates.conf"
++CERTSDIR="$ROOT/usr/share/ca-certificates"
++LOCALCERTSDIR="$ROOT/usr/local/share/ca-certificates"
+ CERTBUNDLE=ca-certificates.crt
+-ETCCERTSDIR=/etc/ssl/certs
++ETCCERTSDIR="$ROOT/etc/ssl/certs"
+ 
+ cleanup() {
+   rm -f "$TEMPBUNDLE"
+@@ -66,7 +70,7 @@
+                                                   -e 's/,/_/g').pem"
+   if ! test -e "$PEM" || [ "$(readlink "$PEM")" != "$CERT" ]
+   then
+-    ln -sf "$CERT" "$PEM"
++    ln -sf "${CERT#$ROOT}" "$PEM"
+     echo +$PEM >> "$ADDED"
+   fi
+   cat "$CERT" >> "$TEMPBUNDLE"
+@@ -78,22 +82,22 @@
+   if test -L "$PEM"
+   then
+     rm -f "$PEM"
+-    echo -$PEM >> "$REMOVED"
++    echo "-$PEM" >> "$REMOVED"
+   fi
+ }
+ 
+-cd $ETCCERTSDIR
++cd "$ETCCERTSDIR"
+ if [ "$fresh" = 1 ]; then
+   echo -n "Clearing symlinks in $ETCCERTSDIR..."
+   find . -type l -print | while read symlink
+   do
+-     case $(readlink $symlink) in
+-     $CERTSDIR*) rm -f $symlink;;
++     case $(readlink "$symlink") in
++     "$CERTSDIR"*) rm -f "$symlink";;
+      esac
+   done
+   find . -type l -print | while read symlink
+   do
+-     test -f $symlink || rm -f $symlink
++     test -f "$symlink" || rm -f "$symlink"
+   done
+   echo "done."
+ fi
+@@ -102,12 +106,12 @@
+ 
+ # Handle certificates that should be removed.  This is an explicit act
+ # by prefixing lines in the configuration files with exclamation marks (!).
+-sed -n -e '/^$/d' -e 's/^!//p' $CERTSCONF | while read crt
++sed -n -e '/^$/d' -e 's/^!//p' "$CERTSCONF" | while read crt
+ do
+   remove "$CERTSDIR/$crt"
+ done
+ 
+-sed -e '/^$/d' -e '/^#/d' -e '/^!/d' $CERTSCONF | while read crt
++sed -e '/^$/d' -e '/^#/d' -e '/^!/d' "$CERTSCONF" | while read crt
+ do
+   if ! test -f "$CERTSDIR/$crt"
+   then
+@@ -146,14 +150,14 @@
+ 
+ echo "$ADDED_CNT added, $REMOVED_CNT removed; done."
+ 
+-HOOKSDIR=/etc/ca-certificates/update.d
++HOOKSDIR="$ROOT/etc/ca-certificates/update.d"
+ echo -n "Running hooks in $HOOKSDIR...."
+ VERBOSE_ARG=
+ [ "$verbose" = 0 ] || VERBOSE_ARG=--verbose
+-eval run-parts $VERBOSE_ARG --test -- $HOOKSDIR | while read hook
++eval run-parts $VERBOSE_ARG --test -- \""$HOOKSDIR"\" | while read hook
+ do
+   ( cat $ADDED
+-    cat $REMOVED ) | $hook || echo E: $hook exited with code $?.
++    cat $REMOVED ) | "$hook" || echo E: "$hook" exited with code $?.
+ done
+ echo "done."
+
author	Mike Frysinger <vapier@gentoo.org>	2011-09-02 17:47:17 +0000
committer	Mike Frysinger <vapier@gentoo.org>	2011-09-02 17:47:17 +0000
commit	c4c320f01d4e0a0d8f94bdb7cc5d3dfd0c802151 (patch)
tree	f1845a7c6e1fd49f96a2b1c5e23f93e636b2d006
parent	Version bump #381467 by teidakankan. Fixes rpath issues #328467 by William T... (diff)
download	historical-c4c320f01d4e0a0d8f94bdb7cc5d3dfd0c802151.tar.gz historical-c4c320f01d4e0a0d8f94bdb7cc5d3dfd0c802151.tar.bz2 historical-c4c320f01d4e0a0d8f94bdb7cc5d3dfd0c802151.zip