1 # Build recipe for tcp_wrappers.
3 # Copyright (c) 2018, 2021 Matias Fonzo, <selk@dragora.org>.
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 # Exit immediately on any error
24 # Define a category for the output of the package name
25 pkgcategory=networking
27 tarname=${program}_${version}.tar.gz
30 fetch=http://ftp.porcupine.org/pub/security/$tarname
33 Monitor of incoming TCP connections.
35 TCP Wrapper is a host-based Networking ACL system, used to
36 filter network access to Internet Protocol servers on
37 (Unix-like) operating systems such as Linux or BSD.
39 It allows host or subnetwork IP addresses, names and/or
40 ident query replies, to be used as tokens on which to
41 filter for access control purposes.
44 homepage=ftp://ftp.porcupine.org/pub/security/index.html
47 # Source documentation
48 docs="BLURB CHANGES DISCLAIMER README README.NIS"
49 docsdir="${docdir}/${program}-${version}"
52 srcdir=${program}_${version}
54 # Limit parallel jobs for the compiler to 1
59 unpack "${tardir}/$tarname"
63 # Refresh old source code plus security issues via patches
65 # Apply patches from Debian (Thanks!)
68 patch -p1 < "${worktree}/patches/tcp_wrappers/${line}"
69 done < "${worktree}/patches/tcp_wrappers/series"
71 # Apply extras patches from "musl development overlay" (Thanks to "Gentoo Linux")
72 patch -p1 < "${worktree}/patches/tcp_wrappers/tcp-wrappers-7.6.22-remove-DECLS.patch"
73 patch -p1 < "${worktree}/patches/tcp_wrappers/tcp-wrappers-7.6-redhat-bug11881.patch"
74 patch -p1 < "${worktree}/patches/tcp_wrappers/0001-Remove-fgets-extern-declaration.patch"
76 # Set sane permissions
77 chmod -R u+w,go-w,a+rX-s .
79 make -j${jobs} COPTS="$QICFLAGS" LDOPTS="$QILDFLAGS" \
80 STYLE="-DPROCESS_OPTIONS" REAL_DAEMON_DIR=/usr/sbin musl
84 mkdir -p "${destdir}/usr/include" \
85 "${destdir}/usr/sbin" "${destdir}/usr/lib${libSuffix}"
87 for file in safe_finger tcpd tcpdchk tcpdmatch try-from
89 cp -p $file "${destdir}/usr/sbin/"
90 chmod 755 "${destdir}/usr/sbin/${file}"
94 cp -p libwrap.a "${destdir}/usr/lib${libSuffix}/"
95 chmod 644 "${destdir}/usr/lib${libSuffix}/libwrap.a"
97 cp -p tcpd.h "${destdir}/usr/include/"
98 chmod 644 "${destdir}/usr/include/tcpd.h"
100 mkdir -p "${destdir}${mandir}/man3" \
101 "${destdir}${mandir}/man5" "${destdir}${mandir}/man8"
102 lzip -9c < hosts_access.3 > "${destdir}${mandir}/man3/hosts_access.3.lz"
103 lzip -9c < hosts_access.5 > "${destdir}${mandir}/man5/hosts_access.5.lz"
104 lzip -9c < hosts_options.5 > "${destdir}${mandir}/man5/hosts_options.5.lz"
105 lzip -9c < tcpd.8 > "${destdir}${mandir}/man8/tcpd.8.lz"
106 lzip -9c < tcpdchk.8 > "${destdir}${mandir}/man8/tcpdchk.8.lz"
107 lzip -9c < tcpdmatch.8 > "${destdir}${mandir}/man8/tcpdmatch.8.lz"
109 # Strip remaining binaries and libraries
110 find "$destdir" -type f | xargs file | \
111 awk '/ELF/ && /executable/ || /shared object/' | \
112 cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
114 strip --strip-debug "${destdir}/usr/lib${libSuffix}/libwrap.a"
116 # Copy local config files
117 mkdir -p "${destdir}/etc"
118 cp -p "${worktree}/archive/tcp_wrappers/etc/hosts.allow" "${destdir}/etc/"
119 cp -p "${worktree}/archive/tcp_wrappers/etc/hosts.deny" "${destdir}/etc/"
120 chmod 644 "${destdir}/etc/hosts.allow" "${destdir}/etc/hosts.deny"
121 touch "${destdir}/etc/.graft-config"
124 mkdir -p "${destdir}/$docsdir"
125 cp -p $docs "${destdir}/$docsdir"