[PATCH] Upgrade linux-pam to 1.5.2

OpenSubmitted by Felix Lechner.
Details
2 participants
  • Felix Lechner
  • Tobias Geerinckx-Rice
Owner
unassigned
Severity
normal
F
F
Felix Lechner wrote on 2 Jun 14:09 +0200
(address . guix-patches@gnu.org)
CAFHYt54vnWZRi59GkkUuqebNdS6NYs9gu=0q6EsFUvMXWP1-bQ@mail.gmail.com
Control: tags -1 + patch

Hi,

For my work in making PAM configurable in Guile, I rely on the foreign
function interface (FFI). The automatic generation of that interface
requires Pkgconfig files. Those files are not available in Guix.
Linux-PAM started shipping them in the release after the one we have.
The attached patch upgrades linux-pam to version 1.5.2.

The changes are further documented in the commit message.

I am new to Guix and already use the new version of linux-pam locally
(via Guix System) but I was unable to test the patch according to the
requirements and recommendations listed for this submission. [1]

This email was sent to -devel in lieu of -mentors, which does not
exist. Any guidance is much appreciated. Thanks for taking a look!

KInd regards
Felix Lechner

From 592d8156014090fefe8b9b1da8cada6aa2fa120a Mon Sep 17 00:00:00 2001
From: Felix Lechner <felix.lechner@lease-up.com>
Date: Tue, 31 May 2022 11:40:04 -0700
Subject: [PATCH] Update linux-pam to 1.5.2.

This version ships three Pkgconfig files for Linux-PAM that make it
possible to generate automatic FFI bindings via 'nyacc compile-ffi'.

The current PAM version in Guix offers no Pkgconfig files at all.
Upstream started shipping them in version 1.5.2.

The extra argument to ./configure is needed to sidestep an issue
upstream. [1]

---
gnu/packages/linux.scm | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)

Toggle diff (36 lines)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 2af32fc88f..8a08a56bb4 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -1579,7 +1579,7 @@ (define-public xpadneo
 (define-public linux-pam
   (package
     (name "linux-pam")
-    (version "1.5.1")
+    (version "1.5.2")
     (source
      (origin
        (method url-fetch)
@@ -1588,7 +1588,7 @@ (define-public linux-pam
              version "/Linux-PAM-" version ".tar.xz"))
        (sha256
         (base32
-         "1z4jayf69qyyxln1gl6ch4qxfd66ib1g42garnrv2d8i1drl0790"))
+         "0kgrsj2scv5mx6w925h9hxf11jnqqs9z8s22aw94b90xm4qp3v74"))
        (patches (search-patches "linux-pam-no-setfsuid.patch"))))
 
     (build-system gnu-build-system)
@@ -1604,6 +1604,9 @@ (define-public linux-pam
        #:configure-flags (list (string-append "--includedir="
                                               (assoc-ref %outputs "out")
                                               "/include/security")
+                               (string-append "--libdir="
+                                              (assoc-ref %outputs "out")
+                                              "/lib")
 
                                ;; XXX: <rpc/rpc.h> is missing from glibc when
                                ;; cross-compiling, so we have to disable NIS

base-commit: 20432b839b6bc9e30c156d412597b734a726940d
-- 
2.36.1
T
T
Tobias Geerinckx-Rice wrote on 2 Jun 20:16 +0200
(name . Felix Lechner)(address . felix.lechner@gmail.com)
87bkva9aat@nckx
Felix,

Felix Lechner 写道:
Toggle quote (9 lines)
> For my work in making PAM configurable in Guile, I rely on the
> foreign
> function interface (FFI). The automatic generation of that
> interface
> requires Pkgconfig files. Those files are not available in Guix.
> Linux-PAM started shipping them in the release after the one we
> have.
> The attached patch upgrades linux-pam to version 1.5.2.

Thanks for working on both!

Toggle quote (2 lines)
> The changes are further documented in the commit message.

And thanks for writing a clear commit message. A few thoughts:

- The ‘gnu: foo: Update to x.y.z’ messages you see in the Guix
commit history are standardised. The format's documented in the
GNU ‘(standards)Change Logs’ info page, but just take a stroll
through the history to get a feel for the majority of cases.

- Don't feel obligated to explain why you're upgrading a package,
although you're free to do so if you like (it was interesting
and I learnt something).

Assuming no regressions, we always prefer to ship newer versions
of things.

- And finally, a personal windmill of mine:

Toggle quote (3 lines)
> The extra argument to ./configure is needed to sidestep an issue
> upstream.[1]

belongs in the code, where your fellow hackers can see it, not
buried in the commit log where $nobody will:

;; Work around

As you might now, this update rebuilds a good part of the world
and will have to pass through the core-updates branch…

$ guix refresh -l linux-pam | cut -d: -f1

Toggle quote (6 lines)
> I am new to Guix and already use the new version of linux-pam
> locally
> (via Guix System) but I was unable to test the patch according
> to the
> requirements and recommendations listed for this submission. [1]

…so it's impressive if you rebuilt most of your entire system
based on the new nyacc/linux-pam packages.

What still needs to be done, and which problems did you encounter?

Kind regards,

T G-R
-----BEGIN PGP SIGNATURE-----

iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYpkEmg0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15MWEBAKcm0YoPpP+Z+vxkhUDdTgary0pBKegpyDbjJWaa
GaEwAP9RmN3Qex12Wt30yslDS4//yDCmZJ2LAQw6igyYTu3ZAA==
=Ga8Z
-----END PGP SIGNATURE-----

F
F
Felix Lechner wrote on 3 Jun 18:25 +0200
(name . Tobias Geerinckx-Rice)(address . me@tobias.gr)
CAFHYt57ec8fOTSQmcMNKtk+YddEnz2rHjEEjDSEajLc6qvjQhA@mail.gmail.com
Hi,

On Thu, Jun 2, 2022 at 11:42 AM Tobias Geerinckx-Rice <me@tobias.gr> wrote:
Toggle quote (4 lines)
>
> - The ‘gnu: foo: Update to x.y.z’ messages you see in the Guix
> commit history are standardised.

The commit message was adjusted to the community standards.

Toggle quote (2 lines)
> - Don't feel obligated to explain why you're upgrading a package,

I removed the explanation.

Toggle quote (9 lines)
> > The extra argument to ./configure is needed to sidestep an issue
> > upstream.[1]
>
> belongs in the code, where your fellow hackers can see it, not
> buried in the commit log where $nobody will:
>
> ;; Work around
> <https://github.com/linux-pam/linux-pam/issues/466>.

Good idea! The comment was dropped from the commit message. Instead, I
added your note to the code.

Toggle quote (6 lines)
> As you might now, this update rebuilds a good part of the world
> and will have to pass through the core-updates branch…
>
> …so it's impressive if you rebuilt most of your entire system
> based on the new nyacc/linux-pam packages.

Actually, my installation did not rebuild much at all, perhaps because
my local desktop runs few servers that would use PAM for
authentication.

Looking through the long list of consuming packages, my sense is that
one of the build systems may pull it in, perhaps via fakeroot or sudo.
I am not sure why cl-css or cl-uglify-js would otherwise need PAM.

Toggle quote (2 lines)
> What still needs to be done, and which problems did you encounter?

I encountered no problems locally, but cannot speculate how Guix's
numerous build systems might react to the presence of the three new
Pkgconfig files. It was a reason why I mentioned the files in my
original commit message. My thought was that someone triangulating a
build issue elsewhere could perhaps find the information helpful.

An updated patch, which was also rebased, was attached. Thank you!

Kind regards,
Felix Lechner
From d3f62c0b14c170f94bc49fd1b557dddd26ea5033 Mon Sep 17 00:00:00 2001
From: Felix Lechner <felix.lechner@lease-up.com>
Date: Tue, 31 May 2022 11:40:04 -0700
Subject: [PATCH] gnu: linux-pam: Update to 1.5.2.

* gnu/packages/linux.scm (linux-pam): Update to 1.5.2.
---
gnu/packages/linux.scm | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)

Toggle diff (38 lines)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 4fc0ac16af..6bb819cbdc 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -1579,7 +1579,7 @@ (define-public xpadneo
 (define-public linux-pam
   (package
     (name "linux-pam")
-    (version "1.5.1")
+    (version "1.5.2")
     (source
      (origin
        (method url-fetch)
@@ -1588,7 +1588,7 @@ (define-public linux-pam
              version "/Linux-PAM-" version ".tar.xz"))
        (sha256
         (base32
-         "1z4jayf69qyyxln1gl6ch4qxfd66ib1g42garnrv2d8i1drl0790"))
+         "0kgrsj2scv5mx6w925h9hxf11jnqqs9z8s22aw94b90xm4qp3v74"))
        (patches (search-patches "linux-pam-no-setfsuid.patch"))))
 
     (build-system gnu-build-system)
@@ -1604,6 +1604,11 @@ (define-public linux-pam
        #:configure-flags (list (string-append "--includedir="
                                               (assoc-ref %outputs "out")
                                               "/include/security")
+                               ;; Work around
+                               ;; <https://github.com/linux-pam/linux-pam/issues/466>
+                               (string-append "--libdir="
+                                              (assoc-ref %outputs "out")
+                                              "/lib")
 
                                ;; XXX: <rpc/rpc.h> is missing from glibc when
                                ;; cross-compiling, so we have to disable NIS

base-commit: 3d69f2dae8c5d451e03d3569c8b153fd573054b8
-- 
2.36.1
?