guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#63545] [PATCH v2 2/2] gnu: heimdal: Drop obsolete and insecure user

From: Felix Lechner
Subject: [bug#63545] [PATCH v2 2/2] gnu: heimdal: Drop obsolete and insecure user tools.
Date: Sun, 28 May 2023 17:19:18 -0700 
According to messages from the Heimdal maintainers Brian May and Nico
Williams, no one should be using their version of 'su' anymore. It was deleted
from the development branch five years ago [1] and is only being shipped
because the 7.8.0 is based on an older, stable branch.

[1] 
https://github.com/heimdal/heimdal/commit/8a77f45aff366b1cd8c70c43ce63eb16a0c9839c

Following the directions from the maintainers, this commit drops all
executables built from the ./appl folder via deletion of that SUBDIR from
the top-level Makefile.am.

Unfortunately, the heimdal-discuss mailing list does not appear to have a
public archive. The relevant SMTP Message-Id was:

    
<MDAEMON-F202305111940.AA401569md5001000003030@sequoia-grove.ad.secure-endpoints.com>

Since the 7.8.0 tarball shipped with all the files generated by 'autoreconf'
it seemed superior to build from Git instead. For that, please see the
preceeding commit.

* gnu/packages/kerberos.scm (heimdal): Drop obsolete and insecure user tools.
---
 gnu/packages/kerberos.scm | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index f06410b8f8..241881ea47 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -214,6 +214,12 @@ (define-public heimdal
                                                    "/libexec/heimdal")))
                   #~()))
        #:phases (modify-phases %standard-phases
+                  ;; Skip the appl folder as obsolete per message from Brian 
May <brian@linuxpenguins.xyz>
+                  ;; 
<MDAEMON-F202305111940.AA401569md5001000003030@sequoia-grove.ad.secure-endpoints.com>
+                  (add-after 'unpack 'drop-obsolete-executables
+                    (lambda* (#:key inputs #:allow-other-keys)
+                      (substitute* '("Makefile.am")
+                        (("appl") ""))))
                   (add-before 'configure 'pre-configure
                     (lambda* (#:key inputs #:allow-other-keys)
                       (invoke (search-input-file inputs "bin/autoreconf") 
"--install" "--force")
@@ -230,15 +236,6 @@ (define-public heimdal
                         ;; which confuses heimdal.
                         
(("ac_cv_prog_COMPILE_ET=\\$\\{with_cross_tools\\}compile_et")
                          "ac_cv_PROG_COMPILE_ET=compile_et"))
-                      (substitute* '("appl/afsutil/pagsh.c" "appl/su/su.c")
-                        (("/bin/sh")
-                         (search-input-file inputs "bin/sh"))
-                        ;; Use the cross-compiled bash instead of the
-                        ;; native bash (XXX shouldn't _PATH_BSHELL point
-                        ;; to a cross-compiled bash?).
-                        (("_PATH_BSHELL")
-                         (string-append
-                          "\"" (search-input-file inputs "bin/sh") "\"")))
                       (substitute* '("tools/Makefile.in")
                         (("/bin/sh") (which "sh")))))
                   (add-before 'check 'pre-check
-- 
2.40.1
reply via email to
[Prev in Thread] Current Thread [Next in Thread]