updated 2 packages

diffutils-3.8-1

krb5-1.19.2-1

d/diffutils/diffutils-vl.spec

@@ -1,16 +1,14 @@
 Summary: A GNU collection of diff utilities.
 Summary(ja): GNU diff ユーティリティ集
 Name: diffutils
-Version: 3.7
+Version: 3.8
 Release: 1%{?_dist_release}
 Group: Applications/Text
-
 Vendor: Project Vine
 Distribution: Vine Linux
 
 License: GPLv3+
 URL: https://www.gnu.org/software/diffutils/diffutils.html
-
 Source: https://ftp.gnu.org/gnu/diffutils/diffutils-%{version}.tar.xz
 Patch1: diffutils-cmp-s-empty.patch
 Patch4: diffutils-i18n.patch
@@ -47,6 +45,9 @@ sdiff コマンドは2つのファイルを対話的にマージするのに使
 テキストファイルを比較したい場合は diffutils をインストールして下さい．
 
 
+%debug_package
+
+
 %prep
 %setup -q
 
@@ -58,10 +59,12 @@ sdiff コマンドは2つのファイルを対話的にマージするのに使
 # Run autoreconf for aarch64 support (bug #925256).
 autoreconf -ivf
 
+
 %build
 %configure
 make PR_PROGRAM=%{_bindir}/pr
 
+
 %install
 rm -rf $RPM_BUILD_ROOT
 %__make DESTDIR=$RPM_BUILD_ROOT install
@@ -78,9 +81,11 @@ if [ $1 = 0 ]; then
   /sbin/install-info --delete %{_infodir}/%{name}.info %{_infodir}/dir || :
 fi
 
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
+
 %files -f %{name}.lang
 %defattr(-,root,root)
 %license COPYING
@@ -91,6 +96,10 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Thu Aug 05 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 3.8-1
+- new upstream release.
+- updated Patch1 and 4.
+
 * Wed Mar 18 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 3.7-1
 - new upstream release.
 - dropped Patch2, 3 and 5.

k/krb5/krb5-vl.spec

@@ -5,6 +5,12 @@
 BuildRequires: socket_wrapper
 %endif
 
+%if %{with systemd}
+%define _rundir /run
+%else
+%define _rundir %{_localstatedir}/run
+%endif
+
 %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
 
 %global WITH_LDAP 1
@@ -22,14 +28,14 @@ BuildRequires: socket_wrapper
 Summary: The Kerberos network authentication system
 Summary(ja): Kerberos ネットワーク認証システム
 Name: krb5
-Version: 1.18.3
+Version: 1.19.2
 Release: 1%{_dist_release}%{?with_systemd:.systemd}
 Group: system
 Vendor: Project Vine
 Distribution: Vine Linux
 
 License: MIT
-URL: http://web.mit.edu/kerberos/www/
+URL: https://web.mit.edu/kerberos/
 
 # Maybe we should explode from the now-available-to-everybody tarball instead?
 # http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-1.11.1-signed.tar
@@ -63,46 +69,30 @@ Source203: krb5-krb5kdc.conf
 
 Patch0: downstream-ksu-pam-integration.patch
 Patch1: downstream-SELinux-integration.patch
-Patch2: downstream-Adjust-build-configuration.patch
 Patch3: downstream-netlib-and-dns.patch
 Patch4: downstream-fix-debuginfo-with-y.tab.c.patch
 Patch5: downstream-Remove-3des-support.patch
 #Patch6: downstream-Use-backported-version-of-OpenSSL-3-KDF-i.patch
 Patch7: downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch
-#Patch8: Fix-AS-REQ-checking-of-KDB-modified-indicators.patch
+Patch8: Add-APIs-for-marshalling-credentials.patch
-Patch9: Allow-certauth-modules-to-set-hw-authent-flag.patch
+Patch9: Add-hostname-canonicalization-helper-to-k5test.py.patch
-#Patch10: Allow-deletion-of-require_auth-with-LDAP-KDB.patch
+Patch10: Support-host-based-GSS-initiator-names.patch
-Patch11: Refresh-manually-acquired-creds-from-client-keytab.patch
+Patch11: Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch
-#Patch12: Document-client-keytab-usage.patch
+Patch12: Fix-KCM-flag-transmission-for-remove_cred.patch
-Patch13: Add-finalization-safety-check-to-com_err.patch
+Patch13: Make-KCM-iteration-fallback-work-with-sssd-kcm.patch
-#Patch14: Eliminate-redundant-PKINIT-responder-invocation.patch
+Patch14: Use-KCM_OP_RETRIEVE-in-KCM-client.patch
-Patch15: Correctly-import-service-GSS-host-based-name.patch
+Patch15: Fix-KCM-retrieval-support-for-sssd.patch
-Patch16: Do-expiration-warnings-for-all-init_creds-APIs.patch
+Patch17: Move-some-dejagnu-kadmin-tests-to-Python-tests.patch
-Patch17: Pass-gss_localname-through-SPNEGO.patch
+Patch18: Fix-some-principal-realm-canonicalization-cases.patch
-Patch18: Omit-KDC-indicator-check-for-S4U2Self-requests.patch
+Patch19: Allow-kinit-with-keytab-to-defer-canonicalization.patch
-Patch19: Fix-typo-in-in-in-the-ksu-man-page.patch
+Patch20: Fix-kadmin-k-with-fallback-or-referral-realm.patch
-Patch21: Replace-gssrpc-tests-with-a-Python-script.patch
+Patch21: Fix-softpkcs11-build-issues-with-openssl-3.0.patch
-Patch22: Default-dns_canonicalize_hostname-to-fallback.patch
+Patch22: Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch
-Patch23: Remove-resolver-test-utility.patch
+Patch23: Fix-k5tls-module-for-OpenSSL-3.patch
-Patch24: Omit-PA_FOR_USER-if-we-can-t-compute-its-checksum.patch
+Patch24: Fix-leaks-on-error-in-kadm5-init-functions.patch
-Patch25: Improve-negoex_parse_token-code-hygiene.patch
+Patch25: Clean-up-context-after-failed-open-in-libkdb5.patch
-Patch26: Refactor-krb5-GSS-checksum-handling.patch
+Patch26: Use-asan-in-one-of-the-CI-builds.patch
-Patch27: Implement-GSS_C_CHANNEL_BOUND_FLAG.patch
+Patch29: Clean-up-gssapi_krb5-ccache-name-functions.patch
-Patch28: Implement-KERB_AP_OPTIONS_CBT-server-side.patch
-Patch29: Add-client_aware_channel_bindings-option.patch
-Patch30: Pass-channel-bindings-through-SPNEGO.patch
-Patch31: Add-channel-bindings-tests.patch
-Patch32: Use-two-queues-for-concurrent-t_otp.py-daemons.patch
-Patch34: Ignore-bad-enctypes-in-krb5_string_to_keysalts.patch
-Patch35: Fix-leak-in-KERB_AP_OPTIONS_CBT-server-support.patch
-Patch37: Add-three-kvno-options-from-Heimdal-kgetcred.patch
-Patch39: Improve-KDC-alias-checking-for-S4U-requests.patch
-Patch40: Adjust-KDC-alias-helper-function-contract.patch
-Patch41: Allow-aliases-when-matching-U2U-second-ticket.patch
-Patch42: Refactor-KDC-authdata-list-management-helpers.patch
-Patch43: Avoid-passing-DB-entry-structures-in-KDC.patch
-Patch44: Minimize-usage-of-tgs_server-in-KDC.patch
-Patch45: Fix-minor-static-analysis-defects.patch
 
 # Vine patch(es)
 
@@ -251,7 +241,7 @@ certificate.
 %package -n compat32-%{name}-devel
 Summary: Development files needed to compile Kerberos 5 programs.
 Summary(ja): Kerberos 5 プログラムをコンパイルするために必要な開発ファイル
-Group: programming
+Group: programming,legacy
 Requires: compat32-%{name}-libs = %{version}-%{release}
 Requires: %{name}-devel = %{version}-%{release}
 Requires: compat32-e2fsprogs-devel
@@ -266,8 +256,7 @@ to install this package.
 %package -n compat32-%{name}-libs
 Summary: The shared libraries used by Kerberos 5.
 Summary(ja): Kerberos 5 の共有ライブラリ
-Group: system
+Group: system,legacy
-Requires(pre): /sbin/ldconfig
 Requires: %{name}-libs = %{version}-%{release}
 
 %description -n compat32-%{name}-libs
@@ -279,7 +268,7 @@ Kerberos, you need to install this package.
 %package -n compat32-%{name}-pkinit-openssl
 Summary: The PKINIT module for Kerberos 5.
 Summary(ja): Kerberos 5 の PKINIT モジュール
-Group: system
+Group: system,legacy
 Requires: compat32-%{name}-libs = %{version}-%{release}
 Requires: %{name}-pkinit-openssl = %{version}-%{release}
 
@@ -296,8 +285,7 @@ certificate.
 
 
 %prep
-%autosetup -S git -n %{name}-%{version}
+%autosetup -S git_am -n %{name}-%{version}
-
 ln -s NOTICE LICENSE
 
 # Generate an FDS-compatible LDIF file.
@@ -306,9 +294,7 @@ cat > '60kerberos.ldif' << EOF
 # This is a variation on kerberos.ldif which 389 Directory Server will like.
 dn: cn=schema
 EOF
-egrep -iv '(^$|^dn:|^changetype:|^add:)' $inldif | \
+egrep -iv '(^$|^dn:|^changetype:|^add:)' $inldif
-sed -r 's,^		,                ,g' | \
-sed -r 's,^	,        ,g' >> 60kerberos.ldif
 touch -r $inldif 60kerberos.ldif
 
 # Rebuild the configure scripts.
@@ -344,7 +330,8 @@ pushd src
 
 # Set this so that configure will have a value even if the current version of
 # autoconf doesn't set one.
-export runstatedir=%{_localstatedir}/run
+export runstatedir=%{_rundir}
+
 # Work out the CFLAGS and CPPFLAGS which we intend to use.
 INCLUDES=-I%{_includedir}/et
 CFLAGS="`echo $RPM_OPT_FLAGS $DEFINES $INCLUDES -fPIC -fno-strict-aliasing -fstack-protector-all`"
@@ -353,10 +340,10 @@ CPPFLAGS="`echo $DEFINES $INCLUDES`"
 	CC="%{__cc}" \
 	CFLAGS="$CFLAGS" \
 	CPPFLAGS="$CPPFLAGS" \
-	LIBS="-ldl -lz -lpthread" \
 	SS_LIB="-lss" \
 	--with-selinux=no \
 	--enable-shared \
+	--runstatedir=%{_rundir} \
 %if %{build_static}
 	--enable-static \
 %endif
@@ -391,14 +378,14 @@ CPPFLAGS="`echo $DEFINES $INCLUDES`"
 	--with-prng-alg=os \
 	|| (cat config.log; exit 1)
 
-# Now build it.
+# Build fast, but get better errors if we fail
-make %{?_smp_mflags}
+make %{?_smp_mflags} || make -j1
 popd
 
 # Sanity check the KDC_RUN_DIR.
 configured_kdcrundir=`grep KDC_RUN_DIR src/include/osconf.h | awk '{print $NF}'`
 configured_kdcrundir=`eval echo $configured_kdcrundir`
-if test "$configured_kdcrundir" != %{_localstatedir}/run/krb5kdc ; then
+if test "$configured_kdcrundir" != %{_rundir}/krb5kdc ; then
         exit 1
 fi
 
@@ -565,7 +552,7 @@ install -pdm 755 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/kdb
 install -pdm 755 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/authdata
 
 # The rest of the binaries, headers, libraries, and docs.
-make -C src DESTDIR=$RPM_BUILD_ROOT EXAMPLEDIR=%{_docdir}/krb5-libs-%{version}/examples install
+make -C src DESTDIR=$RPM_BUILD_ROOT EXAMPLEDIR=%{_docdir}/krb5-libs/examples install
 
 # Munge krb5-config yet again.  This is totally wrong for 64-bit, but chunks
 # of the buildconf patch already conspire to strip out /usr/<anything> from the
@@ -621,12 +608,6 @@ rm -f -- "$RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/preauth/test.so"
 [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
 
 
-%post libs -p /sbin/ldconfig
-%postun libs -p /sbin/ldconfig
-
-%post server-ldap -p /sbin/ldconfig
-%postun server-ldap -p /sbin/ldconfig
-
 %post server
 # Remove the init script for older servers.
 %if %{with systemd}
@@ -687,9 +668,6 @@ if grep -q '^includedir /etc/krb5.conf.d' /etc/krb5.conf ; then
 fi
 exit 0
 
-%post -n compat32-%{name}-libs -p /sbin/ldconfig
-%postun -n compat32-%{name}-libs -p /sbin/ldconfig
-
 
 %files workstation
 %defattr(-,root,root,-)
@@ -936,6 +914,10 @@ exit 0
 
 
 %changelog
+* Thu Aug 05 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.19.2-1
+- updated to 1.19.2.
+- re-imported all patches from rawhide.
+
 * Thu Nov 26 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.18.3-1
 - updated to 1.18.3.
 - dropped all patches.