[packages/nss] strip and sign libs manually after build
atler
atler at pld-linux.org
Mon Nov 14 01:40:11 CET 2022
commit 569dea7ccff1c671411a5d614495c5a8799a36b0
Author: Jan Palus <atler at pld-linux.org>
Date: Mon Nov 14 01:34:46 2022 +0100
strip and sign libs manually after build
don't strip signed library just before signing -- most of signed
libraries are actually used during signing process so it's likely that
during parallel build some processes will be stripping libraries that
are currently being accessed by others
hopefully should fix intermittent SIGBUS from shlibsign
nss.spec | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
---
diff --git a/nss.spec b/nss.spec
index 2081bbc..7662d36 100644
--- a/nss.spec
+++ b/nss.spec
@@ -39,8 +39,9 @@ Conflicts: seamonkey < 2.47
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define specflags -fno-strict-aliasing
+%define signedlibs libfreebl3.so libfreeblpriv3.so libnssdbm3.so libsoftokn3.so
# signed - stripped before signing
-%define _noautostrip .*%{_libdir}/libfreebl3.so\\|.*%{_libdir}/libsoftokn3.so
+%define _noautostrip .*%{_lib}/\\(%(echo %{signedlibs} | sed 's/ /\\\\|/g')\\)
%define _noautochrpath .*%{_libdir}/libfreebl3.so\\|.*%{_libdir}/libsoftokn3.so
%description
@@ -107,11 +108,6 @@ Biblioteka kryptograficzna freebl dla bibliotek NSS.
%prep
%setup -q
-%if 0%{!?debug:1}
-# strip before signing
-%{__sed} -i -e '/export ADDON_PATH$/a\ echo STRIP \; %{__strip} --strip-unneeded -R.comment -R.note ${5}' nss/cmd/shlibsign/sign.sh
-%endif
-
# http://pki.fedoraproject.org/wiki/ECC_Capable_NSS
for dir in ecc noecc; do
install -d $dir
@@ -161,6 +157,17 @@ export USE_X32=1
OS_TEST="%{_target_cpu}" \
NS_USE_GCC=1
+# strip and sign again
+%{__strip} --strip-unneeded -R.comment -R.note \
+ {,no}ecc/dist/Linux*/lib/{%(echo %{signedlibs} | tr ' ' ',')}
+
+for dir in ecc noecc; do
+ distdir=$(echo $(pwd)/$dir/dist/Linux*)
+ for lib in %{signedlibs}; do
+ LD_LIBRARY_PATH="$distdir/lib" "$distdir/bin/shlibsign" -i "$distdir/lib/$lib"
+ done
+done
+
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_bindir},%{_mandir}/man1,%{_includedir}/nss,/%{_lib},%{_libdir},%{_pkgconfigdir}}
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/nss.git/commitdiff/569dea7ccff1c671411a5d614495c5a8799a36b0
More information about the pld-cvs-commit
mailing list