[packages/falcosecurity-libs] - initial
qboosh
qboosh at pld-linux.org
Tue Nov 21 07:50:40 CET 2023
commit b09873f9b16dfb5bd2ab7ab0f7f0a5ca0516167f
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Tue Nov 21 06:24:41 2023 +0100
- initial
falcosecurity-libs-link.patch | 65 ++++++++++++++++
falcosecurity-libs-syscalls.patch | 14 ++++
falcosecurity-libs.spec | 152 ++++++++++++++++++++++++++++++++++++++
3 files changed, 231 insertions(+)
---
diff --git a/falcosecurity-libs.spec b/falcosecurity-libs.spec
new file mode 100644
index 0000000..75e2195
--- /dev/null
+++ b/falcosecurity-libs.spec
@@ -0,0 +1,152 @@
+# TODO: build drivers (like with BUILD_DRIVER=ON, eventually DKMS; only x86_64, aarch64, s390x?)
+#
+# Conditional build:
+%bcond_without apidocs # API documentation
+%bcond_without luajit # stock Lua 5.1 instead of LuaJIT
+%bcond_without static_libs # static libraries
+#
+%ifnarch %{ix86} %{x8664} %{arm} mips ppc
+%undefine with_luajit
+%endif
+Summary: Falco foundation libraries
+Summary(pl.UTF-8): Biblioteki podstawowe Falco
+Name: falcosecurity-libs
+Version: 0.13.4
+Release: 1
+License: Apache v2.0
+Group: Libraries
+#Source0Download: https://github.com/falcosecurity/libs/releases
+Source0: https://github.com/falcosecurity/libs/archive/%{version}/libs-%{version}.tar.gz
+# Source0-md5: 1dcb3f6ffbd91e60a2087b816c5d6425
+Source1: https://raw.githubusercontent.com/istio/proxy/1.18.2/extensions/common/wasm/base64.h
+# Source1-md5: 71299190977eb7c1971333fd53c70281
+Patch0: %{name}-syscalls.patch
+Patch1: %{name}-link.patch
+URL: https://github.com/falcosecurity/libs
+BuildRequires: c-ares-devel
+BuildRequires: cmake >= 3.12
+BuildRequires: curl-devel
+# libelf
+BuildRequires: elfutils-devel
+BuildRequires: grpc-devel
+BuildRequires: gtest-devel
+BuildRequires: jq-devel
+BuildRequires: jsoncpp-devel
+%if %{with luajit}
+BuildRequires: luajit-devel
+%else
+BuildRequires: lua51-devel >= 5.1
+BuildConflicts: luajit-devel
+%endif
+BuildRequires: openssl-devel
+BuildRequires: protobuf-devel
+BuildRequires: re2-devel
+BuildRequires: tbb-devel
+BuildRequires: tinydir-devel
+BuildRequires: valijson-devel
+BuildRequires: zlib-devel
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+# missing symbols from libscap and libsinsp
+%define skip_post_check_so libscap_engine_kmod.so.* libscap_engine_udig.so.*
+
+%description
+This package contains libsinsp, libscap and the eBPF probes.
+
+These components are at the foundation of Falco
+(<https://github.com/falcosecurity/falco>) and other projects that
+work with the same kind of data.
+
+%description -l pl.UTF-8
+Ten pakiet zawiera libsinsp, libscap oraz sondy eBPF.
+
+Te komponenty są podstawą Falco
+(<https://github.com/falcosecurity/falco>) oraz innych projektów
+działających z tym samym rodzajem danych.
+
+%package devel
+Summary: Header files for Falco libraries
+Summary(pl.UTF-8): Pliki nagłówkowe bibliotek Falco
+Group: Development/Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description devel
+Header files for Falco library.
+
+%description devel -l pl.UTF-8
+Pliki nagłówkowe biblioteki Falco.
+
+%package static
+Summary: Static %{name} library
+Summary(pl.UTF-8): Statyczna biblioteka %{name}
+Group: Development/Libraries
+Requires: %{name}-devel = %{version}-%{release}
+
+%description static
+Static %{name} library.
+
+%description static -l pl.UTF-8
+Statyczna biblioteka %{name}.
+
+%prep
+%setup -q -n libs-%{version}
+%patch0 -p1
+%patch1 -p1
+
+install -d build/b64
+cp -p %{SOURCE1} build/b64/base64.h
+cp -p /usr/include/uthash.h userspace/libscap/uthash.h
+
+%build
+cd build
+%cmake .. \
+ -DBUILD_DRIVER=OFF \
+ -DBUILD_SHARED_LIBS=ON \
+ -DBUILD_LIBSCAP_EXAMPLES=OFF \
+ -DBUILD_LIBSINSP_EXAMPLES=OFF \
+ -DCMAKE_INSTALL_INCLUDEDIR=include \
+ -DCMAKE_INSTALL_LIBDIR=%{_lib} \
+ -DCREATE_TEST_TARGETS=OFF \
+ -DENABLE_DKMS=OFF \
+ -DUSE_BUNDLED_DEPS=OFF \
+ -DWITH_CHISEL=ON
+
+%{__make}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+%{__make} -C build install \
+ DESTDIR=$RPM_BUILD_ROOT
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post -p /sbin/ldconfig
+%postun -p /sbin/ldconfig
+
+%files
+%defattr(644,root,root,755)
+%doc NOTICES README.md
+%dir %{_libdir}/falcosecurity
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap.so.*
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_bpf.so.*
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_kmod.so.*
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_nodriver.so.*
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_source_plugin.so.*
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_udig.so.*
+%attr(755,root,root) %{_libdir}/falcosecurity/libsinsp.so.*
+
+%files devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap.so
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_bpf.so
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_kmod.so
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_nodriver.so
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_source_plugin.so
+%attr(755,root,root) %{_libdir}/falcosecurity/libscap_engine_udig.so
+%attr(755,root,root) %{_libdir}/falcosecurity/libsinsp.so
+%{_includedir}/falcosecurity
+%{_pkgconfigdir}/libscap.pc
+%{_pkgconfigdir}/libsinsp.pc
+%{_prefix}/src/scap-0.0.0
diff --git a/falcosecurity-libs-link.patch b/falcosecurity-libs-link.patch
new file mode 100644
index 0000000..8e20e5e
--- /dev/null
+++ b/falcosecurity-libs-link.patch
@@ -0,0 +1,65 @@
+--- libs-0.13.4/userspace/libsinsp/CMakeLists.txt.orig 2023-10-26 18:38:45.000000000 +0200
++++ libs-0.13.4/userspace/libsinsp/CMakeLists.txt 2023-11-19 22:17:18.968902364 +0100
+@@ -201,7 +201,6 @@ set_sinsp_target_properties(sinsp)
+
+ target_link_libraries(sinsp
+ PUBLIC scap
+- INTERFACE
+ "${CURL_LIBRARIES}"
+ "${JSONCPP_LIB}"
+ "${RE2_LIB}"
+@@ -216,7 +215,7 @@ set(SINSP_PKGCONFIG_LIBRARIES
+
+ if(NOT EMSCRIPTEN)
+ target_link_libraries(sinsp
+- INTERFACE
++ PUBLIC
+ "${CARES_LIB}"
+ PRIVATE
+ "${TBB_LIB}"
+@@ -277,7 +276,7 @@ if(NOT WIN32)
+ PRIVATE
+ "cri_v1alpha2"
+ "cri_v1"
+- INTERFACE
++ PUBLIC
+ "${GRPC_LIBRARIES}"
+ "${GRPCPP_LIB}"
+ "${GRPC_LIB}"
+@@ -286,17 +285,16 @@ if(NOT WIN32)
+ "${CARES_LIB}"
+ "${JQ_LIB}")
+ list(APPEND SINSP_PKGCONFIG_LIBRARIES
+- "${GRPC_LIBRARIES}"
+- "${GRPCPP_LIB}"
+- "${GRPC_LIB}"
+- "${GPR_LIB}"
++ "-lgrpc++"
++ "-lgrpc"
++ "-lgpr"
+ "${PROTOBUF_LIB}"
+ "${CARES_LIB}"
+ "${JQ_LIB}")
+
+ if(NOT MUSL_OPTIMIZED_BUILD)
+- target_link_libraries(sinsp INTERFACE rt anl)
+- list(APPEND SINSP_PKGCONFIG_LIBRARIES rt anl)
++ target_link_libraries(sinsp INTERFACE rt)
++ list(APPEND SINSP_PKGCONFIG_LIBRARIES rt)
+ endif()
+
+ else()
+@@ -312,11 +310,11 @@ if(NOT WIN32)
+ endif()
+ endif() # NOT APPLE
+
+- target_link_libraries(sinsp INTERFACE "${OPENSSL_LIBRARIES}")
++ target_link_libraries(sinsp PUBLIC "${OPENSSL_LIBRARIES}")
+ list(APPEND SINSP_PKGCONFIG_LIBRARIES "${OPENSSL_LIBRARIES}")
+
+ if(WITH_CHISEL)
+- target_link_libraries(sinsp INTERFACE "${LUAJIT_LIB}")
++ target_link_libraries(sinsp PUBLIC "${LUAJIT_LIB}")
+ list(APPEND SINSP_PKGCONFIG_LIBRARIES "${LUAJIT_LIB}")
+ endif()
+
diff --git a/falcosecurity-libs-syscalls.patch b/falcosecurity-libs-syscalls.patch
new file mode 100644
index 0000000..59ea9f5
--- /dev/null
+++ b/falcosecurity-libs-syscalls.patch
@@ -0,0 +1,14 @@
+--- libs-0.13.4/driver/syscall_table64.c.orig 2023-10-26 18:38:45.000000000 +0200
++++ libs-0.13.4/driver/syscall_table64.c 2023-11-19 10:03:55.040625438 +0100
+@@ -23,8 +23,10 @@ or GPL2.txt for full copies of the licen
+ #include "syscall_compat_aarch64.h"
+ #elif defined(__s390x__)
+ #include "syscall_compat_s390x.h"
++#else // fake
++#include "syscall_compat_x86_64.h"
+ #endif /* __x86_64__ */
+-#elif defined(_MSC_VER) || defined(__EMSCRIPTEN__)
++#else
+ // these are Linux syscall numbers and obviously meaningless for Windows/macOS
+ // but we need *some* definition so that we have a mapping for scap_ppm_sc.c
+ #include "syscall_compat_x86_64.h"
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/falcosecurity-libs.git/commitdiff/b09873f9b16dfb5bd2ab7ab0f7f0a5ca0516167f
More information about the pld-cvs-commit
mailing list