summary refs log tree commit diff
path: root/gnu/packages/kerberos.scm
diff options
context:
space:
mode:
authorFelix Lechner <felix.lechner@lease-up.com>2023-05-28 17:19:18 -0700
committerJosselin Poiret <dev@jpoiret.xyz>2023-06-04 10:33:58 +0200
commitd89247150fe6e97c2fceed8d578fd119a782624d (patch)
tree575ee58fae9655a24918afa02e2b782183282f26 /gnu/packages/kerberos.scm
parent94879ff743530a1b8aef7283578bba2a80fa9f80 (diff)
downloadguix-d89247150fe6e97c2fceed8d578fd119a782624d.tar.gz
gnu: heimdal: Drop obsolete and insecure user tools.
According to messages from the Heimdal maintainers Brian May and Nico
Williams, no one should be using their version of 'su' anymore. It was deleted
from the development branch five years ago [1] and is only being shipped
because the 7.8.0 is based on an older, stable branch.

[1] https://github.com/heimdal/heimdal/commit/8a77f45aff366b1cd8c70c43ce63eb16a0c9839c

Following the directions from the maintainers, this commit drops all
executables built from the ./appl folder via deletion of that SUBDIR from
the top-level Makefile.am.

Unfortunately, the heimdal-discuss mailing list does not appear to have a
public archive. The relevant SMTP Message-Id was:

    <MDAEMON-F202305111940.AA401569md5001000003030@sequoia-grove.ad.secure-endpoints.com>

* gnu/packages/kerberos.scm (heimdal): Drop obsolete and insecure user tools.

Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
Diffstat (limited to 'gnu/packages/kerberos.scm')
-rw-r--r--gnu/packages/kerberos.scm15
1 files changed, 6 insertions, 9 deletions
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index f06410b8f8..241881ea47 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -214,6 +214,12 @@ After installation, the system administrator should generate keys using
                                                    "/libexec/heimdal")))
                   #~()))
        #:phases (modify-phases %standard-phases
+                  ;; Skip the appl folder as obsolete per message from Brian May <brian@linuxpenguins.xyz>
+                  ;; <MDAEMON-F202305111940.AA401569md5001000003030@sequoia-grove.ad.secure-endpoints.com>
+                  (add-after 'unpack 'drop-obsolete-executables
+                    (lambda* (#:key inputs #:allow-other-keys)
+                      (substitute* '("Makefile.am")
+                        (("appl") ""))))
                   (add-before 'configure 'pre-configure
                     (lambda* (#:key inputs #:allow-other-keys)
                       (invoke (search-input-file inputs "bin/autoreconf") "--install" "--force")
@@ -230,15 +236,6 @@ After installation, the system administrator should generate keys using
                         ;; which confuses heimdal.
                         (("ac_cv_prog_COMPILE_ET=\\$\\{with_cross_tools\\}compile_et")
                          "ac_cv_PROG_COMPILE_ET=compile_et"))
-                      (substitute* '("appl/afsutil/pagsh.c" "appl/su/su.c")
-                        (("/bin/sh")
-                         (search-input-file inputs "bin/sh"))
-                        ;; Use the cross-compiled bash instead of the
-                        ;; native bash (XXX shouldn't _PATH_BSHELL point
-                        ;; to a cross-compiled bash?).
-                        (("_PATH_BSHELL")
-                         (string-append
-                          "\"" (search-input-file inputs "bin/sh") "\"")))
                       (substitute* '("tools/Makefile.in")
                         (("/bin/sh") (which "sh")))))
                   (add-before 'check 'pre-check