<pre class="ebuild"># Copyright 2022-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

EAPI=8

CRATES="
"
RUST_MIN_VER="1.71.1"

if [[ ${PV} == 9999 ]]; then
    inherit cargo git-r3 optfeature pam
    EGIT_REPO_URI="https://github.com/trifectatechfoundation/sudo-rs"
    SRC_URI="$(cargo_crate_uris ${CRATES})"
else
    inherit cargo optfeature pam

    if [[ ${PV} != *_beta* && ${PV} != *_rc* ]]; then
        KEYWORDS="~amd64 ~x86 ~arm ~arm64 ~mips ~ppc ~ppc64 ~riscv ~sparc"
    fi
    SRC_URI="$(cargo_crate_uris ${CRATES})
            https://github.com/trifectatechfoundation/${PN}/releases/download/v${PV}/${PN}-${PV}.tar.gz
    "
fi

DESCRIPTION="A memory safe implementation of sudo"
HOMEPAGE="https://trifectatech.org/"

LICENSE="MIT"
SLOT="0"

DEPEND="
    !app-admin/sudo
"

## Requires at least kernel 5.9.0 but I'm not sure this is the ideal way to handle this given that the user might have one already undetected:
RDEPEND="${DEPEND}
        >=sys-kernel/gentoo-sources-5.9.0
        sys-apps/dbus
        sys-libs/pam
"

BDEPEND="${RDEPEND}
        dev-vcs/git
        sys-apps/grep
        sys-apps/sed
"

src_unpack(){
    if [[ ${PV} == 9999 ]]; then
        git-r3_src_unpack || die
        cargo_live_src_unpack || die
    fi
}

 src_configure() {
    if [[ ${PV} == 9999 ]]; then
        COLLECTED_GIT_LONG_REVISION="$(git describe --long --tags | sed 's/\([^-]*-\)g/r\1/;s/-/./g' | sed 's|v||')"
        COLLECTED_GIT_TAG="$(git describe --tags "$(git rev-list --tags --max-count=1)" | sed 's|v||')"
        COLLECTED_GIT_COMMIT="$(echo "${COLLECTED_GIT_LONG_REVISION}" | sed "s|${COLLECTED_GIT_TAG}.||" | sed -E 's|[A-Za-z0-9]+\.||')"

        ## We collect the version name this way because sometimes upstream doesn't align the development version with what 'git describe' actually reports is the tag
        ## We search Cargo.toml first because, unlike Cargo.lock, Cargo.toml reliably only lists the version name this way for sudo-rs and none of the dependencies to confuse the output
        COLLECTED_VERSION="$(grep "^version =" Cargo.toml | sed 's|version = ||' | sed 's|"||g')"

        NEW_VERSION_NAMING_SCHEME="${COLLECTED_VERSION}-${COLLECTED_GIT_COMMIT}"

        sed -i "s|version = \"${COLLECTED_VERSION}\"|version = \"${NEW_VERSION_NAMING_SCHEME}\"|" Cargo.toml || die
        sed -i "s|version = \"${COLLECTED_VERSION}\"|version = \"${NEW_VERSION_NAMING_SCHEME}\"|" Cargo.lock || die
    fi

    ## Pulled from the app-shells/starship ebuild, but src_configure errors if we do this
    # export PKG_CONFIG_ALLOW_CROSS=1
    # export OPENSSL_NO_VENDOR=true

    # cargo_src_configure || die
}

src_compile() {
    ## From the Firefox ebuild
    if ! use elibc_glibc ; then
        if use amd64 ; then
            export RUST_TARGET="x86_64-unknown-linux-musl"
        elif use x86 ; then
            export RUST_TARGET="i686-unknown-linux-musl"
        elif use arm64 ; then
            export RUST_TARGET="aarch64-unknown-linux-musl"
        elif use ppc64 ; then
            export RUST_TARGET="powerpc64le-unknown-linux-musl"
        elif use riscv ; then
            # We can pretty safely rule out any 32-bit riscvs, but 64-bit riscvs also have tons of
            # different ABIs available. riscv64gc-unknown-linux-musl seems to be the best working
            # guess right now though.
            elog "riscv detected, forcing a riscv64 target for now."
            export RUST_TARGET="riscv64gc-unknown-linux-musl"
        else
            die "Unknown musl chost, please post a new bug with your rustc -vV along with emerge --info"
        fi
    else
        if use amd64 ; then
            export RUST_TARGET="x86_64-unknown-linux-gnu"
        elif use x86 ; then
            export RUST_TARGET="i686-unknown-linux-gnu"
        elif use arm64 ; then
            export RUST_TARGET="aarch64-unknown-linux-gnu"
        elif use ppc64 ; then
            export RUST_TARGET="powerpc64le-unknown-linux-gnu"
        elif use riscv ; then
            elog "riscv detected, forcing a riscv64 target for now."
            export RUST_TARGET="riscv64gc-unknown-linux-gnu"
        else
            die "Unknown chost, please post a new bug with your rustc -vV along with emerge --info"
        fi
    fi

    cargo_src_compile || die
}

src_install(){

    exeinto /usr/bin || die

    ## Install
    dobin "target/${RUST_TARGET}/release/sudo" || die
    dobin "target/${RUST_TARGET}/release/visudo" || die
    ## Change dobin to newexe if "app-admin/sudo" is installed
    # newexe "target/${RUST_TARGET}/release/sudo" sudo-rs || die
    # newexe "target/${RUST_TARGET}/release/visudo" visudo-rs || die

    ### Set ownership, permissions, and the SUID bit
    fowners 0:0 /usr/bin/sudo || die
    fperms 4755 /usr/bin/sudo || die
    fowners 0:0 /usr/bin/visudo || die
    fperms 4755 /usr/bin/visudo || die

    ## Required or else sudo-rs will throw a fit about failed authentications upon invocation
    pamd_mimic system-auth sudo auth account session
    pamd_mimic system-auth sudo-i auth account session

    insinto /usr/share/sudo-rs/markdown-man
    doins docs/man/sudo.8.md
    doins docs/man/visudo.8.md

    fowners 0:0 /usr/share/sudo-rs/markdown-man/sudo.8.md
    fperms 644 /usr/share/sudo-rs/markdown-man/sudo.8.md
    fowners 0:0 /usr/share/sudo-rs/markdown-man/visudo.8.md
    fperms 644 /usr/share/sudo-rs/markdown-man/visudo.8.md

    insinto /usr/share/sudo-rs/license
    doins LICENSE-APACHE
    doins LICENSE-MIT
    fowners 0:0 /usr/share/sudo-rs/license/LICENSE-APACHE
    fperms 744 /usr/share/sudo-rs/license/LICENSE-APACHE
    fowners 0:0 /usr/share/sudo-rs/license/LICENSE-MIT
    fperms 744 /usr/share/sudo-rs/license/LICENSE-MIT
}

pkg_postinst() {
    einfo "*******************"
    ewarn "Sudo-rs needs the sudoers configuration file."
    ewarn "The sudoers configuration file will be loaded from /etc/sudoers-rs if that file exists,"
    ewarn "otherwise the original /etc/sudoers location will be used. NOTE: It must be UTF8-encoded!"
    ewarn ""
    ewarn "Likewise, if you get an error regarding 'sudoers.d' it means you need to create that folder"
    ewarn "in '/etc'. This is because it may have been included by default in an original sudoers file"
    ewarn "and sudo-rs has yet to implement error handling for missing referenced folders."
}
</pre><!-- ajax rendered in 0.0141 seconds -->