new pkgs to gpkg (#136)

gpkg/libogg
gpkg/libopus
gpkg/libflac
gpkg/libvorbis
gpkg/libmpg123
gpkg/libmp3lame
gpkg/libsndfile
gpkg/libpulse
gpkg/libxtst
gpkg/dbus

Other changes (by @Maxython):
gpkg/glibc: disable syscalls `__NR_setresgid`, `__NR_setuid`, `__NR_setgid` and `__NR_symlink`
gpkg/glibc: adding user/group verification according to the android standard and access changing user/group information

gpkg/dbus/build.sh

@@ -0,0 +1,31 @@
+TERMUX_PKG_HOMEPAGE=https://dbus.freedesktop.org
+TERMUX_PKG_DESCRIPTION="Freedesktop.org message bus system"
+TERMUX_PKG_LICENSE="GPL-2.0"
+TERMUX_PKG_MAINTAINER="@termux-pacman"
+TERMUX_PKG_VERSION=1.15.6
+TERMUX_PKG_SRCURL="https://dbus.freedesktop.org/releases/dbus/dbus-$TERMUX_PKG_VERSION.tar.xz"
+TERMUX_PKG_SHA256=f97f5845f9c4a5a1fb3df67dfa9e16b5a3fd545d348d6dc850cb7ccc9942bd8c
+TERMUX_PKG_DEPENDS="libexpat-glibc, libx11-glibc"
+TERMUX_PKG_BUILD_IN_SRC=true
+TERMUX_PKG_EXTRA_CONFIGURE_ARGS="
+--disable-libaudit
+--disable-systemd
+--disable-tests
+--disable-xml-docs
+--enable-inotify
+--enable-x11-autolaunch
+--with-test-socket-dir=$TERMUX_PREFIX_CLASSICAL/tmp
+--with-session-socket-dir=$TERMUX_PREFIX_CLASSICAL/tmp
+--with-x=auto
+"
+
+termux_step_create_debscripts() {
+	{
+		echo "#!${TERMUX_PREFIX}/bin/sh"
+		echo "if [ ! -e ${TERMUX_PREFIX}/var/lib/dbus/machine-id ]; then"
+		echo "mkdir -p ${TERMUX_PREFIX}/var/lib/dbus"
+		echo "dbus-uuidgen > ${TERMUX_PREFIX}/var/lib/dbus/machine-id"
+		echo "fi"
+		echo "exit 0"
+	} > postinst
+}

gpkg/dbus/fix-hardcoded-paths.patch

@@ -0,0 +1,12 @@
+diff -uNr dbus-1.12.16/dbus/dbus-sysdeps-unix.c dbus-1.12.16.mod/dbus/dbus-sysdeps-unix.c
+--- dbus-1.12.16/dbus/dbus-sysdeps-unix.c	2019-05-13 12:33:56.000000000 +0300
++++ dbus-1.12.16.mod/dbus/dbus-sysdeps-unix.c	2019-08-15 02:15:37.825982953 +0300
+@@ -3602,7 +3602,7 @@
+
+       /* And this is the sane fallback. */
+       if (tmpdir == NULL)
+-        tmpdir = "/tmp";
++        tmpdir = "@TERMUX_PREFIX_CLASSICAL@/tmp";
+     }
+
+   _DBUS_UNLOCK (sysdeps);

gpkg/glibc/aarch64-arch-syscall.h.patch

@@ -1,5 +1,5 @@
 --- glibc-2.38/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h	2023-07-31 20:54:16.000000000 +0300
-+++ glibc-2.38/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h.patch	2023-10-07 00:00:59.225088205 +0300
++++ glibc-2.38/sysdeps/unix/sysv/linux/aarch64/arch-syscall.h.patch	2023-10-20 18:45:51.707101294 +0300
 @@ -1,5 +1,4 @@
  /* AUTOGENERATED by update-syscall-lists.py.  */
 -#define __NR_accept 202
@@ -40,7 +40,7 @@
  #define __NR_rt_sigaction 134
  #define __NR_rt_sigpending 136
  #define __NR_rt_sigprocmask 135
-@@ -237,11 +231,8 @@
+@@ -237,12 +231,8 @@
  #define __NR_sendto 206
  #define __NR_set_mempolicy 237
  #define __NR_set_mempolicy_home_node 450
@@ -49,10 +49,26 @@
  #define __NR_setdomainname 162
 -#define __NR_setfsgid 152
 -#define __NR_setfsuid 151
- #define __NR_setgid 144
+-#define __NR_setgid 144
  #define __NR_setgroups 159
  #define __NR_sethostname 161
-@@ -270,7 +261,6 @@
+ #define __NR_setitimer 103
+@@ -250,14 +240,12 @@
+ #define __NR_setpgid 154
+ #define __NR_setpriority 140
+ #define __NR_setregid 143
+-#define __NR_setresgid 149
+ #define __NR_setresuid 147
+ #define __NR_setreuid 145
+ #define __NR_setrlimit 164
+ #define __NR_setsid 157
+ #define __NR_setsockopt 208
+ #define __NR_settimeofday 170
+-#define __NR_setuid 146
+ #define __NR_setxattr 5
+ #define __NR_shmat 196
+ #define __NR_shmctl 195
+@@ -270,7 +258,6 @@
  #define __NR_socketpair 199
  #define __NR_splice 76
  #define __NR_statfs 43

gpkg/glibc/android_passwd_group.c

@@ -0,0 +1,284 @@
+/* This script stores functions similar to those from
+   the bionic library, thanks to which passwd/group
+   structures are created.
+*/
+
+#ifndef _ANDROID_PASSWD_GROUP
+#define _ANDROID_PASSWD_GROUP
+
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include "android_passwd_group.h"
+
+struct android_id_info * find_android_id_info_by_id(unsigned id) {
+	for (size_t n = 0; n < android_id_count; ++n)
+		if (android_ids[n].aid == id)
+			return &android_ids[n];
+	return NULL;
+}
+
+struct android_id_info * find_android_id_info_by_name(const char* name) {
+	for (size_t n = 0; n < android_id_count; ++n)
+		if (!strcmp(android_ids[n].name, name))
+			return &android_ids[n];
+	return NULL;
+}
+
+int is_oem_id_android(id_t id) {
+	if (id >= AID_OEM_RESERVED_START && id < AID_EVERYBODY && find_android_id_info_by_id(id) == NULL)
+		return 1;
+
+	return (id >= AID_OEM_RESERVED_START && id <= AID_OEM_RESERVED_END) ||
+		(id >= AID_OEM_RESERVED_2_START && id <= AID_OEM_RESERVED_2_END);
+}
+
+int is_valid_id_android(id_t id, int is_group) {
+	if (id >= AID_USER_OFFSET)
+		return 0;
+
+	struct IdRange * ranges;
+	size_t ranges_size;
+	id_t appid = id % AID_USER_OFFSET;
+
+	if (appid == AID_OVERFLOWUID)
+		return 0;
+
+	if (is_group) {
+		ranges_size = sizeof(group_ranges)/sizeof(group_ranges[0]);
+		ranges = group_ranges;
+	} else {
+		ranges_size = sizeof(user_ranges)/sizeof(user_ranges[0]);
+		ranges = user_ranges;
+	}
+
+	if (appid < ranges[0].start)
+		return 1;
+
+	if (appid >= AID_SHARED_GID_START && appid <= AID_SHARED_GID_END && appid != id)
+		return 0;
+
+	for (size_t i = 0; i < ranges_size; ++i)
+		if (appid >= ranges[i].start && appid <= ranges[i].end)
+			return 1;
+
+	return 0;
+}
+
+static id_t oem_id_from_name_android(const char* name) {
+	unsigned int id;
+	if (sscanf(name, "oem_%u", &id) != 1) {
+		return 0;
+	}
+	if (!is_oem_id_android(id)) {
+		return 0;
+	}
+	return (id_t)id;
+}
+
+static id_t app_id_from_name_android(const char* name, int is_group) {
+	char* end;
+	unsigned long userid;
+	struct android_id_info* info;
+	int is_shared_gid = 0;
+
+	if (is_group && name[0] == 'a' && name[1] == 'l' && name[2] == 'l') {
+		end = malloc(strlen(name));
+		for (int i=3; i<strlen(name); i++)
+			sprintf(end, "%s%c", end, name[i]);
+		userid = 0;
+		is_shared_gid = 1;
+	} else if (name[0] == 'u' && isdigit(name[1])) {
+		userid = strtoul(name+1, &end, 10);
+	} else {
+		return 0;
+	}
+
+	if (end[0] != '_' || end[1] == 0) {
+		return 0;
+	}
+
+	unsigned long appid = 0;
+	if (end[1] == 'a' && isdigit(end[2])) {
+		if (is_shared_gid) {
+			appid = strtoul(end+2, &end, 10) + AID_SHARED_GID_START;
+			if (appid > AID_SHARED_GID_END) {
+				return 0;
+			}
+		} else {
+			appid = strtoul(end+2, &end, 10);
+			if (is_group) {
+				if (!strcmp(end, "_ext_cache")) {
+					end += 10;
+					appid += AID_EXT_CACHE_GID_START;
+				} else if (!strcmp(end, "_ext")) {
+					end += 4;
+					appid += AID_EXT_GID_START;
+				} else if (!strcmp(end, "_cache")) {
+					end += 6;
+					appid += AID_CACHE_GID_START;
+				} else {
+					appid += AID_APP_START;
+				}
+			} else {
+				appid += AID_APP_START;
+			}
+		}
+	} else if (end[1] == 'i' && isdigit(end[2])) {
+		appid = strtoul(end+2, &end, 10) + AID_ISOLATED_START;
+	} else if ((info = find_android_id_info_by_name(end + 1)) != NULL) {
+		appid = info->aid;
+		end += strlen(info->name) + 1;
+	}
+
+	if (end[0] != 0) {
+		return 0;
+	}
+
+	if (userid > 1000) {
+		return 0;
+	}
+
+	if (appid >= AID_USER_OFFSET) {
+		return 0;
+	}
+
+	return (appid + userid*AID_USER_OFFSET);
+}
+
+void get_name_by_uid_android(uid_t uid, char *name_u) {
+	uid_t appid = uid % AID_USER_OFFSET;
+	uid_t userid = uid / AID_USER_OFFSET;
+	struct android_id_info* info;
+
+	if (appid >= AID_ISOLATED_START) {
+		sprintf(name_u, "u%u_i%u", userid, appid - AID_ISOLATED_START);
+	} else if (appid < AID_APP_START) {
+		if ((info = find_android_id_info_by_id(appid)) != NULL)
+			sprintf(name_u, "%s", info->name);
+	} else {
+		sprintf(name_u, "u%u_a%u", userid, appid - AID_APP_START);
+	}
+}
+
+void get_name_by_gid_android(gid_t gid, char *name_g) {
+	uid_t appid = gid % AID_USER_OFFSET;
+	uid_t userid = gid / AID_USER_OFFSET;
+	struct android_id_info* info;
+
+	if (appid >= AID_ISOLATED_START) {
+		sprintf(name_g, "u%u_i%u", userid, appid - AID_ISOLATED_START);
+	} else if (userid == 0 && appid >= AID_SHARED_GID_START && appid <= AID_SHARED_GID_END) {
+		sprintf(name_g, "all_a%u", appid - AID_SHARED_GID_START);
+	} else if (appid >= AID_EXT_CACHE_GID_START && appid <= AID_EXT_CACHE_GID_END) {
+		sprintf(name_g, "u%u_a%u_ext_cache", userid, appid - AID_EXT_CACHE_GID_START);
+	} else if (appid >= AID_EXT_GID_START && appid <= AID_EXT_GID_END) {
+		sprintf(name_g, "u%u_a%u_ext", userid, appid - AID_EXT_GID_START);
+	} else if (appid >= AID_CACHE_GID_START && appid <= AID_CACHE_GID_END) {
+		sprintf(name_g, "u%u_a%u_cache", userid, appid - AID_CACHE_GID_START);
+	} else if (appid < AID_APP_START) {
+		if ((info = find_android_id_info_by_id(appid)) != NULL)
+			sprintf(name_g, "%s", info->name);
+	} else {
+		sprintf(name_g, "u%u_a%u", userid, appid - AID_APP_START);
+	}
+}
+
+struct passwd * get_passwd_android(char* name, uid_t uid) {
+	static struct passwd res;
+
+	res.pw_name = name;
+	res.pw_passwd = "*";
+	res.pw_uid = uid;
+	res.pw_gid = uid;
+	res.pw_gecos = "";
+	res.pw_dir = APP_HOME_DIR;
+	res.pw_shell = APP_PREFIX_DIR "/bin/login";
+
+	return &res;
+}
+
+struct group * get_group_android(char* name, gid_t gid) {
+	static struct group res;
+
+	res.gr_name = name;
+	res.gr_passwd = NULL;
+	res.gr_gid = gid;
+	res.gr_mem = (char *[2]){(char *)name, NULL};
+
+	return &res;
+}
+
+struct passwd * getpwuid_android(uid_t uid) {
+	char* name_res = malloc(64);
+
+	if (is_oem_id_android(uid))
+		sprintf(name_res, "oem_%u", uid);
+	else {
+		if (!is_valid_id_android(uid, 0))
+			return NULL;
+		get_name_by_uid_android(uid, name_res);
+		if (strlen(name_res) == 0)
+			return NULL;
+	}
+
+	return get_passwd_android(name_res, uid);
+}
+
+struct group * getgrgid_android(gid_t gid) {
+	char* name_res = malloc(64);
+
+	if (is_oem_id_android(gid))
+		sprintf(name_res, "oem_%u", gid);
+	else {
+		if (!is_valid_id_android(gid, 1))
+			return NULL;
+        	get_name_by_gid_android(gid, name_res);
+		if (strlen(name_res) == 0)
+			return NULL;
+	}
+
+	return get_group_android(name_res, gid);
+}
+
+struct passwd * getpwnam_android(char* name) {
+	uid_t uid;
+	struct android_id_info* info;
+
+	uid = app_id_from_name_android(name, 0);
+	if (uid != 0)
+		return get_passwd_android(name, uid);
+
+	uid = oem_id_from_name_android(name);
+	if (uid != 0)
+		return get_passwd_android(name, uid);
+
+	info = find_android_id_info_by_name(name);
+	if (info != NULL)
+		return get_passwd_android(name, info->aid);
+
+	return NULL;
+}
+
+struct group * getgrnam_android(char* name) {
+	gid_t gid;
+	struct android_id_info* info;
+
+	gid = app_id_from_name_android(name, 1);
+	if (gid != 0)
+		return get_group_android(name, gid);
+
+	gid = oem_id_from_name_android(name);
+	if (gid != 0)
+		return get_group_android(name, gid);
+
+	info = find_android_id_info_by_name(name);
+	if (info != NULL)
+		return get_group_android(name, info->aid);
+
+	return NULL;
+}
+
+#endif // _ANDROID_PASSWD_GROUP

gpkg/glibc/android_passwd_group.h

@@ -0,0 +1,23 @@
+#ifndef _ANDROID_PASSWD_GROUP_H
+#define _ANDROID_PASSWD_GROUP_H
+
+#include <pwd.h>
+#include <grp.h>
+#include "android_ids.h"
+
+struct android_id_info * find_android_id_info_by_id(unsigned id);
+struct android_id_info * find_android_id_info_by_name(const char* name);
+int is_oem_id_android(id_t id);
+int is_valid_id_android(id_t id, int is_group);
+static id_t oem_id_from_name_android(const char* name);
+static id_t app_id_from_name_android(const char* name, int is_group);
+void get_name_by_uid_android(uid_t uid, char *name_u);
+void get_name_by_gid_android(gid_t gid, char *name_g);
+struct passwd * get_passwd_android(char* name, uid_t uid);
+struct group * get_group_android(char* name, gid_t gid);
+struct passwd * getpwuid_android(uid_t uid);
+struct group * getgrgid_android(gid_t gid);
+struct passwd * getpwnam_android(char* name);
+struct group * getgrnam_android(char* name);
+
+#endif // _ANDROID_PASSWD_GROUP_H