From b54ff3ad986e421f99dd05966709b38823be8372 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Jul 29 2019 08:21:17 +0000
Subject: Resolved f31 build error


---

diff --git a/firejail-0.9.56-build-err.patch b/firejail-0.9.56-build-err.patch
new file mode 100644
index 0000000..d421393
--- /dev/null
+++ b/firejail-0.9.56-build-err.patch
@@ -0,0 +1,188 @@
+From df978f44ed33150820edaf1244f97aab2aabece1 Mon Sep 17 00:00:00 2001
+From: Ondrej Dubaj <odubaj@redhat.com>
+Date: Mon, 29 Jul 2019 10:11:33 +0200
+Subject: [PATCH] Resolved f31 build errors
+
+---
+ configure    | 90 ++++++++++++++++++++++++++++++++++------------------
+ configure.ac | 33 ++++++-------------
+ 2 files changed, 69 insertions(+), 54 deletions(-)
+
+diff --git a/configure b/configure
+index a7ef3a3..0b511c5 100755
+--- a/configure
++++ b/configure
+@@ -2095,6 +2095,8 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
+ 
+ #AC_CONFIG_HEADERS([config.h])
+ 
++
++
+ ac_ext=c
+ ac_cpp='$CPP $CPPFLAGS'
+ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+@@ -3101,46 +3103,73 @@ fi
+ 
+ 
+ HAVE_SPECTRE="no"
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for Spectre mitigation support in gcc or clang compiler" >&5
+-$as_echo_n "checking for Spectre mitigation support in gcc or clang compiler... " >&6; }
+-if test "$CC" = "gcc"; then :
+-
+-	HAVE_SPECTRE="yes"
+-	$CC -mindirect-branch=thunk -c dummy.c || HAVE_SPECTRE="no"
+-	rm -f dummy.o
+-	if test "$HAVE_SPECTRE" = "yes"; then :
+-
+-		EXTRA_CFLAGS+=" -mindirect-branch=thunk "
+-
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -mindirect-branch=thunk" >&5
++$as_echo_n "checking whether C compiler accepts -mindirect-branch=thunk... " >&6; }
++if ${ax_cv_check_cflags___mindirect_branch_thunk+:} false; then :
++  $as_echo_n "(cached) " >&6
++else
++  ax_check_save_flags=$CFLAGS
++  CFLAGS="$CFLAGS  -mindirect-branch=thunk"
++  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++int
++main ()
++{
++  ;
++  return 0;
++}
++_ACEOF
++if ac_fn_c_try_compile "$LINENO"; then :
++  ax_cv_check_cflags___mindirect_branch_thunk=yes
++else
++  ax_cv_check_cflags___mindirect_branch_thunk=no
+ fi
+-
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++  CFLAGS=$ax_check_save_flags
+ fi
+-if test "$CC" = "clang"; then :
+-
+-	HAVE_SPECTRE="yes"
+-	$CC -mretpoline -c dummy.c || HAVE_SPECTRE="no"
+-	rm -f dummy.o
+-	if test "$HAVE_SPECTRE" = "yes"; then :
+-
+-		EXTRA_CFLAGS+=" -mretpoline "
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___mindirect_branch_thunk" >&5
++$as_echo "$ax_cv_check_cflags___mindirect_branch_thunk" >&6; }
++if test "x$ax_cv_check_cflags___mindirect_branch_thunk" = xyes; then :
++  HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -mindirect-branch=thunk"
+ 
++else
++  :
+ fi
+-
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -mretpoline" >&5
++$as_echo_n "checking whether C compiler accepts -mretpoline... " >&6; }
++if ${ax_cv_check_cflags___mretpoline+:} false; then :
++  $as_echo_n "(cached) " >&6
++else
++  ax_check_save_flags=$CFLAGS
++  CFLAGS="$CFLAGS  -mretpoline"
++  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++int
++main ()
++{
++  ;
++  return 0;
++}
++_ACEOF
++if ac_fn_c_try_compile "$LINENO"; then :
++  ax_cv_check_cflags___mretpoline=yes
++else
++  ax_cv_check_cflags___mretpoline=no
+ fi
+-if test "$HAVE_SPECTRE" = "yes"; then :
+-
+-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+-$as_echo "yes" >&6; }
+-
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++  CFLAGS=$ax_check_save_flags
+ fi
+-if test "$HAVE_SPECTRE" = "no"; then :
+-
+-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ... not available" >&5
+-$as_echo "... not available" >&6; }
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___mretpoline" >&5
++$as_echo "$ax_cv_check_cflags___mretpoline" >&6; }
++if test "x$ax_cv_check_cflags___mretpoline" = xyes; then :
++  HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -mretpoline"
+ 
++else
++  :
+ fi
+ 
+ 
++
+ HAVE_APPARMOR=""
+ # Check whether --enable-apparmor was given.
+ if test "${enable_apparmor+set}" = set; then :
+@@ -3154,7 +3183,6 @@ if test "x$enable_apparmor" = "xyes"; then :
+ 
+ fi
+ 
+-
+ ac_ext=c
+ ac_cpp='$CPP $CPPFLAGS'
+ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+diff --git a/configure.ac b/configure.ac
+index d1b827f..71addf5 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -3,35 +3,22 @@ AC_INIT(firejail, 0.9.57, netblue30@yahoo.com, , https://firejail.wordpress.com)
+ AC_CONFIG_SRCDIR([src/firejail/main.c])
+ #AC_CONFIG_HEADERS([config.h])
+ 
++AC_CONFIG_MACRO_DIR([m4])
++
+ AC_PROG_CC
+ #AC_PROG_CXX
+ AC_PROG_INSTALL
+ AC_PROG_RANLIB
+ 
+ HAVE_SPECTRE="no"
+-AC_MSG_CHECKING(for Spectre mitigation support in gcc or clang compiler)
+-AS_IF([test "$CC" = "gcc"], [
+-	HAVE_SPECTRE="yes"
+-	$CC -mindirect-branch=thunk -c dummy.c || HAVE_SPECTRE="no"
+-	rm -f dummy.o
+-	AS_IF([test "$HAVE_SPECTRE" = "yes"], [
+-		EXTRA_CFLAGS+=" -mindirect-branch=thunk "
+-	])
+-])
+-AS_IF([test "$CC" = "clang"], [
+-	HAVE_SPECTRE="yes"
+-	$CC -mretpoline -c dummy.c || HAVE_SPECTRE="no"
+-	rm -f dummy.o
+-	AS_IF([test "$HAVE_SPECTRE" = "yes"], [
+-		EXTRA_CFLAGS+=" -mretpoline "
+-	])
+-])
+-AS_IF([test "$HAVE_SPECTRE" = "yes"], [
+-	AC_MSG_RESULT(yes)
+-])
+-AS_IF([test "$HAVE_SPECTRE" = "no"], [
+-	AC_MSG_RESULT(... not available)
+-])
++AX_CHECK_COMPILE_FLAG(
++    [-mindirect-branch=thunk],
++    HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -mindirect-branch=thunk"
++)
++AX_CHECK_COMPILE_FLAG(
++    [-mretpoline],
++    HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -mretpoline"
++)
+ AC_SUBST([EXTRA_CFLAGS])
+ 
+ HAVE_APPARMOR=""
+-- 
+2.19.1
+
diff --git a/firejail.spec b/firejail.spec
index 02817b2..7b540b0 100644
--- a/firejail.spec
+++ b/firejail.spec
@@ -4,7 +4,7 @@
 
 Name: firejail
 Version: 0.9.56
-Release: 8%{?dist}
+Release: 9%{?dist}
 Summary: Linux namespaces sandbox program
 BuildRequires: gcc make python3-devel
 
@@ -14,13 +14,15 @@ License: GPLv2+
 URL: https://github.com/netblue30/firejail
 Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
 
+Patch0: firejail-0.9.56-build-err.patch
+
 %description
 Firejail is a SUID sandbox program that reduces the risk of security
 breaches by restricting the running environment of untrusted applications
 using Linux namespaces. It includes a sandbox profile for Mozilla Firefox.
 
 %prep
-%autosetup
+%autosetup -p1
 
 %build
 %configure
@@ -55,6 +57,9 @@ done
 %config(noreplace) %{_sysconfdir}/%{name}
 
 %changelog
+* Mon Jul 29 2019 Ondrej Dubaj <odubaj@redhat.com> 0.9.56-9
+- Resolved f31 build errors
+
 * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.56-8
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild