From luigi.scarso at gmail.com  Sun Oct  4 21:41:40 2020
From: luigi.scarso at gmail.com (luigi scarso)
Date: Sun, 4 Oct 2020 21:41:40 +0200
Subject: [tlbuild] Security: Lua update and rebuild required
In-Reply-To: <202008062257.076Mvucr016725@freefriends.org>
References: <20200806080851.ujnmv6z4d7citjey@vento15post8>
 <202008062257.076Mvucr016725@freefriends.org>
Message-ID: <CAG5iGsALgQWk4Z1fkp62aXtuSWRX4jrwc4mgUJ4sETNabAnVCg@mail.gmail.com>

On Fri, Aug 7, 2020 at 12:57 AM Karl Berry <karl at freefriends.org> wrote:

> Hi Henri,
>
> (Reducing to tlbuild + Luigi; luatex list is too big for this.)
>
>     recently several CVEs for Lua (all versions up to 5.4.0) have been
>     published:
>
> How unfortunate, but thanks for the report.
>
> I trust Luigi will install the fixes in the sources, which is what has
> to happen first.
>
>     Since users of LuaTeX are running potentially untrusted code and all
>     of these vulnerabilities are rated with severity high or critical, I
>     believe it is necessary to rebuild all affected LuaTeX version,
>
> I don't agree. The reality is that LuaTeX has been completely insecure
> until, perhaps, this year's release. Even with the current release,
> running "untrusted code" is always a risk. Installing the fixes for
> those CVEs is not going to change that.
>
>     ideally including those in frozen TeX Live releases.
>
> Seems completely infeasible to me, sorry to say.  We have never rebuilt
> binaries for anything but the current release before, and I can't see
> starting now.  Anyone who wants such after-the-release fixes has always
> had to update from the after-the-release repository. Certainly not
> ideal, but that is the reality.
>
>     This is particularly important because there already exist exploits
>     for all of these vulnerabilites
>
> Even more unfortunate.
>
> I await Luigi's input.  If he feels we should, we could at least rebuild
> the luatex binaries for the current release.  --thanks, karl.
>

We have now Lua 5.3.6, but it seems that the security patches are for lua
5.4 only.


-- 
luigi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://tug.org/pipermail/tlbuild/attachments/20201004/86bc7606/attachment.html>

From norbert at preining.info  Mon Oct  5 01:03:59 2020
From: norbert at preining.info (Norbert Preining)
Date: Mon, 5 Oct 2020 08:03:59 +0900
Subject: [tlbuild] Security: Lua update and rebuild required
In-Reply-To: <CAG5iGsALgQWk4Z1fkp62aXtuSWRX4jrwc4mgUJ4sETNabAnVCg@mail.gmail.com>
References: <20200806080851.ujnmv6z4d7citjey@vento15post8>
 <202008062257.076Mvucr016725@freefriends.org>
 <CAG5iGsALgQWk4Z1fkp62aXtuSWRX4jrwc4mgUJ4sETNabAnVCg@mail.gmail.com>
Message-ID: <20201004230359.GA161079@burischnitzel.preining.info>

On Sun, 04 Oct 2020, luigi scarso wrote:
> We have now Lua 5.3.6, but it seems that the security patches are for lua
> 5.4 only.

Well, then a backport might be necessary. If you include literate (or
nearly literate) copies of libraries, the burden of security updates and
backports falls onto you.

Best

Norbert

--
PREINING Norbert                              https://www.preining.info
Accelia Inc. + IFMGA ProGuide + TU Wien + JAIST + TeX Live + Debian Dev
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

From kakuto at w32tex.org  Mon Oct  5 01:18:44 2020
From: kakuto at w32tex.org (Akira Kakuto)
Date: Mon, 5 Oct 2020 08:18:44 +0900
Subject: [tlbuild] Security: Lua update and rebuild required
In-Reply-To: <20201004230359.GA161079@burischnitzel.preining.info>
References: <20200806080851.ujnmv6z4d7citjey@vento15post8>
 <202008062257.076Mvucr016725@freefriends.org>
 <CAG5iGsALgQWk4Z1fkp62aXtuSWRX4jrwc4mgUJ4sETNabAnVCg@mail.gmail.com>
 <20201004230359.GA161079@burischnitzel.preining.info>
Message-ID: <d8b6f24b-a344-6a24-50d0-957a9efd61af@w32tex.org>

On 2020/10/05 8:03, Norbert Preining wrote:
> Well, then a backport might be necessary. If you include literate (or
> nearly literate) copies of libraries, the burden of security updates and
> backports falls onto you.

I don't know details but the release date of lua-5.3.6, bug-fixed
version of lua-5.3.5, is 2020/09/25, very recent.
Did the lua team ignore the security issue?
In any case, tests by Luigi are appreciated.

Best,
Akira

From vadimkantorov at gmail.com  Wed Nov 11 16:50:45 2020
From: vadimkantorov at gmail.com (Vadim Kantorov)
Date: Wed, 11 Nov 2020 16:50:45 +0100
Subject: [tlbuild] Custom-built xdvipdfmx cannot find pdftex.map on a
	basic-scheme TDS
Message-ID: <CAEfwmQsxU146BRX=ca3k5_mWH5b5gJP3GCzpkoeTNcKM7vrmFg@mail.gmail.com>

I built custom xetex and xdvipdfmx (texlive.sh) into "./build" and
installed a basic-scheme TexLive distro into "./texlive" with
install-tl (latex.sh). My machine does not have a system-wide TexLive
installation.

Compiling (bug.sh) a dummy tex file produces warnings from xdvipdfmx:
xdvipdfmx:warning: Couldn't open font map file "pdftex.map".
xdvipdfmx:warning: Couldn't open font map file "kanjix.map".

I am using "./texlive/texmf-dist/web2c/texmf.cnf" as my CNF file.

It seems that the */updmap/*.map files
("./texlive/texmf-var/fonts/map/pdftex/updmap/pdftex.map" and
"./texlive/texmf-var/fonts/map/dvipdfmx/updmap/kanjix.map") are not
referred to by this CNF file and thus are not found by xdvipdfmx or
kpsewhich.

I would be very grateful if you could advise if this is my error or a
TexLive installer issue.

A full repro of all installation scripts (texlive.sh, latex.sh,
bug.sh) and error messages:
https://gist.github.com/vadimkantorov/cb638c61afc2fb4526d05e6c4c3b48b6

(This exercice is part of my yet-another-latex-in-browser attempt. A
Chrome-working version of xetex+bibtex8+xdvipdfmx is available at
https://vadimkantorov.github.io/busytext/busytex.html)

Thank you!
-- 
Vadim Kantorov

From vojta at math.berkeley.edu  Fri Nov 13 07:56:14 2020
From: vojta at math.berkeley.edu (Paul Vojta)
Date: Thu, 12 Nov 2020 22:56:14 -0800
Subject: [tlbuild] Custom-built xdvipdfmx cannot find pdftex.map on a
 basic-scheme TDS
In-Reply-To: <CAEfwmQsxU146BRX=ca3k5_mWH5b5gJP3GCzpkoeTNcKM7vrmFg@mail.gmail.com>
References: <CAEfwmQsxU146BRX=ca3k5_mWH5b5gJP3GCzpkoeTNcKM7vrmFg@mail.gmail.com>
Message-ID: <20201113065614.GA16304@math.berkeley.edu>

I too build my own custom texlive installation, with my own quirky settings.

When I run KPATHSEA_DEBUG=32 xdvipdfmx -o example.pdf example.xdv
the output relevant to kanjix.map is:

   kdebug:kpse_find_file: searching for kanjix.map of type map (from texmf.cnf)
   kdebug:start generic search(files=[kanjix.map], must_exist=0, find_all=0, path=.:/home/vojta/texmf/fonts/map/dvipdfmx//:!!/usr/local/texmf/fonts/map/dvipdfmx//:/home/vojta/texmf/fonts/map/pdftex//:!!/usr/local/texmf/fonts/map/pdftex//:/home/vojta/texmf/fonts/map/dvips//:!!/usr/local/texmf/fonts/map/dvips//:/home/vojta/texmf/fonts/map///:!!/usr/local/texmf/fonts/map///)
   kdebug:  dir_list_search_list(files=[kanjix.map], find_all=0, casefold=no)
   kdebug:  dir_list_search_list(files=[kanjix.map], find_all=0, casefold=yes)
   kdebug:   casefold_readable_file(kanjix.map) in . => (nil)
   kdebug:db:match(/usr/local/texmf/fonts/map/dvipdfmx/updmap/kanjix.map,/usr/local/texmf/fonts/map/dvipdfmx//) = 1
   kdebug:returning from generic search([kanjix.map]) => /usr/local/texmf/fonts/map/dvipdfmx/updmap/kanjix.map

The search path it's using looks like it's coming from TEXFONTMAPS in texmf.cnf.

Paul Vojta


On Wed, Nov 11, 2020 at 04:50:45PM +0100, Vadim Kantorov wrote:
> I built custom xetex and xdvipdfmx (texlive.sh) into "./build" and
> installed a basic-scheme TexLive distro into "./texlive" with
> install-tl (latex.sh). My machine does not have a system-wide TexLive
> installation.
> 
> Compiling (bug.sh) a dummy tex file produces warnings from xdvipdfmx:
> xdvipdfmx:warning: Couldn't open font map file "pdftex.map".
> xdvipdfmx:warning: Couldn't open font map file "kanjix.map".
> 
> I am using "./texlive/texmf-dist/web2c/texmf.cnf" as my CNF file.
> 
> It seems that the */updmap/*.map files
> ("./texlive/texmf-var/fonts/map/pdftex/updmap/pdftex.map" and
> "./texlive/texmf-var/fonts/map/dvipdfmx/updmap/kanjix.map") are not
> referred to by this CNF file and thus are not found by xdvipdfmx or
> kpsewhich.
> 
> I would be very grateful if you could advise if this is my error or a
> TexLive installer issue.
> 
> A full repro of all installation scripts (texlive.sh, latex.sh,
> bug.sh) and error messages:
> https://gist.github.com/vadimkantorov/cb638c61afc2fb4526d05e6c4c3b48b6
> 
> (This exercice is part of my yet-another-latex-in-browser attempt. A
> Chrome-working version of xetex+bibtex8+xdvipdfmx is available at
> https://vadimkantorov.github.io/busytext/busytex.html)
> 
> Thank you!
> -- 
> Vadim Kantorov

From vadimkantorov at gmail.com  Fri Nov 13 08:48:26 2020
From: vadimkantorov at gmail.com (Vadim Kantorov)
Date: Fri, 13 Nov 2020 10:48:26 +0300
Subject: [tlbuild] Custom-built xdvipdfmx cannot find pdftex.map on a
 basic-scheme TDS
In-Reply-To: <20201113065614.GA16304@math.berkeley.edu>
References: <CAEfwmQsxU146BRX=ca3k5_mWH5b5gJP3GCzpkoeTNcKM7vrmFg@mail.gmail.com>
 <20201113065614.GA16304@math.berkeley.edu>
Message-ID: <CAEfwmQtOMSmWS4x90RU3KEuSiVnaju7o9CFHtFZ_mbb=6Z12ww@mail.gmail.com>

Paul,

What is the contents of your ?texmf.cnf? (especially TEXFONTMAPS value)?
Did you create it yourself?

I think my problem is that the default ?texmf.cnf??s TEXFONTMAPS does not
contain the ?updmap? directory suffix for some reason.

Thanks,
Vadim

Le ven. 13 nov. 2020 ? 09:56, Paul Vojta <vojta at math.berkeley.edu> a ?crit :

> I too build my own custom texlive installation, with my own quirky
> settings.
>
> When I run KPATHSEA_DEBUG=32 xdvipdfmx -o example.pdf example.xdv
> the output relevant to kanjix.map is:
>
>    kdebug:kpse_find_file: searching for kanjix.map of type map (from
> texmf.cnf)
>    kdebug:start generic search(files=[kanjix.map], must_exist=0,
> find_all=0,
> path=.:/home/vojta/texmf/fonts/map/dvipdfmx//:!!/usr/local/texmf/fonts/map/dvipdfmx//:/home/vojta/texmf/fonts/map/pdftex//:!!/usr/local/texmf/fonts/map/pdftex//:/home/vojta/texmf/fonts/map/dvips//:!!/usr/local/texmf/fonts/map/dvips//:/home/vojta/texmf/fonts/map///:!!/usr/local/texmf/fonts/map///)
>    kdebug:  dir_list_search_list(files=[kanjix.map], find_all=0,
> casefold=no)
>    kdebug:  dir_list_search_list(files=[kanjix.map], find_all=0,
> casefold=yes)
>    kdebug:   casefold_readable_file(kanjix.map) in . => (nil)
>
>  kdebug:db:match(/usr/local/texmf/fonts/map/dvipdfmx/updmap/kanjix.map,/usr/local/texmf/fonts/map/dvipdfmx//)
> = 1
>    kdebug:returning from generic search([kanjix.map]) =>
> /usr/local/texmf/fonts/map/dvipdfmx/updmap/kanjix.map
>
> The search path it's using looks like it's coming from TEXFONTMAPS in
> texmf.cnf.
>
> Paul Vojta
>
>
> On Wed, Nov 11, 2020 at 04:50:45PM +0100, Vadim Kantorov wrote:
> > I built custom xetex and xdvipdfmx (texlive.sh) into "./build" and
> > installed a basic-scheme TexLive distro into "./texlive" with
> > install-tl (latex.sh). My machine does not have a system-wide TexLive
> > installation.
> >
> > Compiling (bug.sh) a dummy tex file produces warnings from xdvipdfmx:
> > xdvipdfmx:warning: Couldn't open font map file "pdftex.map".
> > xdvipdfmx:warning: Couldn't open font map file "kanjix.map".
> >
> > I am using "./texlive/texmf-dist/web2c/texmf.cnf" as my CNF file.
> >
> > It seems that the */updmap/*.map files
> > ("./texlive/texmf-var/fonts/map/pdftex/updmap/pdftex.map" and
> > "./texlive/texmf-var/fonts/map/dvipdfmx/updmap/kanjix.map") are not
> > referred to by this CNF file and thus are not found by xdvipdfmx or
> > kpsewhich.
> >
> > I would be very grateful if you could advise if this is my error or a
> > TexLive installer issue.
> >
> > A full repro of all installation scripts (texlive.sh, latex.sh,
> > bug.sh) and error messages:
> > https://gist.github.com/vadimkantorov/cb638c61afc2fb4526d05e6c4c3b48b6
> >
> > (This exercice is part of my yet-another-latex-in-browser attempt. A
> > Chrome-working version of xetex+bibtex8+xdvipdfmx is available at
> > https://vadimkantorov.github.io/busytext/busytex.html)
> >
> > Thank you!
> > --
> > Vadim Kantorov
>
-- 
Vadim Kantorov
+33 6 03 29 27 69
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://tug.org/pipermail/tlbuild/attachments/20201113/a98410ad/attachment.html>

From vojta at math.berkeley.edu  Fri Nov 13 09:36:29 2020
From: vojta at math.berkeley.edu (Paul Vojta)
Date: Fri, 13 Nov 2020 00:36:29 -0800
Subject: [tlbuild] Custom-built xdvipdfmx cannot find pdftex.map on a
 basic-scheme TDS
In-Reply-To: <CAEfwmQtOMSmWS4x90RU3KEuSiVnaju7o9CFHtFZ_mbb=6Z12ww@mail.gmail.com>
References: <CAEfwmQsxU146BRX=ca3k5_mWH5b5gJP3GCzpkoeTNcKM7vrmFg@mail.gmail.com>
 <20201113065614.GA16304@math.berkeley.edu>
 <CAEfwmQtOMSmWS4x90RU3KEuSiVnaju7o9CFHtFZ_mbb=6Z12ww@mail.gmail.com>
Message-ID: <20201113083629.GA18301@math.berkeley.edu>

The TEXFONTMAPS value in my texmf.cnf is:

	TEXFONTMAPS = $TEXMFDOTDIR;$TEXMF/fonts/map/{$progname,pdftex,dvips,}//

This is the same as in Master/texmf-dist/web2c/texmf.cnf in the texlive
source distribution.

It doesn't contain an updmap suffix because the // at the end of TEXFONTMAPS
indicates to kpathsea that it should search all subdirectories.

Sincerely,


Paul Vojta


On Fri, Nov 13, 2020 at 10:48:26AM +0300, Vadim Kantorov wrote:
> Paul,
> 
> What is the contents of your ?texmf.cnf? (especially TEXFONTMAPS value)?
> Did you create it yourself?
> 
> I think my problem is that the default ?texmf.cnf??s TEXFONTMAPS does not
> contain the ?updmap? directory suffix for some reason.
> 
> Thanks,
> Vadim
> 
> Le ven. 13 nov. 2020 ? 09:56, Paul Vojta <vojta at math.berkeley.edu> a ?crit :
> 
> > I too build my own custom texlive installation, with my own quirky
> > settings.
> >
> > When I run KPATHSEA_DEBUG=32 xdvipdfmx -o example.pdf example.xdv
> > the output relevant to kanjix.map is:
> >
> >    kdebug:kpse_find_file: searching for kanjix.map of type map (from
> > texmf.cnf)
> >    kdebug:start generic search(files=[kanjix.map], must_exist=0,
> > find_all=0,
> > path=.:/home/vojta/texmf/fonts/map/dvipdfmx//:!!/usr/local/texmf/fonts/map/dvipdfmx//:/home/vojta/texmf/fonts/map/pdftex//:!!/usr/local/texmf/fonts/map/pdftex//:/home/vojta/texmf/fonts/map/dvips//:!!/usr/local/texmf/fonts/map/dvips//:/home/vojta/texmf/fonts/map///:!!/usr/local/texmf/fonts/map///)
> >    kdebug:  dir_list_search_list(files=[kanjix.map], find_all=0,
> > casefold=no)
> >    kdebug:  dir_list_search_list(files=[kanjix.map], find_all=0,
> > casefold=yes)
> >    kdebug:   casefold_readable_file(kanjix.map) in . => (nil)
> >
> >  kdebug:db:match(/usr/local/texmf/fonts/map/dvipdfmx/updmap/kanjix.map,/usr/local/texmf/fonts/map/dvipdfmx//)
> > = 1
> >    kdebug:returning from generic search([kanjix.map]) =>
> > /usr/local/texmf/fonts/map/dvipdfmx/updmap/kanjix.map
> >
> > The search path it's using looks like it's coming from TEXFONTMAPS in
> > texmf.cnf.
> >
> > Paul Vojta
> >
> >
> > On Wed, Nov 11, 2020 at 04:50:45PM +0100, Vadim Kantorov wrote:
> > > I built custom xetex and xdvipdfmx (texlive.sh) into "./build" and
> > > installed a basic-scheme TexLive distro into "./texlive" with
> > > install-tl (latex.sh). My machine does not have a system-wide TexLive
> > > installation.
> > >
> > > Compiling (bug.sh) a dummy tex file produces warnings from xdvipdfmx:
> > > xdvipdfmx:warning: Couldn't open font map file "pdftex.map".
> > > xdvipdfmx:warning: Couldn't open font map file "kanjix.map".
> > >
> > > I am using "./texlive/texmf-dist/web2c/texmf.cnf" as my CNF file.
> > >
> > > It seems that the */updmap/*.map files
> > > ("./texlive/texmf-var/fonts/map/pdftex/updmap/pdftex.map" and
> > > "./texlive/texmf-var/fonts/map/dvipdfmx/updmap/kanjix.map") are not
> > > referred to by this CNF file and thus are not found by xdvipdfmx or
> > > kpsewhich.
> > >
> > > I would be very grateful if you could advise if this is my error or a
> > > TexLive installer issue.
> > >
> > > A full repro of all installation scripts (texlive.sh, latex.sh,
> > > bug.sh) and error messages:
> > > https://gist.github.com/vadimkantorov/cb638c61afc2fb4526d05e6c4c3b48b6
> > >
> > > (This exercice is part of my yet-another-latex-in-browser attempt. A
> > > Chrome-working version of xetex+bibtex8+xdvipdfmx is available at
> > > https://vadimkantorov.github.io/busytext/busytex.html)
> > >
> > > Thank you!
> > > --
> > > Vadim Kantorov
> >
> -- 
> Vadim Kantorov
> +33 6 03 29 27 69

From vadimkantorov at gmail.com  Fri Nov 13 11:09:02 2020
From: vadimkantorov at gmail.com (Vadim Kantorov)
Date: Fri, 13 Nov 2020 11:09:02 +0100
Subject: [tlbuild] Custom-built xdvipdfmx cannot find pdftex.map on a
 basic-scheme TDS
In-Reply-To: <20201113083629.GA18301@math.berkeley.edu>
References: <CAEfwmQsxU146BRX=ca3k5_mWH5b5gJP3GCzpkoeTNcKM7vrmFg@mail.gmail.com>
 <20201113065614.GA16304@math.berkeley.edu>
 <CAEfwmQtOMSmWS4x90RU3KEuSiVnaju7o9CFHtFZ_mbb=6Z12ww@mail.gmail.com>
 <20201113083629.GA18301@math.berkeley.edu>
Message-ID: <CAEfwmQuq-a1PxdOhqa7T8_c2MjWGtjaV0z7G-3hnX4E7US_C3w@mail.gmail.com>

Paul,

When I change TEXMFDIST export to "export
TEXMFDIST=$PWD/texlive/texmf-dist:$PWD/texlive/texmf-var", things
start to work. Previously, it did not contain texmf-var.

Now my exports read:
export TEXMFCNF=$PWD/texlive/texmf-dist/web2c
export TEXMFDIST=$PWD/texlive/texmf-dist:$PWD/texlive/texmf-var

Is it sensible? Should temxf-var path belong to TEXMFDIST? Or to some
other env. variable?

Thank you!
Vadim Kantorov

??, 13 ????. 2020 ?. ? 09:36, Paul Vojta <vojta at math.berkeley.edu>:
>
> The TEXFONTMAPS value in my texmf.cnf is:
>
>         TEXFONTMAPS = $TEXMFDOTDIR;$TEXMF/fonts/map/{$progname,pdftex,dvips,}//
>
> This is the same as in Master/texmf-dist/web2c/texmf.cnf in the texlive
> source distribution.
>
> It doesn't contain an updmap suffix because the // at the end of TEXFONTMAPS
> indicates to kpathsea that it should search all subdirectories.
>
> Sincerely,
>
>
> Paul Vojta
>
>
> On Fri, Nov 13, 2020 at 10:48:26AM +0300, Vadim Kantorov wrote:
> > Paul,
> >
> > What is the contents of your ?texmf.cnf? (especially TEXFONTMAPS value)?
> > Did you create it yourself?
> >
> > I think my problem is that the default ?texmf.cnf??s TEXFONTMAPS does not
> > contain the ?updmap? directory suffix for some reason.
> >
> > Thanks,
> > Vadim
> >
> > Le ven. 13 nov. 2020 ? 09:56, Paul Vojta <vojta at math.berkeley.edu> a ?crit :
> >
> > > I too build my own custom texlive installation, with my own quirky
> > > settings.
> > >
> > > When I run KPATHSEA_DEBUG=32 xdvipdfmx -o example.pdf example.xdv
> > > the output relevant to kanjix.map is:
> > >
> > >    kdebug:kpse_find_file: searching for kanjix.map of type map (from
> > > texmf.cnf)
> > >    kdebug:start generic search(files=[kanjix.map], must_exist=0,
> > > find_all=0,
> > > path=.:/home/vojta/texmf/fonts/map/dvipdfmx//:!!/usr/local/texmf/fonts/map/dvipdfmx//:/home/vojta/texmf/fonts/map/pdftex//:!!/usr/local/texmf/fonts/map/pdftex//:/home/vojta/texmf/fonts/map/dvips//:!!/usr/local/texmf/fonts/map/dvips//:/home/vojta/texmf/fonts/map///:!!/usr/local/texmf/fonts/map///)
> > >    kdebug:  dir_list_search_list(files=[kanjix.map], find_all=0,
> > > casefold=no)
> > >    kdebug:  dir_list_search_list(files=[kanjix.map], find_all=0,
> > > casefold=yes)
> > >    kdebug:   casefold_readable_file(kanjix.map) in . => (nil)
> > >
> > >  kdebug:db:match(/usr/local/texmf/fonts/map/dvipdfmx/updmap/kanjix.map,/usr/local/texmf/fonts/map/dvipdfmx//)
> > > = 1
> > >    kdebug:returning from generic search([kanjix.map]) =>
> > > /usr/local/texmf/fonts/map/dvipdfmx/updmap/kanjix.map
> > >
> > > The search path it's using looks like it's coming from TEXFONTMAPS in
> > > texmf.cnf.
> > >
> > > Paul Vojta
> > >
> > >
> > > On Wed, Nov 11, 2020 at 04:50:45PM +0100, Vadim Kantorov wrote:
> > > > I built custom xetex and xdvipdfmx (texlive.sh) into "./build" and
> > > > installed a basic-scheme TexLive distro into "./texlive" with
> > > > install-tl (latex.sh). My machine does not have a system-wide TexLive
> > > > installation.
> > > >
> > > > Compiling (bug.sh) a dummy tex file produces warnings from xdvipdfmx:
> > > > xdvipdfmx:warning: Couldn't open font map file "pdftex.map".
> > > > xdvipdfmx:warning: Couldn't open font map file "kanjix.map".
> > > >
> > > > I am using "./texlive/texmf-dist/web2c/texmf.cnf" as my CNF file.
> > > >
> > > > It seems that the */updmap/*.map files
> > > > ("./texlive/texmf-var/fonts/map/pdftex/updmap/pdftex.map" and
> > > > "./texlive/texmf-var/fonts/map/dvipdfmx/updmap/kanjix.map") are not
> > > > referred to by this CNF file and thus are not found by xdvipdfmx or
> > > > kpsewhich.
> > > >
> > > > I would be very grateful if you could advise if this is my error or a
> > > > TexLive installer issue.
> > > >
> > > > A full repro of all installation scripts (texlive.sh, latex.sh,
> > > > bug.sh) and error messages:
> > > > https://gist.github.com/vadimkantorov/cb638c61afc2fb4526d05e6c4c3b48b6
> > > >
> > > > (This exercice is part of my yet-another-latex-in-browser attempt. A
> > > > Chrome-working version of xetex+bibtex8+xdvipdfmx is available at
> > > > https://vadimkantorov.github.io/busytext/busytex.html)
> > > >
> > > > Thank you!
> > > > --
> > > > Vadim Kantorov
> > >
> >


From karl at freefriends.org  Sat Nov 14 23:12:30 2020
From: karl at freefriends.org (Karl Berry)
Date: Sat, 14 Nov 2020 15:12:30 -0700
Subject: [tlbuild] Custom-built xdvipdfmx cannot find pdftex.map on a
 basic-scheme TDS
In-Reply-To: <CAEfwmQuq-a1PxdOhqa7T8_c2MjWGtjaV0z7G-3hnX4E7US_C3w@mail.gmail.com>
Message-ID: <202011142212.0AEMCUWs010036@freefriends.org>

    Is it sensible? Should temxf-var path belong to TEXMFDIST? Or to some
    other env. variable?

In the standard setup, all the trees (including TEXMFDIST and TEXMFVAR,
among others) are defined in the TEXMF variable, as a braced list
{tree1,tree2,...}. Then all the paths start with $TEXMF, and thus look
for files in the same places in all the trees.

I wrote lots of comments in texmf.cnf explaining why it does what it does.

I can't say what's "sensible" or not in what you are doing. If it works
for you and you are happy, then fine :). --best, karl.