1 |
commit: 3b676104682034e837ff8674c72b133382f3ff7c |
2 |
Author: Benda Xu <heroxbd <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Oct 30 03:17:38 2013 +0000 |
4 |
Commit: Benda XU <heroxbd <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Oct 30 03:17:38 2013 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/heroxbd.git;a=commit;h=3b676104 |
7 |
|
8 |
track sandbox |
9 |
|
10 |
--- |
11 |
scripts/bootstrap-rap.sh | 190 +++++- |
12 |
sys-apps/sandbox/ChangeLog | 689 +++++++++++++++++++++ |
13 |
sys-apps/sandbox/Manifest | 33 + |
14 |
.../0001-libsandbox-handle-more-at-functions.patch | 42 ++ |
15 |
sys-apps/sandbox/files/09sandbox | 1 + |
16 |
sys-apps/sandbox/files/sandbox-1.2.17-prefix.patch | 209 +++++++ |
17 |
.../files/sandbox-1.2.18.1-open-cloexec.patch | 15 + |
18 |
.../files/sandbox-1.2.18.1-open-normal-fail.patch | 99 +++ |
19 |
.../files/sandbox-1.2.18.1-rtld-validation.patch | 43 ++ |
20 |
.../files/sandbox-1.2.20_alpha2-parallel.patch | 12 + |
21 |
.../files/sandbox-1.6-disable-pthread.patch | 37 ++ |
22 |
.../files/sandbox-1.6-disable-qa-static.patch | 13 + |
23 |
.../sandbox/files/sandbox-1.9-setoptions.patch | 15 + |
24 |
sys-apps/sandbox/files/sandbox-2.0-prefix.patch | 37 ++ |
25 |
.../sandbox/files/sandbox-2.0-setoptions.patch | 11 + |
26 |
sys-apps/sandbox/files/sandbox-2.2-prefix.patch | 26 + |
27 |
.../files/sandbox-2.6-check-empty-paths-at.patch | 201 ++++++ |
28 |
sys-apps/sandbox/files/sandbox-2.6-desktop.patch | 30 + |
29 |
sys-apps/sandbox/files/sandbox-2.6-log-var.patch | 51 ++ |
30 |
.../sandbox/files/sandbox-2.6-open-nofollow.patch | 54 ++ |
31 |
sys-apps/sandbox/files/sandbox-2.6-prefix.patch | 70 +++ |
32 |
.../files/sandbox-2.6-static-close-fd.patch | 93 +++ |
33 |
.../sandbox/files/sandbox-2.6-trace-hppa.patch | 27 + |
34 |
sys-apps/sandbox/metadata.xml | 11 + |
35 |
sys-apps/sandbox/sandbox-1.6-r2.ebuild | 104 ++++ |
36 |
sys-apps/sandbox/sandbox-2.3-r1.ebuild | 103 +++ |
37 |
sys-apps/sandbox/sandbox-2.4.ebuild | 100 +++ |
38 |
sys-apps/sandbox/sandbox-2.5.ebuild | 126 ++++ |
39 |
sys-apps/sandbox/sandbox-2.6-r1.ebuild | 132 ++++ |
40 |
sys-apps/sandbox/sandbox-2.6.ebuild | 132 ++++ |
41 |
30 files changed, 2695 insertions(+), 11 deletions(-) |
42 |
|
43 |
diff --git a/scripts/bootstrap-rap.sh b/scripts/bootstrap-rap.sh |
44 |
old mode 100755 |
45 |
new mode 100644 |
46 |
index 30823d8..add2f41 |
47 |
--- a/scripts/bootstrap-rap.sh |
48 |
+++ b/scripts/bootstrap-rap.sh |
49 |
@@ -367,6 +367,11 @@ bootstrap_tree() { |
50 |
# this is ugly, we have to put the temperory rap overlay somewhere |
51 |
PORTDIR="${PORTDIR_RAP}" \ |
52 |
do_tree http://dev.gentoo.org/~heroxbd rap-overlay.tar.bz2 |
53 |
+ |
54 |
+ # Add corrected ebuilds to rap-overlay: perl, portage, openrc |
55 |
+ bzip2 -dc "${ROOT}/../rap-overlay-perl.tar.bz2" | $TAR -xf - -C ${PORTDIR_RAP%portage} |
56 |
+ bzip2 -dc "${ROOT}/../rap-overlay-openrc.tar.bz2" | $TAR -xf - -C ${PORTDIR_RAP%portage} |
57 |
+ bzip2 -dc "${ROOT}/../rap-overlay-portage.tar.bz2" | $TAR -xf - -C ${PORTDIR_RAP%portage} |
58 |
} |
59 |
|
60 |
bootstrap_latest_tree() { |
61 |
@@ -586,8 +591,12 @@ bootstrap_gnu() { |
62 |
[[ ${PN} == "coreutils" ]] && \ |
63 |
myconf="${myconf} --disable-acl --without-gmp" |
64 |
|
65 |
- [[ ${PN} == "gcc" ]] && myconf="${myconf} --disable-bootstrap --enable-languages=c\ |
66 |
- --disable-multilib" |
67 |
+ if [[ ${PN} == "gcc" ]] ; then |
68 |
+ myconf="${myconf} --disable-bootstrap --enable-languages=c\ |
69 |
+ --disable-multilib --with-sysroot=/usr/local/x86_64-linux-gnu/x86_64-linux-gnu/sys-root\ |
70 |
+ --disable-libssp --disable-libgomp --disable-libquadmath --disable-decimal-float --disable-threads\ |
71 |
+ --without-ppl --without-cloog " |
72 |
+ fi |
73 |
|
74 |
if [[ ${PN} == "coreutils" && ${CHOST} == *-interix* ]] ; then |
75 |
# Interix doesn't have filesystem listing stuff, but that means all |
76 |
@@ -614,7 +623,11 @@ bootstrap_gnu() { |
77 |
if [[ ${PN} == "make" && $(type -t $MAKE) != "file" ]]; then |
78 |
./build.sh || return 1 |
79 |
else |
80 |
+ if [[ ${PN} == "gcc" ]] ; then |
81 |
+ $MAKE ${MAKEOPTS} gcc_cv_libc_provides_ssp=yes || return 1 |
82 |
+ else |
83 |
$MAKE ${MAKEOPTS} || return 1 |
84 |
+ fi |
85 |
fi |
86 |
|
87 |
einfo "Installing ${PN}" |
88 |
@@ -932,7 +945,11 @@ bootstrap_stage1() { |
89 |
[[ $(uniq --version 2>&1) == *"(GNU coreutils) "[6789]* ]] \ |
90 |
|| (bootstrap_coreutils) || return 1 |
91 |
[[ $(find --version 2>&1) == *GNU* ]] || (bootstrap_findutils) || return 1 |
92 |
- [[ $(tar --version 2>&1) == *GNU* ]] || (bootstrap_tar) || return 1 |
93 |
+# Synology gives a tar from busybox which does not handle all required options |
94 |
+# [[ $(tar --version 2>&1) == *GNU* ]] || |
95 |
+ (bootstrap_tar) || return 1 |
96 |
+# Synology also gives gzip through busybox which does not handle all required options |
97 |
+ (bootstrap_gzip) || return 1 |
98 |
[[ $(patch --version 2>&1) == *"GNU patch 2."7* ]] || (bootstrap_patch) || return 1 |
99 |
[[ $(grep --version 2>&1) == *GNU* ]] || (bootstrap_grep) || return 1 |
100 |
[[ $(awk --version < /dev/null 2>&1) == *GNU* ]] || bootstrap_gawk || return 1 |
101 |
@@ -1052,9 +1069,13 @@ bootstrap_stage3() { |
102 |
|
103 |
set_profile 1 |
104 |
# --oneshot --nodeps |
105 |
+ # synology toolchain is still using only sys-root, hence add some to the make.defaults |
106 |
+ echo "CFLAGS=-I${ROOT}/usr/include" >> "${PORTDIR_RAP}"/profiles/bootstrap/glibc/make.defaults |
107 |
+ echo "LDFLAGS=\"-L${ROOT}/usr/lib64 -Wl,-rpath=${ROOT}/usr/lib64\"" >> "${PORTDIR_RAP}"/profiles/bootstrap/glibc/make.defaults |
108 |
+ # export LD_LIBRARY_PATH=${ROOT}/usr/lib64 |
109 |
local pkgs=( |
110 |
sys-apps/sed |
111 |
- "<app-shells/bash-4.2_p20" # higher versions require readline |
112 |
+ "<app-shells/bash-4.2_p20" # higher versions requires readline |
113 |
app-arch/xz-utils |
114 |
sys-apps/baselayout-prefix |
115 |
sys-devel/m4 |
116 |
@@ -1072,6 +1093,11 @@ bootstrap_stage3() { |
117 |
|
118 |
emerge_pkgs --nodeps "${pkgs[@]}" || return 1 |
119 |
|
120 |
+ gcc-config -l |
121 |
+ |
122 |
+ # undo make.defaults change made above |
123 |
+ set_profile 1 |
124 |
+ |
125 |
echo 'int main() {}' > test-rpath.c |
126 |
gcc -o test-rpath test-rpath.c |
127 |
if readelf -d test-rpath | grep -q rpath; then |
128 |
@@ -1094,9 +1120,16 @@ EOF |
129 |
fi |
130 |
fi |
131 |
|
132 |
+ # inject a link to gcc to /usr/bin/cc |
133 |
+ if [[ ! -x "${ROOT}"/usr/bin/cc ]]; then |
134 |
+ ln -s $(which gcc) "${ROOT}"/usr/bin/cc |
135 |
+ fi |
136 |
+ |
137 |
pkgs=( sys-libs/glibc ) |
138 |
emerge_pkgs --nodeps "${pkgs[@]}" || return 1 |
139 |
|
140 |
+# unset LD_LIBRARY_PATH |
141 |
+ |
142 |
# in gcc bootstrap stage 1, xgcc/cc1 and friends may be linked against libgcc_s.so of |
143 |
# the old gcc, which cannot be found on new RAP. Append that directory to ld.so.conf |
144 |
# so that our RAP dynamic linker can find it. This will be overwritten by env-update |
145 |
@@ -1135,9 +1168,21 @@ EOF |
146 |
) |
147 |
emerge_pkgs --nodeps "${pkgs[@]}" || return 1 |
148 |
|
149 |
- # --oneshot |
150 |
+ # Synology does not have /usr/include |
151 |
+ # Python will not be able to build if /usr/include/[sys,netinet] are not found, make a temporary link |
152 |
+ if [ ! -d /usr/include ]; then |
153 |
+ cat << EOF |
154 |
+Python will not be able to build if /usr/include/[sys,netinet,and others] are not found as well |
155 |
+Make a link from ${ROOT}/usr/include to /usr/include and renew the bootstrap-rap.sh command |
156 |
+to continue from here on. |
157 |
+ |
158 |
+EOF |
159 |
+ return 1 |
160 |
+ fi |
161 |
+ |
162 |
+ # --oneshot |
163 |
local pkgs=( |
164 |
- net-misc/wget |
165 |
+ "<net-misc/wget-1.14" # otherwise pulls in util-linux which links to perl using gdbm and berkdb that are missing |
166 |
sys-apps/acl |
167 |
) |
168 |
emerge_pkgs "" "${pkgs[@]}" || return 1 |
169 |
@@ -1152,6 +1197,11 @@ EOF |
170 |
# the -I directions set by the profile |
171 |
export CPPFLAGS="${CPPFLAGS} -DNO_LARGEFILE_SOURCE" |
172 |
|
173 |
+ # Synology or not ? : you may however encounter error due to missing fetched file python-gentoo-patches-3.2.3-0.tar.bz2 |
174 |
+ # in such case manually download at http://mirror.meleeweb.net/pub/linux/gentoo/distfiles/python-gentoo-patches-3.2.3-0.tar.bz2 |
175 |
+ # the same happened for python-gentoo-patches-3.3.2-1.tar.xz, hence we do not ask for it |
176 |
+ echo ">=dev-lang/python-3.3" >> "${ROOT}/etc/portage/package.mask" |
177 |
+ sed -i -e "1i PYTHON_TARGETS=\"python2_7 python3_2\"" "${ROOT}/etc/portage/make.conf" |
178 |
# disable collision-protect to overwrite the bootstrapped portage |
179 |
FEATURES="-collision-protect" emerge_pkgs "" "sys-apps/portage" || return 1 |
180 |
|
181 |
@@ -1163,25 +1213,143 @@ EOF |
182 |
fi |
183 |
|
184 |
set_profile 2 |
185 |
- |
186 |
# Portage should figure out itself what it needs to do, if anything |
187 |
+ |
188 |
+ ########################################################################################## |
189 |
+ # Problem here as the lib directory is not always a symlink. # |
190 |
+ # You need to manually move files and create a symlink lib to the correct lib64 or lib32 # |
191 |
+ ########################################################################################## |
192 |
+ |
193 |
+ # Taking off some packages that may either not build correctly or have nothing to do in prefix, even if rap. |
194 |
+ cat << __END__ >> "${ROOT}/usr/local/portage/profiles/features/rap/packages" |
195 |
+ |
196 |
+# Here we remove packages that default/linux/packages pulls in and have no |
197 |
+# business being in Gentoo Prefix |
198 |
+-*sys-apps/busybox |
199 |
+# we keep that one as wget may use it. TS |
200 |
+#-*sys-apps/util-linux |
201 |
+ |
202 |
+# This file removes everything from the base profile which is not |
203 |
+# necessary/desired in a prefix environment. |
204 |
+-*>=sys-apps/baselayout-2 |
205 |
+-*net-misc/iputils |
206 |
+-*sys-apps/kbd |
207 |
+-*sys-process/procps |
208 |
+-*sys-process/psmisc |
209 |
+-*sys-fs/e2fsprogs |
210 |
+-*virtual/dev-manager |
211 |
+-*virtual/modutils |
212 |
+-*virtual/shadow |
213 |
+ |
214 |
+# add back prefix baselayout |
215 |
+*sys-apps/baselayout-prefix |
216 |
+ |
217 |
+__END__ |
218 |
+ |
219 |
+ |
220 |
+ # For some obscure reason gettext is required but not installed (msgfmt missing) |
221 |
+ USE=-git emerge -u gettext || return 1 |
222 |
+ |
223 |
+ einfo "Emerging system..." |
224 |
+ sed -i -e "1i USE=-ssl" "${EPREFIX}"/etc/portage/make.conf |
225 |
USE=-git emerge -u system || return 1 |
226 |
|
227 |
- if [[ ! -f ${EPREFIX}/etc/portage/make.conf ]] ; then |
228 |
+ # remove anything that we don't need (compilers most likely) |
229 |
+ emerge --depclean |
230 |
+ |
231 |
+ # |
232 |
+ #if [[ ! -f ${EPREFIX}/etc/portage/make.conf ]] ; then |
233 |
{ |
234 |
- echo 'USE="unicode nls"' |
235 |
+ echo 'USE="unicode nls -ssl"' |
236 |
echo 'CFLAGS="${CFLAGS} -O2 -pipe"' |
237 |
echo 'CXXFLAGS="${CFLAGS}"' |
238 |
echo "MAKEOPTS=\"${MAKEOPTS}\"" |
239 |
+ echo "PYTHON_TARGETS=\"python2_7 python3_2\"" |
240 |
echo "# be careful with this one, don't just remove it!" |
241 |
echo "PREFIX_DISABLE_GEN_USR_LDSCRIPT=yes" |
242 |
} > "${EPREFIX}"/etc/portage/make.conf |
243 |
- fi |
244 |
+ # |
245 |
|
246 |
einfo "stage3 successfully finished" |
247 |
} |
248 |
|
249 |
bootstrap_interactive() { |
250 |
+ # immediately die on platforms that we know are impossible due to |
251 |
+ # brain-deadness (Debian/Ubuntu) or extremely hard dependency chains |
252 |
+ # (TODO NetBSD/OpenBSD) |
253 |
+ case ${CHOST} in |
254 |
+ *-linux-gnu) |
255 |
+ local toolchain_impossible= |
256 |
+ # Figure out if this is Ubuntu... |
257 |
+ if [[ $(lsb_release -is 2>/dev/null) == "Ubuntu" ]] ; then |
258 |
+ case "$(lsb_release -sr)" in |
259 |
+ [456789].*|10.*) |
260 |
+ : # good versions |
261 |
+ ;; |
262 |
+ *) |
263 |
+ # Debian/Ubuntu have seriously fscked up their |
264 |
+ # toolchain to support their multi-arch crap |
265 |
+ # since Natty (11.04) that noone really wants, |
266 |
+ # and certainly not upstream. Some details: |
267 |
+ # https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/738098 |
268 |
+ toolchain_impossible="Ubuntu >= 11.04 (Natty)" |
269 |
+ ;; |
270 |
+ esac |
271 |
+ fi |
272 |
+ # Figure out if this is Debian |
273 |
+ if [[ -e /etc/debian_release ]] ; then |
274 |
+ case "$(< /etc/debian_release)" in |
275 |
+ hamm/*|slink/*|potato/*|woody/*|sarge/*|etch/*|lenny/*|squeeze/*) |
276 |
+ : # good versions |
277 |
+ ;; |
278 |
+ *) |
279 |
+ # Debian introduced their big crap since Wheezy |
280 |
+ # (7.0), like for Ubuntu, see above |
281 |
+ toolchain_impossible="Debian >= 7.0 (Wheezy)" |
282 |
+ ;; |
283 |
+ esac |
284 |
+ fi |
285 |
+ if [[ -n ${toolchain_impossible} ]] ; then |
286 |
+ # In short, it's impossible for us to compile a |
287 |
+ # compiler, since 1) gcc picks up our ld, which doesn't |
288 |
+ # support sysroot (can work around with a wrapper |
289 |
+ # script), 2) headers and libs aren't found (symlink |
290 |
+ # them to Prefix), 3) stuff like crtX.i isn't found |
291 |
+ # during bootstrap, since the bootstrap compiler doesn't |
292 |
+ # get any of our flags and doesn't know where to find |
293 |
+ # them (even if we copied them). So we cannot do this, |
294 |
+ # unless we use the Ubuntu patches in our ebuilds, which |
295 |
+ # is a NO-GO area. |
296 |
+ cat << EOF |
297 |
+Oh My! ${toolchain_impossible}! AAAAAAAAAAAAAAAAAAAAARGH! HELL comes over me! |
298 |
+ |
299 |
+EOF |
300 |
+ echo -n "..." |
301 |
+ sleep 1 |
302 |
+ echo -n "." |
303 |
+ sleep 1 |
304 |
+ echo -n "." |
305 |
+ sleep 1 |
306 |
+ echo -n "." |
307 |
+ sleep 1 |
308 |
+ echo |
309 |
+ echo |
310 |
+ cat << EOF |
311 |
+and over you. You're on the worst Linux distribution from a developer's |
312 |
+(and so Gentoo Prefix) perspective since http://wiki.debian.org/Multiarch/. |
313 |
+Due to this multi-arch idea, it is IMPOSSIBLE for Gentoo Prefix to |
314 |
+bootstrap a compiler without using Debuntu patches, which is an absolute |
315 |
+NO-GO area! GCC and binutils upstreams didn't just reject those patches |
316 |
+for fun. |
317 |
+ |
318 |
+I really can't help you, and won't waste any of your time either. The |
319 |
+story simply ends here. Sorry. |
320 |
+EOF |
321 |
+ exit 1 |
322 |
+ fi |
323 |
+ ;; |
324 |
+ esac |
325 |
+ |
326 |
cat <<"EOF" |
327 |
|
328 |
|
329 |
@@ -1697,7 +1865,7 @@ EOF |
330 |
|
331 |
# Don't confuse Portage with a possibly slightly differing CHOST |
332 |
unset CHOST |
333 |
- |
334 |
+ |
335 |
if ! emerge -e system ; then |
336 |
# emerge -e system fail |
337 |
cat << EOF |
338 |
|
339 |
diff --git a/sys-apps/sandbox/ChangeLog b/sys-apps/sandbox/ChangeLog |
340 |
new file mode 100644 |
341 |
index 0000000..76303db |
342 |
--- /dev/null |
343 |
+++ b/sys-apps/sandbox/ChangeLog |
344 |
@@ -0,0 +1,689 @@ |
345 |
+# ChangeLog for sys-apps/sandbox |
346 |
+# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 |
347 |
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/ChangeLog,v 1.165 2012/07/06 19:53:10 vapier Exp $ |
348 |
+ |
349 |
+ 06 Jul 2012; Mike Frysinger <vapier@g.o> |
350 |
+ +files/sandbox-2.6-trace-hppa.patch, sandbox-2.6.ebuild: |
351 |
+ Fix building of trace code for hppa #425062 by Jeroen Roovers. |
352 |
+ |
353 |
+*sandbox-2.6 (03 Jul 2012) |
354 |
+ |
355 |
+ 03 Jul 2012; Mike Frysinger <vapier@g.o> +sandbox-2.6.ebuild: |
356 |
+ Various fixes, and x32 support. |
357 |
+ |
358 |
+ 24 Jun 2012; Mike Frysinger <vapier@g.o> sandbox-2.5.ebuild: |
359 |
+ Parallelize configure steps for multiple ABIs, and run tests in parallel. |
360 |
+ |
361 |
+ 30 Mar 2012; Alexis Ballier <aballier@g.o> sandbox-1.6-r2.ebuild: |
362 |
+ keyword -x86-fbsd for bug #374425, sandbox is broken of fbsd and this leaves |
363 |
+ us with nothing. |
364 |
+ |
365 |
+ 05 Feb 2012; Mike Frysinger <vapier@g.o> sandbox-1.6-r2.ebuild, |
366 |
+ sandbox-2.3-r1.ebuild, sandbox-2.4.ebuild, sandbox-2.5.ebuild: |
367 |
+ Move to new unpacker eclass. |
368 |
+ |
369 |
+ 02 Feb 2012; Samuli Suominen <ssuominen@g.o> sandbox-2.5.ebuild: |
370 |
+ ppc/ppc64 stable wrt #389981 |
371 |
+ |
372 |
+ 03 Dec 2011; Raúl Porcel <armin76@g.o> sandbox-2.5.ebuild: |
373 |
+ alpha/ia64/m68k/s390/sh/sparc stable wrt #389981 |
374 |
+ |
375 |
+ 13 Nov 2011; Markus Meier <maekke@g.o> sandbox-2.5.ebuild: |
376 |
+ arm stable, bug #389981 |
377 |
+ |
378 |
+ 11 Nov 2011; Pawel Hajdan jr <phajdan.jr@g.o> sandbox-2.5.ebuild: |
379 |
+ x86 stable wrt bug #389981 |
380 |
+ |
381 |
+ 10 Nov 2011; Jeroen Roovers <jer@g.o> sandbox-2.5.ebuild: |
382 |
+ Stable for HPPA (bug #389981). |
383 |
+ |
384 |
+ 10 Nov 2011; Tony Vroon <chainsaw@g.o> sandbox-2.5.ebuild: |
385 |
+ Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo & |
386 |
+ Elijah "Armageddon" El Lazkani in bug #389981. |
387 |
+ |
388 |
+ 10 May 2011; Jeremy Olexa <darkside@g.o> sandbox-2.4.ebuild, |
389 |
+ sandbox-2.5.ebuild: |
390 |
+ Don't restore ownership while extracting, bug 366759 |
391 |
+ |
392 |
+*sandbox-2.5 (14 Feb 2011) |
393 |
+ |
394 |
+ 14 Feb 2011; Mike Frysinger <vapier@g.o> +sandbox-2.5.ebuild: |
395 |
+ Version bump. |
396 |
+ |
397 |
+ 12 Feb 2011; Raúl Porcel <armin76@g.o> sandbox-2.4.ebuild: |
398 |
+ sparc stable wrt #348549 |
399 |
+ |
400 |
+ 02 Jan 2011; Mike Frysinger <vapier@g.o> sandbox-2.4.ebuild: |
401 |
+ Mark alpha/ia64/s390/sh stable #348549. |
402 |
+ |
403 |
+ 21 Dec 2010; Markus Meier <maekke@g.o> sandbox-2.4.ebuild: |
404 |
+ arm stable, bug #348549 |
405 |
+ |
406 |
+ 19 Dec 2010; Samuli Suominen <ssuominen@g.o> sandbox-2.4.ebuild: |
407 |
+ ppc64 stable wrt #348549 |
408 |
+ |
409 |
+ 14 Dec 2010; Markos Chandras <hwoarang@g.o> sandbox-2.4.ebuild: |
410 |
+ Stable on amd64 wrt bug #348549 |
411 |
+ |
412 |
+ 13 Dec 2010; Jeroen Roovers <jer@g.o> sandbox-2.4.ebuild: |
413 |
+ Stable for HPPA PPC (bug #348549). |
414 |
+ |
415 |
+ 13 Dec 2010; Jeroen Roovers <jer@g.o> sandbox-2.4.ebuild: |
416 |
+ Stable for HPPA (bug #348549). |
417 |
+ |
418 |
+ 12 Dec 2010; Pawel Hajdan jr <phajdan.jr@g.o> sandbox-2.4.ebuild: |
419 |
+ x86 stable wrt bug #348549 |
420 |
+ |
421 |
+ 30 Nov 2010; Michael Weber <xmw@g.o> sandbox-2.3-r1.ebuild: |
422 |
+ sparc stable (bug 338113) |
423 |
+ |
424 |
+*sandbox-2.4 (24 Nov 2010) |
425 |
+ |
426 |
+ 24 Nov 2010; Mike Frysinger <vapier@g.o> +sandbox-2.4.ebuild: |
427 |
+ Fix hardened issues #339157 and flesh out *at func handling some more |
428 |
+ #342983. |
429 |
+ |
430 |
+ 23 Nov 2010; Mike Frysinger <vapier@g.o> sandbox-2.3-r1.ebuild: |
431 |
+ Add back ~sparc since it has its ptrace disabled. |
432 |
+ |
433 |
+ 16 Oct 2010; Brent Baude <ranger@g.o> sandbox-2.3-r1.ebuild: |
434 |
+ stable ppc, bug 338113 |
435 |
+ |
436 |
+ 10 Oct 2010; Samuli Suominen <ssuominen@g.o> sandbox-2.3-r1.ebuild: |
437 |
+ ppc64 stable wrt #338113 |
438 |
+ |
439 |
+ 10 Oct 2010; Raúl Porcel <armin76@g.o> sandbox-2.3-r1.ebuild: |
440 |
+ alpha/arm/ia64/m68k/s390/sh stable wrt #338113 |
441 |
+ |
442 |
+ 05 Oct 2010; Markus Meier <maekke@g.o> sandbox-2.3-r1.ebuild: |
443 |
+ x86 stable, bug #338113 |
444 |
+ |
445 |
+ 29 Sep 2010; Jeroen Roovers <jer@g.o> sandbox-2.3-r1.ebuild: |
446 |
+ Stable for HPPA (bug #338113). |
447 |
+ |
448 |
+ 24 Sep 2010; Markos Chandras <hwoarang@g.o> sandbox-2.3-r1.ebuild: |
449 |
+ Stable on amd64 wrt bug #338113 |
450 |
+ |
451 |
+*sandbox-2.3-r1 (17 Aug 2010) |
452 |
+ |
453 |
+ 17 Aug 2010; Mike Frysinger <vapier@g.o> +sandbox-2.3-r1.ebuild: |
454 |
+ Fix sandbox.d config install #333131 by Hans Nieser. |
455 |
+ |
456 |
+*sandbox-2.3 (17 Aug 2010) |
457 |
+ |
458 |
+ 17 Aug 2010; Mike Frysinger <vapier@g.o> +sandbox-2.3.ebuild: |
459 |
+ Version bump. Lots o fixes. |
460 |
+ |
461 |
+ 15 Aug 2010; Mike Frysinger <vapier@g.o> sandbox-1.6-r2.ebuild, |
462 |
+ sandbox-2.2.ebuild: |
463 |
+ Manually decompress the lzma archive if host PM cannot #271543. |
464 |
+ |
465 |
+ 21 Nov 2009; Raúl Porcel <armin76@g.o> sandbox-2.2.ebuild: |
466 |
+ Mark 2.2 -sparc as it doesn't work very well, bug #293632 |
467 |
+ |
468 |
+*sandbox-2.2 (26 Oct 2009) |
469 |
+ |
470 |
+ 26 Oct 2009; Mike Frysinger <vapier@g.o> +sandbox-2.2.ebuild: |
471 |
+ Version bump (includes fixes for #202765 #288227 #288863 and SPARC |
472 |
+ ptrace). |
473 |
+ |
474 |
+ 27 Sep 2009; Mike Frysinger <vapier@g.o> sandbox-2.1.ebuild: |
475 |
+ Fix new multilib code on non-multilib systems #286599 by Norman Yarvin. |
476 |
+ |
477 |
+ 25 Sep 2009; Thomas Sachau (Tommy[D]) <tommy@g.o> |
478 |
+ sandbox-2.1.ebuild: |
479 |
+ Add multilib useflag for multilib building with ok from vapier |
480 |
+ |
481 |
+*sandbox-2.1 (25 Aug 2009) |
482 |
+ |
483 |
+ 25 Aug 2009; Mike Frysinger <vapier@g.o> +sandbox-2.1.ebuild: |
484 |
+ Version bump. |
485 |
+ |
486 |
+ 13 Aug 2009; Mike Frysinger <vapier@g.o> |
487 |
+ sandbox-1.2.18.1-r2.ebuild, sandbox-1.2.18.1-r3.ebuild, |
488 |
+ sandbox-1.2.20_alpha2-r1.ebuild, sandbox-1.3.0.ebuild, |
489 |
+ sandbox-1.3.1.ebuild, sandbox-1.3.2.ebuild, sandbox-1.3.3.ebuild, |
490 |
+ sandbox-1.3.4.ebuild, sandbox-1.3.5.ebuild, sandbox-1.3.6.ebuild, |
491 |
+ sandbox-1.3.7.ebuild, sandbox-1.3.8.ebuild, sandbox-1.3.9.ebuild, |
492 |
+ sandbox-1.4.ebuild, sandbox-1.5.ebuild, sandbox-1.6.ebuild, |
493 |
+ sandbox-1.6-r1.ebuild, sandbox-1.6-r2.ebuild, sandbox-1.7.ebuild, |
494 |
+ sandbox-1.8.ebuild, sandbox-1.9.ebuild, sandbox-2.0.ebuild: |
495 |
+ Drop duplicate eutils inherit #279607 by Justin Lecher. |
496 |
+ |
497 |
+*sandbox-2.0 (04 Jun 2009) |
498 |
+ |
499 |
+ 04 Jun 2009; Mike Frysinger <vapier@g.o> +sandbox-2.0.ebuild: |
500 |
+ Version bump to improve static tracing. |
501 |
+ |
502 |
+ 17 May 2009; Diego E. Pettenò <flameeyes@g.o> sandbox-1.7.ebuild, |
503 |
+ sandbox-1.8.ebuild, sandbox-1.9.ebuild: |
504 |
+ Remove x86-fbsd keyword for sandbox versions that are known incompatible |
505 |
+ with FreeBSD. |
506 |
+ |
507 |
+ 26 Apr 2009; Brent Baude <ranger@g.o> sandbox-1.6-r2.ebuild: |
508 |
+ stable ppc, bug 265376 |
509 |
+ |
510 |
+ 20 Apr 2009; Raúl Porcel <armin76@g.o> sandbox-1.6-r2.ebuild: |
511 |
+ ia64 stable wrt #265376 |
512 |
+ |
513 |
+ 18 Apr 2009; Mike Frysinger <vapier@g.o> sandbox-1.6-r2.ebuild, |
514 |
+ sandbox-1.9.ebuild: |
515 |
+ Force latest stable pax-utils as some people are lazy and dont upgrade |
516 |
+ #265376 by Jerome Potts. |
517 |
+ |
518 |
+ 18 Apr 2009; Raúl Porcel <armin76@g.o> sandbox-1.6-r2.ebuild: |
519 |
+ arm/m68k/s390/sh stable wrt #265376 |
520 |
+ |
521 |
+ 15 Apr 2009; Markus Meier <maekke@g.o> sandbox-1.6-r2.ebuild: |
522 |
+ amd64/x86 stable, bug #265376 |
523 |
+ |
524 |
+ 13 Apr 2009; Jeroen Roovers <jer@g.o> sandbox-1.6-r2.ebuild: |
525 |
+ Stable for HPPA (bug #265376). |
526 |
+ |
527 |
+ 12 Apr 2009; Brent Baude <ranger@g.o> sandbox-1.6-r2.ebuild: |
528 |
+ stable ppc64, bug 265376 |
529 |
+ |
530 |
+ 12 Apr 2009; Tobias Klausmann <klausman@g.o> sandbox-1.6-r2.ebuild: |
531 |
+ Stable on alpha, bug #265376 |
532 |
+ |
533 |
+ 09 Apr 2009; Friedrich Oslage <bluebird@g.o> sandbox-1.6-r2.ebuild: |
534 |
+ Stable on sparc, bug #265376 |
535 |
+ |
536 |
+ 09 Apr 2009; Mike Frysinger <vapier@g.o> sandbox-1.6-r2.ebuild, |
537 |
+ sandbox-1.9.ebuild: |
538 |
+ Make sure /etc/sandbox.d has 0755 perms #265376 by Friedrich Oslage. |
539 |
+ |
540 |
+*sandbox-1.9 (09 Apr 2009) |
541 |
+ |
542 |
+ 09 Apr 2009; Mike Frysinger <vapier@g.o> +sandbox-1.9.ebuild: |
543 |
+ Version bump. |
544 |
+ |
545 |
+*sandbox-1.8 (05 Apr 2009) |
546 |
+ |
547 |
+ 05 Apr 2009; Mike Frysinger <vapier@g.o> +sandbox-1.8.ebuild: |
548 |
+ Version bump to fix #263657 #264399 #264476 #264478 #264676. |
549 |
+ |
550 |
+*sandbox-1.6-r2 (02 Apr 2009) |
551 |
+ |
552 |
+ 02 Apr 2009; Mike Frysinger <vapier@g.o> |
553 |
+ +files/sandbox-1.6-disable-pthread.patch, +sandbox-1.6-r2.ebuild: |
554 |
+ Disable pthread locks to make 1.6 regression free #264476. |
555 |
+ |
556 |
+*sandbox-1.6-r1 (31 Mar 2009) |
557 |
+ |
558 |
+ 31 Mar 2009; Mike Frysinger <vapier@g.o> |
559 |
+ +files/sandbox-1.6-disable-qa-static.patch, |
560 |
+ +files/0001-libsandbox-handle-more-at-functions.patch, |
561 |
+ +sandbox-1.6-r1.ebuild: |
562 |
+ Backport a fix or two so we can stabilize this version. |
563 |
+ |
564 |
+*sandbox-1.7 (31 Mar 2009) |
565 |
+ |
566 |
+ 31 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.7.ebuild: |
567 |
+ Version bump. |
568 |
+ |
569 |
+*sandbox-1.6 (12 Mar 2009) |
570 |
+ |
571 |
+ 12 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.6.ebuild: |
572 |
+ Version bump. |
573 |
+ |
574 |
+*sandbox-1.5 (11 Mar 2009) |
575 |
+ |
576 |
+ 11 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.5.ebuild: |
577 |
+ Version bump. |
578 |
+ |
579 |
+*sandbox-1.4 (08 Mar 2009) |
580 |
+ |
581 |
+ 08 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.4.ebuild: |
582 |
+ Version bump. |
583 |
+ |
584 |
+*sandbox-1.3.9 (05 Mar 2009) |
585 |
+ |
586 |
+ 05 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.9.ebuild: |
587 |
+ Version bump. |
588 |
+ |
589 |
+*sandbox-1.3.8 (20 Feb 2009) |
590 |
+ |
591 |
+ 20 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.8.ebuild: |
592 |
+ Version bump. |
593 |
+ |
594 |
+*sandbox-1.3.7 (14 Feb 2009) |
595 |
+ |
596 |
+ 14 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.7.ebuild: |
597 |
+ Version bump |
598 |
+ |
599 |
+*sandbox-1.3.6 (11 Feb 2009) |
600 |
+ |
601 |
+ 11 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.6.ebuild: |
602 |
+ Version bump. |
603 |
+ |
604 |
+*sandbox-1.3.5 (08 Feb 2009) |
605 |
+ |
606 |
+ 08 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.5.ebuild: |
607 |
+ Version bump for regressions. |
608 |
+ |
609 |
+ 07 Feb 2009; Mike Frysinger <vapier@g.o> |
610 |
+ +files/0001-sandbox-fix-typo-in-struct-sandbox_info_t-decl.patch, |
611 |
+ sandbox-1.3.4.ebuild: |
612 |
+ Fix for hardened systems #258031. |
613 |
+ |
614 |
+*sandbox-1.3.4 (07 Feb 2009) |
615 |
+ |
616 |
+ 07 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.4.ebuild: |
617 |
+ Version bump. |
618 |
+ |
619 |
+ 29 Jan 2009; Javier Villavicencio <the_paya@g.o> |
620 |
+ sandbox-1.3.3.ebuild: |
621 |
+ Keyword -sparc/x86-fbsd til next version bump, bug 256741. |
622 |
+ |
623 |
+*sandbox-1.3.3 (28 Jan 2009) |
624 |
+ |
625 |
+ 28 Jan 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.3.ebuild: |
626 |
+ Version bump. |
627 |
+ |
628 |
+ 26 Dec 2008; Mike Frysinger <vapier@g.o> sandbox-1.3.2.ebuild: |
629 |
+ Add lzma-utils to DEPEND #252598 by Albert W. Hopkins. |
630 |
+ |
631 |
+*sandbox-1.3.2 (23 Dec 2008) |
632 |
+ |
633 |
+ 23 Dec 2008; Mike Frysinger <vapier@g.o> +sandbox-1.3.2.ebuild: |
634 |
+ Fix some portability issues and more *at updates. |
635 |
+ |
636 |
+ 09 Dec 2008; Alexis Ballier <aballier@g.o> sandbox-1.3.0.ebuild, |
637 |
+ sandbox-1.3.1.ebuild: |
638 |
+ Keyword -sparc/x86-fbsd versions that do not build there, lets keep with |
639 |
+ the half broken but half working old version, bug #250366 |
640 |
+ |
641 |
+*sandbox-1.3.1 (29 Nov 2008) |
642 |
+ |
643 |
+ 29 Nov 2008; Mike Frysinger <vapier@g.o> +sandbox-1.3.1.ebuild: |
644 |
+ Fix up #248254 and #248263. |
645 |
+ |
646 |
+*sandbox-1.3.0 (16 Nov 2008) |
647 |
+ |
648 |
+ 16 Nov 2008; Mike Frysinger <vapier@g.o> +sandbox-1.3.0.ebuild: |
649 |
+ Version bump. |
650 |
+ |
651 |
+ 09 Nov 2008; Mike Frysinger <vapier@g.o> |
652 |
+ sandbox-1.2.20_alpha2-r1.ebuild: |
653 |
+ Use EBUILD_DEATH_HOOKS #113780 by Petteri Räty. |
654 |
+ |
655 |
+ 09 Nov 2008; Mike Frysinger <vapier@g.o> |
656 |
+ +files/sandbox-1.2.20_alpha2-parallel.patch, |
657 |
+ sandbox-1.2.20_alpha2-r1.ebuild: |
658 |
+ Rewrite multilib handling and apply parallel build fix by Jose Luis Rivero |
659 |
+ #190051 by David Pykee. |
660 |
+ |
661 |
+ 09 Nov 2008; Harald van Dijk <truedfx@g.o> |
662 |
+ sandbox-1.2.18.1-r3.ebuild, sandbox-1.2.20_alpha2-r1.ebuild: |
663 |
+ Avoid bashism in configure script (#236868) |
664 |
+ |
665 |
+*sandbox-1.2.18.1-r3 (27 Jun 2008) |
666 |
+ |
667 |
+ 27 Jun 2008; Robin H. Johnson <robbat2@g.o> |
668 |
+ +files/sandbox-1.2.18.1-rtld-validation.patch, |
669 |
+ +sandbox-1.2.18.1-r3.ebuild: |
670 |
+ Fix for bug #206678. Variations of it have been running on infra boxes for |
671 |
+ two months now, we seem to have traced it down to RTLD_NEXT not always |
672 |
+ having a usable value under hardened on new libc. |
673 |
+ |
674 |
+*sandbox-1.2.20_alpha2-r1 (04 Nov 2007) |
675 |
+ |
676 |
+ 04 Nov 2007; Diego Pettenò <flameeyes@g.o> |
677 |
+ +sandbox-1.2.20_alpha2-r1.ebuild: |
678 |
+ Fix the problem with GLIBC 2.7 even for the alpha version. |
679 |
+ |
680 |
+ 27 Oct 2007; Jose Luis Rivero <yoswink@g.o> |
681 |
+ sandbox-1.2.18.1-r2.ebuild: |
682 |
+ Stable on alpha wrt #182361 |
683 |
+ |
684 |
+ 27 Oct 2007; Raúl Porcel <armin76@g.o> sandbox-1.2.18.1-r2.ebuild: |
685 |
+ ia64 stable wrt #182361 |
686 |
+ |
687 |
+ 26 Oct 2007; nixnut <nixnut@g.o> sandbox-1.2.18.1-r2.ebuild: |
688 |
+ Stable on ppc wrt bug 182361 |
689 |
+ |
690 |
+ 25 Oct 2007; Dawid Węgliński <cla@g.o> |
691 |
+ sandbox-1.2.18.1-r2.ebuild: |
692 |
+ Stable on x86 (bug #182361) |
693 |
+ |
694 |
+ 25 Oct 2007; Daniel Gryniewicz <dang@g.o> |
695 |
+ sandbox-1.2.18.1-r2.ebuild: |
696 |
+ Marked stable on amd64 for bug #182361 |
697 |
+ |
698 |
+ 25 Oct 2007; Markus Rothe <corsair@g.o> sandbox-1.2.18.1-r2.ebuild: |
699 |
+ Stable on ppc64; bug #182361 |
700 |
+ |
701 |
+ 25 Oct 2007; Christian Faulhammer <opfer@g.o> |
702 |
+ sandbox-1.2.18.1-r1.ebuild: |
703 |
+ stable x86, bug 180985 |
704 |
+ |
705 |
+ 25 Oct 2007; Jeroen Roovers <jer@g.o> sandbox-1.2.18.1-r2.ebuild: |
706 |
+ Stable for SPARC (bug #182361). |
707 |
+ |
708 |
+ 25 Oct 2007; Jeroen Roovers <jer@g.o> sandbox-1.2.18.1-r2.ebuild: |
709 |
+ Stable for HPPA (bug #182361). Fixed quoting issues. |
710 |
+ |
711 |
+*sandbox-1.2.18.1-r2 (23 Oct 2007) |
712 |
+ |
713 |
+ 23 Oct 2007; Mike Frysinger <vapier@g.o> |
714 |
+ +files/sandbox-1.2.18.1-open-cloexec.patch, +sandbox-1.2.18.1-r2.ebuild: |
715 |
+ Work with new "e" fopen() flag in glibc-2.7 #196720. |
716 |
+ |
717 |
+*sandbox-1.2.18.1-r1 (17 Oct 2007) |
718 |
+ |
719 |
+ 17 Oct 2007; Daniel Drake <dsd@g.o> |
720 |
+ +files/sandbox-1.2.18.1-open-normal-fail.patch, |
721 |
+ +sandbox-1.2.18.1-r1.ebuild: |
722 |
+ Allow open() on non-existent files to fail in the normal way without |
723 |
+ violation. Fixes bug #135745. |
724 |
+ |
725 |
+ 15 Oct 2007; Markus Rothe <corsair@g.o> sandbox-1.2.18.1.ebuild: |
726 |
+ Stable on ppc64 |
727 |
+ |
728 |
+ 06 Jul 2007; Jose Luis Rivero <yoswink@g.o> |
729 |
+ sandbox-1.2.18.1.ebuild: |
730 |
+ Stable on alpha. See bug #183673 |
731 |
+ |
732 |
+ 01 Jul 2007; Piotr Jaroszyński <peper@g.o> sandbox-1.2.12.ebuild, |
733 |
+ sandbox-1.2.16.ebuild, sandbox-1.2.17.ebuild, sandbox-1.2.18.ebuild, |
734 |
+ sandbox-1.2.18.1.ebuild, sandbox-1.2.20_alpha1-r2.ebuild, |
735 |
+ sandbox-1.2.20_alpha2.ebuild: |
736 |
+ (QA) RESTRICT="multilib-pkg-force" -> EMULTILIB_PKG="true" |
737 |
+ |
738 |
+ 24 Jun 2007; Piotr Jaroszyński <peper@g.o> sandbox-1.2.18.ebuild: |
739 |
+ (QA) Don't use KEYWORDS="-*". bug #160519. |
740 |
+ |
741 |
+ 22 Nov 2006; Diego Pettenò <flameeyes@g.o> |
742 |
+ sandbox-1.2.20_alpha2.ebuild: |
743 |
+ Add ~sparc-fbsd keyword. |
744 |
+ |
745 |
+ 04 Sep 2006; Diego Pettenò <flameeyes@g.o> |
746 |
+ sandbox-1.2.20_alpha2.ebuild: |
747 |
+ Add ~x86-fbsd keyword. |
748 |
+ |
749 |
+*sandbox-1.2.20_alpha2 (11 Jul 2006) |
750 |
+ |
751 |
+ 11 Jul 2006; Martin Schlemmer <azarah@g.o> |
752 |
+ +sandbox-1.2.20_alpha2.ebuild: |
753 |
+ New testing version. |
754 |
+ |
755 |
+ 09 Jul 2006; Joshua Kinard <kumba@g.o> sandbox-1.2.17.ebuild: |
756 |
+ Marked stable on mips (even though it doesn't even work, best to keep up...) |
757 |
+ |
758 |
+*sandbox-1.2.20_alpha1-r2 (08 Jul 2006) |
759 |
+*sandbox-1.2.20_alpha1-r1 (08 Jul 2006) |
760 |
+ |
761 |
+ 08 Jul 2006; Martin Schlemmer <azarah@g.o> |
762 |
+ +files/sandbox-1.2.20_alpha1-double-free.patch, |
763 |
+ +sandbox-1.2.20_alpha1-r1.ebuild, +sandbox-1.2.20_alpha1-r2.ebuild: |
764 |
+ More bugfixes. |
765 |
+ |
766 |
+*sandbox-1.2.20_alpha1 (07 Jul 2006) |
767 |
+ |
768 |
+ 07 Jul 2006; Martin Schlemmer <azarah@g.o> +files/09sandbox, |
769 |
+ +sandbox-1.2.20_alpha1.ebuild: |
770 |
+ Testing release for feedback. Check package.mask for details. |
771 |
+ |
772 |
+ 20 May 2006; Bryan Østergaard <kloeri@g.o> sandbox-1.2.17.ebuild: |
773 |
+ Stable on ia64. |
774 |
+ |
775 |
+ 20 May 2006; Bryan Østergaard <kloeri@g.o> sandbox-1.2.17.ebuild: |
776 |
+ Stable on alpha. |
777 |
+ |
778 |
+*sandbox-1.2.18.1 (19 May 2006) |
779 |
+ |
780 |
+ 19 May 2006; Martin Schlemmer <azarah@g.o> |
781 |
+ +sandbox-1.2.18.1.ebuild: |
782 |
+ New bugfix release. |
783 |
+ |
784 |
+ 11 May 2006; Joshua Jackson <tsunam@g.o> sandbox-1.2.17.ebuild: |
785 |
+ stable x86; bug #132025 |
786 |
+ |
787 |
+ 10 May 2006; Martin Schlemmer <azarah@g.o> sandbox-1.2.18.ebuild: |
788 |
+ Mask 1.2.18 for now, as it have a double-free issue. |
789 |
+ |
790 |
+ 03 May 2006; Joseph Jezak <josejx@g.o> sandbox-1.2.17.ebuild: |
791 |
+ Marked ppc stable for bug #132025. |
792 |
+ |
793 |
+ 03 May 2006; Patrick McLean <chutzpah@g.o> sandbox-1.2.17.ebuild: |
794 |
+ Stable on amd64 (bug #132025) |
795 |
+ |
796 |
+ 03 May 2006; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.17.ebuild: |
797 |
+ Stable on hppa wrt #132025 |
798 |
+ |
799 |
+*sandbox-1.2.18 (03 May 2006) |
800 |
+ |
801 |
+ 03 May 2006; Martin Schlemmer <azarah@g.o> +sandbox-1.2.18.ebuild: |
802 |
+ New release. |
803 |
+ |
804 |
+ 03 May 2006; Markus Rothe <corsair@g.o> sandbox-1.2.17.ebuild: |
805 |
+ Stable on ppc64; bug #132025 |
806 |
+ |
807 |
+ 02 May 2006; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.17.ebuild: |
808 |
+ Stable on sparc wrt #132025 |
809 |
+ |
810 |
+ 19 Feb 2006; Joshua Kinard <kumba@g.o> sandbox-1.2.12.ebuild: |
811 |
+ Marked stable on mips (doesn't actually work well, but we disable it in |
812 |
+ profiles). |
813 |
+ |
814 |
+ 06 Feb 2006; Martin Schlemmer <azarah@g.o> sandbox-1.2.17.ebuild: |
815 |
+ Fix docs installation. |
816 |
+ |
817 |
+*sandbox-1.2.17 (05 Dec 2005) |
818 |
+ |
819 |
+ 05 Dec 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.17.ebuild: |
820 |
+ New release. |
821 |
+ |
822 |
+*sandbox-1.2.16 (02 Dec 2005) |
823 |
+ |
824 |
+ 02 Dec 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.16.ebuild: |
825 |
+ New release. |
826 |
+ |
827 |
+*sandbox-1.2.15 (01 Dec 2005) |
828 |
+ |
829 |
+ 01 Dec 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.15.ebuild: |
830 |
+ New release. |
831 |
+ |
832 |
+*sandbox-1.2.14 (28 Nov 2005) |
833 |
+ |
834 |
+ 28 Nov 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.14.ebuild: |
835 |
+ New release. |
836 |
+ |
837 |
+ 14 Nov 2005; Martin Schlemmer <azarah@g.o> sandbox-1.2.13.ebuild: |
838 |
+ Simplify multilib building logic. Other cleanups. |
839 |
+ |
840 |
+ 13 Oct 2005; Martin Schlemmer <azarah@g.o> sandbox-1.2.12.ebuild, |
841 |
+ sandbox-1.2.13.ebuild: |
842 |
+ Add workaround for bug #109036. |
843 |
+ |
844 |
+ 07 Oct 2005; Jeremy Huddleston <eradicator@g.o> |
845 |
+ sandbox-1.2.9.ebuild, sandbox-1.2.10.ebuild, sandbox-1.2.11.ebuild, |
846 |
+ sandbox-1.2.12.ebuild, sandbox-1.2.13.ebuild: |
847 |
+ Some changes for amd64 2006.0. |
848 |
+ |
849 |
+*sandbox-1.2.13 (12 Sep 2005) |
850 |
+ |
851 |
+ 12 Sep 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.13.ebuild: |
852 |
+ New release. |
853 |
+ |
854 |
+ 30 Aug 2005; Fernando J. Pereda <ferdy@g.o> sandbox-1.2.12.ebuild: |
855 |
+ stable on alpha wrt bug #101433 |
856 |
+ |
857 |
+ 16 Aug 2005; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.12.ebuild: |
858 |
+ Stable on sparc wrt #101433 |
859 |
+ |
860 |
+ 15 Aug 2005; Danny van Dyk <kugelfang@g.o> sandbox-1.2.12.ebuild: |
861 |
+ Marked stable on amd64. |
862 |
+ |
863 |
+ 15 Aug 2005; Michael Hanselmann <hansmi@g.o> sandbox-1.2.12.ebuild: |
864 |
+ Stable on ppc and hppa. |
865 |
+ |
866 |
+ 15 Aug 2005; Ian Leitch <port001@g.o> sandbox-1.2.12.ebuild: |
867 |
+ Stable on x86, #101433 |
868 |
+ |
869 |
+ 15 Aug 2005; Markus Rothe <corsair@g.o> sandbox-1.2.12.ebuild: |
870 |
+ Stable on ppc64 (bug #101433) |
871 |
+ |
872 |
+*sandbox-1.2.12 (05 Aug 2005) |
873 |
+ |
874 |
+ 05 Aug 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.12.ebuild: |
875 |
+ New release. |
876 |
+ |
877 |
+ 23 Jul 2005; MATSUU Takuto <matsuu@g.o> sandbox-1.2.11.ebuild: |
878 |
+ Stable on sh. |
879 |
+ |
880 |
+ 22 Jul 2005; Jason Stubbs <jstubbs@g.o> sandbox-1.2.11.ebuild: |
881 |
+ Stable on mips per hardave's request. #96782 |
882 |
+ |
883 |
+ 21 Jul 2005; Rene Nussbaumer <killerfox@g.o> sandbox-1.2.11.ebuild: |
884 |
+ Stable on hppa. bug #96782 |
885 |
+ |
886 |
+ 21 Jul 2005; Aron Griffis <agriffis@g.o> sandbox-1.2.11.ebuild: |
887 |
+ stable on alpha |
888 |
+ |
889 |
+ 21 Jul 2005; Aron Griffis <agriffis@g.o> sandbox-1.2.11.ebuild: |
890 |
+ stable on ia64 |
891 |
+ |
892 |
+ 21 Jul 2005; Chris Gianelloni <wolf31o2@g.o> sandbox-1.2.11.ebuild: |
893 |
+ Marking stable on x86 for bug #96782. |
894 |
+ |
895 |
+ 21 Jul 2005; Joseph Jezak <josejx@g.o> sandbox-1.2.11.ebuild: |
896 |
+ Marked ppc stable for bug #96782. |
897 |
+ |
898 |
+ 20 Jul 2005; Markus Rothe <corsair@g.o> sandbox-1.2.11.ebuild: |
899 |
+ Stable on ppc64 (bug #96782) |
900 |
+ |
901 |
+ 20 Jul 2005; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.11.ebuild: |
902 |
+ Stable on sparc wrt #96782 |
903 |
+ |
904 |
+ 20 Jul 2005; Danny van Dyk <kugelfang@g.o> sandbox-1.2.11.ebuild: |
905 |
+ Marked stable on amd64. |
906 |
+ |
907 |
+ 18 Jul 2005; Guy Martin <gmsoft@g.o> sandbox-1.2.10.ebuild: |
908 |
+ Stable on hppa. |
909 |
+ |
910 |
+ 15 Jul 2005; Bryan Østergaard <kloeri@g.o> sandbox-1.2.10.ebuild: |
911 |
+ Stable on alpha + ia64, bug 99019. |
912 |
+ |
913 |
+ 14 Jul 2005; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.10.ebuild: |
914 |
+ Stable on sparc wrt #99019 |
915 |
+ |
916 |
+ 14 Jul 2005; Joseph Jezak <josejx@g.o> sandbox-1.2.10.ebuild: |
917 |
+ Marked ppc stable for bug #99019. |
918 |
+ |
919 |
+ 15 Jul 2005; Jason Stubbs <jstubbs@g.o> sandbox-1.2.9.ebuild, |
920 |
+ sandbox-1.2.10.ebuild, sandbox-1.2.11.ebuild: |
921 |
+ Removed ppc-macos from keywords as sandbox does not work there yet. |
922 |
+ |
923 |
+*sandbox-1.2.11 (14 Jul 2005) |
924 |
+ |
925 |
+ 14 Jul 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.11.ebuild: |
926 |
+ New release. |
927 |
+ |
928 |
+ 14 Jul 2005; Jeremy Huddleston <eradicator@g.o> |
929 |
+ sandbox-1.2.10.ebuild: |
930 |
+ Stable amd64. |
931 |
+ |
932 |
+ 12 Jul 2005; Markus Rothe <corsair@g.o> sandbox-1.2.10.ebuild: |
933 |
+ Stable on ppc64 |
934 |
+ |
935 |
+ 10 Jul 2005; Martin Schlemmer <azarah@g.o> |
936 |
+ +files/sandbox-1.2.9-uclibc-getcwd.patch, |
937 |
+ +files/sandbox-1.2.10-uclibc-getcwd.patch, sandbox-1.2.9.ebuild, |
938 |
+ sandbox-1.2.10.ebuild: |
939 |
+ Add some fixes to the getcwd implementation, bug #98419. |
940 |
+ |
941 |
+ 05 Jul 2005; Jeremy Huddleston <eradicator@g.o> |
942 |
+ sandbox-1.2.9.ebuild: |
943 |
+ Stable amd64 for 2005.1 |
944 |
+ |
945 |
+*sandbox-1.2.10 (03 Jul 2005) |
946 |
+ |
947 |
+ 03 Jul 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.10.ebuild: |
948 |
+ Update version. |
949 |
+ |
950 |
+*sandbox-1.2.9 (09 Jun 2005) |
951 |
+ |
952 |
+ 09 Jun 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.9.ebuild: |
953 |
+ Update version. |
954 |
+ |
955 |
+*sandbox-1.2.8 (13 May 2005) |
956 |
+ |
957 |
+ 13 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.8.ebuild: |
958 |
+ Cleanups and hopefully finally kill bug #91541. Fix bug #92478. |
959 |
+ |
960 |
+*sandbox-1.2.7 (12 May 2005) |
961 |
+ |
962 |
+ 12 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.7.ebuild: |
963 |
+ Lots of cleanups and fixes - see ChangeLog in /usr/share/doc. |
964 |
+ |
965 |
+*sandbox-1.2.6 (10 May 2005) |
966 |
+ |
967 |
+ 10 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.6.ebuild: |
968 |
+ Workaround for tsocks incompatability, bug #91541. |
969 |
+ |
970 |
+*sandbox-1.2.5-r2 (09 May 2005) |
971 |
+ |
972 |
+ 09 May 2005; Jeremy Huddleston <eradicator@g.o> |
973 |
+ +sandbox-1.2.5-r2.ebuild: |
974 |
+ On some versions of portage, CFLAGS_* do not survive across ebuild.sh |
975 |
+ stages, so we must ensure the multilib setup always gets rerun for each |
976 |
+ stage. |
977 |
+ |
978 |
+*sandbox-1.2.5-r1 (06 May 2005) |
979 |
+ |
980 |
+ 06 May 2005; Jeremy Huddleston <eradicator@g.o> |
981 |
+ +sandbox-1.2.5-r1.ebuild: |
982 |
+ Revbump to fix problems with amd64 2004.3's multilib. Cleaned up multilib |
983 |
+ handling in general. 2004.3 amd64 users should have working 32bit sandbox |
984 |
+ again. |
985 |
+ |
986 |
+ 04 May 2005; Mike Frysinger <vapier@g.o> sandbox-1.2.5.ebuild: |
987 |
+ Fix multilib building on amd64/2004.3 profiles. |
988 |
+ |
989 |
+*sandbox-1.2.5 (04 May 2005) |
990 |
+ |
991 |
+ 04 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.5.ebuild: |
992 |
+ General fixes. Fix for bug #91431. |
993 |
+ |
994 |
+*sandbox-1.2.4 (03 May 2005) |
995 |
+ |
996 |
+ 03 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.4.ebuild: |
997 |
+ Some speedups (bug #91040) and uclibc fixes. |
998 |
+ |
999 |
+*sandbox-1.2.3 (29 Apr 2005) |
1000 |
+ |
1001 |
+ 29 Apr 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.3.ebuild: |
1002 |
+ Fixup libc detection. Fix bug or two. |
1003 |
+ |
1004 |
+*sandbox-1.2.2 (28 Apr 2005) |
1005 |
+ |
1006 |
+ 28 Apr 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.2.ebuild: |
1007 |
+ Bug fixes for bug #90592. |
1008 |
+ |
1009 |
+*sandbox-1.2.1-r3 (24 Apr 2005) |
1010 |
+ |
1011 |
+ 24 Apr 2005; Jeremy Huddleston <eradicator@g.o> |
1012 |
+ +sandbox-1.2.1-r3.ebuild: |
1013 |
+ Fix multilib. |
1014 |
+ |
1015 |
+*sandbox-1.2.1 (24 Apr 2005) |
1016 |
+ 24 Apr 2005; Brian Harring <ferringb@g.o> +sandbox-1.2.1-r2.ebuild: |
1017 |
+ Amd64 fix for 90135. |
1018 |
+ |
1019 |
+*sandbox-1.2.1 (24 Apr 2005) |
1020 |
+ |
1021 |
+ 24 Apr 2005; Jason Stubbs <jstubbs@g.o> +sandbox-1.2.1-r1.ebuild: |
1022 |
+ Added missing check_multilib function. |
1023 |
+ |
1024 |
+*sandbox-1.2.1 (23 Apr 2005) |
1025 |
+ |
1026 |
+ 23 Apr 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.1.ebuild: |
1027 |
+ Fix for bug #90153. |
1028 |
+ |
1029 |
+*sandbox-1.2 (Apr 23 2005) |
1030 |
+ |
1031 |
+ 23 Apr 2005; Brian Harring <ferringb@g.o>; sandbox-1.2.ebuild |
1032 |
+ Initial import of cvs head sandbox code. Multilib portion of it |
1033 |
+ could stand testing. |
1034 |
|
1035 |
diff --git a/sys-apps/sandbox/Manifest b/sys-apps/sandbox/Manifest |
1036 |
new file mode 100644 |
1037 |
index 0000000..5b23996 |
1038 |
--- /dev/null |
1039 |
+++ b/sys-apps/sandbox/Manifest |
1040 |
@@ -0,0 +1,33 @@ |
1041 |
+AUX 0001-libsandbox-handle-more-at-functions.patch 1473 SHA256 7681e867bb4dea26d165f9a066dca798519e2fd57b49c7b31c0c2fc254037523 SHA512 ec3655a6fd12347ffd454648428be16a02394f6dfd592075753bb794771a15824675f612ed22206b0e14665706aa24405f8d9aa94a099238344c1525803de72a WHIRLPOOL dc4918171f8501cdab072cb8dc953056bfcb24c1b4f78e683fb01902a7029d1aed4fd47f42e6e0d493bceacbed99535c2ef9bf4c4df57fdb6d789821b1479888 |
1042 |
+AUX 09sandbox 37 SHA256 73e9e9d12ba54f1c649813ec86107924050528852c890a8ba1e2853796781bbe SHA512 4e8a9c58debde6480224a45559c5f2db4765213d151e47937f9142f110cac3681bf6402acaf21249a37bb17398e7bc00ae7feee68ecdb5b9363c432eac1b052a WHIRLPOOL 80d55a34d3faf3314f2b9de2200d4b46a800128514be9e30eb59e5f03fb7a0a5197a9e5b5ab33d6b68d35bf83c86a1bd7ba734a33ccd382fe0af3b2c2a11d0bd |
1043 |
+AUX sandbox-1.2.17-prefix.patch 8201 SHA256 344fe4dd9f217aba3216f9564cc96d2ff5986158397c1e0e9921b41f3daa6a83 SHA512 ef5fbd258b804a108d06557432f4ae0b7f629f2f82f2a57fb20b0c75112744294c8428c9b7f9cb011b0e8275829eca2578072dbd50a0ae379bb2f094569e2052 WHIRLPOOL 3ae92b2453d7faf87d52027777b1f226dfa7ca1aab2b766dae9e177b9c8c85026461d0ae6e9841342aa36adee1af68ca029b1ae1add73620d6af4512b4978a26 |
1044 |
+AUX sandbox-1.2.18.1-open-cloexec.patch 492 SHA256 922cf7277af89bbfa03633f515beeb309b4bd53e9856504f714f7833821b54cf SHA512 f88bacd0a65b10fa9f08348e7f81215e307aac57deb702178c7f0a9ebc7b98d1211ebbfc00b987d0b876d2a24eace4379314c734115bfbc995331535c80b8b50 WHIRLPOOL 152c687a774f05111f8761440d509ea58bac972da6820d9de922e19c7707e9f3a7171f1d690686a9f1eedfdca5400466cba9cc9e934f47ee4d1947c6c0d3af34 |
1045 |
+AUX sandbox-1.2.18.1-open-normal-fail.patch 3144 SHA256 9c3b6c4c5595b95f6a00fa9e94f72bbcb41cd5ba689a8a29ebf61c6024e73449 SHA512 3ac8d20efddf5d14bcef0f322e7b8cee31ddfbf68b649965a78c2e17c6535f270be7fe01e2b83379fa2a85455b9b37bd9750118fefe132be61fea52120252d9c WHIRLPOOL 318ccbd7c66ff4a7a4833371678f4567f2eea5a8aaa6f882d38bda4c566976e231f31520a780df4bcd2671d5e3cd612e4ab901f5ae96f446efeb9426a030c776 |
1046 |
+AUX sandbox-1.2.18.1-rtld-validation.patch 1415 SHA256 821c22ce76c4a75ad4e5bde186744811bbf73de341c16c5890edfd8b20c95cf5 SHA512 54aee3a194b02c32bbd89caddddde0923494ffb47ddfeabb1ca42635946b7dc4b187f09c30a86cd052651dad1618e7e6cc19e715291e6eaf1a64e70c48f053ba WHIRLPOOL a71e9d0fa136a34c59e5095cf07cde56f70319977196f5c74482153dd4a72a9a443bee688dec77c9caa5ffafed4fd74e4ee2770d91d9936c8bb47c844225a7ee |
1047 |
+AUX sandbox-1.2.20_alpha2-parallel.patch 259 SHA256 e14bf149853ae5d276a852b2aac66d0ec53ad9b0fc5babda61e112ca59a9b862 SHA512 9b7a3885d74b247502792277abfc342a5cfcc52358a2263b9f00852f7a1fb96708cac6800206900c8aa36d81a770b2b5576ef6390c39caed5588dd2faa318418 WHIRLPOOL c8e1365c70d4e56a5c6ca24ef1b5d3be41c1325b65afafb0a167704c28342271bc6f7f4a2051a59bdaf7b124bdaf3269a32f0b594a9b6e0d581bee9bd347515c |
1048 |
+AUX sandbox-1.6-disable-pthread.patch 959 SHA256 c4fefddab05d440b3b1c2df766c5b2abd7c543cd2aa4cf1e61c0d3c3dd905f0c SHA512 3cbb244f7c8e77030dd2194770a2dcae7b052c302d9b4cb0549465ebfb18f719d93daefbd6d1cdee2a630fc077b04e83c5b7c7f72b667adb6b8e322dee6d7056 WHIRLPOOL 1c603db0b7d810715dc5461740103ac29061e1eace2459bfb59ed576f45f81aadb9883a1afedf0ddde51bcda56b23abd26936426fd2a6ae3becb7e0c6054fc9e |
1049 |
+AUX sandbox-1.6-disable-qa-static.patch 332 SHA256 060afa33dcfb6836676dc0febd5bc272b66b55e3753f739b56664e9ebce0eb20 SHA512 8839d4e279be41f1ee118b897c7eae8fd4058e4b7ecc1b5872450c177e09b5eefe569964efc294bd6f3e4ea92a3b4ba9840852d2be8db14810cd4578640ca6c4 WHIRLPOOL 6730b53afc16033911527492b0bf14a35f0e4b0b7cf3d42b1af299e9caa4a82f5e424e514aec81720da53a497cbc31b4f3928fc85dc8b04f979b726dce5ff2d8 |
1050 |
+AUX sandbox-1.9-setoptions.patch 634 SHA256 4d09691f682d232add061eeb4de61eadbf1586fd1b8f3c2351bbb08766d117a0 SHA512 4880541186d24dbf216601293f8c41e1bba1032f454f4e1bf8bc2e352dde0520e025f178b651e600a6ce4ce2b2afaa3a7741f8de7695e27fa09e14c07da95809 WHIRLPOOL 4e050fa85f4b7f8192df984849522ef267ad93a6e53bc0981ce46faa1a835924cea6c9682c9b0ec9e77c44072b1df679d7c0c807e6dc5b848a0a10dfe22a6195 |
1051 |
+AUX sandbox-2.0-prefix.patch 1716 SHA256 29724ac6605bc6404d68e28a81d0303b0572d1990d8b37ca01b665b5b66f1ad2 SHA512 8b47e5ecc0367f25fa539be0ebe09844b2fb7e643ea21b6134b9c4cfe7c0b2b8f00c15da82e19cbdc7a2b98f48e92fe967d18e2579700738f01d778f99818dc8 WHIRLPOOL 3228316ffc48001011ed29862df9dd88724a63edeee29eb49a5ebbf28479ea38fb9258298fd2a413ad0c7cbc6e2f8dc69ad046ad386390eaa8391b4f06333b79 |
1052 |
+AUX sandbox-2.0-setoptions.patch 517 SHA256 ce365c6ab54ab60ac539728b3419e28499512a2e3ced5de3bf0455c2c35d93d5 SHA512 5b80bcb3ffcf3cf105780b72a86af8260784e544dd71ff88b5e5c85d5f95558db64cc86454b9371b2069f2e644b3841fa0ad6df967eeb42ef168851a4690cf6e WHIRLPOOL c1f70a21f901aa1089455925cf0c434660506a5be8f952837428bb15fc91fb31b2d0b3cc83d78024001c2b8198b17fc23539485c4060715ea523c6cb4872a5ee |
1053 |
+AUX sandbox-2.2-prefix.patch 881 SHA256 fa51c7876c7a95ff3a0fda5f84563d83720e011ec93fc8b5860a92a90f725afa SHA512 72095e1237a19918255aa94898e3871248d20df9f6d0fef22ecb29036b65dd508c23cb8d716d0afc1627c79a3afa09d1022b20ca8d22636229df9d791d5df6fc WHIRLPOOL dd5555c75e6b30c20f29c47ed267fd99b7faf924e0afdd8b5652008fa7ebdeeb298edc88067a29e596f8e6d2070768bc048813bb38dc410ddea4281ca9d49275 |
1054 |
+AUX sandbox-2.6-check-empty-paths-at.patch 7454 SHA256 a48759a4d3e9a70713473b6fad59bdd750b5cd37e7d632c786205ff20004ae2c SHA512 5eba7915dedf57f44c37881e9c6b48db8733d1493779a33127d08bb9ea77056d788ec9ace72c13eb101f42f01c95309c7cebca6c76212a8c99a8655372c0b7d7 WHIRLPOOL 46eb3a8ef8f22030cd793f3b16adc190b5750019c0df83e161c6918f08555a8ad890c1425b03cbf7e53ebcd34a07a9dd9b594d0c0fe31834656ffce3d58fa284 |
1055 |
+AUX sandbox-2.6-desktop.patch 875 SHA256 2eecf67790aeac210f9aa899a86f7664776ed65d9b55159e1b359162dfb9ff74 SHA512 b72ec7f414d19bf513dfb1aea10523fa5dc07a1375d8f08f664d204b64b23c891a79ca14987528c595936f441e1f595b366aabbc57313667c7639d73d089ed9a WHIRLPOOL 7f787b8be9b5712eb2b2a0cd2ff825df1045ebf1cc4e73a50f610e620d30752045690a5c28835465d0ab0c3c4a9eaf8b92a5c123cd741ad69dfedb31aa457fa0 |
1056 |
+AUX sandbox-2.6-log-var.patch 2039 SHA256 f464a29cdd9de0c510277310f4febc8f96515ff2ff03fc92df1c75b9cbd75619 SHA512 cf6f900b4078eff5870b63b2bc7c81c5b00488e030d7e9ce3007693e9d1339ac6201ddacfaff552c6c9b99b6d32383229133c80190404b7e4fde06ad376b2050 WHIRLPOOL db99737a6567788194f7b37b12b92fcfb4c263df40f40aef9e0a3ef2b6a1523331313b791fffa2b26775b646795364ab1db1711eb4329cda3337df27aebfeffa |
1057 |
+AUX sandbox-2.6-open-nofollow.patch 2027 SHA256 c8816ae4e1991f9941abd43ec4bfdbf4e99cf36ee90694f77ab88754c53785ce SHA512 dd5222f32a40def38c9719363a24c48d5b112e3560b44c5f32afc3daa0614fe9bc5cb68ca8ac69032cc8d6299f09b25d4d7c72e16892188b42768ffb28c19f07 WHIRLPOOL 03cb5fb9df04a8d7f92855c292a6c431d01d330fecae198f2c4b95d824454f10ce1ad66db1a9d54d1bef5f74989cf6debb2d98de28ee0c2c6a09c1a0752b5519 |
1058 |
+AUX sandbox-2.6-prefix.patch 2945 SHA256 4d2d241a0e8a7f98d8bf9f2fa546b45ce3242155eb0be34397e1930452d29f6f SHA512 d0ec7ce9d3d0ec76691e027d769b355608bf8ef51b395338f41bbb22d46c4cc73516e22d1b9c28b336b5a1f6369b438599032cc8dbc3cfea66c7e77fdfdff47c WHIRLPOOL 388974a38cfbd382f69a209ec124021b669bf6ed8c85b1e2227bc89345e84f1c02de8105d93ecca2a0076dc10138633915fd58c40e192c53277c53a5e49eb54b |
1059 |
+AUX sandbox-2.6-static-close-fd.patch 2945 SHA256 807eb4dc1ba6543c94a90a9a53bb89f42079ea20ed7c196f82d65f280e5de96a SHA512 e2f57c4d80816241f3ba4828c2b27c67d1d604b14b2d575888a978e5c4e8e47e60e3a609d81e59c615bc5b7cee6194cc362e255ae8508f632862a35180c30de8 WHIRLPOOL e08f60227fe954894d3a3a01297e9988f4d7722ea75ffbd2b0f3971d38c8ce00af230fcaecb1f53243a868d54f48bb680e2d547bbeb2ee3e5a11f8942d2084fd |
1060 |
+AUX sandbox-2.6-trace-hppa.patch 850 SHA256 20688b2f33162f95af4af5e3c7d3700f2e7776e454b785ac1398f0870f84efa9 SHA512 fb7bf2202f960e952edc1e52fe4b6b085042158223d96b9baa899e871abcdef711ede3122c971120f55f71cc1aad71496a6079222dbaaa6c14b0c6f7ea182454 WHIRLPOOL 80f7fb529b912d19d81b9d71ee4a648db7b217583f2e8f2054cc666839030ea7d0112d69d52a2bf35c4d3549ffbd81dbd0cd39d5993bfabbb43bcb6a4455ade4 |
1061 |
+DIST sandbox-1.6.tar.lzma 307014 SHA256 52cfd286da3d5d51f3b6e012e409e931b21e32b4f2f16ba5677e46328680f4f4 SHA512 f470599a67443fa107612fef1cc73b64b3146003ae21bb5ae5abd852c4c37aec93ac09be646fda9d55d4c3aeef0cf28a42fa675f2acbb53c1d903e400538ba4c WHIRLPOOL 7c7fbe57cc831d0eb7853476e264a85bb8113620948e761563a872d3d55fd3c0ff063332397199001ea9dcb8258f348b827f337b876b2a26f727f10abbc8f712 |
1062 |
+DIST sandbox-2.3.tar.xz 344260 SHA256 8670f7508453c2fd300ca29ad2eb457691c3df01c4c22fa27d4a7c880fd291d5 SHA512 06ddaa6dc0822474c263650e95284af6cb69c60c9443b5caaf95af8140283f937d5594849064847fe3a4ad89b29b6ef6d6e909a9b85bb5d7fcf8b427d0e9c7e4 WHIRLPOOL 5d3f45a0bbb1aeffb8c83f8978bea65764aa438a5abcb50c66b5f66232d972bde84013694f6806fcc0026cd6d37420c69655d66ec5984a1c6f71a68dcfc95d11 |
1063 |
+DIST sandbox-2.4.tar.xz 344664 SHA256 450599cb3052296d42f81a04dbbda82d220415fc2d16f5dc6e26b042d580fd3e SHA512 c0f8b789bcabd48e03a20a97c9daa82c48f264d7641ecfa51dff7a2d2c34be398cf1db6235eb0211bf0fa78b07bd6e633e06bc102904bf9dd8a95f9fde1ca615 WHIRLPOOL 22f0f55f6e638275781ab5afa29b1a7f5e7f3335a3d2ff37d9fcce0bf9284b271bf1d69b98bcd4b06fdb9ff1528d044f9fb111a58c2a1a5ce33cbe28c0cb869d |
1064 |
+DIST sandbox-2.5.tar.xz 355680 SHA256 c0e98767fb70750d79591a6d08f81d5c2f13ce783bf94bd90677022e9103878a SHA512 7b870295bb78c1da5550b650a3983d93e503935a8e8452a29a5c6310cc2c2d569a898ea1534e2c670b4a3e5607504fac55f69da6878e0adc9c2c65a5476b4fb0 WHIRLPOOL 887d36638111b09d77674002c07ebad84c24bc4f645d9fb78e180a6c6e7407eb3fb6857877bc152e0cefb676f01df60b20857b8487ce28ff3e4438aef744fe53 |
1065 |
+DIST sandbox-2.6.tar.xz 366356 SHA256 95615c5879dfc419713f22ba5506a2802a50ea0ce8a2f57c656354f2e50b1c4d SHA512 32ba7fb675c67fdc8bc52da1db7ed6878e5fea8753accb30d9aca00f708e0dde03287b5962caf5ef031bea6934d6ef3e18404b015c70ebd551d3fd8109ad2371 WHIRLPOOL bab2d015fb0de92a2266408ca7941c8fb66b599179040cfc727ffce5b2424a9722dc55ba89d198e3361044d8cb357314205488d2a980c7b8af063fd8940f0c03 |
1066 |
+EBUILD sandbox-1.6-r2.ebuild 2672 SHA256 a7a497c9ce58cb2d2162af3f9e1d1d757c1a4c6d57b4d5377fb87c589f2d3036 SHA512 0db86a82a84316495ef22ab9955789af2f9799948ea77c07808464cf7b7cd77140f66a937235f9a784472f541681fcbeb072105a5f0a53c493770e544ae0c511 WHIRLPOOL d1c4d10b1531b4ddb9a8f723014a3e58b1047c6aa981f806416fc95800c7adf00bf65588e4d37755590a8ce97d8f056fe86511a2bb32ad55cd79340352e713a7 |
1067 |
+EBUILD sandbox-2.3-r1.ebuild 2713 SHA256 58eb10e050f4321b703d71cfdd8d83de61ab76e748046dde724e64ca21dc253f SHA512 2b054563f3bfa7998460af78e04c8a6ba2adf56180163dbd6af54d205bc25e37d02691c745a829a4470f1246e72522e7dd15c0c27fcae6948323dc620abea5c3 WHIRLPOOL ba54a9573f25e15d57a80f01c61ffe8aabb8a5f52183f85ccdf82d6c8732a6bb2c1985773d6cf4833284260060478c8e28d7d29149d3385520712b6140196590 |
1068 |
+EBUILD sandbox-2.4.ebuild 2639 SHA256 d5b852481f07dbbf5b1f5f4761a4c16137aea8f4d8f047c27edd898cc713272e SHA512 5069787fae2e983e2af0155799792b1b6f0911e48c8a89d21fea6ae26a0cf1d08f54d34b2e3a8a0476d88f71aebc5af9da4c3151d07120c0503ffae7da9f12ac WHIRLPOOL b81f145e951fe19665eaab48450fb1fba0a97182f8a97c476048f0ee0df82ff0f36f99fa97101b9f360c66a0698c97a0b837ea855dadc07bce43e1e0f1a9f050 |
1069 |
+EBUILD sandbox-2.5.ebuild 2880 SHA256 93a6a2d280b6aa7de27b051b3e656ffff0b903ed05e912f9c741b51083efd9be SHA512 960f9412e5c1fcc0debd53f4153b0bd001748442455a6e97e5880159d6ee7defa86baa01c8fa4f5978fccb4a60a0442d3c6e811bc91336ca1c0c8bae0d200250 WHIRLPOOL bc2787c9284651285f0c0b2458e644ccac6f34274227dd8eb4fc9246acd146f1430216b05963bffc007e3909703609ed4e6f40b45e56087ff3e7e40b42550507 |
1070 |
+EBUILD sandbox-2.6-r1.ebuild 3140 SHA256 cfa830df1301600a9c35f4beca7af5ae8d4cf0a0d0e0e9dda22c3f7b85bf22c5 SHA512 f9947cb97329bb0fe567768e5e3d7617df0f0572c1edf0c230bb1dd6562f5d9850ea3677297fe0eca5ed9bba62dc9a49967b43140ce7d28928feb65ea268468b WHIRLPOOL a9ae16dffbef562e054cc01bb2cfda54dd59a7efa628d511332674413f0e2070333719781c8fe60f09eecce1b7ffccbb83ca44db9fffc7ea402dd45b87b6adec |
1071 |
+EBUILD sandbox-2.6.ebuild 2970 SHA256 2afd4648e2cc4307bed2ea5c7e2d931bfd43f7f7701d42aa79b4e8f34ae6fe4a SHA512 44494b344830b87261f87a7a5c61fcaa2d230598a620aff1b846e59ecc1b9f25ad5a6430ec3710d9a4ddefa150428bda9d8f24ef31199d4007034402fd8cd658 WHIRLPOOL 9d6f02c395c28aeb520293f38079e4015d6750200196bebac894f6088537b8532e2655bfd8ac3426a5bedd02857964cfef8157f2310340ce90643c66e3fac36c |
1072 |
+MISC ChangeLog 22966 SHA256 2b5ee0df6e4d4a7267e9b90acf607c3e21f24491044b930e2fc31d6c58683f3e SHA512 32acc2c923d0af305e379ef25c7229ffb2432da0024d6b2f24b7ad017cf9a93eb13d9d776f61058c070a77ed0436fd3c12f90be2a833d739c35a589ce87e9983 WHIRLPOOL 33bac5ef0161ece31c9fa5333142e70ce44eee0fde65468e7a03e0829eb7255350f4bced36eb4756e5bc12dde46c6b44170a7a4eae1bd90e042ede9b9fee2906 |
1073 |
+MISC metadata.xml 316 SHA256 488f8a1ba1e1d07a159d22ac198aefee5dfa9ded04de2969019f177161abef1b SHA512 2b4ddea0bb5a40cac834a09b89624049b8561a4a4f648b4d5072c413d4eca78b5cc24859664fa746be36c8b60188e88f2ae38c2c5af30d91dc6273c0f85de278 WHIRLPOOL 64ed27fc7abb1b3b82621f6bb91f03d0070933d0423f9d323ac803354fc6acf2182df1dd85a083fa047d63561a5e92d44287ef4935a11a733244d4393edf8f6f |
1074 |
|
1075 |
diff --git a/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch b/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch |
1076 |
new file mode 100644 |
1077 |
index 0000000..09462b7 |
1078 |
--- /dev/null |
1079 |
+++ b/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch |
1080 |
@@ -0,0 +1,42 @@ |
1081 |
+From 25425878243c5ca1ff21e6f479e585c60b943930 Mon Sep 17 00:00:00 2001 |
1082 |
+From: Mike Frysinger <vapier@g.o> |
1083 |
+Date: Mon, 30 Mar 2009 19:56:29 -0400 |
1084 |
+Subject: [PATCH] libsandbox: handle more *at functions |
1085 |
+ |
1086 |
+Add some more *at functions to the main checking code. |
1087 |
+ |
1088 |
+URL: http://bugs.gentoo.org/264320 |
1089 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
1090 |
+Reported-by: Harald van Dijk <truedfx@g.o> |
1091 |
+--- |
1092 |
+ libsandbox/libsandbox.c | 5 +++++ |
1093 |
+ 1 files changed, 5 insertions(+), 0 deletions(-) |
1094 |
+ |
1095 |
+diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c |
1096 |
+index 88248af..c3f0b55 100644 |
1097 |
+--- a/libsandbox/libsandbox.c |
1098 |
++++ b/libsandbox/libsandbox.c |
1099 |
+@@ -681,15 +681,20 @@ static int check_access(sbcontext_t *sbcontext, int sb_nr, const char *func, |
1100 |
+ sb_nr == SB_NR_CREAT || |
1101 |
+ sb_nr == SB_NR_CREAT64 || |
1102 |
+ sb_nr == SB_NR_MKDIR || |
1103 |
++ sb_nr == SB_NR_MKDIRAT || |
1104 |
+ sb_nr == SB_NR_MKNOD || |
1105 |
+ sb_nr == SB_NR_MKNODAT || |
1106 |
+ sb_nr == SB_NR__XMKNOD || |
1107 |
+ sb_nr == SB_NR___XMKNOD || |
1108 |
+ sb_nr == SB_NR___XMKNODAT || |
1109 |
+ sb_nr == SB_NR_MKFIFO || |
1110 |
++ sb_nr == SB_NR_MKFIFOAT || |
1111 |
+ sb_nr == SB_NR_LINK || |
1112 |
++ sb_nr == SB_NR_LINKAT || |
1113 |
+ sb_nr == SB_NR_SYMLINK || |
1114 |
++ sb_nr == SB_NR_SYMLINKAT || |
1115 |
+ sb_nr == SB_NR_RENAME || |
1116 |
++ sb_nr == SB_NR_RENAMEAT || |
1117 |
+ sb_nr == SB_NR_LUTIMES || |
1118 |
+ sb_nr == SB_NR_UTIMENSAT || |
1119 |
+ sb_nr == SB_NR_UTIME || |
1120 |
+-- |
1121 |
+1.6.2 |
1122 |
+ |
1123 |
|
1124 |
diff --git a/sys-apps/sandbox/files/09sandbox b/sys-apps/sandbox/files/09sandbox |
1125 |
new file mode 100644 |
1126 |
index 0000000..9181eb0 |
1127 |
--- /dev/null |
1128 |
+++ b/sys-apps/sandbox/files/09sandbox |
1129 |
@@ -0,0 +1 @@ |
1130 |
+CONFIG_PROTECT_MASK="/etc/sandbox.d" |
1131 |
|
1132 |
diff --git a/sys-apps/sandbox/files/sandbox-1.2.17-prefix.patch b/sys-apps/sandbox/files/sandbox-1.2.17-prefix.patch |
1133 |
new file mode 100644 |
1134 |
index 0000000..9834855 |
1135 |
--- /dev/null |
1136 |
+++ b/sys-apps/sandbox/files/sandbox-1.2.17-prefix.patch |
1137 |
@@ -0,0 +1,209 @@ |
1138 |
+* Michael Haubenwallner <michael.haubenwallner@×××××××.at> |
1139 |
+ Prefix awareness for sandbox |
1140 |
+ |
1141 |
+diff -ruN sandbox-1.2.17.orig/configure.ac sandbox-1.2.17/configure.ac |
1142 |
+--- sandbox-1.2.17.orig/configure.ac 2005-12-05 15:03:35.000000000 +0100 |
1143 |
++++ sandbox-1.2.17/configure.ac 2006-07-27 16:14:28.000000000 +0200 |
1144 |
+@@ -156,5 +156,7 @@ |
1145 |
+ Makefile |
1146 |
+ scripts/Makefile |
1147 |
+ data/Makefile |
1148 |
++ data/sandbox.bashrc |
1149 |
++ data/sandbox.profile |
1150 |
+ src/Makefile |
1151 |
+ ]) |
1152 |
+diff -ruN sandbox-1.2.17.orig/data/sandbox.bashrc sandbox-1.2.17/data/sandbox.bashrc |
1153 |
+--- sandbox-1.2.17.orig/data/sandbox.bashrc 2005-12-01 00:14:28.000000000 +0100 |
1154 |
++++ sandbox-1.2.17/data/sandbox.bashrc 1970-01-01 01:00:00.000000000 +0100 |
1155 |
+@@ -1,18 +0,0 @@ |
1156 |
+-# Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com |
1157 |
+-# Distributed under the terms of the GNU General Public License, v2 or later |
1158 |
+-# Author : Geert Bevin <gbevin@××××.com> |
1159 |
+-# $Header$ |
1160 |
+-source /etc/profile |
1161 |
+- |
1162 |
+-if [[ -n ${LD_PRELOAD} && ${LD_PRELOAD} != *$SANDBOX_LIB* ]] ; then |
1163 |
+- export LD_PRELOAD="${SANDBOX_LIB} ${LD_PRELOAD}" |
1164 |
+-elif [[ -z ${LD_PRELOAD} ]] ; then |
1165 |
+- export LD_PRELOAD="${SANDBOX_LIB}" |
1166 |
+-fi |
1167 |
+- |
1168 |
+-export BASH_ENV="${SANDBOX_BASHRC}" |
1169 |
+- |
1170 |
+-alias make="make LD_PRELOAD=${LD_PRELOAD}" |
1171 |
+-alias su="su -c '/bin/bash -rcfile ${SANDBOX_BASHRC}'" |
1172 |
+- |
1173 |
+-declare -r SANDBOX_ACTIVE |
1174 |
+diff -ruN sandbox-1.2.17.orig/data/sandbox.bashrc.in sandbox-1.2.17/data/sandbox.bashrc.in |
1175 |
+--- sandbox-1.2.17.orig/data/sandbox.bashrc.in 1970-01-01 01:00:00.000000000 +0100 |
1176 |
++++ sandbox-1.2.17/data/sandbox.bashrc.in 2006-07-27 16:13:40.000000000 +0200 |
1177 |
+@@ -0,0 +1,17 @@ |
1178 |
++# Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com |
1179 |
++# Distributed under the terms of the GNU General Public License, v2 or later |
1180 |
++# Author : Geert Bevin <gbevin@××××.com> |
1181 |
++# $Header$ |
1182 |
++ |
1183 |
++if [[ -n ${LD_PRELOAD} && ${LD_PRELOAD} != *$SANDBOX_LIB* ]] ; then |
1184 |
++ export LD_PRELOAD="${SANDBOX_LIB} ${LD_PRELOAD}" |
1185 |
++elif [[ -z ${LD_PRELOAD} ]] ; then |
1186 |
++ export LD_PRELOAD="${SANDBOX_LIB}" |
1187 |
++fi |
1188 |
++ |
1189 |
++export BASH_ENV="${SANDBOX_BASHRC}" |
1190 |
++ |
1191 |
++alias make="make LD_PRELOAD=${LD_PRELOAD}" |
1192 |
++alias su="su -c '@CU_BASH@ -rcfile ${SANDBOX_PROFILE}'" |
1193 |
++ |
1194 |
++declare -r SANDBOX_ACTIVE |
1195 |
+diff -ruN sandbox-1.2.17.orig/data/sandbox.profile.in sandbox-1.2.17/data/sandbox.profile.in |
1196 |
+--- sandbox-1.2.17.orig/data/sandbox.profile.in 1970-01-01 01:00:00.000000000 +0100 |
1197 |
++++ sandbox-1.2.17/data/sandbox.profile.in 2006-07-27 16:12:05.000000000 +0200 |
1198 |
+@@ -0,0 +1,7 @@ |
1199 |
++# Copyright (C) 2001 Michael Haubenwallner, Salomon Automation, http://www.salomon.at |
1200 |
++# Distributed under the terms of the GNU General Public License, v2 or later |
1201 |
++# Author : Michael Haubenwallner <michael.haubenwallner@×××××××.at> |
1202 |
++# $Header$ |
1203 |
++ |
1204 |
++source @sysconfdir@/profile |
1205 |
++source "${SANDBOX_BASHRC}" |
1206 |
+diff -ruN sandbox-1.2.17.orig/src/Makefile.am sandbox-1.2.17/src/Makefile.am |
1207 |
+--- sandbox-1.2.17.orig/src/Makefile.am 2005-12-05 14:16:52.000000000 +0100 |
1208 |
++++ sandbox-1.2.17/src/Makefile.am 2006-07-27 16:12:05.000000000 +0200 |
1209 |
+@@ -7,6 +7,7 @@ |
1210 |
+ -DPIC -fPIC -D_REENTRANT \ |
1211 |
+ -DLIBSANDBOX_PATH=\"$(libdir)\" \ |
1212 |
+ -DSANDBOX_BASHRC_PATH=\"$(pkgdatadir)\" \ |
1213 |
++ -DLOCALSTATEDIR=\"$(localstatedir)\" \ |
1214 |
+ -I$(top_srcdir) -Wall |
1215 |
+ |
1216 |
+ LOCAL_INCLUDES = $(top_srcdir)/localdecls.h |
1217 |
+diff -ruN sandbox-1.2.17.orig/src/sandbox.c sandbox-1.2.17/src/sandbox.c |
1218 |
+--- sandbox-1.2.17.orig/src/sandbox.c 2005-12-05 14:15:45.000000000 +0100 |
1219 |
++++ sandbox-1.2.17/src/sandbox.c 2006-07-27 16:12:05.000000000 +0200 |
1220 |
+@@ -33,6 +33,7 @@ |
1221 |
+ char sandbox_debug_log[SB_PATH_MAX]; |
1222 |
+ char sandbox_lib[SB_PATH_MAX]; |
1223 |
+ char sandbox_rc[SB_PATH_MAX]; |
1224 |
++ char sandbox_profile[SB_PATH_MAX]; |
1225 |
+ char work_dir[SB_PATH_MAX]; |
1226 |
+ char var_tmp_dir[SB_PATH_MAX]; |
1227 |
+ char tmp_dir[SB_PATH_MAX]; |
1228 |
+@@ -81,6 +82,9 @@ |
1229 |
+ /* Generate sandbox bashrc path */ |
1230 |
+ get_sandbox_rc(sandbox_info->sandbox_rc); |
1231 |
+ |
1232 |
++ /* Generate sandbox bashprofile path */ |
1233 |
++ get_sandbox_profile(sandbox_info->sandbox_profile); |
1234 |
++ |
1235 |
+ /* Generate sandbox log full path */ |
1236 |
+ get_sandbox_log(sandbox_info->sandbox_log); |
1237 |
+ if (1 == exists(sandbox_info->sandbox_log)) { |
1238 |
+@@ -278,6 +282,7 @@ |
1239 |
+ unsetenv(ENV_SANDBOX_ON); |
1240 |
+ unsetenv(ENV_SANDBOX_LIB); |
1241 |
+ unsetenv(ENV_SANDBOX_BASHRC); |
1242 |
++ unsetenv(ENV_SANDBOX_PROFILE); |
1243 |
+ unsetenv(ENV_SANDBOX_LOG); |
1244 |
+ unsetenv(ENV_SANDBOX_DEBUG_LOG); |
1245 |
+ |
1246 |
+@@ -322,6 +327,7 @@ |
1247 |
+ sandbox_setenv(new_environ, ENV_SANDBOX_ON, "1"); |
1248 |
+ sandbox_setenv(new_environ, ENV_SANDBOX_LIB, sandbox_info->sandbox_lib); |
1249 |
+ sandbox_setenv(new_environ, ENV_SANDBOX_BASHRC, sandbox_info->sandbox_rc); |
1250 |
++ sandbox_setenv(new_environ, ENV_SANDBOX_PROFILE, sandbox_info->sandbox_profile); |
1251 |
+ sandbox_setenv(new_environ, ENV_SANDBOX_LOG, sandbox_info->sandbox_log); |
1252 |
+ sandbox_setenv(new_environ, ENV_SANDBOX_DEBUG_LOG, |
1253 |
+ sandbox_info->sandbox_debug_log); |
1254 |
+@@ -458,6 +464,11 @@ |
1255 |
+ exit(EXIT_FAILURE); |
1256 |
+ } |
1257 |
+ |
1258 |
++ if (0 >= exists(sandbox_info.sandbox_profile)) { |
1259 |
++ perror("sandbox: Could not open the sandbox profile file"); |
1260 |
++ exit(EXIT_FAILURE); |
1261 |
++ } |
1262 |
++ |
1263 |
+ /* set up the required environment variables */ |
1264 |
+ if (print_debug) |
1265 |
+ printf("Setting up the required environment variables.\n"); |
1266 |
+@@ -476,7 +487,7 @@ |
1267 |
+ argv_bash = (char **)malloc(6 * sizeof(char *)); |
1268 |
+ argv_bash[0] = strdup("/bin/bash"); |
1269 |
+ argv_bash[1] = strdup("-rcfile"); |
1270 |
+- argv_bash[2] = strdup(sandbox_info.sandbox_rc); |
1271 |
++ argv_bash[2] = strdup(sandbox_info.sandbox_profile); |
1272 |
+ |
1273 |
+ if (argc < 2) |
1274 |
+ argv_bash[3] = NULL; |
1275 |
+diff -ruN sandbox-1.2.17.orig/src/sandbox.h sandbox-1.2.17/src/sandbox.h |
1276 |
+--- sandbox-1.2.17.orig/src/sandbox.h 2005-12-05 14:23:13.000000000 +0100 |
1277 |
++++ sandbox-1.2.17/src/sandbox.h 2006-07-27 16:12:05.000000000 +0200 |
1278 |
+@@ -17,10 +17,11 @@ |
1279 |
+ #define LD_PRELOAD_FILE "/etc/ld.so.preload" |
1280 |
+ #define LIB_NAME "libsandbox.so" |
1281 |
+ #define BASHRC_NAME "sandbox.bashrc" |
1282 |
++#define BASHPROFILE_NAME "sandbox.profile" |
1283 |
+ #define TMPDIR "/tmp" |
1284 |
+-#define VAR_TMPDIR "/var/tmp" |
1285 |
+-#define PORTAGE_TMPDIR "/var/tmp/portage" |
1286 |
+-#define SANDBOX_LOG_LOCATION "/var/log/sandbox" |
1287 |
++#define VAR_TMPDIR LOCALSTATEDIR "/tmp" |
1288 |
++#define PORTAGE_TMPDIR VAR_TMPDIR "/portage" |
1289 |
++#define SANDBOX_LOG_LOCATION LOCALSTATEDIR "/log/sandbox" |
1290 |
+ #define LOG_FILE_PREFIX "/sandbox-" |
1291 |
+ #define DEBUG_LOG_FILE_PREFIX "/sandbox-debug-" |
1292 |
+ #define LOG_FILE_EXT ".log" |
1293 |
+@@ -38,6 +39,7 @@ |
1294 |
+ |
1295 |
+ #define ENV_SANDBOX_LIB "SANDBOX_LIB" |
1296 |
+ #define ENV_SANDBOX_BASHRC "SANDBOX_BASHRC" |
1297 |
++#define ENV_SANDBOX_PROFILE "SANDBOX_PROFILE" |
1298 |
+ #define ENV_SANDBOX_LOG "SANDBOX_LOG" |
1299 |
+ #define ENV_SANDBOX_DEBUG_LOG "SANDBOX_DEBUG_LOG" |
1300 |
+ |
1301 |
+diff -ruN sandbox-1.2.17.orig/src/sandbox_utils.c sandbox-1.2.17/src/sandbox_utils.c |
1302 |
+--- sandbox-1.2.17.orig/src/sandbox_utils.c 2005-12-05 09:36:32.000000000 +0100 |
1303 |
++++ sandbox-1.2.17/src/sandbox_utils.c 2006-07-27 16:12:05.000000000 +0200 |
1304 |
+@@ -42,6 +42,11 @@ |
1305 |
+ snprintf(path, SB_PATH_MAX, "%s/%s", SANDBOX_BASHRC_PATH, BASHRC_NAME); |
1306 |
+ } |
1307 |
+ |
1308 |
++void get_sandbox_profile(char *path) |
1309 |
++{ |
1310 |
++ snprintf(path, SB_PATH_MAX, "%s/%s", SANDBOX_BASHRC_PATH, BASHPROFILE_NAME); |
1311 |
++} |
1312 |
++ |
1313 |
+ void get_sandbox_log(char *path) |
1314 |
+ { |
1315 |
+ char *sandbox_log_env = NULL; |
1316 |
+--- sandbox-1.2.17/data/Makefile.am.orig 2006-07-27 16:25:09.000000000 +0200 |
1317 |
++++ sandbox-1.2.17/data/Makefile.am 2006-07-27 16:25:18.000000000 +0200 |
1318 |
+@@ -1,3 +1 @@ |
1319 |
+-dist_pkgdata_DATA = sandbox.bashrc |
1320 |
+- |
1321 |
+-EXTRA_DIST = sandbox.bashrc |
1322 |
++dist_pkgdata_DATA = sandbox.bashrc sandbox.profile |
1323 |
+diff -ru sandbox-1.2.17.orig/configure.ac sandbox-1.2.17/configure.ac |
1324 |
+--- sandbox-1.2.17.orig/configure.ac 2005-12-05 15:03:35.000000000 +0100 |
1325 |
++++ sandbox-1.2.17/configure.ac 2006-07-21 13:12:39.000000000 +0200 |
1326 |
+@@ -10,6 +10,8 @@ |
1327 |
+ AC_PROG_MAKE_SET |
1328 |
+ AC_PROG_AWK |
1329 |
+ AC_CHECK_PROGS([READELF], [readelf], [false]) |
1330 |
++AC_PATH_PROGS([CU_BASH], [bash], [/bin/bash]) |
1331 |
++AC_DEFINE_UNQUOTED([CU_BASH], ["${CU_BASH}"], [path to bash binary]) |
1332 |
+ |
1333 |
+ AC_ENABLE_SHARED |
1334 |
+ AC_DISABLE_STATIC |
1335 |
+diff -ru sandbox-1.2.17.orig/src/sandbox.c sandbox-1.2.17/src/sandbox.c |
1336 |
+--- sandbox-1.2.17.orig/src/sandbox.c 2005-12-05 14:15:45.000000000 +0100 |
1337 |
++++ sandbox-1.2.17/src/sandbox.c 2006-07-21 13:15:29.000000000 +0200 |
1338 |
+@@ -474,7 +474,7 @@ |
1339 |
+ chdir(sandbox_info.work_dir); |
1340 |
+ |
1341 |
+ argv_bash = (char **)malloc(6 * sizeof(char *)); |
1342 |
+- argv_bash[0] = strdup("/bin/bash"); |
1343 |
++ argv_bash[0] = strdup(CU_BASH); |
1344 |
+ argv_bash[1] = strdup("-rcfile"); |
1345 |
+ argv_bash[2] = strdup(sandbox_info.sandbox_rc); |
1346 |
+ |
1347 |
|
1348 |
diff --git a/sys-apps/sandbox/files/sandbox-1.2.18.1-open-cloexec.patch b/sys-apps/sandbox/files/sandbox-1.2.18.1-open-cloexec.patch |
1349 |
new file mode 100644 |
1350 |
index 0000000..806f1a3 |
1351 |
--- /dev/null |
1352 |
+++ b/sys-apps/sandbox/files/sandbox-1.2.18.1-open-cloexec.patch |
1353 |
@@ -0,0 +1,15 @@ |
1354 |
+http://bugs.gentoo.org/196720 |
1355 |
+ |
1356 |
+mark the new "e" fopen() flag as safe |
1357 |
+ |
1358 |
+--- sandbox-1.2.18.1/src/libsandbox.c |
1359 |
++++ sandbox-1.2.18.1/src/libsandbox.c |
1360 |
+@@ -1595,7 +1595,7 @@ |
1361 |
+ { |
1362 |
+ if (*mode == 'r' && (0 == (strcmp(mode, "r")) || |
1363 |
+ /* The strspn accept args are known non-writable modifiers */ |
1364 |
+- (strlen(++mode) == strspn(mode, "xbtmc")))) { |
1365 |
++ (strlen(++mode) == strspn(mode, "xbtmce")))) { |
1366 |
+ return before_syscall("open_rd", file); |
1367 |
+ } else { |
1368 |
+ return before_syscall("open_wr", file); |
1369 |
|
1370 |
diff --git a/sys-apps/sandbox/files/sandbox-1.2.18.1-open-normal-fail.patch b/sys-apps/sandbox/files/sandbox-1.2.18.1-open-normal-fail.patch |
1371 |
new file mode 100644 |
1372 |
index 0000000..49b57e4 |
1373 |
--- /dev/null |
1374 |
+++ b/sys-apps/sandbox/files/sandbox-1.2.18.1-open-normal-fail.patch |
1375 |
@@ -0,0 +1,99 @@ |
1376 |
+Patch from Kevin F. Quinn at https://bugs.gentoo.org/show_bug.cgi?id=135745 |
1377 |
+Already applied in sandbox svn |
1378 |
+ |
1379 |
+Makes sandboxed open() calls return the normal error conditions if the |
1380 |
+file in question does not exist, without causing a sandbox violation. |
1381 |
+This allows programs to use open() to test for file existance, regardless |
1382 |
+of read-write flags. This is not revealing any further information about |
1383 |
+the backing system because this data was already available through stat(). |
1384 |
+ |
1385 |
+Index: src/libsandbox.c |
1386 |
+=================================================================== |
1387 |
+--- src/libsandbox.c.orig |
1388 |
++++ src/libsandbox.c |
1389 |
+@@ -80,6 +80,9 @@ |
1390 |
+ #define FUNCTION_SANDBOX_SAFE_ACCESS(_func, _path, _flags) \ |
1391 |
+ ((0 == is_sandbox_on()) || (1 == before_syscall_access(_func, _path, _flags))) |
1392 |
+ |
1393 |
++#define FUNCTION_SANDBOX_FAIL_OPEN_INT(_func, _path, _flags) \ |
1394 |
++ ((0 == is_sandbox_on()) || (1 == before_syscall_open_int(_func, _path, _flags))) |
1395 |
++ |
1396 |
+ #define FUNCTION_SANDBOX_SAFE_OPEN_INT(_func, _path, _flags) \ |
1397 |
+ ((0 == is_sandbox_on()) || (1 == before_syscall_open_int(_func, _path, _flags))) |
1398 |
+ |
1399 |
+@@ -388,6 +391,16 @@ static FILE * (*true_ ## _name) (const c |
1400 |
+ FILE *_name(const char *pathname, const char *mode) \ |
1401 |
+ { \ |
1402 |
+ FILE *result = NULL; \ |
1403 |
++ int my_errno = errno; \ |
1404 |
++ struct stat st; \ |
1405 |
++\ |
1406 |
++ if (mode!=NULL && mode[0]=='r') { \ |
1407 |
++ /* If we're trying to read, fail normally if file does not stat */\ |
1408 |
++ if (-1 == stat(pathname, &st)) { \ |
1409 |
++ return NULL; \ |
1410 |
++ } \ |
1411 |
++ } \ |
1412 |
++ errno = my_errno; \ |
1413 |
+ \ |
1414 |
+ if FUNCTION_SANDBOX_SAFE_OPEN_CHAR("fopen", pathname, mode) { \ |
1415 |
+ check_dlsym(_name); \ |
1416 |
+@@ -561,12 +574,20 @@ int _name(const char *pathname, int flag |
1417 |
+ va_list ap; \ |
1418 |
+ int mode = 0; \ |
1419 |
+ int result = -1; \ |
1420 |
++ int my_errno = errno; \ |
1421 |
++ struct stat st; \ |
1422 |
+ \ |
1423 |
+ if (flags & O_CREAT) { \ |
1424 |
+ va_start(ap, flags); \ |
1425 |
+ mode = va_arg(ap, int); \ |
1426 |
+ va_end(ap); \ |
1427 |
++ } else { \ |
1428 |
++ /* If we're not trying to create, fail normally if file does not stat */\ |
1429 |
++ if (-1 == stat(pathname, &st)) { \ |
1430 |
++ return -1; \ |
1431 |
++ } \ |
1432 |
+ } \ |
1433 |
++ errno = my_errno; \ |
1434 |
+ \ |
1435 |
+ if FUNCTION_SANDBOX_SAFE_OPEN_INT("open", pathname, flags) { \ |
1436 |
+ check_dlsym(_name); \ |
1437 |
+@@ -726,6 +747,16 @@ static FILE * (*true_ ## _name) (const c |
1438 |
+ FILE *_name(const char *pathname, const char *mode) \ |
1439 |
+ { \ |
1440 |
+ FILE *result = NULL; \ |
1441 |
++ int my_errno = errno; \ |
1442 |
++ struct stat64 st; \ |
1443 |
++\ |
1444 |
++ if (mode!=NULL && mode[0]=='r') { \ |
1445 |
++ /* If we're trying to read, fail normally if file does not stat */\ |
1446 |
++ if (-1 == stat64(pathname, &st)) { \ |
1447 |
++ return NULL; \ |
1448 |
++ } \ |
1449 |
++ } \ |
1450 |
++ errno = my_errno; \ |
1451 |
+ \ |
1452 |
+ if FUNCTION_SANDBOX_SAFE_OPEN_CHAR("fopen64", pathname, mode) { \ |
1453 |
+ check_dlsym(_name); \ |
1454 |
+@@ -746,12 +777,20 @@ int _name(const char *pathname, int flag |
1455 |
+ va_list ap; \ |
1456 |
+ int mode = 0; \ |
1457 |
+ int result = -1; \ |
1458 |
++ int my_errno = errno; \ |
1459 |
++ struct stat64 st; \ |
1460 |
+ \ |
1461 |
+ if (flags & O_CREAT) { \ |
1462 |
+ va_start(ap, flags); \ |
1463 |
+ mode = va_arg(ap, int); \ |
1464 |
+ va_end(ap); \ |
1465 |
++ } else { \ |
1466 |
++ /* If we're not trying to create, fail normally if file does not stat */\ |
1467 |
++ if (-1 == stat64(pathname, &st)) { \ |
1468 |
++ return -1; \ |
1469 |
++ } \ |
1470 |
+ } \ |
1471 |
++ errno = my_errno; \ |
1472 |
+ \ |
1473 |
+ if FUNCTION_SANDBOX_SAFE_OPEN_INT("open64", pathname, flags) { \ |
1474 |
+ check_dlsym(_name); \ |
1475 |
|
1476 |
diff --git a/sys-apps/sandbox/files/sandbox-1.2.18.1-rtld-validation.patch b/sys-apps/sandbox/files/sandbox-1.2.18.1-rtld-validation.patch |
1477 |
new file mode 100644 |
1478 |
index 0000000..36e96f5 |
1479 |
--- /dev/null |
1480 |
+++ b/sys-apps/sandbox/files/sandbox-1.2.18.1-rtld-validation.patch |
1481 |
@@ -0,0 +1,43 @@ |
1482 |
+From: Robin H. Johnson <robbat2@g.o> |
1483 |
+Gentoo-Bug: 206678 |
1484 |
+X-Gentoo-URL: http://bugs.gentoo.org/show_bug.cgi?id=206678 |
1485 |
+Signed-off-by: Robin H. Johnson <robbat2@g.o> |
1486 |
+ |
1487 |
+Based on a previous revision by solar@g.o. |
1488 |
+It seems that on hardened systems, USE_RTLD_NEXT is not always usable, and this |
1489 |
+trips up sandbox. |
1490 |
+ |
1491 |
+diff -Nuar sandbox-1.2.18.1.orig/src/libsandbox.c sandbox-1.2.18.1/src/libsandbox.c |
1492 |
+--- sandbox-1.2.18.1.orig/src/libsandbox.c 2008-06-27 16:15:53.000000000 +0000 |
1493 |
++++ sandbox-1.2.18.1/src/libsandbox.c 2008-06-27 16:20:26.000000000 +0000 |
1494 |
+@@ -192,18 +192,24 @@ |
1495 |
+ { |
1496 |
+ void *symaddr = NULL; |
1497 |
+ |
1498 |
+- if (NULL == libc_handle) { |
1499 |
+-#if !defined(USE_RTLD_NEXT) |
1500 |
++#if defined(USE_RTLD_NEXT) |
1501 |
++ libc_handle = RTLD_NEXT; |
1502 |
++#endif |
1503 |
++ |
1504 |
++ /* Checking for -1UL is significent on hardened! |
1505 |
++ * USE_RTLD_NEXT returns it as a sign of being unusable. |
1506 |
++ * However using !x or NULL checks does NOT pick it up! |
1507 |
++ */ |
1508 |
++#define INVALID_LIBC_HANDLE(x) (!x || NULL == x || -1UL == x) |
1509 |
++ if (INVALID_LIBC_HANDLE(libc_handle)) { |
1510 |
+ libc_handle = dlopen(LIBC_VERSION, RTLD_LAZY); |
1511 |
+- if (!libc_handle) { |
1512 |
++ if (INVALID_LIBC_HANDLE(libc_handle)) { |
1513 |
+ fprintf(stderr, "libsandbox: Can't dlopen libc: %s\n", |
1514 |
+ dlerror()); |
1515 |
+ exit(EXIT_FAILURE); |
1516 |
+ } |
1517 |
+-#else |
1518 |
+- libc_handle = RTLD_NEXT; |
1519 |
+-#endif |
1520 |
+ } |
1521 |
++#undef INVALID_LIBC_HANDLE |
1522 |
+ |
1523 |
+ if (NULL == symver) |
1524 |
+ symaddr = dlsym(libc_handle, symname); |
1525 |
|
1526 |
diff --git a/sys-apps/sandbox/files/sandbox-1.2.20_alpha2-parallel.patch b/sys-apps/sandbox/files/sandbox-1.2.20_alpha2-parallel.patch |
1527 |
new file mode 100644 |
1528 |
index 0000000..cbf769f |
1529 |
--- /dev/null |
1530 |
+++ b/sys-apps/sandbox/files/sandbox-1.2.20_alpha2-parallel.patch |
1531 |
@@ -0,0 +1,12 @@ |
1532 |
+http://bugs.gentooorg/190051 |
1533 |
+ |
1534 |
+--- libsandbox/Makefile.in |
1535 |
++++ libsandbox/Makefile.in |
1536 |
+@@ -517,6 +517,7 @@ |
1537 |
+ |
1538 |
+ |
1539 |
+ libsandbox.c: libsandbox.map symbols.h |
1540 |
++wrappers.c: symbols.h |
1541 |
+ |
1542 |
+ libsandbox.map: $(SYMBOLS_FILE) $(GEN_VERSION_MAP_SCRIPT) |
1543 |
+ @echo "Generating $@"; \ |
1544 |
|
1545 |
diff --git a/sys-apps/sandbox/files/sandbox-1.6-disable-pthread.patch b/sys-apps/sandbox/files/sandbox-1.6-disable-pthread.patch |
1546 |
new file mode 100644 |
1547 |
index 0000000..490bc41 |
1548 |
--- /dev/null |
1549 |
+++ b/sys-apps/sandbox/files/sandbox-1.6-disable-pthread.patch |
1550 |
@@ -0,0 +1,37 @@ |
1551 |
+http://bugs.gentoo.org/263657 |
1552 |
+ |
1553 |
+disable pthread locks ... this is how stable has always worked, so there |
1554 |
+wont be any regressions ... |
1555 |
+ |
1556 |
+diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c |
1557 |
+index 034d0e7..595d17f 100644 |
1558 |
+--- a/libsandbox/libsandbox.c |
1559 |
++++ b/libsandbox/libsandbox.c |
1560 |
+@@ -814,9 +814,6 @@ |
1561 |
+ return result; |
1562 |
+ } |
1563 |
+ |
1564 |
+-/* Need to protect the global sbcontext structure */ |
1565 |
+-static pthread_mutex_t sb_syscall_lock = PTHREAD_MUTEX_INITIALIZER; |
1566 |
+- |
1567 |
+ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, int flags) |
1568 |
+ { |
1569 |
+ int old_errno = errno; |
1570 |
+@@ -843,8 +840,6 @@ |
1571 |
+ file = at_file_buf; |
1572 |
+ } |
1573 |
+ |
1574 |
+- pthread_mutex_lock(&sb_syscall_lock); |
1575 |
+- |
1576 |
+ if (!sb_init) { |
1577 |
+ init_context(&sbcontext); |
1578 |
+ sb_init = true; |
1579 |
+@@ -885,8 +880,6 @@ |
1580 |
+ |
1581 |
+ result = check_syscall(&sbcontext, sb_nr, func, file, flags); |
1582 |
+ |
1583 |
+- pthread_mutex_unlock(&sb_syscall_lock); |
1584 |
+- |
1585 |
+ if (0 == result) { |
1586 |
+ if ((NULL != getenv(ENV_SANDBOX_PID)) && (is_env_on(ENV_SANDBOX_ABORT))) |
1587 |
+ |
1588 |
|
1589 |
diff --git a/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch b/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch |
1590 |
new file mode 100644 |
1591 |
index 0000000..754ef01 |
1592 |
--- /dev/null |
1593 |
+++ b/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch |
1594 |
@@ -0,0 +1,13 @@ |
1595 |
+sandbox-1.7 traces static apps so disable the qa notice as it just scares |
1596 |
+users ... dont want scary stuff in stable! |
1597 |
+ |
1598 |
+--- libsandbox/wrapper-funcs/__wrapper_exec.c |
1599 |
++++ libsandbox/wrapper-funcs/__wrapper_exec.c |
1600 |
+@@ -221,7 +221,6 @@ |
1601 |
+ if (!FUNCTION_SANDBOX_SAFE(path)) |
1602 |
+ return result; |
1603 |
+ |
1604 |
+- sb_check_exec(path, argv); |
1605 |
+ } |
1606 |
+ #endif |
1607 |
+ |
1608 |
|
1609 |
diff --git a/sys-apps/sandbox/files/sandbox-1.9-setoptions.patch b/sys-apps/sandbox/files/sandbox-1.9-setoptions.patch |
1610 |
new file mode 100644 |
1611 |
index 0000000..34e8722 |
1612 |
--- /dev/null |
1613 |
+++ b/sys-apps/sandbox/files/sandbox-1.9-setoptions.patch |
1614 |
@@ -0,0 +1,15 @@ |
1615 |
+ Fix undefined PTRACE_SETOPTIONS error, patch by grobian |
1616 |
+ |
1617 |
+diff --git a/libsandbox/trace.c b/libsandbox/trace.c |
1618 |
+index 7c5ec17..eaf520f 100644 |
1619 |
+--- a/libsandbox/trace.c |
1620 |
++++ b/libsandbox/trace.c |
1621 |
+@@ -425,7 +425,7 @@ void trace_main(const char *filename, char *const argv[]) |
1622 |
+ SB_DEBUG("parent waiting for child (pid=%i) to signal", trace_pid); |
1623 |
+ while (!child_stopped) |
1624 |
+ sched_yield(); |
1625 |
+-#ifdef PTRACE_O_TRACESYSGOOD |
1626 |
++#if defined(PTRACE_O_TRACESYSGOOD) && defined(PTRACE_SETOPTIONS) |
1627 |
+ /* Not all kernel versions support this, so ignore return */ |
1628 |
+ ptrace(PTRACE_SETOPTIONS, trace_pid, NULL, (void *)PTRACE_O_TRACESYSGOOD); |
1629 |
+ #endif |
1630 |
|
1631 |
diff --git a/sys-apps/sandbox/files/sandbox-2.0-prefix.patch b/sys-apps/sandbox/files/sandbox-2.0-prefix.patch |
1632 |
new file mode 100644 |
1633 |
index 0000000..5e32912 |
1634 |
--- /dev/null |
1635 |
+++ b/sys-apps/sandbox/files/sandbox-2.0-prefix.patch |
1636 |
@@ -0,0 +1,37 @@ |
1637 |
+* heiko's way of getting this thing going |
1638 |
+http://repo.or.cz/w/heikos-i-prolly-break-your-prefix-overlay.git?a=blob;f=sys-apps/sandbox/files/sandbox-2.0-prefix.patch;h=7b4f568679522682ba784853829a0f2b1272b21d;hb=HEAD |
1639 |
+ |
1640 |
+diff --git a/libsbutil/get_sandbox_lib.c b/libsbutil/get_sandbox_lib.c |
1641 |
+index b64a5ac..1cf4832 100644 |
1642 |
+--- a/libsbutil/get_sandbox_lib.c |
1643 |
++++ b/libsbutil/get_sandbox_lib.c |
1644 |
+@@ -22,6 +22,7 @@ |
1645 |
+ void get_sandbox_lib(char *path) |
1646 |
+ { |
1647 |
+ save_errno(); |
1648 |
++#ifndef GENTOO_PREFIX |
1649 |
+ strcpy(path, LIB_NAME); |
1650 |
+ if (strncmp("/usr/lib", LIBSANDBOX_PATH, 8)) { |
1651 |
+ void *hndl = dlopen(path, RTLD_LAZY); |
1652 |
+@@ -30,5 +31,10 @@ void get_sandbox_lib(char *path) |
1653 |
+ else |
1654 |
+ dlclose(hndl); |
1655 |
+ } |
1656 |
++#else |
1657 |
++ /* Gentoo Prefix always needs the absolute path due to DT_R*PATH usage |
1658 |
++ * within dlopen(). */ |
1659 |
++ snprintf(path, SB_PATH_MAX, "%s/%s", LIBSANDBOX_PATH, LIB_NAME); |
1660 |
++#endif |
1661 |
+ restore_errno(); |
1662 |
+ } |
1663 |
+--- a/etc/sandbox.d/00default.orig 2009-06-22 14:10:30.000000000 +0200 |
1664 |
++++ a/etc/sandbox.d/00default 2009-06-22 14:11:41.000000000 +0200 |
1665 |
+@@ -14,7 +14,7 @@ |
1666 |
+ # Finally add current directory if interactive |
1667 |
+ SANDBOX_WRITE="${SANDBOX_WORKDIR}" |
1668 |
+ # Needed for configure tests |
1669 |
+-SANDBOX_WRITE="/usr/tmp/conftest:/usr/lib/conftest:/usr/lib32/conftest:/usr/lib64/conftest:/usr/tmp/cf:/usr/lib/cf:/usr/lib32/cf:/usr/lib64/cf" |
1670 |
++SANDBOX_WRITE="@GENTOO_PORTAGE_EPREFIX@/usr/tmp/conftest:@GENTOO_PORTAGE_EPREFIX@/usr/lib/conftest:@GENTOO_PORTAGE_EPREFIX@/usr/lib32/conftest:@GENTOO_PORTAGE_EPREFIX@/usr/lib64/conftest:@GENTOO_PORTAGE_EPREFIX@/usr/tmp/cf:@GENTOO_PORTAGE_EPREFIX@/usr/lib/cf:@GENTOO_PORTAGE_EPREFIX@/usr/lib32/cf:@GENTOO_PORTAGE_EPREFIX@/usr/lib64/cf" |
1671 |
+ |
1672 |
+ # Usually writes in /home should not cause violations |
1673 |
+ SANDBOX_PREDICT="${HOME}" |
1674 |
|
1675 |
diff --git a/sys-apps/sandbox/files/sandbox-2.0-setoptions.patch b/sys-apps/sandbox/files/sandbox-2.0-setoptions.patch |
1676 |
new file mode 100644 |
1677 |
index 0000000..9430dbb |
1678 |
--- /dev/null |
1679 |
+++ b/sys-apps/sandbox/files/sandbox-2.0-setoptions.patch |
1680 |
@@ -0,0 +1,11 @@ |
1681 |
+--- libsandbox/trace.c.old 2009-06-30 10:11:40.000000000 -0500 |
1682 |
++++ libsandbox/trace.c 2009-06-30 10:11:58.000000000 -0500 |
1683 |
+@@ -476,7 +476,7 @@ |
1684 |
+ } else if (trace_pid) { |
1685 |
+ SB_DEBUG("parent waiting for child (pid=%i) to signal", trace_pid); |
1686 |
+ waitpid(trace_pid, NULL, 0); |
1687 |
+-#ifdef PTRACE_O_TRACESYSGOOD |
1688 |
++#if defined(PTRACE_SETOPTIONS) && defined(PTRACE_O_TRACESYSGOOD) |
1689 |
+ /* Not all kernel versions support this, so ignore return */ |
1690 |
+ ptrace(PTRACE_SETOPTIONS, trace_pid, NULL, (void *)PTRACE_O_TRACESYSGOOD); |
1691 |
+ #endif |
1692 |
|
1693 |
diff --git a/sys-apps/sandbox/files/sandbox-2.2-prefix.patch b/sys-apps/sandbox/files/sandbox-2.2-prefix.patch |
1694 |
new file mode 100644 |
1695 |
index 0000000..0cd5f3f |
1696 |
--- /dev/null |
1697 |
+++ b/sys-apps/sandbox/files/sandbox-2.2-prefix.patch |
1698 |
@@ -0,0 +1,26 @@ |
1699 |
+* heiko's way of getting this thing going |
1700 |
+http://repo.or.cz/w/heikos-i-prolly-break-your-prefix-overlay.git?a=blob;f=sys-apps/sandbox/files/sandbox-2.0-prefix.patch;h=7b4f568679522682ba784853829a0f2b1272b21d;hb=HEAD |
1701 |
+ |
1702 |
+diff --git a/libsbutil/get_sandbox_lib.c b/libsbutil/get_sandbox_lib.c |
1703 |
+index b64a5ac..1cf4832 100644 |
1704 |
+--- a/libsbutil/get_sandbox_lib.c |
1705 |
++++ b/libsbutil/get_sandbox_lib.c |
1706 |
+@@ -22,6 +22,7 @@ |
1707 |
+ void get_sandbox_lib(char *path) |
1708 |
+ { |
1709 |
+ save_errno(); |
1710 |
++#ifndef GENTOO_PREFIX |
1711 |
+ strcpy(path, LIB_NAME); |
1712 |
+ if (strncmp("/usr/lib", LIBSANDBOX_PATH, 8)) { |
1713 |
+ void *hndl = dlopen(path, RTLD_LAZY); |
1714 |
+@@ -30,5 +31,10 @@ void get_sandbox_lib(char *path) |
1715 |
+ else |
1716 |
+ dlclose(hndl); |
1717 |
+ } |
1718 |
++#else |
1719 |
++ /* Gentoo Prefix always needs the absolute path due to DT_R*PATH usage |
1720 |
++ * within dlopen(). */ |
1721 |
++ snprintf(path, SB_PATH_MAX, "%s/%s", LIBSANDBOX_PATH, LIB_NAME); |
1722 |
++#endif |
1723 |
+ restore_errno(); |
1724 |
+ } |
1725 |
|
1726 |
diff --git a/sys-apps/sandbox/files/sandbox-2.6-check-empty-paths-at.patch b/sys-apps/sandbox/files/sandbox-2.6-check-empty-paths-at.patch |
1727 |
new file mode 100755 |
1728 |
index 0000000..e4dc529 |
1729 |
--- /dev/null |
1730 |
+++ b/sys-apps/sandbox/files/sandbox-2.6-check-empty-paths-at.patch |
1731 |
@@ -0,0 +1,201 @@ |
1732 |
+From dd726dcc6a95355d0e0cc949018d9c8aefc89a02 Mon Sep 17 00:00:00 2001 |
1733 |
+From: Mike Frysinger <vapier@g.o> |
1734 |
+Date: Mon, 24 Dec 2012 19:41:49 -0500 |
1735 |
+Subject: [PATCH 1/2] libsandbox: reject "" paths with *at funcs before |
1736 |
+ checking the dirfd |
1737 |
+ |
1738 |
+When it comes to processing errors, an empty path is checked before |
1739 |
+an invalid dirfd. Make sure sandbox matches that behavior for the |
1740 |
+random testsuites out there that look for this. |
1741 |
+ |
1742 |
+URL: https://bugs.gentoo.org/346929 |
1743 |
+Reported-by: Marien Zwart <marienz@g.o> |
1744 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
1745 |
+--- |
1746 |
+ libsandbox/wrapper-funcs/__pre_check.c | 2 ++ |
1747 |
+ libsandbox/wrapper-funcs/mkdirat_pre_check.c | 17 +++++------------ |
1748 |
+ libsandbox/wrapper-funcs/openat_pre_check.c | 15 ++++----------- |
1749 |
+ libsandbox/wrapper-funcs/unlinkat_pre_check.c | 17 +++++------------ |
1750 |
+ libsandbox/wrappers.h | 2 ++ |
1751 |
+ tests/mkdirat-3.sh | 7 +++++++ |
1752 |
+ tests/mkdirat.at | 1 + |
1753 |
+ tests/openat-2.sh | 9 +++++++++ |
1754 |
+ tests/openat.at | 1 + |
1755 |
+ tests/unlinkat-4.sh | 7 +++++++ |
1756 |
+ tests/unlinkat.at | 1 + |
1757 |
+ 11 files changed, 44 insertions(+), 35 deletions(-) |
1758 |
+ create mode 100755 tests/mkdirat-3.sh |
1759 |
+ create mode 100755 tests/openat-2.sh |
1760 |
+ create mode 100755 tests/unlinkat-4.sh |
1761 |
+ |
1762 |
+diff --git a/libsandbox/wrapper-funcs/__pre_check.c b/libsandbox/wrapper-funcs/__pre_check.c |
1763 |
+index 2d5711f..28ad91f 100644 |
1764 |
+--- a/libsandbox/wrapper-funcs/__pre_check.c |
1765 |
++++ b/libsandbox/wrapper-funcs/__pre_check.c |
1766 |
+@@ -20,3 +20,5 @@ |
1767 |
+ #if SB_NR_UNLINK != SB_NR_UNDEF && SB_NR_UNLINKAT == SB_NR_UNDEF |
1768 |
+ # include "unlinkat_pre_check.c" |
1769 |
+ #endif |
1770 |
++ |
1771 |
++#include "__pre_at_check.c" |
1772 |
+diff --git a/libsandbox/wrapper-funcs/mkdirat_pre_check.c b/libsandbox/wrapper-funcs/mkdirat_pre_check.c |
1773 |
+index 77a65df..0b48d1f 100644 |
1774 |
+--- a/libsandbox/wrapper-funcs/mkdirat_pre_check.c |
1775 |
++++ b/libsandbox/wrapper-funcs/mkdirat_pre_check.c |
1776 |
+@@ -1,20 +1,13 @@ |
1777 |
+ bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd) |
1778 |
+ { |
1779 |
+ char canonic[SB_PATH_MAX]; |
1780 |
+- char dirfd_path[SB_PATH_MAX]; |
1781 |
+ |
1782 |
+ save_errno(); |
1783 |
+ |
1784 |
+- /* Expand the dirfd path first */ |
1785 |
+- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) { |
1786 |
+- case -1: |
1787 |
+- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n", |
1788 |
+- func, pathname, strerror(errno)); |
1789 |
+- return false; |
1790 |
+- case 0: |
1791 |
+- pathname = dirfd_path; |
1792 |
+- break; |
1793 |
+- } |
1794 |
++ /* Check incoming args against common *at issues */ |
1795 |
++ char dirfd_path[SB_PATH_MAX]; |
1796 |
++ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path))) |
1797 |
++ return false; |
1798 |
+ |
1799 |
+ /* Then break down any relative/symlink paths */ |
1800 |
+ if (-1 == canonicalize(pathname, canonic)) |
1801 |
+diff --git a/libsandbox/wrapper-funcs/openat_pre_check.c b/libsandbox/wrapper-funcs/openat_pre_check.c |
1802 |
+index 0127708..5fd5eaa 100644 |
1803 |
+--- a/libsandbox/wrapper-funcs/openat_pre_check.c |
1804 |
++++ b/libsandbox/wrapper-funcs/openat_pre_check.c |
1805 |
+@@ -15,17 +15,10 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int |
1806 |
+ |
1807 |
+ save_errno(); |
1808 |
+ |
1809 |
+- /* Expand the dirfd path first */ |
1810 |
++ /* Check incoming args against common *at issues */ |
1811 |
+ char dirfd_path[SB_PATH_MAX]; |
1812 |
+- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) { |
1813 |
+- case -1: |
1814 |
+- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n", |
1815 |
+- func, pathname, strerror(errno)); |
1816 |
+- return false; |
1817 |
+- case 0: |
1818 |
+- pathname = dirfd_path; |
1819 |
+- break; |
1820 |
+- } |
1821 |
++ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path))) |
1822 |
++ return false; |
1823 |
+ |
1824 |
+ /* Doesn't exist -> skip permission checks */ |
1825 |
+ struct stat st; |
1826 |
+diff --git a/libsandbox/wrapper-funcs/unlinkat_pre_check.c b/libsandbox/wrapper-funcs/unlinkat_pre_check.c |
1827 |
+index 9f5e7d7..c004d15 100644 |
1828 |
+--- a/libsandbox/wrapper-funcs/unlinkat_pre_check.c |
1829 |
++++ b/libsandbox/wrapper-funcs/unlinkat_pre_check.c |
1830 |
+@@ -1,20 +1,13 @@ |
1831 |
+ bool sb_unlinkat_pre_check(const char *func, const char *pathname, int dirfd) |
1832 |
+ { |
1833 |
+ char canonic[SB_PATH_MAX]; |
1834 |
+- char dirfd_path[SB_PATH_MAX]; |
1835 |
+ |
1836 |
+ save_errno(); |
1837 |
+ |
1838 |
+- /* Expand the dirfd path first */ |
1839 |
+- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) { |
1840 |
+- case -1: |
1841 |
+- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n", |
1842 |
+- func, pathname, strerror(errno)); |
1843 |
+- return false; |
1844 |
+- case 0: |
1845 |
+- pathname = dirfd_path; |
1846 |
+- break; |
1847 |
+- } |
1848 |
++ /* Check incoming args against common *at issues */ |
1849 |
++ char dirfd_path[SB_PATH_MAX]; |
1850 |
++ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path))) |
1851 |
++ return false; |
1852 |
+ |
1853 |
+ /* Then break down any relative/symlink paths */ |
1854 |
+ if (-1 == canonicalize(pathname, canonic)) |
1855 |
+diff --git a/libsandbox/wrappers.h b/libsandbox/wrappers.h |
1856 |
+index 5b97787..0aa58bb 100644 |
1857 |
+--- a/libsandbox/wrappers.h |
1858 |
++++ b/libsandbox/wrappers.h |
1859 |
+@@ -28,5 +28,7 @@ attribute_hidden bool sb_mkdirat_pre_check (const char *func, const char *pathn |
1860 |
+ attribute_hidden bool sb_openat_pre_check (const char *func, const char *pathname, int dirfd, int flags); |
1861 |
+ attribute_hidden bool sb_openat64_pre_check (const char *func, const char *pathname, int dirfd, int flags); |
1862 |
+ attribute_hidden bool sb_unlinkat_pre_check (const char *func, const char *pathname, int dirfd); |
1863 |
++attribute_hidden bool sb_common_at_pre_check(const char *func, const char **pathname, int dirfd, |
1864 |
++ char *dirfd_path, size_t dirfd_path_len); |
1865 |
+ |
1866 |
+ #endif |
1867 |
+-- |
1868 |
+1.8.1.2 |
1869 |
+ |
1870 |
+From 0b8a6d9773cc0e6d86bf1187f46817d5716698fe Mon Sep 17 00:00:00 2001 |
1871 |
+From: Mike Frysinger <vapier@g.o> |
1872 |
+Date: Mon, 24 Dec 2012 19:41:49 -0500 |
1873 |
+Subject: [PATCH 2/2] libsandbox: reject "" paths with *at funcs before |
1874 |
+ checking the dirfd [missing file] |
1875 |
+ |
1876 |
+When it comes to processing errors, an empty path is checked before |
1877 |
+an invalid dirfd. Make sure sandbox matches that behavior for the |
1878 |
+random testsuites out there that look for this. |
1879 |
+ |
1880 |
+Forgot to `git add` in the previous commit :/. |
1881 |
+ |
1882 |
+URL: https://bugs.gentoo.org/346929 |
1883 |
+Reported-by: Marien Zwart <marienz@g.o> |
1884 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
1885 |
+--- |
1886 |
+ libsandbox/wrapper-funcs/__pre_at_check.c | 34 +++++++++++++++++++++++++++++++ |
1887 |
+ 1 file changed, 34 insertions(+) |
1888 |
+ create mode 100644 libsandbox/wrapper-funcs/__pre_at_check.c |
1889 |
+ |
1890 |
+diff --git a/libsandbox/wrapper-funcs/__pre_at_check.c b/libsandbox/wrapper-funcs/__pre_at_check.c |
1891 |
+new file mode 100644 |
1892 |
+index 0000000..f72c40c |
1893 |
+--- /dev/null |
1894 |
++++ b/libsandbox/wrapper-funcs/__pre_at_check.c |
1895 |
+@@ -0,0 +1,34 @@ |
1896 |
++/* |
1897 |
++ * common *at() pre-checks. |
1898 |
++ * |
1899 |
++ * Copyright 1999-2012 Gentoo Foundation |
1900 |
++ * Licensed under the GPL-2 |
1901 |
++ */ |
1902 |
++ |
1903 |
++/* We assume the parent has nested use with save/restore errno */ |
1904 |
++bool sb_common_at_pre_check(const char *func, const char **pathname, int dirfd, |
1905 |
++ char *dirfd_path, size_t dirfd_path_len) |
1906 |
++{ |
1907 |
++ /* the empty path name should fail with ENOENT before any dirfd |
1908 |
++ * checks get a chance to run #346929 |
1909 |
++ */ |
1910 |
++ if (*pathname && *pathname[0] == '\0') { |
1911 |
++ errno = ENOENT; |
1912 |
++ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n", |
1913 |
++ func, *pathname, strerror(errno)); |
1914 |
++ return false; |
1915 |
++ } |
1916 |
++ |
1917 |
++ /* Expand the dirfd path first */ |
1918 |
++ switch (resolve_dirfd_path(dirfd, *pathname, dirfd_path, dirfd_path_len)) { |
1919 |
++ case -1: |
1920 |
++ sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n", |
1921 |
++ func, *pathname, strerror(errno)); |
1922 |
++ return false; |
1923 |
++ case 0: |
1924 |
++ *pathname = dirfd_path; |
1925 |
++ break; |
1926 |
++ } |
1927 |
++ |
1928 |
++ return true; |
1929 |
++} |
1930 |
+-- |
1931 |
+1.8.1.2 |
1932 |
+ |
1933 |
|
1934 |
diff --git a/sys-apps/sandbox/files/sandbox-2.6-desktop.patch b/sys-apps/sandbox/files/sandbox-2.6-desktop.patch |
1935 |
new file mode 100755 |
1936 |
index 0000000..fbecb07 |
1937 |
--- /dev/null |
1938 |
+++ b/sys-apps/sandbox/files/sandbox-2.6-desktop.patch |
1939 |
@@ -0,0 +1,30 @@ |
1940 |
+From 00044ab0c8aaaabf048b5ff0ec2da5b3d7d25752 Mon Sep 17 00:00:00 2001 |
1941 |
+From: Mike Frysinger <vapier@g.o> |
1942 |
+Date: Sat, 17 Nov 2012 14:14:26 -0500 |
1943 |
+Subject: [PATCH] sandbox.desktop: drop .svg from Icon field |
1944 |
+MIME-Version: 1.0 |
1945 |
+Content-Type: text/plain; charset=UTF-8 |
1946 |
+Content-Transfer-Encoding: 8bit |
1947 |
+ |
1948 |
+URL: http://bugs.gentoo.org/443672 |
1949 |
+Reported-by: Petteri Räty <betelgeuse@g.o> |
1950 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
1951 |
+--- |
1952 |
+ data/sandbox.desktop | 2 +- |
1953 |
+ 1 file changed, 1 insertion(+), 1 deletion(-) |
1954 |
+ |
1955 |
+diff --git a/data/sandbox.desktop b/data/sandbox.desktop |
1956 |
+index 5b5b576..27a887e 100644 |
1957 |
+--- a/data/sandbox.desktop |
1958 |
++++ b/data/sandbox.desktop |
1959 |
+@@ -5,6 +5,6 @@ Type=Application |
1960 |
+ Comment=launch a sandboxed shell ... useful for debugging ebuilds |
1961 |
+ Exec=sandbox |
1962 |
+ TryExec=sandbox |
1963 |
+-Icon=sandbox.svg |
1964 |
++Icon=sandbox |
1965 |
+ Categories=Development; |
1966 |
+ Terminal=true |
1967 |
+-- |
1968 |
+1.8.1.2 |
1969 |
+ |
1970 |
|
1971 |
diff --git a/sys-apps/sandbox/files/sandbox-2.6-log-var.patch b/sys-apps/sandbox/files/sandbox-2.6-log-var.patch |
1972 |
new file mode 100755 |
1973 |
index 0000000..bfea9e5 |
1974 |
--- /dev/null |
1975 |
+++ b/sys-apps/sandbox/files/sandbox-2.6-log-var.patch |
1976 |
@@ -0,0 +1,51 @@ |
1977 |
+From 853b42c86432eefc6d4cfba86197fb37d446366d Mon Sep 17 00:00:00 2001 |
1978 |
+From: Mike Frysinger <vapier@g.o> |
1979 |
+Date: Sun, 3 Mar 2013 05:34:09 -0500 |
1980 |
+Subject: [PATCH] sandbox: accept SANDBOX_LOG vars whatever their values |
1981 |
+ |
1982 |
+Commit 40abb498ca4a24495fe34e133379382ce8c3eaca subtly broke the sandbox |
1983 |
+with portage. It changed how the sandbox log env var was accessed by |
1984 |
+moving from getenv() to get_sandbox_log(). The latter has path checking |
1985 |
+and will kick out values that contain a slash. That means every time a |
1986 |
+new process starts, a new sandbox log path will be generated, and when a |
1987 |
+program triggers a violation, it'll write to the new file. Meanwhile, |
1988 |
+portage itself watches the original one which never gets updated. |
1989 |
+ |
1990 |
+This code has been around forever w/out documentation, and I can't think |
1991 |
+of a reason we need it. So punt it. |
1992 |
+ |
1993 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
1994 |
+--- |
1995 |
+ libsbutil/get_sandbox_log.c | 14 +++++--------- |
1996 |
+ 1 file changed, 5 insertions(+), 9 deletions(-) |
1997 |
+ |
1998 |
+diff --git a/libsbutil/get_sandbox_log.c b/libsbutil/get_sandbox_log.c |
1999 |
+index a79b399..bdb4278 100644 |
2000 |
+--- a/libsbutil/get_sandbox_log.c |
2001 |
++++ b/libsbutil/get_sandbox_log.c |
2002 |
+@@ -21,17 +21,13 @@ static void _get_sb_log(char *path, const char *tmpdir, const char *env, const c |
2003 |
+ |
2004 |
+ sandbox_log_env = getenv(env); |
2005 |
+ |
2006 |
+- if (sandbox_log_env && is_env_on(ENV_SANDBOX_TESTING)) { |
2007 |
+- /* When testing, just use what the env says to */ |
2008 |
++ if (sandbox_log_env) { |
2009 |
++ /* If the env is viable, roll with it. We aren't really |
2010 |
++ * about people breaking the security of the sandbox by |
2011 |
++ * exporting SANDBOX_LOG=/dev/null. |
2012 |
++ */ |
2013 |
+ strncpy(path, sandbox_log_env, SB_PATH_MAX); |
2014 |
+ } else { |
2015 |
+- /* THIS CHUNK BREAK THINGS BY DOING THIS: |
2016 |
+- * SANDBOX_LOG=/tmp/sandbox-app-admin/superadduser-1.0.7-11063.log |
2017 |
+- */ |
2018 |
+- if ((NULL != sandbox_log_env) && |
2019 |
+- (NULL != strchr(sandbox_log_env, '/'))) |
2020 |
+- sandbox_log_env = NULL; |
2021 |
+- |
2022 |
+ snprintf(path, SB_PATH_MAX, "%s%s%s%s%d%s", |
2023 |
+ SANDBOX_LOG_LOCATION, prefix, |
2024 |
+ (sandbox_log_env == NULL ? "" : sandbox_log_env), |
2025 |
+-- |
2026 |
+1.8.1.2 |
2027 |
+ |
2028 |
|
2029 |
diff --git a/sys-apps/sandbox/files/sandbox-2.6-open-nofollow.patch b/sys-apps/sandbox/files/sandbox-2.6-open-nofollow.patch |
2030 |
new file mode 100755 |
2031 |
index 0000000..0101ece |
2032 |
--- /dev/null |
2033 |
+++ b/sys-apps/sandbox/files/sandbox-2.6-open-nofollow.patch |
2034 |
@@ -0,0 +1,54 @@ |
2035 |
+From 45fa8714a1d35e6555083d88a71851ada2aacac4 Mon Sep 17 00:00:00 2001 |
2036 |
+From: Mike Frysinger <vapier@g.o> |
2037 |
+Date: Mon, 24 Dec 2012 18:46:29 -0500 |
2038 |
+Subject: [PATCH] libsandbox: handle open(O_NOFOLLOW) |
2039 |
+ |
2040 |
+We don't check for O_NOFOLLOW in the open wrappers, so we end up |
2041 |
+returning the wrong error when operating on broken symlinks. |
2042 |
+ |
2043 |
+URL: https://bugs.gentoo.org/413441 |
2044 |
+Reported-by: Marien Zwart <marienz@g.o> |
2045 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
2046 |
+--- |
2047 |
+ libsandbox/wrapper-funcs/__64_post.h | 1 + |
2048 |
+ libsandbox/wrapper-funcs/__64_pre.h | 1 + |
2049 |
+ libsandbox/wrapper-funcs/openat_pre_check.c | 2 +- |
2050 |
+ tests/open-2.sh | 10 ++++++++++ |
2051 |
+ tests/open.at | 1 + |
2052 |
+ 5 files changed, 14 insertions(+), 1 deletion(-) |
2053 |
+ create mode 100755 tests/open-2.sh |
2054 |
+ |
2055 |
+diff --git a/libsandbox/wrapper-funcs/__64_post.h b/libsandbox/wrapper-funcs/__64_post.h |
2056 |
+index 2fd2182..82d2a16 100644 |
2057 |
+--- a/libsandbox/wrapper-funcs/__64_post.h |
2058 |
++++ b/libsandbox/wrapper-funcs/__64_post.h |
2059 |
+@@ -1,3 +1,4 @@ |
2060 |
+ #undef SB64 |
2061 |
+ #undef stat |
2062 |
++#undef lstat |
2063 |
+ #undef off_t |
2064 |
+diff --git a/libsandbox/wrapper-funcs/__64_pre.h b/libsandbox/wrapper-funcs/__64_pre.h |
2065 |
+index 2132110..0b34b25 100644 |
2066 |
+--- a/libsandbox/wrapper-funcs/__64_pre.h |
2067 |
++++ b/libsandbox/wrapper-funcs/__64_pre.h |
2068 |
+@@ -1,3 +1,4 @@ |
2069 |
+ #define SB64 |
2070 |
+ #define stat stat64 |
2071 |
++#define lstat lstat64 |
2072 |
+ #define off_t off64_t |
2073 |
+diff --git a/libsandbox/wrapper-funcs/openat_pre_check.c b/libsandbox/wrapper-funcs/openat_pre_check.c |
2074 |
+index c827ee6..0127708 100644 |
2075 |
+--- a/libsandbox/wrapper-funcs/openat_pre_check.c |
2076 |
++++ b/libsandbox/wrapper-funcs/openat_pre_check.c |
2077 |
+@@ -29,7 +29,7 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int |
2078 |
+ |
2079 |
+ /* Doesn't exist -> skip permission checks */ |
2080 |
+ struct stat st; |
2081 |
+- if (-1 == stat(pathname, &st)) { |
2082 |
++ if (((flags & O_NOFOLLOW) ? lstat(pathname, &st) : stat(pathname, &st)) == -1) { |
2083 |
+ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n", |
2084 |
+ func, pathname, strerror(errno)); |
2085 |
+ return false; |
2086 |
+-- |
2087 |
+1.8.1.2 |
2088 |
+ |
2089 |
|
2090 |
diff --git a/sys-apps/sandbox/files/sandbox-2.6-prefix.patch b/sys-apps/sandbox/files/sandbox-2.6-prefix.patch |
2091 |
new file mode 100644 |
2092 |
index 0000000..d3861c0 |
2093 |
--- /dev/null |
2094 |
+++ b/sys-apps/sandbox/files/sandbox-2.6-prefix.patch |
2095 |
@@ -0,0 +1,70 @@ |
2096 |
+Index: sandbox-2.6/data/sandbox.bashrc |
2097 |
+=================================================================== |
2098 |
+--- sandbox-2.6.orig/data/sandbox.bashrc |
2099 |
++++ sandbox-2.6/data/sandbox.bashrc |
2100 |
+@@ -10,7 +10,7 @@ fi |
2101 |
+ export BASH_ENV="${SANDBOX_BASHRC}" |
2102 |
+ |
2103 |
+ alias make="make LD_PRELOAD=${LD_PRELOAD}" |
2104 |
+-alias su="su -c '/bin/bash -rcfile ${SANDBOX_BASHRC}'" |
2105 |
++alias su="su -c '@GENTOO_PORTAGE_EPREFIX@/bin/bash -rcfile ${SANDBOX_BASHRC}'" |
2106 |
+ |
2107 |
+ declare -r SANDBOX_ACTIVE |
2108 |
+ |
2109 |
+@@ -29,7 +29,7 @@ if [[ ${SANDBOX_INTRACTV} == "1" && -t 1 |
2110 |
+ ( |
2111 |
+ [[ ${NOCOLOR} == "true" || ${NOCOLOR} == "yes" || ${NOCOLOR} == "1" ]] && \ |
2112 |
+ export RC_NOCOLOR="yes" |
2113 |
+- source /etc/init.d/functions.sh |
2114 |
++ source @GENTOO_PORTAGE_EPREFIX@/etc/init.d/functions.sh |
2115 |
+ if [ $? -ne 0 ] ; then |
2116 |
+ einfo() { echo " INFO: $*"; } |
2117 |
+ ewarn() { echo " WARN: $*"; } |
2118 |
+@@ -55,7 +55,7 @@ if [[ ${SANDBOX_INTRACTV} == "1" && -t 1 |
2119 |
+ #sbs_pdir=$(portageq envvar PORTAGE_TMPDIR)/portage/ #portageq takes too long imo |
2120 |
+ if [[ -z ${PORTAGE_TMPDIR} ]] ; then |
2121 |
+ sbs_pdir=$( |
2122 |
+- for f in /etc/{,portage/}make.globals /etc/{,portage/}make.conf ; do |
2123 |
++ for f in @GENTOO_PORTAGE_EPREFIX@/etc/{,portage/}make.globals @GENTOO_PORTAGE_EPREFIX@/etc/{,portage/}make.conf ; do |
2124 |
+ [[ -e ${f} ]] && source ${f} |
2125 |
+ done |
2126 |
+ echo $PORTAGE_TMPDIR |
2127 |
+@@ -63,7 +63,7 @@ if [[ ${SANDBOX_INTRACTV} == "1" && -t 1 |
2128 |
+ else |
2129 |
+ sbs_pdir=${PORTAGE_TMPDIR} |
2130 |
+ fi |
2131 |
+- : ${sbs_pdir:=/var/tmp} |
2132 |
++ : ${sbs_pdir:=@GENTOO_PORTAGE_EPREFIX@/var/tmp} |
2133 |
+ sbs_pdir=${sbs_pdir}/portage/ |
2134 |
+ |
2135 |
+ if [[ ${PWD:0:${#sbs_pdir}} == "${sbs_pdir}" ]] ; then |
2136 |
+Index: sandbox-2.6/src/sandbox.c |
2137 |
+=================================================================== |
2138 |
+--- sandbox-2.6.orig/src/sandbox.c |
2139 |
++++ sandbox-2.6/src/sandbox.c |
2140 |
+@@ -269,7 +269,7 @@ int main(int argc, char **argv) |
2141 |
+ goto oom_error; |
2142 |
+ |
2143 |
+ /* Setup bash argv */ |
2144 |
+- str_list_add_item_copy(argv_bash, "/bin/bash", oom_error); |
2145 |
++ str_list_add_item_copy(argv_bash, "@GENTOO_PORTAGE_EPREFIX@/bin/bash", oom_error); |
2146 |
+ str_list_add_item_copy(argv_bash, "-rcfile", oom_error); |
2147 |
+ str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, oom_error); |
2148 |
+ if (argc >= 2) { |
2149 |
+Index: sandbox-2.6/libsbutil/sbutil.h |
2150 |
+=================================================================== |
2151 |
+--- sandbox-2.6.orig/libsbutil/sbutil.h |
2152 |
++++ sandbox-2.6/libsbutil/sbutil.h |
2153 |
+@@ -22,9 +22,9 @@ |
2154 |
+ #define LD_PRELOAD_EQ "LD_PRELOAD=" |
2155 |
+ #define LIB_NAME "libsandbox.so" |
2156 |
+ #define BASHRC_NAME "sandbox.bashrc" |
2157 |
+-#define TMPDIR "/tmp" |
2158 |
+-#define PORTAGE_TMPDIR "/var/tmp/portage" |
2159 |
+-#define SANDBOX_LOG_LOCATION "/var/log/sandbox" |
2160 |
++#define TMPDIR "@GENTOO_PORTAGE_EPREFIX@/tmp" |
2161 |
++#define PORTAGE_TMPDIR "@GENTOO_PORTAGE_EPREFIX@/var/tmp/portage" |
2162 |
++#define SANDBOX_LOG_LOCATION "@GENTOO_PORTAGE_EPREFIX@/var/log/sandbox" |
2163 |
+ #define LOG_FILE_PREFIX "/sandbox-" |
2164 |
+ #define DEBUG_LOG_FILE_PREFIX "/sandbox-debug-" |
2165 |
+ #define LOG_FILE_EXT ".log" |
2166 |
|
2167 |
diff --git a/sys-apps/sandbox/files/sandbox-2.6-static-close-fd.patch b/sys-apps/sandbox/files/sandbox-2.6-static-close-fd.patch |
2168 |
new file mode 100755 |
2169 |
index 0000000..7fc0972 |
2170 |
--- /dev/null |
2171 |
+++ b/sys-apps/sandbox/files/sandbox-2.6-static-close-fd.patch |
2172 |
@@ -0,0 +1,93 @@ |
2173 |
+From a3ff1534945c3898332b2481c9fd355dfbd56e1f Mon Sep 17 00:00:00 2001 |
2174 |
+From: Mike Frysinger <vapier@g.o> |
2175 |
+Date: Sat, 23 Jun 2012 11:52:51 -0700 |
2176 |
+Subject: [PATCH] libsandbox: clean up open file handles in parent tracing |
2177 |
+ process |
2178 |
+ |
2179 |
+Currently, if a non-static app sets up a pipe (with cloexec enabled) and |
2180 |
+executes a static app, the handle to that pipe is left open in the parent |
2181 |
+process. This causes trouble when the parent is waiting for that to be |
2182 |
+closed immediately. |
2183 |
+ |
2184 |
+Since none of the fds in the forked parent process matter to us, we can |
2185 |
+just go ahead and clean up all fds before we start tracing the child. |
2186 |
+ |
2187 |
+URL: http://bugs.gentoo.org/364877 |
2188 |
+Reported-by: Victor Stinner <victor.stinner@×××××××××.com> |
2189 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
2190 |
+--- |
2191 |
+ libsandbox/trace.c | 3 +- |
2192 |
+ libsbutil/sb_close.c | 26 +++++++++++- |
2193 |
+ libsbutil/sbutil.h | 1 + |
2194 |
+ tests/Makefile.am | 2 + |
2195 |
+ tests/pipe-fork_static_tst.c | 18 +++++++++ |
2196 |
+ tests/pipe-fork_tst.c | 95 ++++++++++++++++++++++++++++++++++++++++++++ |
2197 |
+ tests/script-9.sh | 5 +++ |
2198 |
+ tests/script.at | 1 + |
2199 |
+ 8 files changed, 149 insertions(+), 2 deletions(-) |
2200 |
+ create mode 100644 tests/pipe-fork_static_tst.c |
2201 |
+ create mode 100644 tests/pipe-fork_tst.c |
2202 |
+ create mode 100755 tests/script-9.sh |
2203 |
+ |
2204 |
+diff --git a/libsandbox/trace.c b/libsandbox/trace.c |
2205 |
+index 32ad2d6..dfbab18 100644 |
2206 |
+--- a/libsandbox/trace.c |
2207 |
++++ b/libsandbox/trace.c |
2208 |
+@@ -504,8 +504,9 @@ void trace_main(const char *filename, char *const argv[]) |
2209 |
+ /* Not all kernel versions support this, so ignore return */ |
2210 |
+ ptrace(PTRACE_SETOPTIONS, trace_pid, NULL, (void *)PTRACE_O_TRACESYSGOOD); |
2211 |
+ #endif |
2212 |
++ sb_close_all_fds(); |
2213 |
+ trace_loop(); |
2214 |
+- return; |
2215 |
++ sb_ebort("ISE: child should have quit, as should we\n"); |
2216 |
+ } |
2217 |
+ |
2218 |
+ sb_debug("child setting up ..."); |
2219 |
+diff --git a/libsbutil/sb_close.c b/libsbutil/sb_close.c |
2220 |
+index 17a4560..5379197 100644 |
2221 |
+--- a/libsbutil/sb_close.c |
2222 |
++++ b/libsbutil/sb_close.c |
2223 |
+@@ -29,3 +29,27 @@ int sb_close(int fd) |
2224 |
+ |
2225 |
+ return res; |
2226 |
+ } |
2227 |
++ |
2228 |
++/* Quickly close all the open fds (good for daemonization) */ |
2229 |
++void sb_close_all_fds(void) |
2230 |
++{ |
2231 |
++ DIR *dirp; |
2232 |
++ struct dirent *de; |
2233 |
++ int dfd, fd; |
2234 |
++ const char *fd_dir = sb_get_fd_dir(); |
2235 |
++ |
2236 |
++ dirp = opendir(fd_dir); |
2237 |
++ if (!dirp) |
2238 |
++ sb_ebort("could not process %s\n", fd_dir); |
2239 |
++ dfd = dirfd(dirp); |
2240 |
++ |
2241 |
++ while ((de = readdir(dirp)) != NULL) { |
2242 |
++ if (de->d_name[0] == '.') |
2243 |
++ continue; |
2244 |
++ fd = atoi(de->d_name); |
2245 |
++ if (fd != dfd) |
2246 |
++ close(fd); |
2247 |
++ } |
2248 |
++ |
2249 |
++ closedir(dirp); |
2250 |
++} |
2251 |
+diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h |
2252 |
+index 02b88cb..479734b 100644 |
2253 |
+--- a/libsbutil/sbutil.h |
2254 |
++++ b/libsbutil/sbutil.h |
2255 |
+@@ -97,6 +97,7 @@ int sb_open(const char *path, int flags, mode_t mode); |
2256 |
+ size_t sb_read(int fd, void *buf, size_t count); |
2257 |
+ size_t sb_write(int fd, const void *buf, size_t count); |
2258 |
+ int sb_close(int fd); |
2259 |
++void sb_close_all_fds(void); |
2260 |
+ int sb_copy_file_to_fd(const char *file, int ofd); |
2261 |
+ |
2262 |
+ /* Reliable output */ |
2263 |
+-- |
2264 |
+1.8.1.2 |
2265 |
+ |
2266 |
|
2267 |
diff --git a/sys-apps/sandbox/files/sandbox-2.6-trace-hppa.patch b/sys-apps/sandbox/files/sandbox-2.6-trace-hppa.patch |
2268 |
new file mode 100644 |
2269 |
index 0000000..7e73822 |
2270 |
--- /dev/null |
2271 |
+++ b/sys-apps/sandbox/files/sandbox-2.6-trace-hppa.patch |
2272 |
@@ -0,0 +1,27 @@ |
2273 |
+From 7b01f6103a9baddaf0252e7f850a4cef91a48b67 Mon Sep 17 00:00:00 2001 |
2274 |
+From: Mike Frysinger <vapier@g.o> |
2275 |
+Date: Fri, 6 Jul 2012 14:58:16 -0400 |
2276 |
+Subject: [PATCH] libsandbox: fix hppa trace code |
2277 |
+ |
2278 |
+URL: https://bugs.gentoo.org/425062 |
2279 |
+Reported-by: Jeroen Roovers <jer@g.o> |
2280 |
+Signed-off-by: Mike Frysinger <vapier@g.o> |
2281 |
+--- |
2282 |
+ libsandbox/trace/linux/hppa.c | 4 ++-- |
2283 |
+ 1 file changed, 2 insertions(+), 2 deletions(-) |
2284 |
+ |
2285 |
+diff --git a/libsandbox/trace/linux/hppa.c b/libsandbox/trace/linux/hppa.c |
2286 |
+index d23b0d1..5414354 100644 |
2287 |
+--- a/libsandbox/trace/linux/hppa.c |
2288 |
++++ b/libsandbox/trace/linux/hppa.c |
2289 |
+@@ -1,5 +1,5 @@ |
2290 |
+-#define trace_reg_sysnum (20 * 4) /* PT_GR20 */ |
2291 |
+-#define trace_reg_ret (28 * 4) /* PT_GR28 */ |
2292 |
++#define trace_reg_sysnum gr[20] |
2293 |
++#define trace_reg_ret gr[28] |
2294 |
+ |
2295 |
+ static unsigned long trace_arg(void *vregs, int num) |
2296 |
+ { |
2297 |
+-- |
2298 |
+1.7.9.7 |
2299 |
+ |
2300 |
|
2301 |
diff --git a/sys-apps/sandbox/metadata.xml b/sys-apps/sandbox/metadata.xml |
2302 |
new file mode 100644 |
2303 |
index 0000000..9e13eae |
2304 |
--- /dev/null |
2305 |
+++ b/sys-apps/sandbox/metadata.xml |
2306 |
@@ -0,0 +1,11 @@ |
2307 |
+<?xml version="1.0" encoding="UTF-8"?> |
2308 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
2309 |
+<pkgmetadata> |
2310 |
+ |
2311 |
+<!-- portage lacks a herd. correct this when we have one. --> |
2312 |
+ |
2313 |
+<maintainer> |
2314 |
+ <email>sandbox@g.o</email> |
2315 |
+ <description>Sandbox Maintainers</description> |
2316 |
+</maintainer> |
2317 |
+</pkgmetadata> |
2318 |
|
2319 |
diff --git a/sys-apps/sandbox/sandbox-1.6-r2.ebuild b/sys-apps/sandbox/sandbox-1.6-r2.ebuild |
2320 |
new file mode 100644 |
2321 |
index 0000000..0ab72fc |
2322 |
--- /dev/null |
2323 |
+++ b/sys-apps/sandbox/sandbox-1.6-r2.ebuild |
2324 |
@@ -0,0 +1,104 @@ |
2325 |
+# Copyright 1999-2012 Gentoo Foundation |
2326 |
+# Distributed under the terms of the GNU General Public License v2 |
2327 |
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-1.6-r2.ebuild,v 1.17 2012/03/30 15:58:53 aballier Exp $ |
2328 |
+ |
2329 |
+# |
2330 |
+# don't monkey with this ebuild unless contacting portage devs. |
2331 |
+# period. |
2332 |
+# |
2333 |
+ |
2334 |
+inherit eutils flag-o-matic toolchain-funcs multilib unpacker |
2335 |
+ |
2336 |
+DESCRIPTION="sandbox'd LD_PRELOAD hack" |
2337 |
+HOMEPAGE="http://www.gentoo.org/" |
2338 |
+SRC_URI="mirror://gentoo/${P}.tar.lzma |
2339 |
+ http://dev.gentoo.org/~vapier/dist/${P}.tar.lzma" |
2340 |
+ |
2341 |
+LICENSE="GPL-2" |
2342 |
+SLOT="0" |
2343 |
+KEYWORDS="~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" |
2344 |
+IUSE="" |
2345 |
+ |
2346 |
+DEPEND="app-arch/xz-utils |
2347 |
+ >=app-misc/pax-utils-0.1.19" #265376 |
2348 |
+RDEPEND="" |
2349 |
+ |
2350 |
+EMULTILIB_PKG="true" |
2351 |
+has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" |
2352 |
+ |
2353 |
+sandbox_death_notice() { |
2354 |
+ ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" |
2355 |
+ ewarn "FEATURES=-sandbox emerge sandbox" |
2356 |
+} |
2357 |
+ |
2358 |
+src_unpack() { |
2359 |
+ unpacker_src_unpack |
2360 |
+ cd "${S}" |
2361 |
+ epatch "${FILESDIR}"/${P}-disable-qa-static.patch |
2362 |
+ epatch "${FILESDIR}"/${P}-disable-pthread.patch |
2363 |
+ epatch "${FILESDIR}"/0001-libsandbox-handle-more-at-functions.patch |
2364 |
+} |
2365 |
+ |
2366 |
+src_compile() { |
2367 |
+ filter-lfs-flags #90228 |
2368 |
+ |
2369 |
+ local OABI=${ABI} |
2370 |
+ for ABI in $(get_install_abis) ; do |
2371 |
+ mkdir "${WORKDIR}/build-${ABI}" |
2372 |
+ cd "${WORKDIR}/build-${ABI}" |
2373 |
+ |
2374 |
+ multilib_toolchain_setup ${ABI} |
2375 |
+ |
2376 |
+ einfo "Configuring sandbox for ABI=${ABI}..." |
2377 |
+ ECONF_SOURCE="../${P}/" \ |
2378 |
+ econf ${myconf} || die |
2379 |
+ einfo "Building sandbox for ABI=${ABI}..." |
2380 |
+ emake || die |
2381 |
+ done |
2382 |
+ ABI=${OABI} |
2383 |
+} |
2384 |
+ |
2385 |
+src_test() { |
2386 |
+ local OABI=${ABI} |
2387 |
+ for ABI in $(get_install_abis) ; do |
2388 |
+ cd "${WORKDIR}/build-${ABI}" |
2389 |
+ einfo "Checking sandbox for ABI=${ABI}..." |
2390 |
+ emake check || die "make check failed for ${ABI}" |
2391 |
+ done |
2392 |
+ ABI=${OABI} |
2393 |
+} |
2394 |
+ |
2395 |
+src_install() { |
2396 |
+ local OABI=${ABI} |
2397 |
+ for ABI in $(get_install_abis) ; do |
2398 |
+ cd "${WORKDIR}/build-${ABI}" |
2399 |
+ einfo "Installing sandbox for ABI=${ABI}..." |
2400 |
+ emake DESTDIR="${D}" install || die "make install failed for ${ABI}" |
2401 |
+ done |
2402 |
+ ABI=${OABI} |
2403 |
+ |
2404 |
+ doenvd "${FILESDIR}"/09sandbox |
2405 |
+ |
2406 |
+ keepdir /var/log/sandbox |
2407 |
+ use prefix || fowners root:portage /var/log/sandbox |
2408 |
+ fperms 0770 /var/log/sandbox |
2409 |
+ |
2410 |
+ cd "${S}" |
2411 |
+ dodoc AUTHORS ChangeLog* NEWS README |
2412 |
+} |
2413 |
+ |
2414 |
+pkg_preinst() { |
2415 |
+ use prefix || chown root:portage "${ED}"/var/log/sandbox |
2416 |
+ chmod 0770 "${ED}"/var/log/sandbox |
2417 |
+ |
2418 |
+ local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*') |
2419 |
+ if [[ -n ${old} ]] ; then |
2420 |
+ elog "Removing old sandbox libraries for you:" |
2421 |
+ elog ${old//${EROOT}} |
2422 |
+ find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \; |
2423 |
+ fi |
2424 |
+} |
2425 |
+ |
2426 |
+pkg_postinst() { |
2427 |
+ chmod 0755 "${EROOT}"/etc/sandbox.d #265376 |
2428 |
+} |
2429 |
|
2430 |
diff --git a/sys-apps/sandbox/sandbox-2.3-r1.ebuild b/sys-apps/sandbox/sandbox-2.3-r1.ebuild |
2431 |
new file mode 100755 |
2432 |
index 0000000..ede162c |
2433 |
--- /dev/null |
2434 |
+++ b/sys-apps/sandbox/sandbox-2.3-r1.ebuild |
2435 |
@@ -0,0 +1,103 @@ |
2436 |
+# Copyright 1999-2012 Gentoo Foundation |
2437 |
+# Distributed under the terms of the GNU General Public License v2 |
2438 |
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.3-r1.ebuild,v 1.10 2012/02/05 04:50:08 vapier Exp $ |
2439 |
+ |
2440 |
+# |
2441 |
+# don't monkey with this ebuild unless contacting portage devs. |
2442 |
+# period. |
2443 |
+# |
2444 |
+ |
2445 |
+inherit eutils flag-o-matic toolchain-funcs multilib unpacker |
2446 |
+ |
2447 |
+DESCRIPTION="sandbox'd LD_PRELOAD hack" |
2448 |
+HOMEPAGE="http://www.gentoo.org/" |
2449 |
+SRC_URI="mirror://gentoo/${P}.tar.xz |
2450 |
+ http://dev.gentoo.org/~vapier/dist/${P}.tar.xz" |
2451 |
+ |
2452 |
+LICENSE="GPL-2" |
2453 |
+SLOT="0" |
2454 |
+KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd" |
2455 |
+IUSE="multilib" |
2456 |
+ |
2457 |
+DEPEND="app-arch/xz-utils |
2458 |
+ >=app-misc/pax-utils-0.1.19" #265376 |
2459 |
+RDEPEND="" |
2460 |
+ |
2461 |
+EMULTILIB_PKG="true" |
2462 |
+has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" |
2463 |
+ |
2464 |
+sandbox_death_notice() { |
2465 |
+ ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" |
2466 |
+ ewarn "FEATURES=-sandbox emerge sandbox" |
2467 |
+} |
2468 |
+ |
2469 |
+sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; } |
2470 |
+ |
2471 |
+src_compile() { |
2472 |
+ filter-lfs-flags #90228 |
2473 |
+ |
2474 |
+ local OABI=${ABI} |
2475 |
+ for ABI in $(sb_get_install_abis) ; do |
2476 |
+ mkdir "${WORKDIR}/build-${ABI}" |
2477 |
+ cd "${WORKDIR}/build-${ABI}" |
2478 |
+ |
2479 |
+ use multilib && multilib_toolchain_setup ${ABI} |
2480 |
+ |
2481 |
+ einfo "Configuring sandbox for ABI=${ABI}..." |
2482 |
+ ECONF_SOURCE="../${P}/" \ |
2483 |
+ econf ${myconf} || die |
2484 |
+ einfo "Building sandbox for ABI=${ABI}..." |
2485 |
+ emake || die |
2486 |
+ done |
2487 |
+ ABI=${OABI} |
2488 |
+} |
2489 |
+ |
2490 |
+src_test() { |
2491 |
+ local OABI=${ABI} |
2492 |
+ for ABI in $(sb_get_install_abis) ; do |
2493 |
+ cd "${WORKDIR}/build-${ABI}" |
2494 |
+ einfo "Checking sandbox for ABI=${ABI}..." |
2495 |
+ emake check || die "make check failed for ${ABI}" |
2496 |
+ done |
2497 |
+ ABI=${OABI} |
2498 |
+} |
2499 |
+ |
2500 |
+src_install() { |
2501 |
+ local OABI=${ABI} |
2502 |
+ for ABI in $(sb_get_install_abis) ; do |
2503 |
+ cd "${WORKDIR}/build-${ABI}" |
2504 |
+ einfo "Installing sandbox for ABI=${ABI}..." |
2505 |
+ emake DESTDIR="${D}" install || die "make install failed for ${ABI}" |
2506 |
+ insinto /etc/sandbox.d #333131 |
2507 |
+ doins etc/sandbox.d/00default || die |
2508 |
+ done |
2509 |
+ ABI=${OABI} |
2510 |
+ |
2511 |
+ doenvd "${FILESDIR}"/09sandbox |
2512 |
+ |
2513 |
+ # fix 00default install #333131 |
2514 |
+ rm "${D}"/etc/sandbox.d/*.in || die |
2515 |
+ |
2516 |
+ keepdir /var/log/sandbox |
2517 |
+ fowners root:portage /var/log/sandbox |
2518 |
+ fperms 0770 /var/log/sandbox |
2519 |
+ |
2520 |
+ cd "${S}" |
2521 |
+ dodoc AUTHORS ChangeLog* NEWS README |
2522 |
+} |
2523 |
+ |
2524 |
+pkg_preinst() { |
2525 |
+ chown root:portage "${D}"/var/log/sandbox |
2526 |
+ chmod 0770 "${D}"/var/log/sandbox |
2527 |
+ |
2528 |
+ local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*') |
2529 |
+ if [[ -n ${old} ]] ; then |
2530 |
+ elog "Removing old sandbox libraries for you:" |
2531 |
+ elog ${old//${ROOT}} |
2532 |
+ find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \; |
2533 |
+ fi |
2534 |
+} |
2535 |
+ |
2536 |
+pkg_postinst() { |
2537 |
+ chmod 0755 "${ROOT}"/etc/sandbox.d #265376 |
2538 |
+} |
2539 |
|
2540 |
diff --git a/sys-apps/sandbox/sandbox-2.4.ebuild b/sys-apps/sandbox/sandbox-2.4.ebuild |
2541 |
new file mode 100755 |
2542 |
index 0000000..b008ab3 |
2543 |
--- /dev/null |
2544 |
+++ b/sys-apps/sandbox/sandbox-2.4.ebuild |
2545 |
@@ -0,0 +1,100 @@ |
2546 |
+# Copyright 1999-2012 Gentoo Foundation |
2547 |
+# Distributed under the terms of the GNU General Public License v2 |
2548 |
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.4.ebuild,v 1.11 2012/02/05 04:50:08 vapier Exp $ |
2549 |
+ |
2550 |
+# |
2551 |
+# don't monkey with this ebuild unless contacting portage devs. |
2552 |
+# period. |
2553 |
+# |
2554 |
+ |
2555 |
+inherit eutils flag-o-matic toolchain-funcs multilib unpacker |
2556 |
+ |
2557 |
+DESCRIPTION="sandbox'd LD_PRELOAD hack" |
2558 |
+HOMEPAGE="http://www.gentoo.org/" |
2559 |
+SRC_URI="mirror://gentoo/${P}.tar.xz |
2560 |
+ http://dev.gentoo.org/~vapier/dist/${P}.tar.xz" |
2561 |
+ |
2562 |
+LICENSE="GPL-2" |
2563 |
+SLOT="0" |
2564 |
+KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd" |
2565 |
+IUSE="multilib" |
2566 |
+ |
2567 |
+DEPEND="app-arch/xz-utils |
2568 |
+ >=app-misc/pax-utils-0.1.19" #265376 |
2569 |
+RDEPEND="" |
2570 |
+ |
2571 |
+EMULTILIB_PKG="true" |
2572 |
+has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" |
2573 |
+ |
2574 |
+sandbox_death_notice() { |
2575 |
+ ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" |
2576 |
+ ewarn "FEATURES=-sandbox emerge sandbox" |
2577 |
+} |
2578 |
+ |
2579 |
+sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; } |
2580 |
+ |
2581 |
+src_compile() { |
2582 |
+ filter-lfs-flags #90228 |
2583 |
+ |
2584 |
+ local OABI=${ABI} |
2585 |
+ for ABI in $(sb_get_install_abis) ; do |
2586 |
+ mkdir "${WORKDIR}/build-${ABI}" |
2587 |
+ cd "${WORKDIR}/build-${ABI}" |
2588 |
+ |
2589 |
+ use multilib && multilib_toolchain_setup ${ABI} |
2590 |
+ |
2591 |
+ einfo "Configuring sandbox for ABI=${ABI}..." |
2592 |
+ ECONF_SOURCE="../${P}/" \ |
2593 |
+ econf ${myconf} || die |
2594 |
+ einfo "Building sandbox for ABI=${ABI}..." |
2595 |
+ emake || die |
2596 |
+ done |
2597 |
+ ABI=${OABI} |
2598 |
+} |
2599 |
+ |
2600 |
+src_test() { |
2601 |
+ local OABI=${ABI} |
2602 |
+ for ABI in $(sb_get_install_abis) ; do |
2603 |
+ cd "${WORKDIR}/build-${ABI}" |
2604 |
+ einfo "Checking sandbox for ABI=${ABI}..." |
2605 |
+ emake check || die "make check failed for ${ABI}" |
2606 |
+ done |
2607 |
+ ABI=${OABI} |
2608 |
+} |
2609 |
+ |
2610 |
+src_install() { |
2611 |
+ local OABI=${ABI} |
2612 |
+ for ABI in $(sb_get_install_abis) ; do |
2613 |
+ cd "${WORKDIR}/build-${ABI}" |
2614 |
+ einfo "Installing sandbox for ABI=${ABI}..." |
2615 |
+ emake DESTDIR="${D}" install || die "make install failed for ${ABI}" |
2616 |
+ insinto /etc/sandbox.d #333131 |
2617 |
+ doins etc/sandbox.d/00default || die |
2618 |
+ done |
2619 |
+ ABI=${OABI} |
2620 |
+ |
2621 |
+ doenvd "${FILESDIR}"/09sandbox |
2622 |
+ |
2623 |
+ keepdir /var/log/sandbox |
2624 |
+ fowners root:portage /var/log/sandbox |
2625 |
+ fperms 0770 /var/log/sandbox |
2626 |
+ |
2627 |
+ cd "${S}" |
2628 |
+ dodoc AUTHORS ChangeLog* NEWS README |
2629 |
+} |
2630 |
+ |
2631 |
+pkg_preinst() { |
2632 |
+ chown root:portage "${D}"/var/log/sandbox |
2633 |
+ chmod 0770 "${D}"/var/log/sandbox |
2634 |
+ |
2635 |
+ local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*') |
2636 |
+ if [[ -n ${old} ]] ; then |
2637 |
+ elog "Removing old sandbox libraries for you:" |
2638 |
+ elog ${old//${ROOT}} |
2639 |
+ find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \; |
2640 |
+ fi |
2641 |
+} |
2642 |
+ |
2643 |
+pkg_postinst() { |
2644 |
+ chmod 0755 "${ROOT}"/etc/sandbox.d #265376 |
2645 |
+} |
2646 |
|
2647 |
diff --git a/sys-apps/sandbox/sandbox-2.5.ebuild b/sys-apps/sandbox/sandbox-2.5.ebuild |
2648 |
new file mode 100644 |
2649 |
index 0000000..cad9a5d |
2650 |
--- /dev/null |
2651 |
+++ b/sys-apps/sandbox/sandbox-2.5.ebuild |
2652 |
@@ -0,0 +1,126 @@ |
2653 |
+# Copyright 1999-2012 Gentoo Foundation |
2654 |
+# Distributed under the terms of the GNU General Public License v2 |
2655 |
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.5.ebuild,v 1.10 2012/06/24 05:35:02 vapier Exp $ |
2656 |
+ |
2657 |
+# |
2658 |
+# don't monkey with this ebuild unless contacting portage devs. |
2659 |
+# period. |
2660 |
+# |
2661 |
+ |
2662 |
+inherit eutils flag-o-matic toolchain-funcs multilib unpacker multiprocessing prefix |
2663 |
+ |
2664 |
+DESCRIPTION="sandbox'd LD_PRELOAD hack" |
2665 |
+HOMEPAGE="http://www.gentoo.org/" |
2666 |
+SRC_URI="mirror://gentoo/${P}.tar.xz |
2667 |
+ http://dev.gentoo.org/~vapier/dist/${P}.tar.xz" |
2668 |
+ |
2669 |
+LICENSE="GPL-2" |
2670 |
+SLOT="0" |
2671 |
+KEYWORDS="~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" |
2672 |
+IUSE="multilib" |
2673 |
+ |
2674 |
+DEPEND="app-arch/xz-utils |
2675 |
+ >=app-misc/pax-utils-0.1.19" #265376 |
2676 |
+RDEPEND="" |
2677 |
+ |
2678 |
+EMULTILIB_PKG="true" |
2679 |
+has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" |
2680 |
+ |
2681 |
+sandbox_death_notice() { |
2682 |
+ ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" |
2683 |
+ ewarn "FEATURES=-sandbox emerge sandbox" |
2684 |
+} |
2685 |
+ |
2686 |
+sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; } |
2687 |
+ |
2688 |
+src_unpack() { |
2689 |
+ unpacker_src_unpack |
2690 |
+ cd "${S}" |
2691 |
+ epatch "${FILESDIR}"/${PN}-2.2-prefix.patch |
2692 |
+} |
2693 |
+ |
2694 |
+sb_foreach_abi() { |
2695 |
+ # enable usage of absolute libpath in prefix |
2696 |
+ use prefix && append-flags -DGENTOO_PREFIX |
2697 |
+ |
2698 |
+ local OABI=${ABI} |
2699 |
+ for ABI in $(sb_get_install_abis) ; do |
2700 |
+ cd "${WORKDIR}/build-${ABI}" |
2701 |
+ einfo "Running $1 for ABI=${ABI}..." |
2702 |
+ "$@" |
2703 |
+ done |
2704 |
+ ABI=${OABI} |
2705 |
+} |
2706 |
+ |
2707 |
+sb_configure() { |
2708 |
+ mkdir "${WORKDIR}/build-${ABI}" |
2709 |
+ cd "${WORKDIR}/build-${ABI}" |
2710 |
+ |
2711 |
+ use multilib && multilib_toolchain_setup ${ABI} |
2712 |
+ |
2713 |
+ einfo "Configuring sandbox for ABI=${ABI}..." |
2714 |
+ ECONF_SOURCE="../${P}/" \ |
2715 |
+ econf ${myconf} || die |
2716 |
+} |
2717 |
+ |
2718 |
+sb_compile() { |
2719 |
+ emake || die |
2720 |
+} |
2721 |
+ |
2722 |
+src_compile() { |
2723 |
+ filter-lfs-flags #90228 |
2724 |
+ |
2725 |
+ # Run configures in parallel! |
2726 |
+ multijob_init |
2727 |
+ local OABI=${ABI} |
2728 |
+ for ABI in $(sb_get_install_abis) ; do |
2729 |
+ multijob_child_init sb_configure |
2730 |
+ done |
2731 |
+ ABI=${OABI} |
2732 |
+ multijob_finish |
2733 |
+ |
2734 |
+ sb_foreach_abi sb_compile |
2735 |
+} |
2736 |
+ |
2737 |
+sb_test() { |
2738 |
+ emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" || die |
2739 |
+} |
2740 |
+ |
2741 |
+src_test() { |
2742 |
+ sb_foreach_abi sb_test |
2743 |
+} |
2744 |
+ |
2745 |
+sb_install() { |
2746 |
+ emake DESTDIR="${D}" install || die |
2747 |
+ insinto /etc/sandbox.d #333131 |
2748 |
+ doins etc/sandbox.d/00default || die |
2749 |
+} |
2750 |
+ |
2751 |
+src_install() { |
2752 |
+ sb_foreach_abi sb_install |
2753 |
+ |
2754 |
+ doenvd "${FILESDIR}"/09sandbox |
2755 |
+ |
2756 |
+ keepdir /var/log/sandbox |
2757 |
+ use prefix || fowners root:portage /var/log/sandbox |
2758 |
+ fperms 0770 /var/log/sandbox |
2759 |
+ |
2760 |
+ cd "${S}" |
2761 |
+ dodoc AUTHORS ChangeLog* NEWS README |
2762 |
+} |
2763 |
+ |
2764 |
+pkg_preinst() { |
2765 |
+ use prefix || chown root:portage "${ED}"/var/log/sandbox |
2766 |
+ chmod 0770 "${ED}"/var/log/sandbox |
2767 |
+ |
2768 |
+ local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*') |
2769 |
+ if [[ -n ${old} ]] ; then |
2770 |
+ elog "Removing old sandbox libraries for you:" |
2771 |
+ elog ${old//${EROOT}} |
2772 |
+ find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \; |
2773 |
+ fi |
2774 |
+} |
2775 |
+ |
2776 |
+pkg_postinst() { |
2777 |
+ chmod 0755 "${EROOT}"/etc/sandbox.d #265376 |
2778 |
+} |
2779 |
|
2780 |
diff --git a/sys-apps/sandbox/sandbox-2.6-r1.ebuild b/sys-apps/sandbox/sandbox-2.6-r1.ebuild |
2781 |
new file mode 100755 |
2782 |
index 0000000..b61254b |
2783 |
--- /dev/null |
2784 |
+++ b/sys-apps/sandbox/sandbox-2.6-r1.ebuild |
2785 |
@@ -0,0 +1,132 @@ |
2786 |
+# Copyright 1999-2013 Gentoo Foundation |
2787 |
+# Distributed under the terms of the GNU General Public License v2 |
2788 |
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.6-r1.ebuild,v 1.13 2013/09/05 09:54:16 vapier Exp $ |
2789 |
+ |
2790 |
+EAPI=5 |
2791 |
+# |
2792 |
+# don't monkey with this ebuild unless contacting portage devs. |
2793 |
+# period. |
2794 |
+# |
2795 |
+ |
2796 |
+inherit eutils flag-o-matic toolchain-funcs multilib unpacker multiprocessing prefix |
2797 |
+ |
2798 |
+DESCRIPTION="sandbox'd LD_PRELOAD hack" |
2799 |
+HOMEPAGE="http://www.gentoo.org/" |
2800 |
+SRC_URI="mirror://gentoo/${P}.tar.xz |
2801 |
+ http://dev.gentoo.org/~vapier/dist/${P}.tar.xz" |
2802 |
+ |
2803 |
+LICENSE="GPL-2" |
2804 |
+SLOT="0" |
2805 |
+KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd" |
2806 |
+IUSE="multilib" |
2807 |
+ |
2808 |
+DEPEND="app-arch/xz-utils |
2809 |
+ >=app-misc/pax-utils-0.1.19" #265376 |
2810 |
+RDEPEND="" |
2811 |
+ |
2812 |
+EMULTILIB_PKG="true" |
2813 |
+has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" |
2814 |
+ |
2815 |
+sandbox_death_notice() { |
2816 |
+ ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" |
2817 |
+ ewarn "FEATURES=-sandbox emerge sandbox" |
2818 |
+} |
2819 |
+ |
2820 |
+sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; } |
2821 |
+ |
2822 |
+sb_foreach_abi() { |
2823 |
+ local OABI=${ABI} |
2824 |
+ for ABI in $(sb_get_install_abis) ; do |
2825 |
+ cd "${WORKDIR}/build-${ABI}" |
2826 |
+ einfo "Running $1 for ABI=${ABI}..." |
2827 |
+ "$@" |
2828 |
+ done |
2829 |
+ ABI=${OABI} |
2830 |
+} |
2831 |
+ |
2832 |
+src_prepare() { |
2833 |
+ epatch "${FILESDIR}"/${P}-trace-hppa.patch #425062 |
2834 |
+ epatch "${FILESDIR}"/${P}-log-var.patch |
2835 |
+ epatch "${FILESDIR}"/${P}-static-close-fd.patch #364877 |
2836 |
+ epatch "${FILESDIR}"/${P}-desktop.patch #443672 |
2837 |
+ epatch "${FILESDIR}"/${P}-open-nofollow.patch #413441 |
2838 |
+ epatch "${FILESDIR}"/${P}-check-empty-paths-at.patch #346929 |
2839 |
+ epatch "${FILESDIR}"/${P}-prefix.patch |
2840 |
+ eprefixify data/sandbox.bashrc src/sandbox.c libsbutil/sbutil.h |
2841 |
+ epatch_user |
2842 |
+} |
2843 |
+ |
2844 |
+sb_configure() { |
2845 |
+ mkdir "${WORKDIR}/build-${ABI}" |
2846 |
+ cd "${WORKDIR}/build-${ABI}" |
2847 |
+ |
2848 |
+ use multilib && multilib_toolchain_setup ${ABI} |
2849 |
+ |
2850 |
+ einfo "Configuring sandbox for ABI=${ABI}..." |
2851 |
+ ECONF_SOURCE="../${P}/" \ |
2852 |
+ econf ${myconf} |
2853 |
+} |
2854 |
+ |
2855 |
+src_configure() { |
2856 |
+ filter-lfs-flags #90228 |
2857 |
+ |
2858 |
+ # Run configures in parallel! |
2859 |
+ multijob_init |
2860 |
+ local OABI=${ABI} |
2861 |
+ for ABI in $(sb_get_install_abis) ; do |
2862 |
+ multijob_child_init sb_configure |
2863 |
+ done |
2864 |
+ ABI=${OABI} |
2865 |
+ multijob_finish |
2866 |
+} |
2867 |
+ |
2868 |
+sb_compile() { |
2869 |
+ emake |
2870 |
+} |
2871 |
+ |
2872 |
+src_compile() { |
2873 |
+ sb_foreach_abi sb_compile |
2874 |
+} |
2875 |
+ |
2876 |
+sb_test() { |
2877 |
+ emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" |
2878 |
+} |
2879 |
+ |
2880 |
+src_test() { |
2881 |
+ sb_foreach_abi sb_test |
2882 |
+} |
2883 |
+ |
2884 |
+sb_install() { |
2885 |
+ emake DESTDIR="${D}" install |
2886 |
+ insinto /etc/sandbox.d #333131 |
2887 |
+ doins etc/sandbox.d/00default |
2888 |
+} |
2889 |
+ |
2890 |
+src_install() { |
2891 |
+ sb_foreach_abi sb_install |
2892 |
+ |
2893 |
+ doenvd "${FILESDIR}"/09sandbox |
2894 |
+ |
2895 |
+ keepdir /var/log/sandbox |
2896 |
+ fowners root:portage /var/log/sandbox |
2897 |
+ fperms 0770 /var/log/sandbox |
2898 |
+ |
2899 |
+ cd "${S}" |
2900 |
+ dodoc AUTHORS ChangeLog* NEWS README |
2901 |
+} |
2902 |
+ |
2903 |
+pkg_preinst() { |
2904 |
+ fowners root:portage /var/log/sandbox |
2905 |
+ fperms 0770 /var/log/sandbox |
2906 |
+ |
2907 |
+ local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*') |
2908 |
+ if [[ -n ${old} ]] ; then |
2909 |
+ elog "Removing old sandbox libraries for you:" |
2910 |
+ elog ${old//${ROOT}} |
2911 |
+ find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \; |
2912 |
+ fi |
2913 |
+} |
2914 |
+ |
2915 |
+pkg_postinst() { |
2916 |
+ chmod 0755 "${EROOT}"/etc/sandbox.d #265376 |
2917 |
+} |
2918 |
|
2919 |
diff --git a/sys-apps/sandbox/sandbox-2.6.ebuild b/sys-apps/sandbox/sandbox-2.6.ebuild |
2920 |
new file mode 100644 |
2921 |
index 0000000..7fa9050 |
2922 |
--- /dev/null |
2923 |
+++ b/sys-apps/sandbox/sandbox-2.6.ebuild |
2924 |
@@ -0,0 +1,132 @@ |
2925 |
+# Copyright 1999-2012 Gentoo Foundation |
2926 |
+# Distributed under the terms of the GNU General Public License v2 |
2927 |
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.6.ebuild,v 1.2 2012/07/06 19:53:10 vapier Exp $ |
2928 |
+ |
2929 |
+# |
2930 |
+# don't monkey with this ebuild unless contacting portage devs. |
2931 |
+# period. |
2932 |
+# |
2933 |
+ |
2934 |
+inherit eutils flag-o-matic toolchain-funcs multilib unpacker multiprocessing prefix |
2935 |
+ |
2936 |
+DESCRIPTION="sandbox'd LD_PRELOAD hack" |
2937 |
+HOMEPAGE="http://www.gentoo.org/" |
2938 |
+SRC_URI="mirror://gentoo/${P}.tar.xz |
2939 |
+ http://dev.gentoo.org/~vapier/dist/${P}.tar.xz" |
2940 |
+ |
2941 |
+LICENSE="GPL-2" |
2942 |
+SLOT="0" |
2943 |
+KEYWORDS="~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" |
2944 |
+IUSE="multilib" |
2945 |
+ |
2946 |
+DEPEND="app-arch/xz-utils |
2947 |
+ >=app-misc/pax-utils-0.1.19" #265376 |
2948 |
+RDEPEND="" |
2949 |
+ |
2950 |
+EMULTILIB_PKG="true" |
2951 |
+has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" |
2952 |
+ |
2953 |
+sandbox_death_notice() { |
2954 |
+ ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" |
2955 |
+ ewarn "FEATURES=-sandbox emerge sandbox" |
2956 |
+} |
2957 |
+ |
2958 |
+sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; } |
2959 |
+ |
2960 |
+src_unpack() { |
2961 |
+ unpacker_src_unpack |
2962 |
+ cd "${S}" |
2963 |
+ epatch "${FILESDIR}"/${PN}-2.2-prefix.patch |
2964 |
+} |
2965 |
+ |
2966 |
+sb_foreach_abi() { |
2967 |
+ # enable usage of absolute libpath in prefix |
2968 |
+ use prefix && append-flags -DGENTOO_PREFIX |
2969 |
+ |
2970 |
+ local OABI=${ABI} |
2971 |
+ for ABI in $(sb_get_install_abis) ; do |
2972 |
+ cd "${WORKDIR}/build-${ABI}" |
2973 |
+ einfo "Running $1 for ABI=${ABI}..." |
2974 |
+ "$@" |
2975 |
+ done |
2976 |
+ ABI=${OABI} |
2977 |
+} |
2978 |
+ |
2979 |
+src_unpack() { |
2980 |
+ unpacker |
2981 |
+ cd "${S}" |
2982 |
+ epatch "${FILESDIR}"/${P}-trace-hppa.patch #425062 |
2983 |
+} |
2984 |
+ |
2985 |
+sb_configure() { |
2986 |
+ mkdir "${WORKDIR}/build-${ABI}" |
2987 |
+ cd "${WORKDIR}/build-${ABI}" |
2988 |
+ |
2989 |
+ use multilib && multilib_toolchain_setup ${ABI} |
2990 |
+ |
2991 |
+ einfo "Configuring sandbox for ABI=${ABI}..." |
2992 |
+ ECONF_SOURCE="../${P}/" \ |
2993 |
+ econf ${myconf} || die |
2994 |
+} |
2995 |
+ |
2996 |
+sb_compile() { |
2997 |
+ emake || die |
2998 |
+} |
2999 |
+ |
3000 |
+src_compile() { |
3001 |
+ filter-lfs-flags #90228 |
3002 |
+ |
3003 |
+ # Run configures in parallel! |
3004 |
+ multijob_init |
3005 |
+ local OABI=${ABI} |
3006 |
+ for ABI in $(sb_get_install_abis) ; do |
3007 |
+ multijob_child_init sb_configure |
3008 |
+ done |
3009 |
+ ABI=${OABI} |
3010 |
+ multijob_finish |
3011 |
+ |
3012 |
+ sb_foreach_abi sb_compile |
3013 |
+} |
3014 |
+ |
3015 |
+sb_test() { |
3016 |
+ emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" || die |
3017 |
+} |
3018 |
+ |
3019 |
+src_test() { |
3020 |
+ sb_foreach_abi sb_test |
3021 |
+} |
3022 |
+ |
3023 |
+sb_install() { |
3024 |
+ emake DESTDIR="${D}" install || die |
3025 |
+ insinto /etc/sandbox.d #333131 |
3026 |
+ doins etc/sandbox.d/00default || die |
3027 |
+} |
3028 |
+ |
3029 |
+src_install() { |
3030 |
+ sb_foreach_abi sb_install |
3031 |
+ |
3032 |
+ doenvd "${FILESDIR}"/09sandbox |
3033 |
+ |
3034 |
+ keepdir /var/log/sandbox |
3035 |
+ use prefix || fowners root:portage /var/log/sandbox |
3036 |
+ fperms 0770 /var/log/sandbox |
3037 |
+ |
3038 |
+ cd "${S}" |
3039 |
+ dodoc AUTHORS ChangeLog* NEWS README |
3040 |
+} |
3041 |
+ |
3042 |
+pkg_preinst() { |
3043 |
+ use prefix || chown root:portage "${ED}"/var/log/sandbox |
3044 |
+ chmod 0770 "${ED}"/var/log/sandbox |
3045 |
+ |
3046 |
+ local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*') |
3047 |
+ if [[ -n ${old} ]] ; then |
3048 |
+ elog "Removing old sandbox libraries for you:" |
3049 |
+ elog ${old//${EROOT}} |
3050 |
+ find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \; |
3051 |
+ fi |
3052 |
+} |
3053 |
+ |
3054 |
+pkg_postinst() { |
3055 |
+ chmod 0755 "${EROOT}"/etc/sandbox.d #265376 |
3056 |
+} |