1 |
commit: 10a9d09e7c28f9a838a2bf4ad27a6e657aee7e86 |
2 |
Author: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Mar 31 21:24:54 2021 +0000 |
4 |
Commit: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Mar 31 22:17:40 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10a9d09e |
7 |
|
8 |
app-misc/mc: backport file seccomp failure |
9 |
|
10 |
Reported-by: Anton Bolshakov |
11 |
Closes: https://bugs.gentoo.org/776988 |
12 |
Package-Manager: Portage-3.0.18, Repoman-3.0.3 |
13 |
Signed-off-by: Sergei Trofimovich <slyfox <AT> gentoo.org> |
14 |
|
15 |
app-misc/mc/files/mc-4.8.26-file-seccomp.patch | 142 +++++++++++++++++++++++++ |
16 |
app-misc/mc/mc-4.8.26-r2.ebuild | 118 ++++++++++++++++++++ |
17 |
2 files changed, 260 insertions(+) |
18 |
|
19 |
diff --git a/app-misc/mc/files/mc-4.8.26-file-seccomp.patch b/app-misc/mc/files/mc-4.8.26-file-seccomp.patch |
20 |
new file mode 100644 |
21 |
index 00000000000..0a36f47f3a4 |
22 |
--- /dev/null |
23 |
+++ b/app-misc/mc/files/mc-4.8.26-file-seccomp.patch |
24 |
@@ -0,0 +1,142 @@ |
25 |
+https://bugs.gentoo.org/776988 |
26 |
+https://github.com/MidnightCommander/mc/commit/1ed638d66cf803f69ac12ee80a72d217f2146e43 |
27 |
+ |
28 |
+From 1ed638d66cf803f69ac12ee80a72d217f2146e43 Mon Sep 17 00:00:00 2001 |
29 |
+From: Andrew Borodin <aborodin@×××××.ru> |
30 |
+Date: Tue, 16 Feb 2021 16:29:51 +0300 |
31 |
+Subject: [PATCH] Ticket #4180: fix zip handling. |
32 |
+ |
33 |
+After 8857423e4ebb770b6f0ea3103abf5d35c85fcbe8 zip archives opened with |
34 |
+an error: |
35 |
+ |
36 |
+ file -L -z archive.zip: Bad system call |
37 |
+ |
38 |
+This caused by using /usr/bin/file with -z option, because seccomp (a |
39 |
+security sandbox) doesn't allow it.. |
40 |
+ |
41 |
+Solution: use -S option together with -z one. |
42 |
+ |
43 |
+The file command accepts the -S option since 5.33. |
44 |
+ |
45 |
+Signed-off-by: Andrew Borodin <aborodin@×××××.ru> |
46 |
+--- |
47 |
+ configure.ac | 66 +++++++++++++++++++++++++++++++++++-------- |
48 |
+ src/filemanager/ext.c | 7 +++-- |
49 |
+ src/setup.c | 2 ++ |
50 |
+ 3 files changed, 60 insertions(+), 15 deletions(-) |
51 |
+ |
52 |
+diff --git a/configure.ac b/configure.ac |
53 |
+index 5f372dc3f5..f2351c99ad 100644 |
54 |
+--- a/configure.ac |
55 |
++++ b/configure.ac |
56 |
+@@ -115,23 +115,65 @@ fi |
57 |
+ AC_SUBST(MANDOC) |
58 |
+ AC_SUBST(MAN_FLAGS) |
59 |
+ |
60 |
+-dnl Check for -L option to file |
61 |
++dnl Check for -z, -L, and -S options to file |
62 |
+ AC_CHECK_PROG(HAVE_FILECMD, file, true, false) |
63 |
+ if $HAVE_FILECMD; then |
64 |
+- AC_MSG_CHECKING([for -L option to file command]) |
65 |
+- AC_CACHE_VAL(mc_cv_filel, [ |
66 |
+- file -L . > /dev/null 2>&1 |
67 |
+- if test $? = 0; then |
68 |
+- mc_cv_filel=yes |
69 |
++ dnl Don't use the file command if it doesn't accept the -z option |
70 |
++ AC_MSG_CHECKING([for -z option to file command]) |
71 |
++ AC_CACHE_VAL(mc_cv_file_z, [ |
72 |
++ file -z . > /dev/null 2>&1 |
73 |
++ if test $? = 0; then |
74 |
++ mc_cv_file_z=yes |
75 |
++ else |
76 |
++ mc_cv_file_z=no |
77 |
++ fi |
78 |
++ ]) |
79 |
++ AC_MSG_RESULT([$mc_cv_file_z]) |
80 |
++ |
81 |
++ if test x$mc_cv_file_z = xyes; then |
82 |
++ AC_DEFINE(USE_FILE_CMD, 1, [Define if the file command accepts the -z option]) |
83 |
+ else |
84 |
+- mc_cv_filel=no |
85 |
++ AC_MSG_WARN([The file command doesn't accept the -z option and will not be used]) |
86 |
+ fi |
87 |
+- ]) |
88 |
+- if test x$mc_cv_filel = xyes; then |
89 |
+- AC_DEFINE(FILE_L, 1, [Define if the file command accepts the -L option]) |
90 |
++ |
91 |
++ if test x$mc_cv_file_z = xyes; then |
92 |
++ dnl file is used; check -L and -S options |
93 |
++ |
94 |
++ AC_MSG_CHECKING([for -L option to file command]) |
95 |
++ AC_CACHE_VAL(mc_cv_file_L, [ |
96 |
++ file -L . > /dev/null 2>&1 |
97 |
++ if test $? = 0; then |
98 |
++ mc_cv_file_L=yes |
99 |
++ else |
100 |
++ mc_cv_file_L=no |
101 |
++ fi |
102 |
++ ]) |
103 |
++ AC_MSG_RESULT([$mc_cv_file_L]) |
104 |
++ |
105 |
++ if test x$mc_cv_file_L = xyes; then |
106 |
++ AC_DEFINE(FILE_L, "-L ", [Define if the file command accepts the -L option]) |
107 |
++ else |
108 |
++ AC_DEFINE(FILE_L, "", [Define if the file command accepts the -L option]) |
109 |
++ fi |
110 |
++ |
111 |
++ dnl The file command accepts the -S option since 5.33 |
112 |
++ AC_MSG_CHECKING([for -S option to file command]) |
113 |
++ AC_CACHE_VAL(mc_cv_file_S, [ |
114 |
++ file -S . > /dev/null 2>&1 |
115 |
++ if test $? = 0; then |
116 |
++ mc_cv_file_S=yes |
117 |
++ else |
118 |
++ mc_cv_file_S=no |
119 |
++ fi |
120 |
++ ]) |
121 |
++ AC_MSG_RESULT([$mc_cv_file_S]) |
122 |
++ |
123 |
++ if test x$mc_cv_file_S = xyes; then |
124 |
++ AC_DEFINE(FILE_S, "-S ", [Define if file command accepts the -S option]) |
125 |
++ else |
126 |
++ AC_DEFINE(FILE_S, "", [Define if file command accepts the -S option]) |
127 |
++ fi |
128 |
+ fi |
129 |
+- filel=$mc_cv_filel |
130 |
+- AC_MSG_RESULT([$filel]) |
131 |
+ fi |
132 |
+ |
133 |
+ dnl Only list browsers here that can be run in background (i.e. with `&') |
134 |
+diff --git a/src/filemanager/ext.c b/src/filemanager/ext.c |
135 |
+index 4e6f10c6c5..d6a09df7bb 100644 |
136 |
+--- a/src/filemanager/ext.c |
137 |
++++ b/src/filemanager/ext.c |
138 |
+@@ -71,10 +71,11 @@ |
139 |
+ |
140 |
+ /*** file scope macro definitions ****************************************************************/ |
141 |
+ |
142 |
+-#ifdef FILE_L |
143 |
+-#define FILE_CMD "file -L -z " |
144 |
++#ifdef USE_FILE_CMD |
145 |
++#define FILE_CMD "file -z " FILE_S FILE_L |
146 |
+ #else |
147 |
+-#define FILE_CMD "file -z " |
148 |
++/* actually file is unused, but define some reasonable command */ |
149 |
++#define FILE_CMD "file " |
150 |
+ #endif |
151 |
+ |
152 |
+ /*** file scope type declarations ****************************************************************/ |
153 |
+diff --git a/src/setup.c b/src/setup.c |
154 |
+index 77c07649d5..2ef07f2569 100644 |
155 |
+--- a/src/setup.c |
156 |
++++ b/src/setup.c |
157 |
+@@ -317,7 +317,9 @@ static const struct |
158 |
+ { "old_esc_mode", &old_esc_mode }, |
159 |
+ { "cd_symlinks", &mc_global.vfs.cd_symlinks }, |
160 |
+ { "show_all_if_ambiguous", &mc_global.widget.show_all_if_ambiguous }, |
161 |
++#ifdef USE_FILE_CMD |
162 |
+ { "use_file_to_guess_type", &use_file_to_check_type }, |
163 |
++#endif |
164 |
+ { "alternate_plus_minus", &mc_global.tty.alternate_plus_minus }, |
165 |
+ { "only_leading_plus_minus", &only_leading_plus_minus }, |
166 |
+ { "show_output_starts_shell", &output_starts_shell }, |
167 |
|
168 |
diff --git a/app-misc/mc/mc-4.8.26-r2.ebuild b/app-misc/mc/mc-4.8.26-r2.ebuild |
169 |
new file mode 100644 |
170 |
index 00000000000..9bd2fbe7d5e |
171 |
--- /dev/null |
172 |
+++ b/app-misc/mc/mc-4.8.26-r2.ebuild |
173 |
@@ -0,0 +1,118 @@ |
174 |
+# Copyright 1999-2021 Gentoo Authors |
175 |
+# Distributed under the terms of the GNU General Public License v2 |
176 |
+ |
177 |
+EAPI=7 |
178 |
+ |
179 |
+inherit autotools flag-o-matic |
180 |
+ |
181 |
+MY_P=${P/_/-} |
182 |
+ |
183 |
+DESCRIPTION="GNU Midnight Commander is a text based file manager" |
184 |
+HOMEPAGE="https://www.midnight-commander.org" |
185 |
+SRC_URI="http://ftp.midnight-commander.org/${MY_P}.tar.xz" |
186 |
+ |
187 |
+LICENSE="GPL-3" |
188 |
+SLOT="0" |
189 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x86-solaris" |
190 |
+IUSE="+edit gpm nls samba sftp +slang spell test unicode X +xdg" |
191 |
+ |
192 |
+REQUIRED_USE="spell? ( edit )" |
193 |
+ |
194 |
+RDEPEND=">=dev-libs/glib-2.26.0:2 |
195 |
+ gpm? ( sys-libs/gpm ) |
196 |
+ kernel_linux? ( sys-fs/e2fsprogs ) |
197 |
+ samba? ( net-fs/samba ) |
198 |
+ sftp? ( net-libs/libssh2 ) |
199 |
+ slang? ( >=sys-libs/slang-2 ) |
200 |
+ !slang? ( sys-libs/ncurses:0=[unicode?] ) |
201 |
+ spell? ( app-text/aspell ) |
202 |
+ X? ( x11-libs/libX11 |
203 |
+ x11-libs/libICE |
204 |
+ x11-libs/libXau |
205 |
+ x11-libs/libXdmcp |
206 |
+ x11-libs/libSM )" |
207 |
+DEPEND="${RDEPEND} |
208 |
+ app-arch/xz-utils |
209 |
+ virtual/pkgconfig |
210 |
+ nls? ( sys-devel/gettext ) |
211 |
+ test? ( dev-libs/check ) |
212 |
+ " |
213 |
+ |
214 |
+PATCHES=( |
215 |
+ "${FILESDIR}"/${P}-shadow-crash.patch |
216 |
+ "${FILESDIR}"/${P}-file-seccomp.patch |
217 |
+) |
218 |
+ |
219 |
+RESTRICT="!test? ( test )" |
220 |
+ |
221 |
+S="${WORKDIR}/${MY_P}" |
222 |
+ |
223 |
+pkg_pretend() { |
224 |
+ if use slang && use unicode ; then |
225 |
+ ewarn "\"unicode\" USE flag only takes effect when the \"slang\" USE flag is disabled." |
226 |
+ fi |
227 |
+} |
228 |
+ |
229 |
+src_prepare() { |
230 |
+ default |
231 |
+ |
232 |
+ # patch touches configure.ac |
233 |
+ eautoreconf |
234 |
+} |
235 |
+ |
236 |
+src_configure() { |
237 |
+ [[ ${CHOST} == *-solaris* ]] && append-ldflags "-lnsl -lsocket" |
238 |
+ |
239 |
+ local myeconfargs=( |
240 |
+ --enable-charset |
241 |
+ --enable-vfs |
242 |
+ --with-homedir=$(usex xdg 'XDG' '.mc') |
243 |
+ --with-screen=$(usex slang 'slang' "ncurses$(usex unicode 'w' '')") |
244 |
+ $(use_enable kernel_linux vfs-undelfs) |
245 |
+ # Today mclib does not expose any headers and is linked to |
246 |
+ # single 'mc' binary. Thus there is no advantage of having |
247 |
+ # a library. Let's avoid shared library altogether |
248 |
+ # as it also conflicts with sci-libs/mc: bug #685938 |
249 |
+ --disable-mclib |
250 |
+ $(use_enable nls) |
251 |
+ $(use_enable samba vfs-smb) |
252 |
+ $(use_enable sftp vfs-sftp) |
253 |
+ $(use_enable spell aspell) |
254 |
+ $(use_enable test tests) |
255 |
+ $(use_with gpm gpm-mouse) |
256 |
+ $(use_with X x) |
257 |
+ $(use_with edit internal-edit) |
258 |
+ ) |
259 |
+ econf "${myeconfargs[@]}" |
260 |
+} |
261 |
+ |
262 |
+src_test() { |
263 |
+ # CK_FORK=no to avoid using fork() in check library |
264 |
+ # as mc mocks fork() itself: bug #644462. |
265 |
+ # |
266 |
+ # VERBOSE=1 to make test failures contain detailed |
267 |
+ # information. |
268 |
+ CK_FORK=no emake check VERBOSE=1 |
269 |
+} |
270 |
+ |
271 |
+src_install() { |
272 |
+ emake DESTDIR="${D}" install |
273 |
+ dodoc AUTHORS README NEWS |
274 |
+ |
275 |
+ # fix bug #334383 |
276 |
+ if use kernel_linux && [[ ${EUID} == 0 ]] ; then |
277 |
+ fowners root:tty /usr/libexec/mc/cons.saver |
278 |
+ fperms g+s /usr/libexec/mc/cons.saver |
279 |
+ fi |
280 |
+ |
281 |
+ if ! use xdg ; then |
282 |
+ sed 's@MC_XDG_OPEN="xdg-open"@MC_XDG_OPEN="/bin/false"@' \ |
283 |
+ -i "${ED}"/usr/libexec/mc/ext.d/*.sh || die |
284 |
+ fi |
285 |
+} |
286 |
+ |
287 |
+pkg_postinst() { |
288 |
+ elog "To enable exiting to latest working directory," |
289 |
+ elog "put this into your ~/.bashrc:" |
290 |
+ elog ". ${EPREFIX}/usr/libexec/mc/mc.sh" |
291 |
+} |