[gentoo-commits] proj/portage:prefix commit in: man/, pym/portage/package/ebuild/ - gentoo-commits

From:	Fabian Groffen <grobian@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/portage:prefix commit in: man/, pym/portage/package/ebuild/
Date:	Fri, 23 Dec 2011 10:28:05
Message-Id:	`df4a18b0e20c2c3eaa24c8b36a19e0c530ed40f1.grobian@gentoo`

1

commit:     df4a18b0e20c2c3eaa24c8b36a19e0c530ed40f1

2

Author:     Fabian Groffen <grobian <AT> gentoo <DOT> org>

3

AuthorDate: Fri Dec 23 10:24:27 2011 +0000

4

Commit:     Fabian Groffen <grobian <AT> gentoo <DOT> org>

5

CommitDate: Fri Dec 23 10:24:27 2011 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/portage.git;a=commit;h=df4a18b0

7

8

sandbox: move away from separate macossandbox

9

10

Dropped prefixsandbox feature (protected at path level of $EPREFIX), to

11

align with master branch more.

12

Made macossandbox and macosusersandbox an execution mode of sandbox on

13

OSX platforms.

14

Documented that OS X sandbox is used, but that it is awfully slow (hence

15

sandbox is still not enabled by default for OSX (in Prefix)).

16

17

---

18

 man/make.conf.5                        |    4 ++++

19

 pym/portage/package/ebuild/doebuild.py |   28 +++++-----------------------

20

 2 files changed, 9 insertions(+), 23 deletions(-)

21

22

diff --git a/man/make.conf.5 b/man/make.conf.5

23

index c27a69f..c2351bd 100644

24

--- a/man/make.conf.5

25

+++ b/man/make.conf.5

26

@@ -439,6 +439,10 @@ Output a verbose trace of python execution to stderr when a command's

27

.TP

28

 .B sandbox

29

 Enable sandbox\-ing when running \fBemerge\fR(1) and \fBebuild\fR(1).

30

+On Mac OS X platforms that have /usr/bin/sandbox-exec available (10.5

31

+and later), this particular sandbox implementation is used instead of

32

+sys-apps/sandbox.  Note that using Mac OS X sandbox slows down the

33

+emerge process considerably, in particular for write operations.

34

.TP

35

 .B sesandbox

36

 Enable SELinux sandbox\-ing.  Do not toggle this \fBFEATURE\fR yourself.

37

38

diff --git a/pym/portage/package/ebuild/doebuild.py b/pym/portage/package/ebuild/doebuild.py

39

index 656d9ee..083e0ce 100644

40

--- a/pym/portage/package/ebuild/doebuild.py

41

+++ b/pym/portage/package/ebuild/doebuild.py

42

@@ -1212,15 +1212,13 @@ def _spawn_actionmap(settings):

43

 	restrict = settings["PORTAGE_RESTRICT"].split()

44

 	nosandbox = (("userpriv" in features) and \

45

 		("usersandbox" not in features) and \

46

-		("macosusersandbox" not in features) and \

47

 		"userpriv" not in restrict and \

48

 		"nouserpriv" not in restrict)

49

 	if nosandbox and ("userpriv" not in features or \

50

 		"userpriv" in restrict or \

51

 		"nouserpriv" in restrict):

52

 		nosandbox = ("sandbox" not in features and \

53

-			"usersandbox" not in features and \

54

-			"macosusersandbox" not in features)

55

+			"usersandbox" not in features)

56

57

 	if not portage.process.sandbox_capable:

58

 		nosandbox = True

59

@@ -1386,26 +1384,13 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero

60

 	# fake ownership/permissions will have to be converted to real

61

 	# permissions in the merge phase.

62

 	fakeroot = fakeroot and uid != 0 and portage.process.fakeroot_capable

63

-	macossandbox = ("macossandbox" in features or \

64

-		"macosusersandbox" in features)

65

 	if droppriv and not uid and portage_gid and portage_uid:

66

 		keywords.update({"uid":portage_uid,"gid":portage_gid,

67

 			"groups":userpriv_groups,"umask":0o02})

68

 	if not free:

69

-		free=((droppriv and "usersandbox" not in features and

70

-			"macosusersandbox" not in features) or \

71

+		free=((droppriv and "usersandbox" not in features) or \

72

 			(not droppriv and "sandbox" not in features and \

73

-			"usersandbox" not in features and not fakeroot and \

74

-			not macossandbox))

75

-

76

-	# confining the process to a prefix sandbox is disabled by default, if

77

-	# a normal sandbox is requested a this point, it will be used, if no

78

-	# sandbox is requested, a prefix sandbox will be imposed if requested

79

-	# by the appropriate features

80

-	prefixsandbox = False

81

-	if free:

82

-		prefixsandbox = "macosprefixsandbox" in features

83

-		free = not prefixsandbox

84

+			"usersandbox" not in features and not fakeroot))

85

86

 	if not free and not (fakeroot or portage.process.sandbox_capable or \

87

 		portage.process.macossandbox_capable):

88

@@ -1424,12 +1409,9 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero

89

 		keywords["opt_name"] += " fakeroot"

90

 		keywords["fakeroot_state"] = os.path.join(mysettings["T"], "fakeroot.state")

91

 		spawn_func = portage.process.spawn_fakeroot

92

-	elif macossandbox:

93

+	elif sandbox and platform.system() == 'Darwin':

94

 		keywords["opt_name"] += " macossandbox"

95

-		if prefixsandbox:

96

-			sbprefixpath = mysettings["EPREFIX"]

97

-		else:

98

-			sbprefixpath = mysettings["PORTAGE_BUILDDIR"]

99

+		sbprefixpath = mysettings["PORTAGE_BUILDDIR"]

100

101

 		# escape some characters with special meaning in re's

102

 		sbprefixre = sbprefixpath.replace("+", "\+")

1	commit: df4a18b0e20c2c3eaa24c8b36a19e0c530ed40f1
2	Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
3	AuthorDate: Fri Dec 23 10:24:27 2011 +0000
4	Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
5	CommitDate: Fri Dec 23 10:24:27 2011 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=proj/portage.git;a=commit;h=df4a18b0
7
8	sandbox: move away from separate macossandbox
9
10	Dropped prefixsandbox feature (protected at path level of $EPREFIX), to
11	align with master branch more.
12	Made macossandbox and macosusersandbox an execution mode of sandbox on
13	OSX platforms.
14	Documented that OS X sandbox is used, but that it is awfully slow (hence
15	sandbox is still not enabled by default for OSX (in Prefix)).
16
17	---
18	man/make.conf.5 \| 4 ++++
19	pym/portage/package/ebuild/doebuild.py \| 28 +++++-----------------------
20	2 files changed, 9 insertions(+), 23 deletions(-)
21
22	diff --git a/man/make.conf.5 b/man/make.conf.5
23	index c27a69f..c2351bd 100644
24	--- a/man/make.conf.5
25	+++ b/man/make.conf.5
26	@@ -439,6 +439,10 @@ Output a verbose trace of python execution to stderr when a command's
27	.TP
28	.B sandbox
29	Enable sandbox\-ing when running \fBemerge\fR(1) and \fBebuild\fR(1).
30	+On Mac OS X platforms that have /usr/bin/sandbox-exec available (10.5
31	+and later), this particular sandbox implementation is used instead of
32	+sys-apps/sandbox. Note that using Mac OS X sandbox slows down the
33	+emerge process considerably, in particular for write operations.
34	.TP
35	.B sesandbox
36	Enable SELinux sandbox\-ing. Do not toggle this \fBFEATURE\fR yourself.
37
38	diff --git a/pym/portage/package/ebuild/doebuild.py b/pym/portage/package/ebuild/doebuild.py
39	index 656d9ee..083e0ce 100644
40	--- a/pym/portage/package/ebuild/doebuild.py
41	+++ b/pym/portage/package/ebuild/doebuild.py
42	@@ -1212,15 +1212,13 @@ def _spawn_actionmap(settings):
43	restrict = settings["PORTAGE_RESTRICT"].split()
44	nosandbox = (("userpriv" in features) and \
45	("usersandbox" not in features) and \
46	- ("macosusersandbox" not in features) and \
47	"userpriv" not in restrict and \
48	"nouserpriv" not in restrict)
49	if nosandbox and ("userpriv" not in features or \
50	"userpriv" in restrict or \
51	"nouserpriv" in restrict):
52	nosandbox = ("sandbox" not in features and \
53	- "usersandbox" not in features and \
54	- "macosusersandbox" not in features)
55	+ "usersandbox" not in features)
56
57	if not portage.process.sandbox_capable:
58	nosandbox = True
59	@@ -1386,26 +1384,13 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero
60	# fake ownership/permissions will have to be converted to real
61	# permissions in the merge phase.
62	fakeroot = fakeroot and uid != 0 and portage.process.fakeroot_capable
63	- macossandbox = ("macossandbox" in features or \
64	- "macosusersandbox" in features)
65	if droppriv and not uid and portage_gid and portage_uid:
66	keywords.update({"uid":portage_uid,"gid":portage_gid,
67	"groups":userpriv_groups,"umask":0o02})
68	if not free:
69	- free=((droppriv and "usersandbox" not in features and
70	- "macosusersandbox" not in features) or \
71	+ free=((droppriv and "usersandbox" not in features) or \
72	(not droppriv and "sandbox" not in features and \
73	- "usersandbox" not in features and not fakeroot and \
74	- not macossandbox))
75	-
76	- # confining the process to a prefix sandbox is disabled by default, if
77	- # a normal sandbox is requested a this point, it will be used, if no
78	- # sandbox is requested, a prefix sandbox will be imposed if requested
79	- # by the appropriate features
80	- prefixsandbox = False
81	- if free:
82	- prefixsandbox = "macosprefixsandbox" in features
83	- free = not prefixsandbox
84	+ "usersandbox" not in features and not fakeroot))
85
86	if not free and not (fakeroot or portage.process.sandbox_capable or \
87	portage.process.macossandbox_capable):
88	@@ -1424,12 +1409,9 @@ def spawn(mystring, mysettings, debug=0, free=0, droppriv=0, sesandbox=0, fakero
89	keywords["opt_name"] += " fakeroot"
90	keywords["fakeroot_state"] = os.path.join(mysettings["T"], "fakeroot.state")
91	spawn_func = portage.process.spawn_fakeroot
92	- elif macossandbox:
93	+ elif sandbox and platform.system() == 'Darwin':
94	keywords["opt_name"] += " macossandbox"
95	- if prefixsandbox:
96	- sbprefixpath = mysettings["EPREFIX"]
97	- else:
98	- sbprefixpath = mysettings["PORTAGE_BUILDDIR"]
99	+ sbprefixpath = mysettings["PORTAGE_BUILDDIR"]
100
101	# escape some characters with special meaning in re's
102	sbprefixre = sbprefixpath.replace("+", "\+")

Gentoo Archives: gentoo-commits