Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Benda XU <heroxbd@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] dev/heroxbd:master commit in: scripts/, sys-apps/sandbox/files/, sys-apps/sandbox/
Date: Wed, 30 Oct 2013 03:18:03
Message-Id: 1383103058.3b676104682034e837ff8674c72b133382f3ff7c.heroxbd@gentoo
1 commit: 3b676104682034e837ff8674c72b133382f3ff7c
2 Author: Benda Xu <heroxbd <AT> gentoo <DOT> org>
3 AuthorDate: Wed Oct 30 03:17:38 2013 +0000
4 Commit: Benda XU <heroxbd <AT> gentoo <DOT> org>
5 CommitDate: Wed Oct 30 03:17:38 2013 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=dev/heroxbd.git;a=commit;h=3b676104
7
8 track sandbox
9
10 ---
11 scripts/bootstrap-rap.sh | 190 +++++-
12 sys-apps/sandbox/ChangeLog | 689 +++++++++++++++++++++
13 sys-apps/sandbox/Manifest | 33 +
14 .../0001-libsandbox-handle-more-at-functions.patch | 42 ++
15 sys-apps/sandbox/files/09sandbox | 1 +
16 sys-apps/sandbox/files/sandbox-1.2.17-prefix.patch | 209 +++++++
17 .../files/sandbox-1.2.18.1-open-cloexec.patch | 15 +
18 .../files/sandbox-1.2.18.1-open-normal-fail.patch | 99 +++
19 .../files/sandbox-1.2.18.1-rtld-validation.patch | 43 ++
20 .../files/sandbox-1.2.20_alpha2-parallel.patch | 12 +
21 .../files/sandbox-1.6-disable-pthread.patch | 37 ++
22 .../files/sandbox-1.6-disable-qa-static.patch | 13 +
23 .../sandbox/files/sandbox-1.9-setoptions.patch | 15 +
24 sys-apps/sandbox/files/sandbox-2.0-prefix.patch | 37 ++
25 .../sandbox/files/sandbox-2.0-setoptions.patch | 11 +
26 sys-apps/sandbox/files/sandbox-2.2-prefix.patch | 26 +
27 .../files/sandbox-2.6-check-empty-paths-at.patch | 201 ++++++
28 sys-apps/sandbox/files/sandbox-2.6-desktop.patch | 30 +
29 sys-apps/sandbox/files/sandbox-2.6-log-var.patch | 51 ++
30 .../sandbox/files/sandbox-2.6-open-nofollow.patch | 54 ++
31 sys-apps/sandbox/files/sandbox-2.6-prefix.patch | 70 +++
32 .../files/sandbox-2.6-static-close-fd.patch | 93 +++
33 .../sandbox/files/sandbox-2.6-trace-hppa.patch | 27 +
34 sys-apps/sandbox/metadata.xml | 11 +
35 sys-apps/sandbox/sandbox-1.6-r2.ebuild | 104 ++++
36 sys-apps/sandbox/sandbox-2.3-r1.ebuild | 103 +++
37 sys-apps/sandbox/sandbox-2.4.ebuild | 100 +++
38 sys-apps/sandbox/sandbox-2.5.ebuild | 126 ++++
39 sys-apps/sandbox/sandbox-2.6-r1.ebuild | 132 ++++
40 sys-apps/sandbox/sandbox-2.6.ebuild | 132 ++++
41 30 files changed, 2695 insertions(+), 11 deletions(-)
42
43 diff --git a/scripts/bootstrap-rap.sh b/scripts/bootstrap-rap.sh
44 old mode 100755
45 new mode 100644
46 index 30823d8..add2f41
47 --- a/scripts/bootstrap-rap.sh
48 +++ b/scripts/bootstrap-rap.sh
49 @@ -367,6 +367,11 @@ bootstrap_tree() {
50 # this is ugly, we have to put the temperory rap overlay somewhere
51 PORTDIR="${PORTDIR_RAP}" \
52 do_tree http://dev.gentoo.org/~heroxbd rap-overlay.tar.bz2
53 +
54 + # Add corrected ebuilds to rap-overlay: perl, portage, openrc
55 + bzip2 -dc "${ROOT}/../rap-overlay-perl.tar.bz2" | $TAR -xf - -C ${PORTDIR_RAP%portage}
56 + bzip2 -dc "${ROOT}/../rap-overlay-openrc.tar.bz2" | $TAR -xf - -C ${PORTDIR_RAP%portage}
57 + bzip2 -dc "${ROOT}/../rap-overlay-portage.tar.bz2" | $TAR -xf - -C ${PORTDIR_RAP%portage}
58 }
59
60 bootstrap_latest_tree() {
61 @@ -586,8 +591,12 @@ bootstrap_gnu() {
62 [[ ${PN} == "coreutils" ]] && \
63 myconf="${myconf} --disable-acl --without-gmp"
64
65 - [[ ${PN} == "gcc" ]] && myconf="${myconf} --disable-bootstrap --enable-languages=c\
66 - --disable-multilib"
67 + if [[ ${PN} == "gcc" ]] ; then
68 + myconf="${myconf} --disable-bootstrap --enable-languages=c\
69 + --disable-multilib --with-sysroot=/usr/local/x86_64-linux-gnu/x86_64-linux-gnu/sys-root\
70 + --disable-libssp --disable-libgomp --disable-libquadmath --disable-decimal-float --disable-threads\
71 + --without-ppl --without-cloog "
72 + fi
73
74 if [[ ${PN} == "coreutils" && ${CHOST} == *-interix* ]] ; then
75 # Interix doesn't have filesystem listing stuff, but that means all
76 @@ -614,7 +623,11 @@ bootstrap_gnu() {
77 if [[ ${PN} == "make" && $(type -t $MAKE) != "file" ]]; then
78 ./build.sh || return 1
79 else
80 + if [[ ${PN} == "gcc" ]] ; then
81 + $MAKE ${MAKEOPTS} gcc_cv_libc_provides_ssp=yes || return 1
82 + else
83 $MAKE ${MAKEOPTS} || return 1
84 + fi
85 fi
86
87 einfo "Installing ${PN}"
88 @@ -932,7 +945,11 @@ bootstrap_stage1() {
89 [[ $(uniq --version 2>&1) == *"(GNU coreutils) "[6789]* ]] \
90 || (bootstrap_coreutils) || return 1
91 [[ $(find --version 2>&1) == *GNU* ]] || (bootstrap_findutils) || return 1
92 - [[ $(tar --version 2>&1) == *GNU* ]] || (bootstrap_tar) || return 1
93 +# Synology gives a tar from busybox which does not handle all required options
94 +# [[ $(tar --version 2>&1) == *GNU* ]] ||
95 + (bootstrap_tar) || return 1
96 +# Synology also gives gzip through busybox which does not handle all required options
97 + (bootstrap_gzip) || return 1
98 [[ $(patch --version 2>&1) == *"GNU patch 2."7* ]] || (bootstrap_patch) || return 1
99 [[ $(grep --version 2>&1) == *GNU* ]] || (bootstrap_grep) || return 1
100 [[ $(awk --version < /dev/null 2>&1) == *GNU* ]] || bootstrap_gawk || return 1
101 @@ -1052,9 +1069,13 @@ bootstrap_stage3() {
102
103 set_profile 1
104 # --oneshot --nodeps
105 + # synology toolchain is still using only sys-root, hence add some to the make.defaults
106 + echo "CFLAGS=-I${ROOT}/usr/include" >> "${PORTDIR_RAP}"/profiles/bootstrap/glibc/make.defaults
107 + echo "LDFLAGS=\"-L${ROOT}/usr/lib64 -Wl,-rpath=${ROOT}/usr/lib64\"" >> "${PORTDIR_RAP}"/profiles/bootstrap/glibc/make.defaults
108 + # export LD_LIBRARY_PATH=${ROOT}/usr/lib64
109 local pkgs=(
110 sys-apps/sed
111 - "<app-shells/bash-4.2_p20" # higher versions require readline
112 + "<app-shells/bash-4.2_p20" # higher versions requires readline
113 app-arch/xz-utils
114 sys-apps/baselayout-prefix
115 sys-devel/m4
116 @@ -1072,6 +1093,11 @@ bootstrap_stage3() {
117
118 emerge_pkgs --nodeps "${pkgs[@]}" || return 1
119
120 + gcc-config -l
121 +
122 + # undo make.defaults change made above
123 + set_profile 1
124 +
125 echo 'int main() {}' > test-rpath.c
126 gcc -o test-rpath test-rpath.c
127 if readelf -d test-rpath | grep -q rpath; then
128 @@ -1094,9 +1120,16 @@ EOF
129 fi
130 fi
131
132 + # inject a link to gcc to /usr/bin/cc
133 + if [[ ! -x "${ROOT}"/usr/bin/cc ]]; then
134 + ln -s $(which gcc) "${ROOT}"/usr/bin/cc
135 + fi
136 +
137 pkgs=( sys-libs/glibc )
138 emerge_pkgs --nodeps "${pkgs[@]}" || return 1
139
140 +# unset LD_LIBRARY_PATH
141 +
142 # in gcc bootstrap stage 1, xgcc/cc1 and friends may be linked against libgcc_s.so of
143 # the old gcc, which cannot be found on new RAP. Append that directory to ld.so.conf
144 # so that our RAP dynamic linker can find it. This will be overwritten by env-update
145 @@ -1135,9 +1168,21 @@ EOF
146 )
147 emerge_pkgs --nodeps "${pkgs[@]}" || return 1
148
149 - # --oneshot
150 + # Synology does not have /usr/include
151 + # Python will not be able to build if /usr/include/[sys,netinet] are not found, make a temporary link
152 + if [ ! -d /usr/include ]; then
153 + cat << EOF
154 +Python will not be able to build if /usr/include/[sys,netinet,and others] are not found as well
155 +Make a link from ${ROOT}/usr/include to /usr/include and renew the bootstrap-rap.sh command
156 +to continue from here on.
157 +
158 +EOF
159 + return 1
160 + fi
161 +
162 + # --oneshot
163 local pkgs=(
164 - net-misc/wget
165 + "<net-misc/wget-1.14" # otherwise pulls in util-linux which links to perl using gdbm and berkdb that are missing
166 sys-apps/acl
167 )
168 emerge_pkgs "" "${pkgs[@]}" || return 1
169 @@ -1152,6 +1197,11 @@ EOF
170 # the -I directions set by the profile
171 export CPPFLAGS="${CPPFLAGS} -DNO_LARGEFILE_SOURCE"
172
173 + # Synology or not ? : you may however encounter error due to missing fetched file python-gentoo-patches-3.2.3-0.tar.bz2
174 + # in such case manually download at http://mirror.meleeweb.net/pub/linux/gentoo/distfiles/python-gentoo-patches-3.2.3-0.tar.bz2
175 + # the same happened for python-gentoo-patches-3.3.2-1.tar.xz, hence we do not ask for it
176 + echo ">=dev-lang/python-3.3" >> "${ROOT}/etc/portage/package.mask"
177 + sed -i -e "1i PYTHON_TARGETS=\"python2_7 python3_2\"" "${ROOT}/etc/portage/make.conf"
178 # disable collision-protect to overwrite the bootstrapped portage
179 FEATURES="-collision-protect" emerge_pkgs "" "sys-apps/portage" || return 1
180
181 @@ -1163,25 +1213,143 @@ EOF
182 fi
183
184 set_profile 2
185 -
186 # Portage should figure out itself what it needs to do, if anything
187 +
188 + ##########################################################################################
189 + # Problem here as the lib directory is not always a symlink. #
190 + # You need to manually move files and create a symlink lib to the correct lib64 or lib32 #
191 + ##########################################################################################
192 +
193 + # Taking off some packages that may either not build correctly or have nothing to do in prefix, even if rap.
194 + cat << __END__ >> "${ROOT}/usr/local/portage/profiles/features/rap/packages"
195 +
196 +# Here we remove packages that default/linux/packages pulls in and have no
197 +# business being in Gentoo Prefix
198 +-*sys-apps/busybox
199 +# we keep that one as wget may use it. TS
200 +#-*sys-apps/util-linux
201 +
202 +# This file removes everything from the base profile which is not
203 +# necessary/desired in a prefix environment.
204 +-*>=sys-apps/baselayout-2
205 +-*net-misc/iputils
206 +-*sys-apps/kbd
207 +-*sys-process/procps
208 +-*sys-process/psmisc
209 +-*sys-fs/e2fsprogs
210 +-*virtual/dev-manager
211 +-*virtual/modutils
212 +-*virtual/shadow
213 +
214 +# add back prefix baselayout
215 +*sys-apps/baselayout-prefix
216 +
217 +__END__
218 +
219 +
220 + # For some obscure reason gettext is required but not installed (msgfmt missing)
221 + USE=-git emerge -u gettext || return 1
222 +
223 + einfo "Emerging system..."
224 + sed -i -e "1i USE=-ssl" "${EPREFIX}"/etc/portage/make.conf
225 USE=-git emerge -u system || return 1
226
227 - if [[ ! -f ${EPREFIX}/etc/portage/make.conf ]] ; then
228 + # remove anything that we don't need (compilers most likely)
229 + emerge --depclean
230 +
231 + #
232 + #if [[ ! -f ${EPREFIX}/etc/portage/make.conf ]] ; then
233 {
234 - echo 'USE="unicode nls"'
235 + echo 'USE="unicode nls -ssl"'
236 echo 'CFLAGS="${CFLAGS} -O2 -pipe"'
237 echo 'CXXFLAGS="${CFLAGS}"'
238 echo "MAKEOPTS=\"${MAKEOPTS}\""
239 + echo "PYTHON_TARGETS=\"python2_7 python3_2\""
240 echo "# be careful with this one, don't just remove it!"
241 echo "PREFIX_DISABLE_GEN_USR_LDSCRIPT=yes"
242 } > "${EPREFIX}"/etc/portage/make.conf
243 - fi
244 + #
245
246 einfo "stage3 successfully finished"
247 }
248
249 bootstrap_interactive() {
250 + # immediately die on platforms that we know are impossible due to
251 + # brain-deadness (Debian/Ubuntu) or extremely hard dependency chains
252 + # (TODO NetBSD/OpenBSD)
253 + case ${CHOST} in
254 + *-linux-gnu)
255 + local toolchain_impossible=
256 + # Figure out if this is Ubuntu...
257 + if [[ $(lsb_release -is 2>/dev/null) == "Ubuntu" ]] ; then
258 + case "$(lsb_release -sr)" in
259 + [456789].*|10.*)
260 + : # good versions
261 + ;;
262 + *)
263 + # Debian/Ubuntu have seriously fscked up their
264 + # toolchain to support their multi-arch crap
265 + # since Natty (11.04) that noone really wants,
266 + # and certainly not upstream. Some details:
267 + # https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/738098
268 + toolchain_impossible="Ubuntu >= 11.04 (Natty)"
269 + ;;
270 + esac
271 + fi
272 + # Figure out if this is Debian
273 + if [[ -e /etc/debian_release ]] ; then
274 + case "$(< /etc/debian_release)" in
275 + hamm/*|slink/*|potato/*|woody/*|sarge/*|etch/*|lenny/*|squeeze/*)
276 + : # good versions
277 + ;;
278 + *)
279 + # Debian introduced their big crap since Wheezy
280 + # (7.0), like for Ubuntu, see above
281 + toolchain_impossible="Debian >= 7.0 (Wheezy)"
282 + ;;
283 + esac
284 + fi
285 + if [[ -n ${toolchain_impossible} ]] ; then
286 + # In short, it's impossible for us to compile a
287 + # compiler, since 1) gcc picks up our ld, which doesn't
288 + # support sysroot (can work around with a wrapper
289 + # script), 2) headers and libs aren't found (symlink
290 + # them to Prefix), 3) stuff like crtX.i isn't found
291 + # during bootstrap, since the bootstrap compiler doesn't
292 + # get any of our flags and doesn't know where to find
293 + # them (even if we copied them). So we cannot do this,
294 + # unless we use the Ubuntu patches in our ebuilds, which
295 + # is a NO-GO area.
296 + cat << EOF
297 +Oh My! ${toolchain_impossible}! AAAAAAAAAAAAAAAAAAAAARGH! HELL comes over me!
298 +
299 +EOF
300 + echo -n "..."
301 + sleep 1
302 + echo -n "."
303 + sleep 1
304 + echo -n "."
305 + sleep 1
306 + echo -n "."
307 + sleep 1
308 + echo
309 + echo
310 + cat << EOF
311 +and over you. You're on the worst Linux distribution from a developer's
312 +(and so Gentoo Prefix) perspective since http://wiki.debian.org/Multiarch/.
313 +Due to this multi-arch idea, it is IMPOSSIBLE for Gentoo Prefix to
314 +bootstrap a compiler without using Debuntu patches, which is an absolute
315 +NO-GO area! GCC and binutils upstreams didn't just reject those patches
316 +for fun.
317 +
318 +I really can't help you, and won't waste any of your time either. The
319 +story simply ends here. Sorry.
320 +EOF
321 + exit 1
322 + fi
323 + ;;
324 + esac
325 +
326 cat <<"EOF"
327
328
329 @@ -1697,7 +1865,7 @@ EOF
330
331 # Don't confuse Portage with a possibly slightly differing CHOST
332 unset CHOST
333 -
334 +
335 if ! emerge -e system ; then
336 # emerge -e system fail
337 cat << EOF
338
339 diff --git a/sys-apps/sandbox/ChangeLog b/sys-apps/sandbox/ChangeLog
340 new file mode 100644
341 index 0000000..76303db
342 --- /dev/null
343 +++ b/sys-apps/sandbox/ChangeLog
344 @@ -0,0 +1,689 @@
345 +# ChangeLog for sys-apps/sandbox
346 +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
347 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/ChangeLog,v 1.165 2012/07/06 19:53:10 vapier Exp $
348 +
349 + 06 Jul 2012; Mike Frysinger <vapier@g.o>
350 + +files/sandbox-2.6-trace-hppa.patch, sandbox-2.6.ebuild:
351 + Fix building of trace code for hppa #425062 by Jeroen Roovers.
352 +
353 +*sandbox-2.6 (03 Jul 2012)
354 +
355 + 03 Jul 2012; Mike Frysinger <vapier@g.o> +sandbox-2.6.ebuild:
356 + Various fixes, and x32 support.
357 +
358 + 24 Jun 2012; Mike Frysinger <vapier@g.o> sandbox-2.5.ebuild:
359 + Parallelize configure steps for multiple ABIs, and run tests in parallel.
360 +
361 + 30 Mar 2012; Alexis Ballier <aballier@g.o> sandbox-1.6-r2.ebuild:
362 + keyword -x86-fbsd for bug #374425, sandbox is broken of fbsd and this leaves
363 + us with nothing.
364 +
365 + 05 Feb 2012; Mike Frysinger <vapier@g.o> sandbox-1.6-r2.ebuild,
366 + sandbox-2.3-r1.ebuild, sandbox-2.4.ebuild, sandbox-2.5.ebuild:
367 + Move to new unpacker eclass.
368 +
369 + 02 Feb 2012; Samuli Suominen <ssuominen@g.o> sandbox-2.5.ebuild:
370 + ppc/ppc64 stable wrt #389981
371 +
372 + 03 Dec 2011; Raúl Porcel <armin76@g.o> sandbox-2.5.ebuild:
373 + alpha/ia64/m68k/s390/sh/sparc stable wrt #389981
374 +
375 + 13 Nov 2011; Markus Meier <maekke@g.o> sandbox-2.5.ebuild:
376 + arm stable, bug #389981
377 +
378 + 11 Nov 2011; Pawel Hajdan jr <phajdan.jr@g.o> sandbox-2.5.ebuild:
379 + x86 stable wrt bug #389981
380 +
381 + 10 Nov 2011; Jeroen Roovers <jer@g.o> sandbox-2.5.ebuild:
382 + Stable for HPPA (bug #389981).
383 +
384 + 10 Nov 2011; Tony Vroon <chainsaw@g.o> sandbox-2.5.ebuild:
385 + Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo &
386 + Elijah "Armageddon" El Lazkani in bug #389981.
387 +
388 + 10 May 2011; Jeremy Olexa <darkside@g.o> sandbox-2.4.ebuild,
389 + sandbox-2.5.ebuild:
390 + Don't restore ownership while extracting, bug 366759
391 +
392 +*sandbox-2.5 (14 Feb 2011)
393 +
394 + 14 Feb 2011; Mike Frysinger <vapier@g.o> +sandbox-2.5.ebuild:
395 + Version bump.
396 +
397 + 12 Feb 2011; Raúl Porcel <armin76@g.o> sandbox-2.4.ebuild:
398 + sparc stable wrt #348549
399 +
400 + 02 Jan 2011; Mike Frysinger <vapier@g.o> sandbox-2.4.ebuild:
401 + Mark alpha/ia64/s390/sh stable #348549.
402 +
403 + 21 Dec 2010; Markus Meier <maekke@g.o> sandbox-2.4.ebuild:
404 + arm stable, bug #348549
405 +
406 + 19 Dec 2010; Samuli Suominen <ssuominen@g.o> sandbox-2.4.ebuild:
407 + ppc64 stable wrt #348549
408 +
409 + 14 Dec 2010; Markos Chandras <hwoarang@g.o> sandbox-2.4.ebuild:
410 + Stable on amd64 wrt bug #348549
411 +
412 + 13 Dec 2010; Jeroen Roovers <jer@g.o> sandbox-2.4.ebuild:
413 + Stable for HPPA PPC (bug #348549).
414 +
415 + 13 Dec 2010; Jeroen Roovers <jer@g.o> sandbox-2.4.ebuild:
416 + Stable for HPPA (bug #348549).
417 +
418 + 12 Dec 2010; Pawel Hajdan jr <phajdan.jr@g.o> sandbox-2.4.ebuild:
419 + x86 stable wrt bug #348549
420 +
421 + 30 Nov 2010; Michael Weber <xmw@g.o> sandbox-2.3-r1.ebuild:
422 + sparc stable (bug 338113)
423 +
424 +*sandbox-2.4 (24 Nov 2010)
425 +
426 + 24 Nov 2010; Mike Frysinger <vapier@g.o> +sandbox-2.4.ebuild:
427 + Fix hardened issues #339157 and flesh out *at func handling some more
428 + #342983.
429 +
430 + 23 Nov 2010; Mike Frysinger <vapier@g.o> sandbox-2.3-r1.ebuild:
431 + Add back ~sparc since it has its ptrace disabled.
432 +
433 + 16 Oct 2010; Brent Baude <ranger@g.o> sandbox-2.3-r1.ebuild:
434 + stable ppc, bug 338113
435 +
436 + 10 Oct 2010; Samuli Suominen <ssuominen@g.o> sandbox-2.3-r1.ebuild:
437 + ppc64 stable wrt #338113
438 +
439 + 10 Oct 2010; Raúl Porcel <armin76@g.o> sandbox-2.3-r1.ebuild:
440 + alpha/arm/ia64/m68k/s390/sh stable wrt #338113
441 +
442 + 05 Oct 2010; Markus Meier <maekke@g.o> sandbox-2.3-r1.ebuild:
443 + x86 stable, bug #338113
444 +
445 + 29 Sep 2010; Jeroen Roovers <jer@g.o> sandbox-2.3-r1.ebuild:
446 + Stable for HPPA (bug #338113).
447 +
448 + 24 Sep 2010; Markos Chandras <hwoarang@g.o> sandbox-2.3-r1.ebuild:
449 + Stable on amd64 wrt bug #338113
450 +
451 +*sandbox-2.3-r1 (17 Aug 2010)
452 +
453 + 17 Aug 2010; Mike Frysinger <vapier@g.o> +sandbox-2.3-r1.ebuild:
454 + Fix sandbox.d config install #333131 by Hans Nieser.
455 +
456 +*sandbox-2.3 (17 Aug 2010)
457 +
458 + 17 Aug 2010; Mike Frysinger <vapier@g.o> +sandbox-2.3.ebuild:
459 + Version bump. Lots o fixes.
460 +
461 + 15 Aug 2010; Mike Frysinger <vapier@g.o> sandbox-1.6-r2.ebuild,
462 + sandbox-2.2.ebuild:
463 + Manually decompress the lzma archive if host PM cannot #271543.
464 +
465 + 21 Nov 2009; Raúl Porcel <armin76@g.o> sandbox-2.2.ebuild:
466 + Mark 2.2 -sparc as it doesn't work very well, bug #293632
467 +
468 +*sandbox-2.2 (26 Oct 2009)
469 +
470 + 26 Oct 2009; Mike Frysinger <vapier@g.o> +sandbox-2.2.ebuild:
471 + Version bump (includes fixes for #202765 #288227 #288863 and SPARC
472 + ptrace).
473 +
474 + 27 Sep 2009; Mike Frysinger <vapier@g.o> sandbox-2.1.ebuild:
475 + Fix new multilib code on non-multilib systems #286599 by Norman Yarvin.
476 +
477 + 25 Sep 2009; Thomas Sachau (Tommy[D]) <tommy@g.o>
478 + sandbox-2.1.ebuild:
479 + Add multilib useflag for multilib building with ok from vapier
480 +
481 +*sandbox-2.1 (25 Aug 2009)
482 +
483 + 25 Aug 2009; Mike Frysinger <vapier@g.o> +sandbox-2.1.ebuild:
484 + Version bump.
485 +
486 + 13 Aug 2009; Mike Frysinger <vapier@g.o>
487 + sandbox-1.2.18.1-r2.ebuild, sandbox-1.2.18.1-r3.ebuild,
488 + sandbox-1.2.20_alpha2-r1.ebuild, sandbox-1.3.0.ebuild,
489 + sandbox-1.3.1.ebuild, sandbox-1.3.2.ebuild, sandbox-1.3.3.ebuild,
490 + sandbox-1.3.4.ebuild, sandbox-1.3.5.ebuild, sandbox-1.3.6.ebuild,
491 + sandbox-1.3.7.ebuild, sandbox-1.3.8.ebuild, sandbox-1.3.9.ebuild,
492 + sandbox-1.4.ebuild, sandbox-1.5.ebuild, sandbox-1.6.ebuild,
493 + sandbox-1.6-r1.ebuild, sandbox-1.6-r2.ebuild, sandbox-1.7.ebuild,
494 + sandbox-1.8.ebuild, sandbox-1.9.ebuild, sandbox-2.0.ebuild:
495 + Drop duplicate eutils inherit #279607 by Justin Lecher.
496 +
497 +*sandbox-2.0 (04 Jun 2009)
498 +
499 + 04 Jun 2009; Mike Frysinger <vapier@g.o> +sandbox-2.0.ebuild:
500 + Version bump to improve static tracing.
501 +
502 + 17 May 2009; Diego E. Pettenò <flameeyes@g.o> sandbox-1.7.ebuild,
503 + sandbox-1.8.ebuild, sandbox-1.9.ebuild:
504 + Remove x86-fbsd keyword for sandbox versions that are known incompatible
505 + with FreeBSD.
506 +
507 + 26 Apr 2009; Brent Baude <ranger@g.o> sandbox-1.6-r2.ebuild:
508 + stable ppc, bug 265376
509 +
510 + 20 Apr 2009; Raúl Porcel <armin76@g.o> sandbox-1.6-r2.ebuild:
511 + ia64 stable wrt #265376
512 +
513 + 18 Apr 2009; Mike Frysinger <vapier@g.o> sandbox-1.6-r2.ebuild,
514 + sandbox-1.9.ebuild:
515 + Force latest stable pax-utils as some people are lazy and dont upgrade
516 + #265376 by Jerome Potts.
517 +
518 + 18 Apr 2009; Raúl Porcel <armin76@g.o> sandbox-1.6-r2.ebuild:
519 + arm/m68k/s390/sh stable wrt #265376
520 +
521 + 15 Apr 2009; Markus Meier <maekke@g.o> sandbox-1.6-r2.ebuild:
522 + amd64/x86 stable, bug #265376
523 +
524 + 13 Apr 2009; Jeroen Roovers <jer@g.o> sandbox-1.6-r2.ebuild:
525 + Stable for HPPA (bug #265376).
526 +
527 + 12 Apr 2009; Brent Baude <ranger@g.o> sandbox-1.6-r2.ebuild:
528 + stable ppc64, bug 265376
529 +
530 + 12 Apr 2009; Tobias Klausmann <klausman@g.o> sandbox-1.6-r2.ebuild:
531 + Stable on alpha, bug #265376
532 +
533 + 09 Apr 2009; Friedrich Oslage <bluebird@g.o> sandbox-1.6-r2.ebuild:
534 + Stable on sparc, bug #265376
535 +
536 + 09 Apr 2009; Mike Frysinger <vapier@g.o> sandbox-1.6-r2.ebuild,
537 + sandbox-1.9.ebuild:
538 + Make sure /etc/sandbox.d has 0755 perms #265376 by Friedrich Oslage.
539 +
540 +*sandbox-1.9 (09 Apr 2009)
541 +
542 + 09 Apr 2009; Mike Frysinger <vapier@g.o> +sandbox-1.9.ebuild:
543 + Version bump.
544 +
545 +*sandbox-1.8 (05 Apr 2009)
546 +
547 + 05 Apr 2009; Mike Frysinger <vapier@g.o> +sandbox-1.8.ebuild:
548 + Version bump to fix #263657 #264399 #264476 #264478 #264676.
549 +
550 +*sandbox-1.6-r2 (02 Apr 2009)
551 +
552 + 02 Apr 2009; Mike Frysinger <vapier@g.o>
553 + +files/sandbox-1.6-disable-pthread.patch, +sandbox-1.6-r2.ebuild:
554 + Disable pthread locks to make 1.6 regression free #264476.
555 +
556 +*sandbox-1.6-r1 (31 Mar 2009)
557 +
558 + 31 Mar 2009; Mike Frysinger <vapier@g.o>
559 + +files/sandbox-1.6-disable-qa-static.patch,
560 + +files/0001-libsandbox-handle-more-at-functions.patch,
561 + +sandbox-1.6-r1.ebuild:
562 + Backport a fix or two so we can stabilize this version.
563 +
564 +*sandbox-1.7 (31 Mar 2009)
565 +
566 + 31 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.7.ebuild:
567 + Version bump.
568 +
569 +*sandbox-1.6 (12 Mar 2009)
570 +
571 + 12 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.6.ebuild:
572 + Version bump.
573 +
574 +*sandbox-1.5 (11 Mar 2009)
575 +
576 + 11 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.5.ebuild:
577 + Version bump.
578 +
579 +*sandbox-1.4 (08 Mar 2009)
580 +
581 + 08 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.4.ebuild:
582 + Version bump.
583 +
584 +*sandbox-1.3.9 (05 Mar 2009)
585 +
586 + 05 Mar 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.9.ebuild:
587 + Version bump.
588 +
589 +*sandbox-1.3.8 (20 Feb 2009)
590 +
591 + 20 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.8.ebuild:
592 + Version bump.
593 +
594 +*sandbox-1.3.7 (14 Feb 2009)
595 +
596 + 14 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.7.ebuild:
597 + Version bump
598 +
599 +*sandbox-1.3.6 (11 Feb 2009)
600 +
601 + 11 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.6.ebuild:
602 + Version bump.
603 +
604 +*sandbox-1.3.5 (08 Feb 2009)
605 +
606 + 08 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.5.ebuild:
607 + Version bump for regressions.
608 +
609 + 07 Feb 2009; Mike Frysinger <vapier@g.o>
610 + +files/0001-sandbox-fix-typo-in-struct-sandbox_info_t-decl.patch,
611 + sandbox-1.3.4.ebuild:
612 + Fix for hardened systems #258031.
613 +
614 +*sandbox-1.3.4 (07 Feb 2009)
615 +
616 + 07 Feb 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.4.ebuild:
617 + Version bump.
618 +
619 + 29 Jan 2009; Javier Villavicencio <the_paya@g.o>
620 + sandbox-1.3.3.ebuild:
621 + Keyword -sparc/x86-fbsd til next version bump, bug 256741.
622 +
623 +*sandbox-1.3.3 (28 Jan 2009)
624 +
625 + 28 Jan 2009; Mike Frysinger <vapier@g.o> +sandbox-1.3.3.ebuild:
626 + Version bump.
627 +
628 + 26 Dec 2008; Mike Frysinger <vapier@g.o> sandbox-1.3.2.ebuild:
629 + Add lzma-utils to DEPEND #252598 by Albert W. Hopkins.
630 +
631 +*sandbox-1.3.2 (23 Dec 2008)
632 +
633 + 23 Dec 2008; Mike Frysinger <vapier@g.o> +sandbox-1.3.2.ebuild:
634 + Fix some portability issues and more *at updates.
635 +
636 + 09 Dec 2008; Alexis Ballier <aballier@g.o> sandbox-1.3.0.ebuild,
637 + sandbox-1.3.1.ebuild:
638 + Keyword -sparc/x86-fbsd versions that do not build there, lets keep with
639 + the half broken but half working old version, bug #250366
640 +
641 +*sandbox-1.3.1 (29 Nov 2008)
642 +
643 + 29 Nov 2008; Mike Frysinger <vapier@g.o> +sandbox-1.3.1.ebuild:
644 + Fix up #248254 and #248263.
645 +
646 +*sandbox-1.3.0 (16 Nov 2008)
647 +
648 + 16 Nov 2008; Mike Frysinger <vapier@g.o> +sandbox-1.3.0.ebuild:
649 + Version bump.
650 +
651 + 09 Nov 2008; Mike Frysinger <vapier@g.o>
652 + sandbox-1.2.20_alpha2-r1.ebuild:
653 + Use EBUILD_DEATH_HOOKS #113780 by Petteri Räty.
654 +
655 + 09 Nov 2008; Mike Frysinger <vapier@g.o>
656 + +files/sandbox-1.2.20_alpha2-parallel.patch,
657 + sandbox-1.2.20_alpha2-r1.ebuild:
658 + Rewrite multilib handling and apply parallel build fix by Jose Luis Rivero
659 + #190051 by David Pykee.
660 +
661 + 09 Nov 2008; Harald van Dijk <truedfx@g.o>
662 + sandbox-1.2.18.1-r3.ebuild, sandbox-1.2.20_alpha2-r1.ebuild:
663 + Avoid bashism in configure script (#236868)
664 +
665 +*sandbox-1.2.18.1-r3 (27 Jun 2008)
666 +
667 + 27 Jun 2008; Robin H. Johnson <robbat2@g.o>
668 + +files/sandbox-1.2.18.1-rtld-validation.patch,
669 + +sandbox-1.2.18.1-r3.ebuild:
670 + Fix for bug #206678. Variations of it have been running on infra boxes for
671 + two months now, we seem to have traced it down to RTLD_NEXT not always
672 + having a usable value under hardened on new libc.
673 +
674 +*sandbox-1.2.20_alpha2-r1 (04 Nov 2007)
675 +
676 + 04 Nov 2007; Diego Pettenò <flameeyes@g.o>
677 + +sandbox-1.2.20_alpha2-r1.ebuild:
678 + Fix the problem with GLIBC 2.7 even for the alpha version.
679 +
680 + 27 Oct 2007; Jose Luis Rivero <yoswink@g.o>
681 + sandbox-1.2.18.1-r2.ebuild:
682 + Stable on alpha wrt #182361
683 +
684 + 27 Oct 2007; Raúl Porcel <armin76@g.o> sandbox-1.2.18.1-r2.ebuild:
685 + ia64 stable wrt #182361
686 +
687 + 26 Oct 2007; nixnut <nixnut@g.o> sandbox-1.2.18.1-r2.ebuild:
688 + Stable on ppc wrt bug 182361
689 +
690 + 25 Oct 2007; Dawid Węgliński <cla@g.o>
691 + sandbox-1.2.18.1-r2.ebuild:
692 + Stable on x86 (bug #182361)
693 +
694 + 25 Oct 2007; Daniel Gryniewicz <dang@g.o>
695 + sandbox-1.2.18.1-r2.ebuild:
696 + Marked stable on amd64 for bug #182361
697 +
698 + 25 Oct 2007; Markus Rothe <corsair@g.o> sandbox-1.2.18.1-r2.ebuild:
699 + Stable on ppc64; bug #182361
700 +
701 + 25 Oct 2007; Christian Faulhammer <opfer@g.o>
702 + sandbox-1.2.18.1-r1.ebuild:
703 + stable x86, bug 180985
704 +
705 + 25 Oct 2007; Jeroen Roovers <jer@g.o> sandbox-1.2.18.1-r2.ebuild:
706 + Stable for SPARC (bug #182361).
707 +
708 + 25 Oct 2007; Jeroen Roovers <jer@g.o> sandbox-1.2.18.1-r2.ebuild:
709 + Stable for HPPA (bug #182361). Fixed quoting issues.
710 +
711 +*sandbox-1.2.18.1-r2 (23 Oct 2007)
712 +
713 + 23 Oct 2007; Mike Frysinger <vapier@g.o>
714 + +files/sandbox-1.2.18.1-open-cloexec.patch, +sandbox-1.2.18.1-r2.ebuild:
715 + Work with new "e" fopen() flag in glibc-2.7 #196720.
716 +
717 +*sandbox-1.2.18.1-r1 (17 Oct 2007)
718 +
719 + 17 Oct 2007; Daniel Drake <dsd@g.o>
720 + +files/sandbox-1.2.18.1-open-normal-fail.patch,
721 + +sandbox-1.2.18.1-r1.ebuild:
722 + Allow open() on non-existent files to fail in the normal way without
723 + violation. Fixes bug #135745.
724 +
725 + 15 Oct 2007; Markus Rothe <corsair@g.o> sandbox-1.2.18.1.ebuild:
726 + Stable on ppc64
727 +
728 + 06 Jul 2007; Jose Luis Rivero <yoswink@g.o>
729 + sandbox-1.2.18.1.ebuild:
730 + Stable on alpha. See bug #183673
731 +
732 + 01 Jul 2007; Piotr Jaroszyński <peper@g.o> sandbox-1.2.12.ebuild,
733 + sandbox-1.2.16.ebuild, sandbox-1.2.17.ebuild, sandbox-1.2.18.ebuild,
734 + sandbox-1.2.18.1.ebuild, sandbox-1.2.20_alpha1-r2.ebuild,
735 + sandbox-1.2.20_alpha2.ebuild:
736 + (QA) RESTRICT="multilib-pkg-force" -> EMULTILIB_PKG="true"
737 +
738 + 24 Jun 2007; Piotr Jaroszyński <peper@g.o> sandbox-1.2.18.ebuild:
739 + (QA) Don't use KEYWORDS="-*". bug #160519.
740 +
741 + 22 Nov 2006; Diego Pettenò <flameeyes@g.o>
742 + sandbox-1.2.20_alpha2.ebuild:
743 + Add ~sparc-fbsd keyword.
744 +
745 + 04 Sep 2006; Diego Pettenò <flameeyes@g.o>
746 + sandbox-1.2.20_alpha2.ebuild:
747 + Add ~x86-fbsd keyword.
748 +
749 +*sandbox-1.2.20_alpha2 (11 Jul 2006)
750 +
751 + 11 Jul 2006; Martin Schlemmer <azarah@g.o>
752 + +sandbox-1.2.20_alpha2.ebuild:
753 + New testing version.
754 +
755 + 09 Jul 2006; Joshua Kinard <kumba@g.o> sandbox-1.2.17.ebuild:
756 + Marked stable on mips (even though it doesn't even work, best to keep up...)
757 +
758 +*sandbox-1.2.20_alpha1-r2 (08 Jul 2006)
759 +*sandbox-1.2.20_alpha1-r1 (08 Jul 2006)
760 +
761 + 08 Jul 2006; Martin Schlemmer <azarah@g.o>
762 + +files/sandbox-1.2.20_alpha1-double-free.patch,
763 + +sandbox-1.2.20_alpha1-r1.ebuild, +sandbox-1.2.20_alpha1-r2.ebuild:
764 + More bugfixes.
765 +
766 +*sandbox-1.2.20_alpha1 (07 Jul 2006)
767 +
768 + 07 Jul 2006; Martin Schlemmer <azarah@g.o> +files/09sandbox,
769 + +sandbox-1.2.20_alpha1.ebuild:
770 + Testing release for feedback. Check package.mask for details.
771 +
772 + 20 May 2006; Bryan Østergaard <kloeri@g.o> sandbox-1.2.17.ebuild:
773 + Stable on ia64.
774 +
775 + 20 May 2006; Bryan Østergaard <kloeri@g.o> sandbox-1.2.17.ebuild:
776 + Stable on alpha.
777 +
778 +*sandbox-1.2.18.1 (19 May 2006)
779 +
780 + 19 May 2006; Martin Schlemmer <azarah@g.o>
781 + +sandbox-1.2.18.1.ebuild:
782 + New bugfix release.
783 +
784 + 11 May 2006; Joshua Jackson <tsunam@g.o> sandbox-1.2.17.ebuild:
785 + stable x86; bug #132025
786 +
787 + 10 May 2006; Martin Schlemmer <azarah@g.o> sandbox-1.2.18.ebuild:
788 + Mask 1.2.18 for now, as it have a double-free issue.
789 +
790 + 03 May 2006; Joseph Jezak <josejx@g.o> sandbox-1.2.17.ebuild:
791 + Marked ppc stable for bug #132025.
792 +
793 + 03 May 2006; Patrick McLean <chutzpah@g.o> sandbox-1.2.17.ebuild:
794 + Stable on amd64 (bug #132025)
795 +
796 + 03 May 2006; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.17.ebuild:
797 + Stable on hppa wrt #132025
798 +
799 +*sandbox-1.2.18 (03 May 2006)
800 +
801 + 03 May 2006; Martin Schlemmer <azarah@g.o> +sandbox-1.2.18.ebuild:
802 + New release.
803 +
804 + 03 May 2006; Markus Rothe <corsair@g.o> sandbox-1.2.17.ebuild:
805 + Stable on ppc64; bug #132025
806 +
807 + 02 May 2006; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.17.ebuild:
808 + Stable on sparc wrt #132025
809 +
810 + 19 Feb 2006; Joshua Kinard <kumba@g.o> sandbox-1.2.12.ebuild:
811 + Marked stable on mips (doesn't actually work well, but we disable it in
812 + profiles).
813 +
814 + 06 Feb 2006; Martin Schlemmer <azarah@g.o> sandbox-1.2.17.ebuild:
815 + Fix docs installation.
816 +
817 +*sandbox-1.2.17 (05 Dec 2005)
818 +
819 + 05 Dec 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.17.ebuild:
820 + New release.
821 +
822 +*sandbox-1.2.16 (02 Dec 2005)
823 +
824 + 02 Dec 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.16.ebuild:
825 + New release.
826 +
827 +*sandbox-1.2.15 (01 Dec 2005)
828 +
829 + 01 Dec 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.15.ebuild:
830 + New release.
831 +
832 +*sandbox-1.2.14 (28 Nov 2005)
833 +
834 + 28 Nov 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.14.ebuild:
835 + New release.
836 +
837 + 14 Nov 2005; Martin Schlemmer <azarah@g.o> sandbox-1.2.13.ebuild:
838 + Simplify multilib building logic. Other cleanups.
839 +
840 + 13 Oct 2005; Martin Schlemmer <azarah@g.o> sandbox-1.2.12.ebuild,
841 + sandbox-1.2.13.ebuild:
842 + Add workaround for bug #109036.
843 +
844 + 07 Oct 2005; Jeremy Huddleston <eradicator@g.o>
845 + sandbox-1.2.9.ebuild, sandbox-1.2.10.ebuild, sandbox-1.2.11.ebuild,
846 + sandbox-1.2.12.ebuild, sandbox-1.2.13.ebuild:
847 + Some changes for amd64 2006.0.
848 +
849 +*sandbox-1.2.13 (12 Sep 2005)
850 +
851 + 12 Sep 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.13.ebuild:
852 + New release.
853 +
854 + 30 Aug 2005; Fernando J. Pereda <ferdy@g.o> sandbox-1.2.12.ebuild:
855 + stable on alpha wrt bug #101433
856 +
857 + 16 Aug 2005; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.12.ebuild:
858 + Stable on sparc wrt #101433
859 +
860 + 15 Aug 2005; Danny van Dyk <kugelfang@g.o> sandbox-1.2.12.ebuild:
861 + Marked stable on amd64.
862 +
863 + 15 Aug 2005; Michael Hanselmann <hansmi@g.o> sandbox-1.2.12.ebuild:
864 + Stable on ppc and hppa.
865 +
866 + 15 Aug 2005; Ian Leitch <port001@g.o> sandbox-1.2.12.ebuild:
867 + Stable on x86, #101433
868 +
869 + 15 Aug 2005; Markus Rothe <corsair@g.o> sandbox-1.2.12.ebuild:
870 + Stable on ppc64 (bug #101433)
871 +
872 +*sandbox-1.2.12 (05 Aug 2005)
873 +
874 + 05 Aug 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.12.ebuild:
875 + New release.
876 +
877 + 23 Jul 2005; MATSUU Takuto <matsuu@g.o> sandbox-1.2.11.ebuild:
878 + Stable on sh.
879 +
880 + 22 Jul 2005; Jason Stubbs <jstubbs@g.o> sandbox-1.2.11.ebuild:
881 + Stable on mips per hardave's request. #96782
882 +
883 + 21 Jul 2005; Rene Nussbaumer <killerfox@g.o> sandbox-1.2.11.ebuild:
884 + Stable on hppa. bug #96782
885 +
886 + 21 Jul 2005; Aron Griffis <agriffis@g.o> sandbox-1.2.11.ebuild:
887 + stable on alpha
888 +
889 + 21 Jul 2005; Aron Griffis <agriffis@g.o> sandbox-1.2.11.ebuild:
890 + stable on ia64
891 +
892 + 21 Jul 2005; Chris Gianelloni <wolf31o2@g.o> sandbox-1.2.11.ebuild:
893 + Marking stable on x86 for bug #96782.
894 +
895 + 21 Jul 2005; Joseph Jezak <josejx@g.o> sandbox-1.2.11.ebuild:
896 + Marked ppc stable for bug #96782.
897 +
898 + 20 Jul 2005; Markus Rothe <corsair@g.o> sandbox-1.2.11.ebuild:
899 + Stable on ppc64 (bug #96782)
900 +
901 + 20 Jul 2005; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.11.ebuild:
902 + Stable on sparc wrt #96782
903 +
904 + 20 Jul 2005; Danny van Dyk <kugelfang@g.o> sandbox-1.2.11.ebuild:
905 + Marked stable on amd64.
906 +
907 + 18 Jul 2005; Guy Martin <gmsoft@g.o> sandbox-1.2.10.ebuild:
908 + Stable on hppa.
909 +
910 + 15 Jul 2005; Bryan Østergaard <kloeri@g.o> sandbox-1.2.10.ebuild:
911 + Stable on alpha + ia64, bug 99019.
912 +
913 + 14 Jul 2005; Gustavo Zacarias <gustavoz@g.o> sandbox-1.2.10.ebuild:
914 + Stable on sparc wrt #99019
915 +
916 + 14 Jul 2005; Joseph Jezak <josejx@g.o> sandbox-1.2.10.ebuild:
917 + Marked ppc stable for bug #99019.
918 +
919 + 15 Jul 2005; Jason Stubbs <jstubbs@g.o> sandbox-1.2.9.ebuild,
920 + sandbox-1.2.10.ebuild, sandbox-1.2.11.ebuild:
921 + Removed ppc-macos from keywords as sandbox does not work there yet.
922 +
923 +*sandbox-1.2.11 (14 Jul 2005)
924 +
925 + 14 Jul 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.11.ebuild:
926 + New release.
927 +
928 + 14 Jul 2005; Jeremy Huddleston <eradicator@g.o>
929 + sandbox-1.2.10.ebuild:
930 + Stable amd64.
931 +
932 + 12 Jul 2005; Markus Rothe <corsair@g.o> sandbox-1.2.10.ebuild:
933 + Stable on ppc64
934 +
935 + 10 Jul 2005; Martin Schlemmer <azarah@g.o>
936 + +files/sandbox-1.2.9-uclibc-getcwd.patch,
937 + +files/sandbox-1.2.10-uclibc-getcwd.patch, sandbox-1.2.9.ebuild,
938 + sandbox-1.2.10.ebuild:
939 + Add some fixes to the getcwd implementation, bug #98419.
940 +
941 + 05 Jul 2005; Jeremy Huddleston <eradicator@g.o>
942 + sandbox-1.2.9.ebuild:
943 + Stable amd64 for 2005.1
944 +
945 +*sandbox-1.2.10 (03 Jul 2005)
946 +
947 + 03 Jul 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.10.ebuild:
948 + Update version.
949 +
950 +*sandbox-1.2.9 (09 Jun 2005)
951 +
952 + 09 Jun 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.9.ebuild:
953 + Update version.
954 +
955 +*sandbox-1.2.8 (13 May 2005)
956 +
957 + 13 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.8.ebuild:
958 + Cleanups and hopefully finally kill bug #91541. Fix bug #92478.
959 +
960 +*sandbox-1.2.7 (12 May 2005)
961 +
962 + 12 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.7.ebuild:
963 + Lots of cleanups and fixes - see ChangeLog in /usr/share/doc.
964 +
965 +*sandbox-1.2.6 (10 May 2005)
966 +
967 + 10 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.6.ebuild:
968 + Workaround for tsocks incompatability, bug #91541.
969 +
970 +*sandbox-1.2.5-r2 (09 May 2005)
971 +
972 + 09 May 2005; Jeremy Huddleston <eradicator@g.o>
973 + +sandbox-1.2.5-r2.ebuild:
974 + On some versions of portage, CFLAGS_* do not survive across ebuild.sh
975 + stages, so we must ensure the multilib setup always gets rerun for each
976 + stage.
977 +
978 +*sandbox-1.2.5-r1 (06 May 2005)
979 +
980 + 06 May 2005; Jeremy Huddleston <eradicator@g.o>
981 + +sandbox-1.2.5-r1.ebuild:
982 + Revbump to fix problems with amd64 2004.3's multilib. Cleaned up multilib
983 + handling in general. 2004.3 amd64 users should have working 32bit sandbox
984 + again.
985 +
986 + 04 May 2005; Mike Frysinger <vapier@g.o> sandbox-1.2.5.ebuild:
987 + Fix multilib building on amd64/2004.3 profiles.
988 +
989 +*sandbox-1.2.5 (04 May 2005)
990 +
991 + 04 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.5.ebuild:
992 + General fixes. Fix for bug #91431.
993 +
994 +*sandbox-1.2.4 (03 May 2005)
995 +
996 + 03 May 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.4.ebuild:
997 + Some speedups (bug #91040) and uclibc fixes.
998 +
999 +*sandbox-1.2.3 (29 Apr 2005)
1000 +
1001 + 29 Apr 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.3.ebuild:
1002 + Fixup libc detection. Fix bug or two.
1003 +
1004 +*sandbox-1.2.2 (28 Apr 2005)
1005 +
1006 + 28 Apr 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.2.ebuild:
1007 + Bug fixes for bug #90592.
1008 +
1009 +*sandbox-1.2.1-r3 (24 Apr 2005)
1010 +
1011 + 24 Apr 2005; Jeremy Huddleston <eradicator@g.o>
1012 + +sandbox-1.2.1-r3.ebuild:
1013 + Fix multilib.
1014 +
1015 +*sandbox-1.2.1 (24 Apr 2005)
1016 + 24 Apr 2005; Brian Harring <ferringb@g.o> +sandbox-1.2.1-r2.ebuild:
1017 + Amd64 fix for 90135.
1018 +
1019 +*sandbox-1.2.1 (24 Apr 2005)
1020 +
1021 + 24 Apr 2005; Jason Stubbs <jstubbs@g.o> +sandbox-1.2.1-r1.ebuild:
1022 + Added missing check_multilib function.
1023 +
1024 +*sandbox-1.2.1 (23 Apr 2005)
1025 +
1026 + 23 Apr 2005; Martin Schlemmer <azarah@g.o> +sandbox-1.2.1.ebuild:
1027 + Fix for bug #90153.
1028 +
1029 +*sandbox-1.2 (Apr 23 2005)
1030 +
1031 + 23 Apr 2005; Brian Harring <ferringb@g.o>; sandbox-1.2.ebuild
1032 + Initial import of cvs head sandbox code. Multilib portion of it
1033 + could stand testing.
1034
1035 diff --git a/sys-apps/sandbox/Manifest b/sys-apps/sandbox/Manifest
1036 new file mode 100644
1037 index 0000000..5b23996
1038 --- /dev/null
1039 +++ b/sys-apps/sandbox/Manifest
1040 @@ -0,0 +1,33 @@
1041 +AUX 0001-libsandbox-handle-more-at-functions.patch 1473 SHA256 7681e867bb4dea26d165f9a066dca798519e2fd57b49c7b31c0c2fc254037523 SHA512 ec3655a6fd12347ffd454648428be16a02394f6dfd592075753bb794771a15824675f612ed22206b0e14665706aa24405f8d9aa94a099238344c1525803de72a WHIRLPOOL dc4918171f8501cdab072cb8dc953056bfcb24c1b4f78e683fb01902a7029d1aed4fd47f42e6e0d493bceacbed99535c2ef9bf4c4df57fdb6d789821b1479888
1042 +AUX 09sandbox 37 SHA256 73e9e9d12ba54f1c649813ec86107924050528852c890a8ba1e2853796781bbe SHA512 4e8a9c58debde6480224a45559c5f2db4765213d151e47937f9142f110cac3681bf6402acaf21249a37bb17398e7bc00ae7feee68ecdb5b9363c432eac1b052a WHIRLPOOL 80d55a34d3faf3314f2b9de2200d4b46a800128514be9e30eb59e5f03fb7a0a5197a9e5b5ab33d6b68d35bf83c86a1bd7ba734a33ccd382fe0af3b2c2a11d0bd
1043 +AUX sandbox-1.2.17-prefix.patch 8201 SHA256 344fe4dd9f217aba3216f9564cc96d2ff5986158397c1e0e9921b41f3daa6a83 SHA512 ef5fbd258b804a108d06557432f4ae0b7f629f2f82f2a57fb20b0c75112744294c8428c9b7f9cb011b0e8275829eca2578072dbd50a0ae379bb2f094569e2052 WHIRLPOOL 3ae92b2453d7faf87d52027777b1f226dfa7ca1aab2b766dae9e177b9c8c85026461d0ae6e9841342aa36adee1af68ca029b1ae1add73620d6af4512b4978a26
1044 +AUX sandbox-1.2.18.1-open-cloexec.patch 492 SHA256 922cf7277af89bbfa03633f515beeb309b4bd53e9856504f714f7833821b54cf SHA512 f88bacd0a65b10fa9f08348e7f81215e307aac57deb702178c7f0a9ebc7b98d1211ebbfc00b987d0b876d2a24eace4379314c734115bfbc995331535c80b8b50 WHIRLPOOL 152c687a774f05111f8761440d509ea58bac972da6820d9de922e19c7707e9f3a7171f1d690686a9f1eedfdca5400466cba9cc9e934f47ee4d1947c6c0d3af34
1045 +AUX sandbox-1.2.18.1-open-normal-fail.patch 3144 SHA256 9c3b6c4c5595b95f6a00fa9e94f72bbcb41cd5ba689a8a29ebf61c6024e73449 SHA512 3ac8d20efddf5d14bcef0f322e7b8cee31ddfbf68b649965a78c2e17c6535f270be7fe01e2b83379fa2a85455b9b37bd9750118fefe132be61fea52120252d9c WHIRLPOOL 318ccbd7c66ff4a7a4833371678f4567f2eea5a8aaa6f882d38bda4c566976e231f31520a780df4bcd2671d5e3cd612e4ab901f5ae96f446efeb9426a030c776
1046 +AUX sandbox-1.2.18.1-rtld-validation.patch 1415 SHA256 821c22ce76c4a75ad4e5bde186744811bbf73de341c16c5890edfd8b20c95cf5 SHA512 54aee3a194b02c32bbd89caddddde0923494ffb47ddfeabb1ca42635946b7dc4b187f09c30a86cd052651dad1618e7e6cc19e715291e6eaf1a64e70c48f053ba WHIRLPOOL a71e9d0fa136a34c59e5095cf07cde56f70319977196f5c74482153dd4a72a9a443bee688dec77c9caa5ffafed4fd74e4ee2770d91d9936c8bb47c844225a7ee
1047 +AUX sandbox-1.2.20_alpha2-parallel.patch 259 SHA256 e14bf149853ae5d276a852b2aac66d0ec53ad9b0fc5babda61e112ca59a9b862 SHA512 9b7a3885d74b247502792277abfc342a5cfcc52358a2263b9f00852f7a1fb96708cac6800206900c8aa36d81a770b2b5576ef6390c39caed5588dd2faa318418 WHIRLPOOL c8e1365c70d4e56a5c6ca24ef1b5d3be41c1325b65afafb0a167704c28342271bc6f7f4a2051a59bdaf7b124bdaf3269a32f0b594a9b6e0d581bee9bd347515c
1048 +AUX sandbox-1.6-disable-pthread.patch 959 SHA256 c4fefddab05d440b3b1c2df766c5b2abd7c543cd2aa4cf1e61c0d3c3dd905f0c SHA512 3cbb244f7c8e77030dd2194770a2dcae7b052c302d9b4cb0549465ebfb18f719d93daefbd6d1cdee2a630fc077b04e83c5b7c7f72b667adb6b8e322dee6d7056 WHIRLPOOL 1c603db0b7d810715dc5461740103ac29061e1eace2459bfb59ed576f45f81aadb9883a1afedf0ddde51bcda56b23abd26936426fd2a6ae3becb7e0c6054fc9e
1049 +AUX sandbox-1.6-disable-qa-static.patch 332 SHA256 060afa33dcfb6836676dc0febd5bc272b66b55e3753f739b56664e9ebce0eb20 SHA512 8839d4e279be41f1ee118b897c7eae8fd4058e4b7ecc1b5872450c177e09b5eefe569964efc294bd6f3e4ea92a3b4ba9840852d2be8db14810cd4578640ca6c4 WHIRLPOOL 6730b53afc16033911527492b0bf14a35f0e4b0b7cf3d42b1af299e9caa4a82f5e424e514aec81720da53a497cbc31b4f3928fc85dc8b04f979b726dce5ff2d8
1050 +AUX sandbox-1.9-setoptions.patch 634 SHA256 4d09691f682d232add061eeb4de61eadbf1586fd1b8f3c2351bbb08766d117a0 SHA512 4880541186d24dbf216601293f8c41e1bba1032f454f4e1bf8bc2e352dde0520e025f178b651e600a6ce4ce2b2afaa3a7741f8de7695e27fa09e14c07da95809 WHIRLPOOL 4e050fa85f4b7f8192df984849522ef267ad93a6e53bc0981ce46faa1a835924cea6c9682c9b0ec9e77c44072b1df679d7c0c807e6dc5b848a0a10dfe22a6195
1051 +AUX sandbox-2.0-prefix.patch 1716 SHA256 29724ac6605bc6404d68e28a81d0303b0572d1990d8b37ca01b665b5b66f1ad2 SHA512 8b47e5ecc0367f25fa539be0ebe09844b2fb7e643ea21b6134b9c4cfe7c0b2b8f00c15da82e19cbdc7a2b98f48e92fe967d18e2579700738f01d778f99818dc8 WHIRLPOOL 3228316ffc48001011ed29862df9dd88724a63edeee29eb49a5ebbf28479ea38fb9258298fd2a413ad0c7cbc6e2f8dc69ad046ad386390eaa8391b4f06333b79
1052 +AUX sandbox-2.0-setoptions.patch 517 SHA256 ce365c6ab54ab60ac539728b3419e28499512a2e3ced5de3bf0455c2c35d93d5 SHA512 5b80bcb3ffcf3cf105780b72a86af8260784e544dd71ff88b5e5c85d5f95558db64cc86454b9371b2069f2e644b3841fa0ad6df967eeb42ef168851a4690cf6e WHIRLPOOL c1f70a21f901aa1089455925cf0c434660506a5be8f952837428bb15fc91fb31b2d0b3cc83d78024001c2b8198b17fc23539485c4060715ea523c6cb4872a5ee
1053 +AUX sandbox-2.2-prefix.patch 881 SHA256 fa51c7876c7a95ff3a0fda5f84563d83720e011ec93fc8b5860a92a90f725afa SHA512 72095e1237a19918255aa94898e3871248d20df9f6d0fef22ecb29036b65dd508c23cb8d716d0afc1627c79a3afa09d1022b20ca8d22636229df9d791d5df6fc WHIRLPOOL dd5555c75e6b30c20f29c47ed267fd99b7faf924e0afdd8b5652008fa7ebdeeb298edc88067a29e596f8e6d2070768bc048813bb38dc410ddea4281ca9d49275
1054 +AUX sandbox-2.6-check-empty-paths-at.patch 7454 SHA256 a48759a4d3e9a70713473b6fad59bdd750b5cd37e7d632c786205ff20004ae2c SHA512 5eba7915dedf57f44c37881e9c6b48db8733d1493779a33127d08bb9ea77056d788ec9ace72c13eb101f42f01c95309c7cebca6c76212a8c99a8655372c0b7d7 WHIRLPOOL 46eb3a8ef8f22030cd793f3b16adc190b5750019c0df83e161c6918f08555a8ad890c1425b03cbf7e53ebcd34a07a9dd9b594d0c0fe31834656ffce3d58fa284
1055 +AUX sandbox-2.6-desktop.patch 875 SHA256 2eecf67790aeac210f9aa899a86f7664776ed65d9b55159e1b359162dfb9ff74 SHA512 b72ec7f414d19bf513dfb1aea10523fa5dc07a1375d8f08f664d204b64b23c891a79ca14987528c595936f441e1f595b366aabbc57313667c7639d73d089ed9a WHIRLPOOL 7f787b8be9b5712eb2b2a0cd2ff825df1045ebf1cc4e73a50f610e620d30752045690a5c28835465d0ab0c3c4a9eaf8b92a5c123cd741ad69dfedb31aa457fa0
1056 +AUX sandbox-2.6-log-var.patch 2039 SHA256 f464a29cdd9de0c510277310f4febc8f96515ff2ff03fc92df1c75b9cbd75619 SHA512 cf6f900b4078eff5870b63b2bc7c81c5b00488e030d7e9ce3007693e9d1339ac6201ddacfaff552c6c9b99b6d32383229133c80190404b7e4fde06ad376b2050 WHIRLPOOL db99737a6567788194f7b37b12b92fcfb4c263df40f40aef9e0a3ef2b6a1523331313b791fffa2b26775b646795364ab1db1711eb4329cda3337df27aebfeffa
1057 +AUX sandbox-2.6-open-nofollow.patch 2027 SHA256 c8816ae4e1991f9941abd43ec4bfdbf4e99cf36ee90694f77ab88754c53785ce SHA512 dd5222f32a40def38c9719363a24c48d5b112e3560b44c5f32afc3daa0614fe9bc5cb68ca8ac69032cc8d6299f09b25d4d7c72e16892188b42768ffb28c19f07 WHIRLPOOL 03cb5fb9df04a8d7f92855c292a6c431d01d330fecae198f2c4b95d824454f10ce1ad66db1a9d54d1bef5f74989cf6debb2d98de28ee0c2c6a09c1a0752b5519
1058 +AUX sandbox-2.6-prefix.patch 2945 SHA256 4d2d241a0e8a7f98d8bf9f2fa546b45ce3242155eb0be34397e1930452d29f6f SHA512 d0ec7ce9d3d0ec76691e027d769b355608bf8ef51b395338f41bbb22d46c4cc73516e22d1b9c28b336b5a1f6369b438599032cc8dbc3cfea66c7e77fdfdff47c WHIRLPOOL 388974a38cfbd382f69a209ec124021b669bf6ed8c85b1e2227bc89345e84f1c02de8105d93ecca2a0076dc10138633915fd58c40e192c53277c53a5e49eb54b
1059 +AUX sandbox-2.6-static-close-fd.patch 2945 SHA256 807eb4dc1ba6543c94a90a9a53bb89f42079ea20ed7c196f82d65f280e5de96a SHA512 e2f57c4d80816241f3ba4828c2b27c67d1d604b14b2d575888a978e5c4e8e47e60e3a609d81e59c615bc5b7cee6194cc362e255ae8508f632862a35180c30de8 WHIRLPOOL e08f60227fe954894d3a3a01297e9988f4d7722ea75ffbd2b0f3971d38c8ce00af230fcaecb1f53243a868d54f48bb680e2d547bbeb2ee3e5a11f8942d2084fd
1060 +AUX sandbox-2.6-trace-hppa.patch 850 SHA256 20688b2f33162f95af4af5e3c7d3700f2e7776e454b785ac1398f0870f84efa9 SHA512 fb7bf2202f960e952edc1e52fe4b6b085042158223d96b9baa899e871abcdef711ede3122c971120f55f71cc1aad71496a6079222dbaaa6c14b0c6f7ea182454 WHIRLPOOL 80f7fb529b912d19d81b9d71ee4a648db7b217583f2e8f2054cc666839030ea7d0112d69d52a2bf35c4d3549ffbd81dbd0cd39d5993bfabbb43bcb6a4455ade4
1061 +DIST sandbox-1.6.tar.lzma 307014 SHA256 52cfd286da3d5d51f3b6e012e409e931b21e32b4f2f16ba5677e46328680f4f4 SHA512 f470599a67443fa107612fef1cc73b64b3146003ae21bb5ae5abd852c4c37aec93ac09be646fda9d55d4c3aeef0cf28a42fa675f2acbb53c1d903e400538ba4c WHIRLPOOL 7c7fbe57cc831d0eb7853476e264a85bb8113620948e761563a872d3d55fd3c0ff063332397199001ea9dcb8258f348b827f337b876b2a26f727f10abbc8f712
1062 +DIST sandbox-2.3.tar.xz 344260 SHA256 8670f7508453c2fd300ca29ad2eb457691c3df01c4c22fa27d4a7c880fd291d5 SHA512 06ddaa6dc0822474c263650e95284af6cb69c60c9443b5caaf95af8140283f937d5594849064847fe3a4ad89b29b6ef6d6e909a9b85bb5d7fcf8b427d0e9c7e4 WHIRLPOOL 5d3f45a0bbb1aeffb8c83f8978bea65764aa438a5abcb50c66b5f66232d972bde84013694f6806fcc0026cd6d37420c69655d66ec5984a1c6f71a68dcfc95d11
1063 +DIST sandbox-2.4.tar.xz 344664 SHA256 450599cb3052296d42f81a04dbbda82d220415fc2d16f5dc6e26b042d580fd3e SHA512 c0f8b789bcabd48e03a20a97c9daa82c48f264d7641ecfa51dff7a2d2c34be398cf1db6235eb0211bf0fa78b07bd6e633e06bc102904bf9dd8a95f9fde1ca615 WHIRLPOOL 22f0f55f6e638275781ab5afa29b1a7f5e7f3335a3d2ff37d9fcce0bf9284b271bf1d69b98bcd4b06fdb9ff1528d044f9fb111a58c2a1a5ce33cbe28c0cb869d
1064 +DIST sandbox-2.5.tar.xz 355680 SHA256 c0e98767fb70750d79591a6d08f81d5c2f13ce783bf94bd90677022e9103878a SHA512 7b870295bb78c1da5550b650a3983d93e503935a8e8452a29a5c6310cc2c2d569a898ea1534e2c670b4a3e5607504fac55f69da6878e0adc9c2c65a5476b4fb0 WHIRLPOOL 887d36638111b09d77674002c07ebad84c24bc4f645d9fb78e180a6c6e7407eb3fb6857877bc152e0cefb676f01df60b20857b8487ce28ff3e4438aef744fe53
1065 +DIST sandbox-2.6.tar.xz 366356 SHA256 95615c5879dfc419713f22ba5506a2802a50ea0ce8a2f57c656354f2e50b1c4d SHA512 32ba7fb675c67fdc8bc52da1db7ed6878e5fea8753accb30d9aca00f708e0dde03287b5962caf5ef031bea6934d6ef3e18404b015c70ebd551d3fd8109ad2371 WHIRLPOOL bab2d015fb0de92a2266408ca7941c8fb66b599179040cfc727ffce5b2424a9722dc55ba89d198e3361044d8cb357314205488d2a980c7b8af063fd8940f0c03
1066 +EBUILD sandbox-1.6-r2.ebuild 2672 SHA256 a7a497c9ce58cb2d2162af3f9e1d1d757c1a4c6d57b4d5377fb87c589f2d3036 SHA512 0db86a82a84316495ef22ab9955789af2f9799948ea77c07808464cf7b7cd77140f66a937235f9a784472f541681fcbeb072105a5f0a53c493770e544ae0c511 WHIRLPOOL d1c4d10b1531b4ddb9a8f723014a3e58b1047c6aa981f806416fc95800c7adf00bf65588e4d37755590a8ce97d8f056fe86511a2bb32ad55cd79340352e713a7
1067 +EBUILD sandbox-2.3-r1.ebuild 2713 SHA256 58eb10e050f4321b703d71cfdd8d83de61ab76e748046dde724e64ca21dc253f SHA512 2b054563f3bfa7998460af78e04c8a6ba2adf56180163dbd6af54d205bc25e37d02691c745a829a4470f1246e72522e7dd15c0c27fcae6948323dc620abea5c3 WHIRLPOOL ba54a9573f25e15d57a80f01c61ffe8aabb8a5f52183f85ccdf82d6c8732a6bb2c1985773d6cf4833284260060478c8e28d7d29149d3385520712b6140196590
1068 +EBUILD sandbox-2.4.ebuild 2639 SHA256 d5b852481f07dbbf5b1f5f4761a4c16137aea8f4d8f047c27edd898cc713272e SHA512 5069787fae2e983e2af0155799792b1b6f0911e48c8a89d21fea6ae26a0cf1d08f54d34b2e3a8a0476d88f71aebc5af9da4c3151d07120c0503ffae7da9f12ac WHIRLPOOL b81f145e951fe19665eaab48450fb1fba0a97182f8a97c476048f0ee0df82ff0f36f99fa97101b9f360c66a0698c97a0b837ea855dadc07bce43e1e0f1a9f050
1069 +EBUILD sandbox-2.5.ebuild 2880 SHA256 93a6a2d280b6aa7de27b051b3e656ffff0b903ed05e912f9c741b51083efd9be SHA512 960f9412e5c1fcc0debd53f4153b0bd001748442455a6e97e5880159d6ee7defa86baa01c8fa4f5978fccb4a60a0442d3c6e811bc91336ca1c0c8bae0d200250 WHIRLPOOL bc2787c9284651285f0c0b2458e644ccac6f34274227dd8eb4fc9246acd146f1430216b05963bffc007e3909703609ed4e6f40b45e56087ff3e7e40b42550507
1070 +EBUILD sandbox-2.6-r1.ebuild 3140 SHA256 cfa830df1301600a9c35f4beca7af5ae8d4cf0a0d0e0e9dda22c3f7b85bf22c5 SHA512 f9947cb97329bb0fe567768e5e3d7617df0f0572c1edf0c230bb1dd6562f5d9850ea3677297fe0eca5ed9bba62dc9a49967b43140ce7d28928feb65ea268468b WHIRLPOOL a9ae16dffbef562e054cc01bb2cfda54dd59a7efa628d511332674413f0e2070333719781c8fe60f09eecce1b7ffccbb83ca44db9fffc7ea402dd45b87b6adec
1071 +EBUILD sandbox-2.6.ebuild 2970 SHA256 2afd4648e2cc4307bed2ea5c7e2d931bfd43f7f7701d42aa79b4e8f34ae6fe4a SHA512 44494b344830b87261f87a7a5c61fcaa2d230598a620aff1b846e59ecc1b9f25ad5a6430ec3710d9a4ddefa150428bda9d8f24ef31199d4007034402fd8cd658 WHIRLPOOL 9d6f02c395c28aeb520293f38079e4015d6750200196bebac894f6088537b8532e2655bfd8ac3426a5bedd02857964cfef8157f2310340ce90643c66e3fac36c
1072 +MISC ChangeLog 22966 SHA256 2b5ee0df6e4d4a7267e9b90acf607c3e21f24491044b930e2fc31d6c58683f3e SHA512 32acc2c923d0af305e379ef25c7229ffb2432da0024d6b2f24b7ad017cf9a93eb13d9d776f61058c070a77ed0436fd3c12f90be2a833d739c35a589ce87e9983 WHIRLPOOL 33bac5ef0161ece31c9fa5333142e70ce44eee0fde65468e7a03e0829eb7255350f4bced36eb4756e5bc12dde46c6b44170a7a4eae1bd90e042ede9b9fee2906
1073 +MISC metadata.xml 316 SHA256 488f8a1ba1e1d07a159d22ac198aefee5dfa9ded04de2969019f177161abef1b SHA512 2b4ddea0bb5a40cac834a09b89624049b8561a4a4f648b4d5072c413d4eca78b5cc24859664fa746be36c8b60188e88f2ae38c2c5af30d91dc6273c0f85de278 WHIRLPOOL 64ed27fc7abb1b3b82621f6bb91f03d0070933d0423f9d323ac803354fc6acf2182df1dd85a083fa047d63561a5e92d44287ef4935a11a733244d4393edf8f6f
1074
1075 diff --git a/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch b/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch
1076 new file mode 100644
1077 index 0000000..09462b7
1078 --- /dev/null
1079 +++ b/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch
1080 @@ -0,0 +1,42 @@
1081 +From 25425878243c5ca1ff21e6f479e585c60b943930 Mon Sep 17 00:00:00 2001
1082 +From: Mike Frysinger <vapier@g.o>
1083 +Date: Mon, 30 Mar 2009 19:56:29 -0400
1084 +Subject: [PATCH] libsandbox: handle more *at functions
1085 +
1086 +Add some more *at functions to the main checking code.
1087 +
1088 +URL: http://bugs.gentoo.org/264320
1089 +Signed-off-by: Mike Frysinger <vapier@g.o>
1090 +Reported-by: Harald van Dijk <truedfx@g.o>
1091 +---
1092 + libsandbox/libsandbox.c | 5 +++++
1093 + 1 files changed, 5 insertions(+), 0 deletions(-)
1094 +
1095 +diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
1096 +index 88248af..c3f0b55 100644
1097 +--- a/libsandbox/libsandbox.c
1098 ++++ b/libsandbox/libsandbox.c
1099 +@@ -681,15 +681,20 @@ static int check_access(sbcontext_t *sbcontext, int sb_nr, const char *func,
1100 + sb_nr == SB_NR_CREAT ||
1101 + sb_nr == SB_NR_CREAT64 ||
1102 + sb_nr == SB_NR_MKDIR ||
1103 ++ sb_nr == SB_NR_MKDIRAT ||
1104 + sb_nr == SB_NR_MKNOD ||
1105 + sb_nr == SB_NR_MKNODAT ||
1106 + sb_nr == SB_NR__XMKNOD ||
1107 + sb_nr == SB_NR___XMKNOD ||
1108 + sb_nr == SB_NR___XMKNODAT ||
1109 + sb_nr == SB_NR_MKFIFO ||
1110 ++ sb_nr == SB_NR_MKFIFOAT ||
1111 + sb_nr == SB_NR_LINK ||
1112 ++ sb_nr == SB_NR_LINKAT ||
1113 + sb_nr == SB_NR_SYMLINK ||
1114 ++ sb_nr == SB_NR_SYMLINKAT ||
1115 + sb_nr == SB_NR_RENAME ||
1116 ++ sb_nr == SB_NR_RENAMEAT ||
1117 + sb_nr == SB_NR_LUTIMES ||
1118 + sb_nr == SB_NR_UTIMENSAT ||
1119 + sb_nr == SB_NR_UTIME ||
1120 +--
1121 +1.6.2
1122 +
1123
1124 diff --git a/sys-apps/sandbox/files/09sandbox b/sys-apps/sandbox/files/09sandbox
1125 new file mode 100644
1126 index 0000000..9181eb0
1127 --- /dev/null
1128 +++ b/sys-apps/sandbox/files/09sandbox
1129 @@ -0,0 +1 @@
1130 +CONFIG_PROTECT_MASK="/etc/sandbox.d"
1131
1132 diff --git a/sys-apps/sandbox/files/sandbox-1.2.17-prefix.patch b/sys-apps/sandbox/files/sandbox-1.2.17-prefix.patch
1133 new file mode 100644
1134 index 0000000..9834855
1135 --- /dev/null
1136 +++ b/sys-apps/sandbox/files/sandbox-1.2.17-prefix.patch
1137 @@ -0,0 +1,209 @@
1138 +* Michael Haubenwallner <michael.haubenwallner@×××××××.at>
1139 + Prefix awareness for sandbox
1140 +
1141 +diff -ruN sandbox-1.2.17.orig/configure.ac sandbox-1.2.17/configure.ac
1142 +--- sandbox-1.2.17.orig/configure.ac 2005-12-05 15:03:35.000000000 +0100
1143 ++++ sandbox-1.2.17/configure.ac 2006-07-27 16:14:28.000000000 +0200
1144 +@@ -156,5 +156,7 @@
1145 + Makefile
1146 + scripts/Makefile
1147 + data/Makefile
1148 ++ data/sandbox.bashrc
1149 ++ data/sandbox.profile
1150 + src/Makefile
1151 + ])
1152 +diff -ruN sandbox-1.2.17.orig/data/sandbox.bashrc sandbox-1.2.17/data/sandbox.bashrc
1153 +--- sandbox-1.2.17.orig/data/sandbox.bashrc 2005-12-01 00:14:28.000000000 +0100
1154 ++++ sandbox-1.2.17/data/sandbox.bashrc 1970-01-01 01:00:00.000000000 +0100
1155 +@@ -1,18 +0,0 @@
1156 +-# Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com
1157 +-# Distributed under the terms of the GNU General Public License, v2 or later
1158 +-# Author : Geert Bevin <gbevin@××××.com>
1159 +-# $Header$
1160 +-source /etc/profile
1161 +-
1162 +-if [[ -n ${LD_PRELOAD} && ${LD_PRELOAD} != *$SANDBOX_LIB* ]] ; then
1163 +- export LD_PRELOAD="${SANDBOX_LIB} ${LD_PRELOAD}"
1164 +-elif [[ -z ${LD_PRELOAD} ]] ; then
1165 +- export LD_PRELOAD="${SANDBOX_LIB}"
1166 +-fi
1167 +-
1168 +-export BASH_ENV="${SANDBOX_BASHRC}"
1169 +-
1170 +-alias make="make LD_PRELOAD=${LD_PRELOAD}"
1171 +-alias su="su -c '/bin/bash -rcfile ${SANDBOX_BASHRC}'"
1172 +-
1173 +-declare -r SANDBOX_ACTIVE
1174 +diff -ruN sandbox-1.2.17.orig/data/sandbox.bashrc.in sandbox-1.2.17/data/sandbox.bashrc.in
1175 +--- sandbox-1.2.17.orig/data/sandbox.bashrc.in 1970-01-01 01:00:00.000000000 +0100
1176 ++++ sandbox-1.2.17/data/sandbox.bashrc.in 2006-07-27 16:13:40.000000000 +0200
1177 +@@ -0,0 +1,17 @@
1178 ++# Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com
1179 ++# Distributed under the terms of the GNU General Public License, v2 or later
1180 ++# Author : Geert Bevin <gbevin@××××.com>
1181 ++# $Header$
1182 ++
1183 ++if [[ -n ${LD_PRELOAD} && ${LD_PRELOAD} != *$SANDBOX_LIB* ]] ; then
1184 ++ export LD_PRELOAD="${SANDBOX_LIB} ${LD_PRELOAD}"
1185 ++elif [[ -z ${LD_PRELOAD} ]] ; then
1186 ++ export LD_PRELOAD="${SANDBOX_LIB}"
1187 ++fi
1188 ++
1189 ++export BASH_ENV="${SANDBOX_BASHRC}"
1190 ++
1191 ++alias make="make LD_PRELOAD=${LD_PRELOAD}"
1192 ++alias su="su -c '@CU_BASH@ -rcfile ${SANDBOX_PROFILE}'"
1193 ++
1194 ++declare -r SANDBOX_ACTIVE
1195 +diff -ruN sandbox-1.2.17.orig/data/sandbox.profile.in sandbox-1.2.17/data/sandbox.profile.in
1196 +--- sandbox-1.2.17.orig/data/sandbox.profile.in 1970-01-01 01:00:00.000000000 +0100
1197 ++++ sandbox-1.2.17/data/sandbox.profile.in 2006-07-27 16:12:05.000000000 +0200
1198 +@@ -0,0 +1,7 @@
1199 ++# Copyright (C) 2001 Michael Haubenwallner, Salomon Automation, http://www.salomon.at
1200 ++# Distributed under the terms of the GNU General Public License, v2 or later
1201 ++# Author : Michael Haubenwallner <michael.haubenwallner@×××××××.at>
1202 ++# $Header$
1203 ++
1204 ++source @sysconfdir@/profile
1205 ++source "${SANDBOX_BASHRC}"
1206 +diff -ruN sandbox-1.2.17.orig/src/Makefile.am sandbox-1.2.17/src/Makefile.am
1207 +--- sandbox-1.2.17.orig/src/Makefile.am 2005-12-05 14:16:52.000000000 +0100
1208 ++++ sandbox-1.2.17/src/Makefile.am 2006-07-27 16:12:05.000000000 +0200
1209 +@@ -7,6 +7,7 @@
1210 + -DPIC -fPIC -D_REENTRANT \
1211 + -DLIBSANDBOX_PATH=\"$(libdir)\" \
1212 + -DSANDBOX_BASHRC_PATH=\"$(pkgdatadir)\" \
1213 ++ -DLOCALSTATEDIR=\"$(localstatedir)\" \
1214 + -I$(top_srcdir) -Wall
1215 +
1216 + LOCAL_INCLUDES = $(top_srcdir)/localdecls.h
1217 +diff -ruN sandbox-1.2.17.orig/src/sandbox.c sandbox-1.2.17/src/sandbox.c
1218 +--- sandbox-1.2.17.orig/src/sandbox.c 2005-12-05 14:15:45.000000000 +0100
1219 ++++ sandbox-1.2.17/src/sandbox.c 2006-07-27 16:12:05.000000000 +0200
1220 +@@ -33,6 +33,7 @@
1221 + char sandbox_debug_log[SB_PATH_MAX];
1222 + char sandbox_lib[SB_PATH_MAX];
1223 + char sandbox_rc[SB_PATH_MAX];
1224 ++ char sandbox_profile[SB_PATH_MAX];
1225 + char work_dir[SB_PATH_MAX];
1226 + char var_tmp_dir[SB_PATH_MAX];
1227 + char tmp_dir[SB_PATH_MAX];
1228 +@@ -81,6 +82,9 @@
1229 + /* Generate sandbox bashrc path */
1230 + get_sandbox_rc(sandbox_info->sandbox_rc);
1231 +
1232 ++ /* Generate sandbox bashprofile path */
1233 ++ get_sandbox_profile(sandbox_info->sandbox_profile);
1234 ++
1235 + /* Generate sandbox log full path */
1236 + get_sandbox_log(sandbox_info->sandbox_log);
1237 + if (1 == exists(sandbox_info->sandbox_log)) {
1238 +@@ -278,6 +282,7 @@
1239 + unsetenv(ENV_SANDBOX_ON);
1240 + unsetenv(ENV_SANDBOX_LIB);
1241 + unsetenv(ENV_SANDBOX_BASHRC);
1242 ++ unsetenv(ENV_SANDBOX_PROFILE);
1243 + unsetenv(ENV_SANDBOX_LOG);
1244 + unsetenv(ENV_SANDBOX_DEBUG_LOG);
1245 +
1246 +@@ -322,6 +327,7 @@
1247 + sandbox_setenv(new_environ, ENV_SANDBOX_ON, "1");
1248 + sandbox_setenv(new_environ, ENV_SANDBOX_LIB, sandbox_info->sandbox_lib);
1249 + sandbox_setenv(new_environ, ENV_SANDBOX_BASHRC, sandbox_info->sandbox_rc);
1250 ++ sandbox_setenv(new_environ, ENV_SANDBOX_PROFILE, sandbox_info->sandbox_profile);
1251 + sandbox_setenv(new_environ, ENV_SANDBOX_LOG, sandbox_info->sandbox_log);
1252 + sandbox_setenv(new_environ, ENV_SANDBOX_DEBUG_LOG,
1253 + sandbox_info->sandbox_debug_log);
1254 +@@ -458,6 +464,11 @@
1255 + exit(EXIT_FAILURE);
1256 + }
1257 +
1258 ++ if (0 >= exists(sandbox_info.sandbox_profile)) {
1259 ++ perror("sandbox: Could not open the sandbox profile file");
1260 ++ exit(EXIT_FAILURE);
1261 ++ }
1262 ++
1263 + /* set up the required environment variables */
1264 + if (print_debug)
1265 + printf("Setting up the required environment variables.\n");
1266 +@@ -476,7 +487,7 @@
1267 + argv_bash = (char **)malloc(6 * sizeof(char *));
1268 + argv_bash[0] = strdup("/bin/bash");
1269 + argv_bash[1] = strdup("-rcfile");
1270 +- argv_bash[2] = strdup(sandbox_info.sandbox_rc);
1271 ++ argv_bash[2] = strdup(sandbox_info.sandbox_profile);
1272 +
1273 + if (argc < 2)
1274 + argv_bash[3] = NULL;
1275 +diff -ruN sandbox-1.2.17.orig/src/sandbox.h sandbox-1.2.17/src/sandbox.h
1276 +--- sandbox-1.2.17.orig/src/sandbox.h 2005-12-05 14:23:13.000000000 +0100
1277 ++++ sandbox-1.2.17/src/sandbox.h 2006-07-27 16:12:05.000000000 +0200
1278 +@@ -17,10 +17,11 @@
1279 + #define LD_PRELOAD_FILE "/etc/ld.so.preload"
1280 + #define LIB_NAME "libsandbox.so"
1281 + #define BASHRC_NAME "sandbox.bashrc"
1282 ++#define BASHPROFILE_NAME "sandbox.profile"
1283 + #define TMPDIR "/tmp"
1284 +-#define VAR_TMPDIR "/var/tmp"
1285 +-#define PORTAGE_TMPDIR "/var/tmp/portage"
1286 +-#define SANDBOX_LOG_LOCATION "/var/log/sandbox"
1287 ++#define VAR_TMPDIR LOCALSTATEDIR "/tmp"
1288 ++#define PORTAGE_TMPDIR VAR_TMPDIR "/portage"
1289 ++#define SANDBOX_LOG_LOCATION LOCALSTATEDIR "/log/sandbox"
1290 + #define LOG_FILE_PREFIX "/sandbox-"
1291 + #define DEBUG_LOG_FILE_PREFIX "/sandbox-debug-"
1292 + #define LOG_FILE_EXT ".log"
1293 +@@ -38,6 +39,7 @@
1294 +
1295 + #define ENV_SANDBOX_LIB "SANDBOX_LIB"
1296 + #define ENV_SANDBOX_BASHRC "SANDBOX_BASHRC"
1297 ++#define ENV_SANDBOX_PROFILE "SANDBOX_PROFILE"
1298 + #define ENV_SANDBOX_LOG "SANDBOX_LOG"
1299 + #define ENV_SANDBOX_DEBUG_LOG "SANDBOX_DEBUG_LOG"
1300 +
1301 +diff -ruN sandbox-1.2.17.orig/src/sandbox_utils.c sandbox-1.2.17/src/sandbox_utils.c
1302 +--- sandbox-1.2.17.orig/src/sandbox_utils.c 2005-12-05 09:36:32.000000000 +0100
1303 ++++ sandbox-1.2.17/src/sandbox_utils.c 2006-07-27 16:12:05.000000000 +0200
1304 +@@ -42,6 +42,11 @@
1305 + snprintf(path, SB_PATH_MAX, "%s/%s", SANDBOX_BASHRC_PATH, BASHRC_NAME);
1306 + }
1307 +
1308 ++void get_sandbox_profile(char *path)
1309 ++{
1310 ++ snprintf(path, SB_PATH_MAX, "%s/%s", SANDBOX_BASHRC_PATH, BASHPROFILE_NAME);
1311 ++}
1312 ++
1313 + void get_sandbox_log(char *path)
1314 + {
1315 + char *sandbox_log_env = NULL;
1316 +--- sandbox-1.2.17/data/Makefile.am.orig 2006-07-27 16:25:09.000000000 +0200
1317 ++++ sandbox-1.2.17/data/Makefile.am 2006-07-27 16:25:18.000000000 +0200
1318 +@@ -1,3 +1 @@
1319 +-dist_pkgdata_DATA = sandbox.bashrc
1320 +-
1321 +-EXTRA_DIST = sandbox.bashrc
1322 ++dist_pkgdata_DATA = sandbox.bashrc sandbox.profile
1323 +diff -ru sandbox-1.2.17.orig/configure.ac sandbox-1.2.17/configure.ac
1324 +--- sandbox-1.2.17.orig/configure.ac 2005-12-05 15:03:35.000000000 +0100
1325 ++++ sandbox-1.2.17/configure.ac 2006-07-21 13:12:39.000000000 +0200
1326 +@@ -10,6 +10,8 @@
1327 + AC_PROG_MAKE_SET
1328 + AC_PROG_AWK
1329 + AC_CHECK_PROGS([READELF], [readelf], [false])
1330 ++AC_PATH_PROGS([CU_BASH], [bash], [/bin/bash])
1331 ++AC_DEFINE_UNQUOTED([CU_BASH], ["${CU_BASH}"], [path to bash binary])
1332 +
1333 + AC_ENABLE_SHARED
1334 + AC_DISABLE_STATIC
1335 +diff -ru sandbox-1.2.17.orig/src/sandbox.c sandbox-1.2.17/src/sandbox.c
1336 +--- sandbox-1.2.17.orig/src/sandbox.c 2005-12-05 14:15:45.000000000 +0100
1337 ++++ sandbox-1.2.17/src/sandbox.c 2006-07-21 13:15:29.000000000 +0200
1338 +@@ -474,7 +474,7 @@
1339 + chdir(sandbox_info.work_dir);
1340 +
1341 + argv_bash = (char **)malloc(6 * sizeof(char *));
1342 +- argv_bash[0] = strdup("/bin/bash");
1343 ++ argv_bash[0] = strdup(CU_BASH);
1344 + argv_bash[1] = strdup("-rcfile");
1345 + argv_bash[2] = strdup(sandbox_info.sandbox_rc);
1346 +
1347
1348 diff --git a/sys-apps/sandbox/files/sandbox-1.2.18.1-open-cloexec.patch b/sys-apps/sandbox/files/sandbox-1.2.18.1-open-cloexec.patch
1349 new file mode 100644
1350 index 0000000..806f1a3
1351 --- /dev/null
1352 +++ b/sys-apps/sandbox/files/sandbox-1.2.18.1-open-cloexec.patch
1353 @@ -0,0 +1,15 @@
1354 +http://bugs.gentoo.org/196720
1355 +
1356 +mark the new "e" fopen() flag as safe
1357 +
1358 +--- sandbox-1.2.18.1/src/libsandbox.c
1359 ++++ sandbox-1.2.18.1/src/libsandbox.c
1360 +@@ -1595,7 +1595,7 @@
1361 + {
1362 + if (*mode == 'r' && (0 == (strcmp(mode, "r")) ||
1363 + /* The strspn accept args are known non-writable modifiers */
1364 +- (strlen(++mode) == strspn(mode, "xbtmc")))) {
1365 ++ (strlen(++mode) == strspn(mode, "xbtmce")))) {
1366 + return before_syscall("open_rd", file);
1367 + } else {
1368 + return before_syscall("open_wr", file);
1369
1370 diff --git a/sys-apps/sandbox/files/sandbox-1.2.18.1-open-normal-fail.patch b/sys-apps/sandbox/files/sandbox-1.2.18.1-open-normal-fail.patch
1371 new file mode 100644
1372 index 0000000..49b57e4
1373 --- /dev/null
1374 +++ b/sys-apps/sandbox/files/sandbox-1.2.18.1-open-normal-fail.patch
1375 @@ -0,0 +1,99 @@
1376 +Patch from Kevin F. Quinn at https://bugs.gentoo.org/show_bug.cgi?id=135745
1377 +Already applied in sandbox svn
1378 +
1379 +Makes sandboxed open() calls return the normal error conditions if the
1380 +file in question does not exist, without causing a sandbox violation.
1381 +This allows programs to use open() to test for file existance, regardless
1382 +of read-write flags. This is not revealing any further information about
1383 +the backing system because this data was already available through stat().
1384 +
1385 +Index: src/libsandbox.c
1386 +===================================================================
1387 +--- src/libsandbox.c.orig
1388 ++++ src/libsandbox.c
1389 +@@ -80,6 +80,9 @@
1390 + #define FUNCTION_SANDBOX_SAFE_ACCESS(_func, _path, _flags) \
1391 + ((0 == is_sandbox_on()) || (1 == before_syscall_access(_func, _path, _flags)))
1392 +
1393 ++#define FUNCTION_SANDBOX_FAIL_OPEN_INT(_func, _path, _flags) \
1394 ++ ((0 == is_sandbox_on()) || (1 == before_syscall_open_int(_func, _path, _flags)))
1395 ++
1396 + #define FUNCTION_SANDBOX_SAFE_OPEN_INT(_func, _path, _flags) \
1397 + ((0 == is_sandbox_on()) || (1 == before_syscall_open_int(_func, _path, _flags)))
1398 +
1399 +@@ -388,6 +391,16 @@ static FILE * (*true_ ## _name) (const c
1400 + FILE *_name(const char *pathname, const char *mode) \
1401 + { \
1402 + FILE *result = NULL; \
1403 ++ int my_errno = errno; \
1404 ++ struct stat st; \
1405 ++\
1406 ++ if (mode!=NULL && mode[0]=='r') { \
1407 ++ /* If we're trying to read, fail normally if file does not stat */\
1408 ++ if (-1 == stat(pathname, &st)) { \
1409 ++ return NULL; \
1410 ++ } \
1411 ++ } \
1412 ++ errno = my_errno; \
1413 + \
1414 + if FUNCTION_SANDBOX_SAFE_OPEN_CHAR("fopen", pathname, mode) { \
1415 + check_dlsym(_name); \
1416 +@@ -561,12 +574,20 @@ int _name(const char *pathname, int flag
1417 + va_list ap; \
1418 + int mode = 0; \
1419 + int result = -1; \
1420 ++ int my_errno = errno; \
1421 ++ struct stat st; \
1422 + \
1423 + if (flags & O_CREAT) { \
1424 + va_start(ap, flags); \
1425 + mode = va_arg(ap, int); \
1426 + va_end(ap); \
1427 ++ } else { \
1428 ++ /* If we're not trying to create, fail normally if file does not stat */\
1429 ++ if (-1 == stat(pathname, &st)) { \
1430 ++ return -1; \
1431 ++ } \
1432 + } \
1433 ++ errno = my_errno; \
1434 + \
1435 + if FUNCTION_SANDBOX_SAFE_OPEN_INT("open", pathname, flags) { \
1436 + check_dlsym(_name); \
1437 +@@ -726,6 +747,16 @@ static FILE * (*true_ ## _name) (const c
1438 + FILE *_name(const char *pathname, const char *mode) \
1439 + { \
1440 + FILE *result = NULL; \
1441 ++ int my_errno = errno; \
1442 ++ struct stat64 st; \
1443 ++\
1444 ++ if (mode!=NULL && mode[0]=='r') { \
1445 ++ /* If we're trying to read, fail normally if file does not stat */\
1446 ++ if (-1 == stat64(pathname, &st)) { \
1447 ++ return NULL; \
1448 ++ } \
1449 ++ } \
1450 ++ errno = my_errno; \
1451 + \
1452 + if FUNCTION_SANDBOX_SAFE_OPEN_CHAR("fopen64", pathname, mode) { \
1453 + check_dlsym(_name); \
1454 +@@ -746,12 +777,20 @@ int _name(const char *pathname, int flag
1455 + va_list ap; \
1456 + int mode = 0; \
1457 + int result = -1; \
1458 ++ int my_errno = errno; \
1459 ++ struct stat64 st; \
1460 + \
1461 + if (flags & O_CREAT) { \
1462 + va_start(ap, flags); \
1463 + mode = va_arg(ap, int); \
1464 + va_end(ap); \
1465 ++ } else { \
1466 ++ /* If we're not trying to create, fail normally if file does not stat */\
1467 ++ if (-1 == stat64(pathname, &st)) { \
1468 ++ return -1; \
1469 ++ } \
1470 + } \
1471 ++ errno = my_errno; \
1472 + \
1473 + if FUNCTION_SANDBOX_SAFE_OPEN_INT("open64", pathname, flags) { \
1474 + check_dlsym(_name); \
1475
1476 diff --git a/sys-apps/sandbox/files/sandbox-1.2.18.1-rtld-validation.patch b/sys-apps/sandbox/files/sandbox-1.2.18.1-rtld-validation.patch
1477 new file mode 100644
1478 index 0000000..36e96f5
1479 --- /dev/null
1480 +++ b/sys-apps/sandbox/files/sandbox-1.2.18.1-rtld-validation.patch
1481 @@ -0,0 +1,43 @@
1482 +From: Robin H. Johnson <robbat2@g.o>
1483 +Gentoo-Bug: 206678
1484 +X-Gentoo-URL: http://bugs.gentoo.org/show_bug.cgi?id=206678
1485 +Signed-off-by: Robin H. Johnson <robbat2@g.o>
1486 +
1487 +Based on a previous revision by solar@g.o.
1488 +It seems that on hardened systems, USE_RTLD_NEXT is not always usable, and this
1489 +trips up sandbox.
1490 +
1491 +diff -Nuar sandbox-1.2.18.1.orig/src/libsandbox.c sandbox-1.2.18.1/src/libsandbox.c
1492 +--- sandbox-1.2.18.1.orig/src/libsandbox.c 2008-06-27 16:15:53.000000000 +0000
1493 ++++ sandbox-1.2.18.1/src/libsandbox.c 2008-06-27 16:20:26.000000000 +0000
1494 +@@ -192,18 +192,24 @@
1495 + {
1496 + void *symaddr = NULL;
1497 +
1498 +- if (NULL == libc_handle) {
1499 +-#if !defined(USE_RTLD_NEXT)
1500 ++#if defined(USE_RTLD_NEXT)
1501 ++ libc_handle = RTLD_NEXT;
1502 ++#endif
1503 ++
1504 ++ /* Checking for -1UL is significent on hardened!
1505 ++ * USE_RTLD_NEXT returns it as a sign of being unusable.
1506 ++ * However using !x or NULL checks does NOT pick it up!
1507 ++ */
1508 ++#define INVALID_LIBC_HANDLE(x) (!x || NULL == x || -1UL == x)
1509 ++ if (INVALID_LIBC_HANDLE(libc_handle)) {
1510 + libc_handle = dlopen(LIBC_VERSION, RTLD_LAZY);
1511 +- if (!libc_handle) {
1512 ++ if (INVALID_LIBC_HANDLE(libc_handle)) {
1513 + fprintf(stderr, "libsandbox: Can't dlopen libc: %s\n",
1514 + dlerror());
1515 + exit(EXIT_FAILURE);
1516 + }
1517 +-#else
1518 +- libc_handle = RTLD_NEXT;
1519 +-#endif
1520 + }
1521 ++#undef INVALID_LIBC_HANDLE
1522 +
1523 + if (NULL == symver)
1524 + symaddr = dlsym(libc_handle, symname);
1525
1526 diff --git a/sys-apps/sandbox/files/sandbox-1.2.20_alpha2-parallel.patch b/sys-apps/sandbox/files/sandbox-1.2.20_alpha2-parallel.patch
1527 new file mode 100644
1528 index 0000000..cbf769f
1529 --- /dev/null
1530 +++ b/sys-apps/sandbox/files/sandbox-1.2.20_alpha2-parallel.patch
1531 @@ -0,0 +1,12 @@
1532 +http://bugs.gentooorg/190051
1533 +
1534 +--- libsandbox/Makefile.in
1535 ++++ libsandbox/Makefile.in
1536 +@@ -517,6 +517,7 @@
1537 +
1538 +
1539 + libsandbox.c: libsandbox.map symbols.h
1540 ++wrappers.c: symbols.h
1541 +
1542 + libsandbox.map: $(SYMBOLS_FILE) $(GEN_VERSION_MAP_SCRIPT)
1543 + @echo "Generating $@"; \
1544
1545 diff --git a/sys-apps/sandbox/files/sandbox-1.6-disable-pthread.patch b/sys-apps/sandbox/files/sandbox-1.6-disable-pthread.patch
1546 new file mode 100644
1547 index 0000000..490bc41
1548 --- /dev/null
1549 +++ b/sys-apps/sandbox/files/sandbox-1.6-disable-pthread.patch
1550 @@ -0,0 +1,37 @@
1551 +http://bugs.gentoo.org/263657
1552 +
1553 +disable pthread locks ... this is how stable has always worked, so there
1554 +wont be any regressions ...
1555 +
1556 +diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
1557 +index 034d0e7..595d17f 100644
1558 +--- a/libsandbox/libsandbox.c
1559 ++++ b/libsandbox/libsandbox.c
1560 +@@ -814,9 +814,6 @@
1561 + return result;
1562 + }
1563 +
1564 +-/* Need to protect the global sbcontext structure */
1565 +-static pthread_mutex_t sb_syscall_lock = PTHREAD_MUTEX_INITIALIZER;
1566 +-
1567 + bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, int flags)
1568 + {
1569 + int old_errno = errno;
1570 +@@ -843,8 +840,6 @@
1571 + file = at_file_buf;
1572 + }
1573 +
1574 +- pthread_mutex_lock(&sb_syscall_lock);
1575 +-
1576 + if (!sb_init) {
1577 + init_context(&sbcontext);
1578 + sb_init = true;
1579 +@@ -885,8 +880,6 @@
1580 +
1581 + result = check_syscall(&sbcontext, sb_nr, func, file, flags);
1582 +
1583 +- pthread_mutex_unlock(&sb_syscall_lock);
1584 +-
1585 + if (0 == result) {
1586 + if ((NULL != getenv(ENV_SANDBOX_PID)) && (is_env_on(ENV_SANDBOX_ABORT)))
1587 +
1588
1589 diff --git a/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch b/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch
1590 new file mode 100644
1591 index 0000000..754ef01
1592 --- /dev/null
1593 +++ b/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch
1594 @@ -0,0 +1,13 @@
1595 +sandbox-1.7 traces static apps so disable the qa notice as it just scares
1596 +users ... dont want scary stuff in stable!
1597 +
1598 +--- libsandbox/wrapper-funcs/__wrapper_exec.c
1599 ++++ libsandbox/wrapper-funcs/__wrapper_exec.c
1600 +@@ -221,7 +221,6 @@
1601 + if (!FUNCTION_SANDBOX_SAFE(path))
1602 + return result;
1603 +
1604 +- sb_check_exec(path, argv);
1605 + }
1606 + #endif
1607 +
1608
1609 diff --git a/sys-apps/sandbox/files/sandbox-1.9-setoptions.patch b/sys-apps/sandbox/files/sandbox-1.9-setoptions.patch
1610 new file mode 100644
1611 index 0000000..34e8722
1612 --- /dev/null
1613 +++ b/sys-apps/sandbox/files/sandbox-1.9-setoptions.patch
1614 @@ -0,0 +1,15 @@
1615 + Fix undefined PTRACE_SETOPTIONS error, patch by grobian
1616 +
1617 +diff --git a/libsandbox/trace.c b/libsandbox/trace.c
1618 +index 7c5ec17..eaf520f 100644
1619 +--- a/libsandbox/trace.c
1620 ++++ b/libsandbox/trace.c
1621 +@@ -425,7 +425,7 @@ void trace_main(const char *filename, char *const argv[])
1622 + SB_DEBUG("parent waiting for child (pid=%i) to signal", trace_pid);
1623 + while (!child_stopped)
1624 + sched_yield();
1625 +-#ifdef PTRACE_O_TRACESYSGOOD
1626 ++#if defined(PTRACE_O_TRACESYSGOOD) && defined(PTRACE_SETOPTIONS)
1627 + /* Not all kernel versions support this, so ignore return */
1628 + ptrace(PTRACE_SETOPTIONS, trace_pid, NULL, (void *)PTRACE_O_TRACESYSGOOD);
1629 + #endif
1630
1631 diff --git a/sys-apps/sandbox/files/sandbox-2.0-prefix.patch b/sys-apps/sandbox/files/sandbox-2.0-prefix.patch
1632 new file mode 100644
1633 index 0000000..5e32912
1634 --- /dev/null
1635 +++ b/sys-apps/sandbox/files/sandbox-2.0-prefix.patch
1636 @@ -0,0 +1,37 @@
1637 +* heiko's way of getting this thing going
1638 +http://repo.or.cz/w/heikos-i-prolly-break-your-prefix-overlay.git?a=blob;f=sys-apps/sandbox/files/sandbox-2.0-prefix.patch;h=7b4f568679522682ba784853829a0f2b1272b21d;hb=HEAD
1639 +
1640 +diff --git a/libsbutil/get_sandbox_lib.c b/libsbutil/get_sandbox_lib.c
1641 +index b64a5ac..1cf4832 100644
1642 +--- a/libsbutil/get_sandbox_lib.c
1643 ++++ b/libsbutil/get_sandbox_lib.c
1644 +@@ -22,6 +22,7 @@
1645 + void get_sandbox_lib(char *path)
1646 + {
1647 + save_errno();
1648 ++#ifndef GENTOO_PREFIX
1649 + strcpy(path, LIB_NAME);
1650 + if (strncmp("/usr/lib", LIBSANDBOX_PATH, 8)) {
1651 + void *hndl = dlopen(path, RTLD_LAZY);
1652 +@@ -30,5 +31,10 @@ void get_sandbox_lib(char *path)
1653 + else
1654 + dlclose(hndl);
1655 + }
1656 ++#else
1657 ++ /* Gentoo Prefix always needs the absolute path due to DT_R*PATH usage
1658 ++ * within dlopen(). */
1659 ++ snprintf(path, SB_PATH_MAX, "%s/%s", LIBSANDBOX_PATH, LIB_NAME);
1660 ++#endif
1661 + restore_errno();
1662 + }
1663 +--- a/etc/sandbox.d/00default.orig 2009-06-22 14:10:30.000000000 +0200
1664 ++++ a/etc/sandbox.d/00default 2009-06-22 14:11:41.000000000 +0200
1665 +@@ -14,7 +14,7 @@
1666 + # Finally add current directory if interactive
1667 + SANDBOX_WRITE="${SANDBOX_WORKDIR}"
1668 + # Needed for configure tests
1669 +-SANDBOX_WRITE="/usr/tmp/conftest:/usr/lib/conftest:/usr/lib32/conftest:/usr/lib64/conftest:/usr/tmp/cf:/usr/lib/cf:/usr/lib32/cf:/usr/lib64/cf"
1670 ++SANDBOX_WRITE="@GENTOO_PORTAGE_EPREFIX@/usr/tmp/conftest:@GENTOO_PORTAGE_EPREFIX@/usr/lib/conftest:@GENTOO_PORTAGE_EPREFIX@/usr/lib32/conftest:@GENTOO_PORTAGE_EPREFIX@/usr/lib64/conftest:@GENTOO_PORTAGE_EPREFIX@/usr/tmp/cf:@GENTOO_PORTAGE_EPREFIX@/usr/lib/cf:@GENTOO_PORTAGE_EPREFIX@/usr/lib32/cf:@GENTOO_PORTAGE_EPREFIX@/usr/lib64/cf"
1671 +
1672 + # Usually writes in /home should not cause violations
1673 + SANDBOX_PREDICT="${HOME}"
1674
1675 diff --git a/sys-apps/sandbox/files/sandbox-2.0-setoptions.patch b/sys-apps/sandbox/files/sandbox-2.0-setoptions.patch
1676 new file mode 100644
1677 index 0000000..9430dbb
1678 --- /dev/null
1679 +++ b/sys-apps/sandbox/files/sandbox-2.0-setoptions.patch
1680 @@ -0,0 +1,11 @@
1681 +--- libsandbox/trace.c.old 2009-06-30 10:11:40.000000000 -0500
1682 ++++ libsandbox/trace.c 2009-06-30 10:11:58.000000000 -0500
1683 +@@ -476,7 +476,7 @@
1684 + } else if (trace_pid) {
1685 + SB_DEBUG("parent waiting for child (pid=%i) to signal", trace_pid);
1686 + waitpid(trace_pid, NULL, 0);
1687 +-#ifdef PTRACE_O_TRACESYSGOOD
1688 ++#if defined(PTRACE_SETOPTIONS) && defined(PTRACE_O_TRACESYSGOOD)
1689 + /* Not all kernel versions support this, so ignore return */
1690 + ptrace(PTRACE_SETOPTIONS, trace_pid, NULL, (void *)PTRACE_O_TRACESYSGOOD);
1691 + #endif
1692
1693 diff --git a/sys-apps/sandbox/files/sandbox-2.2-prefix.patch b/sys-apps/sandbox/files/sandbox-2.2-prefix.patch
1694 new file mode 100644
1695 index 0000000..0cd5f3f
1696 --- /dev/null
1697 +++ b/sys-apps/sandbox/files/sandbox-2.2-prefix.patch
1698 @@ -0,0 +1,26 @@
1699 +* heiko's way of getting this thing going
1700 +http://repo.or.cz/w/heikos-i-prolly-break-your-prefix-overlay.git?a=blob;f=sys-apps/sandbox/files/sandbox-2.0-prefix.patch;h=7b4f568679522682ba784853829a0f2b1272b21d;hb=HEAD
1701 +
1702 +diff --git a/libsbutil/get_sandbox_lib.c b/libsbutil/get_sandbox_lib.c
1703 +index b64a5ac..1cf4832 100644
1704 +--- a/libsbutil/get_sandbox_lib.c
1705 ++++ b/libsbutil/get_sandbox_lib.c
1706 +@@ -22,6 +22,7 @@
1707 + void get_sandbox_lib(char *path)
1708 + {
1709 + save_errno();
1710 ++#ifndef GENTOO_PREFIX
1711 + strcpy(path, LIB_NAME);
1712 + if (strncmp("/usr/lib", LIBSANDBOX_PATH, 8)) {
1713 + void *hndl = dlopen(path, RTLD_LAZY);
1714 +@@ -30,5 +31,10 @@ void get_sandbox_lib(char *path)
1715 + else
1716 + dlclose(hndl);
1717 + }
1718 ++#else
1719 ++ /* Gentoo Prefix always needs the absolute path due to DT_R*PATH usage
1720 ++ * within dlopen(). */
1721 ++ snprintf(path, SB_PATH_MAX, "%s/%s", LIBSANDBOX_PATH, LIB_NAME);
1722 ++#endif
1723 + restore_errno();
1724 + }
1725
1726 diff --git a/sys-apps/sandbox/files/sandbox-2.6-check-empty-paths-at.patch b/sys-apps/sandbox/files/sandbox-2.6-check-empty-paths-at.patch
1727 new file mode 100755
1728 index 0000000..e4dc529
1729 --- /dev/null
1730 +++ b/sys-apps/sandbox/files/sandbox-2.6-check-empty-paths-at.patch
1731 @@ -0,0 +1,201 @@
1732 +From dd726dcc6a95355d0e0cc949018d9c8aefc89a02 Mon Sep 17 00:00:00 2001
1733 +From: Mike Frysinger <vapier@g.o>
1734 +Date: Mon, 24 Dec 2012 19:41:49 -0500
1735 +Subject: [PATCH 1/2] libsandbox: reject "" paths with *at funcs before
1736 + checking the dirfd
1737 +
1738 +When it comes to processing errors, an empty path is checked before
1739 +an invalid dirfd. Make sure sandbox matches that behavior for the
1740 +random testsuites out there that look for this.
1741 +
1742 +URL: https://bugs.gentoo.org/346929
1743 +Reported-by: Marien Zwart <marienz@g.o>
1744 +Signed-off-by: Mike Frysinger <vapier@g.o>
1745 +---
1746 + libsandbox/wrapper-funcs/__pre_check.c | 2 ++
1747 + libsandbox/wrapper-funcs/mkdirat_pre_check.c | 17 +++++------------
1748 + libsandbox/wrapper-funcs/openat_pre_check.c | 15 ++++-----------
1749 + libsandbox/wrapper-funcs/unlinkat_pre_check.c | 17 +++++------------
1750 + libsandbox/wrappers.h | 2 ++
1751 + tests/mkdirat-3.sh | 7 +++++++
1752 + tests/mkdirat.at | 1 +
1753 + tests/openat-2.sh | 9 +++++++++
1754 + tests/openat.at | 1 +
1755 + tests/unlinkat-4.sh | 7 +++++++
1756 + tests/unlinkat.at | 1 +
1757 + 11 files changed, 44 insertions(+), 35 deletions(-)
1758 + create mode 100755 tests/mkdirat-3.sh
1759 + create mode 100755 tests/openat-2.sh
1760 + create mode 100755 tests/unlinkat-4.sh
1761 +
1762 +diff --git a/libsandbox/wrapper-funcs/__pre_check.c b/libsandbox/wrapper-funcs/__pre_check.c
1763 +index 2d5711f..28ad91f 100644
1764 +--- a/libsandbox/wrapper-funcs/__pre_check.c
1765 ++++ b/libsandbox/wrapper-funcs/__pre_check.c
1766 +@@ -20,3 +20,5 @@
1767 + #if SB_NR_UNLINK != SB_NR_UNDEF && SB_NR_UNLINKAT == SB_NR_UNDEF
1768 + # include "unlinkat_pre_check.c"
1769 + #endif
1770 ++
1771 ++#include "__pre_at_check.c"
1772 +diff --git a/libsandbox/wrapper-funcs/mkdirat_pre_check.c b/libsandbox/wrapper-funcs/mkdirat_pre_check.c
1773 +index 77a65df..0b48d1f 100644
1774 +--- a/libsandbox/wrapper-funcs/mkdirat_pre_check.c
1775 ++++ b/libsandbox/wrapper-funcs/mkdirat_pre_check.c
1776 +@@ -1,20 +1,13 @@
1777 + bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd)
1778 + {
1779 + char canonic[SB_PATH_MAX];
1780 +- char dirfd_path[SB_PATH_MAX];
1781 +
1782 + save_errno();
1783 +
1784 +- /* Expand the dirfd path first */
1785 +- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
1786 +- case -1:
1787 +- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
1788 +- func, pathname, strerror(errno));
1789 +- return false;
1790 +- case 0:
1791 +- pathname = dirfd_path;
1792 +- break;
1793 +- }
1794 ++ /* Check incoming args against common *at issues */
1795 ++ char dirfd_path[SB_PATH_MAX];
1796 ++ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path)))
1797 ++ return false;
1798 +
1799 + /* Then break down any relative/symlink paths */
1800 + if (-1 == canonicalize(pathname, canonic))
1801 +diff --git a/libsandbox/wrapper-funcs/openat_pre_check.c b/libsandbox/wrapper-funcs/openat_pre_check.c
1802 +index 0127708..5fd5eaa 100644
1803 +--- a/libsandbox/wrapper-funcs/openat_pre_check.c
1804 ++++ b/libsandbox/wrapper-funcs/openat_pre_check.c
1805 +@@ -15,17 +15,10 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int
1806 +
1807 + save_errno();
1808 +
1809 +- /* Expand the dirfd path first */
1810 ++ /* Check incoming args against common *at issues */
1811 + char dirfd_path[SB_PATH_MAX];
1812 +- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
1813 +- case -1:
1814 +- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
1815 +- func, pathname, strerror(errno));
1816 +- return false;
1817 +- case 0:
1818 +- pathname = dirfd_path;
1819 +- break;
1820 +- }
1821 ++ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path)))
1822 ++ return false;
1823 +
1824 + /* Doesn't exist -> skip permission checks */
1825 + struct stat st;
1826 +diff --git a/libsandbox/wrapper-funcs/unlinkat_pre_check.c b/libsandbox/wrapper-funcs/unlinkat_pre_check.c
1827 +index 9f5e7d7..c004d15 100644
1828 +--- a/libsandbox/wrapper-funcs/unlinkat_pre_check.c
1829 ++++ b/libsandbox/wrapper-funcs/unlinkat_pre_check.c
1830 +@@ -1,20 +1,13 @@
1831 + bool sb_unlinkat_pre_check(const char *func, const char *pathname, int dirfd)
1832 + {
1833 + char canonic[SB_PATH_MAX];
1834 +- char dirfd_path[SB_PATH_MAX];
1835 +
1836 + save_errno();
1837 +
1838 +- /* Expand the dirfd path first */
1839 +- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
1840 +- case -1:
1841 +- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
1842 +- func, pathname, strerror(errno));
1843 +- return false;
1844 +- case 0:
1845 +- pathname = dirfd_path;
1846 +- break;
1847 +- }
1848 ++ /* Check incoming args against common *at issues */
1849 ++ char dirfd_path[SB_PATH_MAX];
1850 ++ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path)))
1851 ++ return false;
1852 +
1853 + /* Then break down any relative/symlink paths */
1854 + if (-1 == canonicalize(pathname, canonic))
1855 +diff --git a/libsandbox/wrappers.h b/libsandbox/wrappers.h
1856 +index 5b97787..0aa58bb 100644
1857 +--- a/libsandbox/wrappers.h
1858 ++++ b/libsandbox/wrappers.h
1859 +@@ -28,5 +28,7 @@ attribute_hidden bool sb_mkdirat_pre_check (const char *func, const char *pathn
1860 + attribute_hidden bool sb_openat_pre_check (const char *func, const char *pathname, int dirfd, int flags);
1861 + attribute_hidden bool sb_openat64_pre_check (const char *func, const char *pathname, int dirfd, int flags);
1862 + attribute_hidden bool sb_unlinkat_pre_check (const char *func, const char *pathname, int dirfd);
1863 ++attribute_hidden bool sb_common_at_pre_check(const char *func, const char **pathname, int dirfd,
1864 ++ char *dirfd_path, size_t dirfd_path_len);
1865 +
1866 + #endif
1867 +--
1868 +1.8.1.2
1869 +
1870 +From 0b8a6d9773cc0e6d86bf1187f46817d5716698fe Mon Sep 17 00:00:00 2001
1871 +From: Mike Frysinger <vapier@g.o>
1872 +Date: Mon, 24 Dec 2012 19:41:49 -0500
1873 +Subject: [PATCH 2/2] libsandbox: reject "" paths with *at funcs before
1874 + checking the dirfd [missing file]
1875 +
1876 +When it comes to processing errors, an empty path is checked before
1877 +an invalid dirfd. Make sure sandbox matches that behavior for the
1878 +random testsuites out there that look for this.
1879 +
1880 +Forgot to `git add` in the previous commit :/.
1881 +
1882 +URL: https://bugs.gentoo.org/346929
1883 +Reported-by: Marien Zwart <marienz@g.o>
1884 +Signed-off-by: Mike Frysinger <vapier@g.o>
1885 +---
1886 + libsandbox/wrapper-funcs/__pre_at_check.c | 34 +++++++++++++++++++++++++++++++
1887 + 1 file changed, 34 insertions(+)
1888 + create mode 100644 libsandbox/wrapper-funcs/__pre_at_check.c
1889 +
1890 +diff --git a/libsandbox/wrapper-funcs/__pre_at_check.c b/libsandbox/wrapper-funcs/__pre_at_check.c
1891 +new file mode 100644
1892 +index 0000000..f72c40c
1893 +--- /dev/null
1894 ++++ b/libsandbox/wrapper-funcs/__pre_at_check.c
1895 +@@ -0,0 +1,34 @@
1896 ++/*
1897 ++ * common *at() pre-checks.
1898 ++ *
1899 ++ * Copyright 1999-2012 Gentoo Foundation
1900 ++ * Licensed under the GPL-2
1901 ++ */
1902 ++
1903 ++/* We assume the parent has nested use with save/restore errno */
1904 ++bool sb_common_at_pre_check(const char *func, const char **pathname, int dirfd,
1905 ++ char *dirfd_path, size_t dirfd_path_len)
1906 ++{
1907 ++ /* the empty path name should fail with ENOENT before any dirfd
1908 ++ * checks get a chance to run #346929
1909 ++ */
1910 ++ if (*pathname && *pathname[0] == '\0') {
1911 ++ errno = ENOENT;
1912 ++ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
1913 ++ func, *pathname, strerror(errno));
1914 ++ return false;
1915 ++ }
1916 ++
1917 ++ /* Expand the dirfd path first */
1918 ++ switch (resolve_dirfd_path(dirfd, *pathname, dirfd_path, dirfd_path_len)) {
1919 ++ case -1:
1920 ++ sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
1921 ++ func, *pathname, strerror(errno));
1922 ++ return false;
1923 ++ case 0:
1924 ++ *pathname = dirfd_path;
1925 ++ break;
1926 ++ }
1927 ++
1928 ++ return true;
1929 ++}
1930 +--
1931 +1.8.1.2
1932 +
1933
1934 diff --git a/sys-apps/sandbox/files/sandbox-2.6-desktop.patch b/sys-apps/sandbox/files/sandbox-2.6-desktop.patch
1935 new file mode 100755
1936 index 0000000..fbecb07
1937 --- /dev/null
1938 +++ b/sys-apps/sandbox/files/sandbox-2.6-desktop.patch
1939 @@ -0,0 +1,30 @@
1940 +From 00044ab0c8aaaabf048b5ff0ec2da5b3d7d25752 Mon Sep 17 00:00:00 2001
1941 +From: Mike Frysinger <vapier@g.o>
1942 +Date: Sat, 17 Nov 2012 14:14:26 -0500
1943 +Subject: [PATCH] sandbox.desktop: drop .svg from Icon field
1944 +MIME-Version: 1.0
1945 +Content-Type: text/plain; charset=UTF-8
1946 +Content-Transfer-Encoding: 8bit
1947 +
1948 +URL: http://bugs.gentoo.org/443672
1949 +Reported-by: Petteri Räty <betelgeuse@g.o>
1950 +Signed-off-by: Mike Frysinger <vapier@g.o>
1951 +---
1952 + data/sandbox.desktop | 2 +-
1953 + 1 file changed, 1 insertion(+), 1 deletion(-)
1954 +
1955 +diff --git a/data/sandbox.desktop b/data/sandbox.desktop
1956 +index 5b5b576..27a887e 100644
1957 +--- a/data/sandbox.desktop
1958 ++++ b/data/sandbox.desktop
1959 +@@ -5,6 +5,6 @@ Type=Application
1960 + Comment=launch a sandboxed shell ... useful for debugging ebuilds
1961 + Exec=sandbox
1962 + TryExec=sandbox
1963 +-Icon=sandbox.svg
1964 ++Icon=sandbox
1965 + Categories=Development;
1966 + Terminal=true
1967 +--
1968 +1.8.1.2
1969 +
1970
1971 diff --git a/sys-apps/sandbox/files/sandbox-2.6-log-var.patch b/sys-apps/sandbox/files/sandbox-2.6-log-var.patch
1972 new file mode 100755
1973 index 0000000..bfea9e5
1974 --- /dev/null
1975 +++ b/sys-apps/sandbox/files/sandbox-2.6-log-var.patch
1976 @@ -0,0 +1,51 @@
1977 +From 853b42c86432eefc6d4cfba86197fb37d446366d Mon Sep 17 00:00:00 2001
1978 +From: Mike Frysinger <vapier@g.o>
1979 +Date: Sun, 3 Mar 2013 05:34:09 -0500
1980 +Subject: [PATCH] sandbox: accept SANDBOX_LOG vars whatever their values
1981 +
1982 +Commit 40abb498ca4a24495fe34e133379382ce8c3eaca subtly broke the sandbox
1983 +with portage. It changed how the sandbox log env var was accessed by
1984 +moving from getenv() to get_sandbox_log(). The latter has path checking
1985 +and will kick out values that contain a slash. That means every time a
1986 +new process starts, a new sandbox log path will be generated, and when a
1987 +program triggers a violation, it'll write to the new file. Meanwhile,
1988 +portage itself watches the original one which never gets updated.
1989 +
1990 +This code has been around forever w/out documentation, and I can't think
1991 +of a reason we need it. So punt it.
1992 +
1993 +Signed-off-by: Mike Frysinger <vapier@g.o>
1994 +---
1995 + libsbutil/get_sandbox_log.c | 14 +++++---------
1996 + 1 file changed, 5 insertions(+), 9 deletions(-)
1997 +
1998 +diff --git a/libsbutil/get_sandbox_log.c b/libsbutil/get_sandbox_log.c
1999 +index a79b399..bdb4278 100644
2000 +--- a/libsbutil/get_sandbox_log.c
2001 ++++ b/libsbutil/get_sandbox_log.c
2002 +@@ -21,17 +21,13 @@ static void _get_sb_log(char *path, const char *tmpdir, const char *env, const c
2003 +
2004 + sandbox_log_env = getenv(env);
2005 +
2006 +- if (sandbox_log_env && is_env_on(ENV_SANDBOX_TESTING)) {
2007 +- /* When testing, just use what the env says to */
2008 ++ if (sandbox_log_env) {
2009 ++ /* If the env is viable, roll with it. We aren't really
2010 ++ * about people breaking the security of the sandbox by
2011 ++ * exporting SANDBOX_LOG=/dev/null.
2012 ++ */
2013 + strncpy(path, sandbox_log_env, SB_PATH_MAX);
2014 + } else {
2015 +- /* THIS CHUNK BREAK THINGS BY DOING THIS:
2016 +- * SANDBOX_LOG=/tmp/sandbox-app-admin/superadduser-1.0.7-11063.log
2017 +- */
2018 +- if ((NULL != sandbox_log_env) &&
2019 +- (NULL != strchr(sandbox_log_env, '/')))
2020 +- sandbox_log_env = NULL;
2021 +-
2022 + snprintf(path, SB_PATH_MAX, "%s%s%s%s%d%s",
2023 + SANDBOX_LOG_LOCATION, prefix,
2024 + (sandbox_log_env == NULL ? "" : sandbox_log_env),
2025 +--
2026 +1.8.1.2
2027 +
2028
2029 diff --git a/sys-apps/sandbox/files/sandbox-2.6-open-nofollow.patch b/sys-apps/sandbox/files/sandbox-2.6-open-nofollow.patch
2030 new file mode 100755
2031 index 0000000..0101ece
2032 --- /dev/null
2033 +++ b/sys-apps/sandbox/files/sandbox-2.6-open-nofollow.patch
2034 @@ -0,0 +1,54 @@
2035 +From 45fa8714a1d35e6555083d88a71851ada2aacac4 Mon Sep 17 00:00:00 2001
2036 +From: Mike Frysinger <vapier@g.o>
2037 +Date: Mon, 24 Dec 2012 18:46:29 -0500
2038 +Subject: [PATCH] libsandbox: handle open(O_NOFOLLOW)
2039 +
2040 +We don't check for O_NOFOLLOW in the open wrappers, so we end up
2041 +returning the wrong error when operating on broken symlinks.
2042 +
2043 +URL: https://bugs.gentoo.org/413441
2044 +Reported-by: Marien Zwart <marienz@g.o>
2045 +Signed-off-by: Mike Frysinger <vapier@g.o>
2046 +---
2047 + libsandbox/wrapper-funcs/__64_post.h | 1 +
2048 + libsandbox/wrapper-funcs/__64_pre.h | 1 +
2049 + libsandbox/wrapper-funcs/openat_pre_check.c | 2 +-
2050 + tests/open-2.sh | 10 ++++++++++
2051 + tests/open.at | 1 +
2052 + 5 files changed, 14 insertions(+), 1 deletion(-)
2053 + create mode 100755 tests/open-2.sh
2054 +
2055 +diff --git a/libsandbox/wrapper-funcs/__64_post.h b/libsandbox/wrapper-funcs/__64_post.h
2056 +index 2fd2182..82d2a16 100644
2057 +--- a/libsandbox/wrapper-funcs/__64_post.h
2058 ++++ b/libsandbox/wrapper-funcs/__64_post.h
2059 +@@ -1,3 +1,4 @@
2060 + #undef SB64
2061 + #undef stat
2062 ++#undef lstat
2063 + #undef off_t
2064 +diff --git a/libsandbox/wrapper-funcs/__64_pre.h b/libsandbox/wrapper-funcs/__64_pre.h
2065 +index 2132110..0b34b25 100644
2066 +--- a/libsandbox/wrapper-funcs/__64_pre.h
2067 ++++ b/libsandbox/wrapper-funcs/__64_pre.h
2068 +@@ -1,3 +1,4 @@
2069 + #define SB64
2070 + #define stat stat64
2071 ++#define lstat lstat64
2072 + #define off_t off64_t
2073 +diff --git a/libsandbox/wrapper-funcs/openat_pre_check.c b/libsandbox/wrapper-funcs/openat_pre_check.c
2074 +index c827ee6..0127708 100644
2075 +--- a/libsandbox/wrapper-funcs/openat_pre_check.c
2076 ++++ b/libsandbox/wrapper-funcs/openat_pre_check.c
2077 +@@ -29,7 +29,7 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int
2078 +
2079 + /* Doesn't exist -> skip permission checks */
2080 + struct stat st;
2081 +- if (-1 == stat(pathname, &st)) {
2082 ++ if (((flags & O_NOFOLLOW) ? lstat(pathname, &st) : stat(pathname, &st)) == -1) {
2083 + sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
2084 + func, pathname, strerror(errno));
2085 + return false;
2086 +--
2087 +1.8.1.2
2088 +
2089
2090 diff --git a/sys-apps/sandbox/files/sandbox-2.6-prefix.patch b/sys-apps/sandbox/files/sandbox-2.6-prefix.patch
2091 new file mode 100644
2092 index 0000000..d3861c0
2093 --- /dev/null
2094 +++ b/sys-apps/sandbox/files/sandbox-2.6-prefix.patch
2095 @@ -0,0 +1,70 @@
2096 +Index: sandbox-2.6/data/sandbox.bashrc
2097 +===================================================================
2098 +--- sandbox-2.6.orig/data/sandbox.bashrc
2099 ++++ sandbox-2.6/data/sandbox.bashrc
2100 +@@ -10,7 +10,7 @@ fi
2101 + export BASH_ENV="${SANDBOX_BASHRC}"
2102 +
2103 + alias make="make LD_PRELOAD=${LD_PRELOAD}"
2104 +-alias su="su -c '/bin/bash -rcfile ${SANDBOX_BASHRC}'"
2105 ++alias su="su -c '@GENTOO_PORTAGE_EPREFIX@/bin/bash -rcfile ${SANDBOX_BASHRC}'"
2106 +
2107 + declare -r SANDBOX_ACTIVE
2108 +
2109 +@@ -29,7 +29,7 @@ if [[ ${SANDBOX_INTRACTV} == "1" && -t 1
2110 + (
2111 + [[ ${NOCOLOR} == "true" || ${NOCOLOR} == "yes" || ${NOCOLOR} == "1" ]] && \
2112 + export RC_NOCOLOR="yes"
2113 +- source /etc/init.d/functions.sh
2114 ++ source @GENTOO_PORTAGE_EPREFIX@/etc/init.d/functions.sh
2115 + if [ $? -ne 0 ] ; then
2116 + einfo() { echo " INFO: $*"; }
2117 + ewarn() { echo " WARN: $*"; }
2118 +@@ -55,7 +55,7 @@ if [[ ${SANDBOX_INTRACTV} == "1" && -t 1
2119 + #sbs_pdir=$(portageq envvar PORTAGE_TMPDIR)/portage/ #portageq takes too long imo
2120 + if [[ -z ${PORTAGE_TMPDIR} ]] ; then
2121 + sbs_pdir=$(
2122 +- for f in /etc/{,portage/}make.globals /etc/{,portage/}make.conf ; do
2123 ++ for f in @GENTOO_PORTAGE_EPREFIX@/etc/{,portage/}make.globals @GENTOO_PORTAGE_EPREFIX@/etc/{,portage/}make.conf ; do
2124 + [[ -e ${f} ]] && source ${f}
2125 + done
2126 + echo $PORTAGE_TMPDIR
2127 +@@ -63,7 +63,7 @@ if [[ ${SANDBOX_INTRACTV} == "1" && -t 1
2128 + else
2129 + sbs_pdir=${PORTAGE_TMPDIR}
2130 + fi
2131 +- : ${sbs_pdir:=/var/tmp}
2132 ++ : ${sbs_pdir:=@GENTOO_PORTAGE_EPREFIX@/var/tmp}
2133 + sbs_pdir=${sbs_pdir}/portage/
2134 +
2135 + if [[ ${PWD:0:${#sbs_pdir}} == "${sbs_pdir}" ]] ; then
2136 +Index: sandbox-2.6/src/sandbox.c
2137 +===================================================================
2138 +--- sandbox-2.6.orig/src/sandbox.c
2139 ++++ sandbox-2.6/src/sandbox.c
2140 +@@ -269,7 +269,7 @@ int main(int argc, char **argv)
2141 + goto oom_error;
2142 +
2143 + /* Setup bash argv */
2144 +- str_list_add_item_copy(argv_bash, "/bin/bash", oom_error);
2145 ++ str_list_add_item_copy(argv_bash, "@GENTOO_PORTAGE_EPREFIX@/bin/bash", oom_error);
2146 + str_list_add_item_copy(argv_bash, "-rcfile", oom_error);
2147 + str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, oom_error);
2148 + if (argc >= 2) {
2149 +Index: sandbox-2.6/libsbutil/sbutil.h
2150 +===================================================================
2151 +--- sandbox-2.6.orig/libsbutil/sbutil.h
2152 ++++ sandbox-2.6/libsbutil/sbutil.h
2153 +@@ -22,9 +22,9 @@
2154 + #define LD_PRELOAD_EQ "LD_PRELOAD="
2155 + #define LIB_NAME "libsandbox.so"
2156 + #define BASHRC_NAME "sandbox.bashrc"
2157 +-#define TMPDIR "/tmp"
2158 +-#define PORTAGE_TMPDIR "/var/tmp/portage"
2159 +-#define SANDBOX_LOG_LOCATION "/var/log/sandbox"
2160 ++#define TMPDIR "@GENTOO_PORTAGE_EPREFIX@/tmp"
2161 ++#define PORTAGE_TMPDIR "@GENTOO_PORTAGE_EPREFIX@/var/tmp/portage"
2162 ++#define SANDBOX_LOG_LOCATION "@GENTOO_PORTAGE_EPREFIX@/var/log/sandbox"
2163 + #define LOG_FILE_PREFIX "/sandbox-"
2164 + #define DEBUG_LOG_FILE_PREFIX "/sandbox-debug-"
2165 + #define LOG_FILE_EXT ".log"
2166
2167 diff --git a/sys-apps/sandbox/files/sandbox-2.6-static-close-fd.patch b/sys-apps/sandbox/files/sandbox-2.6-static-close-fd.patch
2168 new file mode 100755
2169 index 0000000..7fc0972
2170 --- /dev/null
2171 +++ b/sys-apps/sandbox/files/sandbox-2.6-static-close-fd.patch
2172 @@ -0,0 +1,93 @@
2173 +From a3ff1534945c3898332b2481c9fd355dfbd56e1f Mon Sep 17 00:00:00 2001
2174 +From: Mike Frysinger <vapier@g.o>
2175 +Date: Sat, 23 Jun 2012 11:52:51 -0700
2176 +Subject: [PATCH] libsandbox: clean up open file handles in parent tracing
2177 + process
2178 +
2179 +Currently, if a non-static app sets up a pipe (with cloexec enabled) and
2180 +executes a static app, the handle to that pipe is left open in the parent
2181 +process. This causes trouble when the parent is waiting for that to be
2182 +closed immediately.
2183 +
2184 +Since none of the fds in the forked parent process matter to us, we can
2185 +just go ahead and clean up all fds before we start tracing the child.
2186 +
2187 +URL: http://bugs.gentoo.org/364877
2188 +Reported-by: Victor Stinner <victor.stinner@×××××××××.com>
2189 +Signed-off-by: Mike Frysinger <vapier@g.o>
2190 +---
2191 + libsandbox/trace.c | 3 +-
2192 + libsbutil/sb_close.c | 26 +++++++++++-
2193 + libsbutil/sbutil.h | 1 +
2194 + tests/Makefile.am | 2 +
2195 + tests/pipe-fork_static_tst.c | 18 +++++++++
2196 + tests/pipe-fork_tst.c | 95 ++++++++++++++++++++++++++++++++++++++++++++
2197 + tests/script-9.sh | 5 +++
2198 + tests/script.at | 1 +
2199 + 8 files changed, 149 insertions(+), 2 deletions(-)
2200 + create mode 100644 tests/pipe-fork_static_tst.c
2201 + create mode 100644 tests/pipe-fork_tst.c
2202 + create mode 100755 tests/script-9.sh
2203 +
2204 +diff --git a/libsandbox/trace.c b/libsandbox/trace.c
2205 +index 32ad2d6..dfbab18 100644
2206 +--- a/libsandbox/trace.c
2207 ++++ b/libsandbox/trace.c
2208 +@@ -504,8 +504,9 @@ void trace_main(const char *filename, char *const argv[])
2209 + /* Not all kernel versions support this, so ignore return */
2210 + ptrace(PTRACE_SETOPTIONS, trace_pid, NULL, (void *)PTRACE_O_TRACESYSGOOD);
2211 + #endif
2212 ++ sb_close_all_fds();
2213 + trace_loop();
2214 +- return;
2215 ++ sb_ebort("ISE: child should have quit, as should we\n");
2216 + }
2217 +
2218 + sb_debug("child setting up ...");
2219 +diff --git a/libsbutil/sb_close.c b/libsbutil/sb_close.c
2220 +index 17a4560..5379197 100644
2221 +--- a/libsbutil/sb_close.c
2222 ++++ b/libsbutil/sb_close.c
2223 +@@ -29,3 +29,27 @@ int sb_close(int fd)
2224 +
2225 + return res;
2226 + }
2227 ++
2228 ++/* Quickly close all the open fds (good for daemonization) */
2229 ++void sb_close_all_fds(void)
2230 ++{
2231 ++ DIR *dirp;
2232 ++ struct dirent *de;
2233 ++ int dfd, fd;
2234 ++ const char *fd_dir = sb_get_fd_dir();
2235 ++
2236 ++ dirp = opendir(fd_dir);
2237 ++ if (!dirp)
2238 ++ sb_ebort("could not process %s\n", fd_dir);
2239 ++ dfd = dirfd(dirp);
2240 ++
2241 ++ while ((de = readdir(dirp)) != NULL) {
2242 ++ if (de->d_name[0] == '.')
2243 ++ continue;
2244 ++ fd = atoi(de->d_name);
2245 ++ if (fd != dfd)
2246 ++ close(fd);
2247 ++ }
2248 ++
2249 ++ closedir(dirp);
2250 ++}
2251 +diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h
2252 +index 02b88cb..479734b 100644
2253 +--- a/libsbutil/sbutil.h
2254 ++++ b/libsbutil/sbutil.h
2255 +@@ -97,6 +97,7 @@ int sb_open(const char *path, int flags, mode_t mode);
2256 + size_t sb_read(int fd, void *buf, size_t count);
2257 + size_t sb_write(int fd, const void *buf, size_t count);
2258 + int sb_close(int fd);
2259 ++void sb_close_all_fds(void);
2260 + int sb_copy_file_to_fd(const char *file, int ofd);
2261 +
2262 + /* Reliable output */
2263 +--
2264 +1.8.1.2
2265 +
2266
2267 diff --git a/sys-apps/sandbox/files/sandbox-2.6-trace-hppa.patch b/sys-apps/sandbox/files/sandbox-2.6-trace-hppa.patch
2268 new file mode 100644
2269 index 0000000..7e73822
2270 --- /dev/null
2271 +++ b/sys-apps/sandbox/files/sandbox-2.6-trace-hppa.patch
2272 @@ -0,0 +1,27 @@
2273 +From 7b01f6103a9baddaf0252e7f850a4cef91a48b67 Mon Sep 17 00:00:00 2001
2274 +From: Mike Frysinger <vapier@g.o>
2275 +Date: Fri, 6 Jul 2012 14:58:16 -0400
2276 +Subject: [PATCH] libsandbox: fix hppa trace code
2277 +
2278 +URL: https://bugs.gentoo.org/425062
2279 +Reported-by: Jeroen Roovers <jer@g.o>
2280 +Signed-off-by: Mike Frysinger <vapier@g.o>
2281 +---
2282 + libsandbox/trace/linux/hppa.c | 4 ++--
2283 + 1 file changed, 2 insertions(+), 2 deletions(-)
2284 +
2285 +diff --git a/libsandbox/trace/linux/hppa.c b/libsandbox/trace/linux/hppa.c
2286 +index d23b0d1..5414354 100644
2287 +--- a/libsandbox/trace/linux/hppa.c
2288 ++++ b/libsandbox/trace/linux/hppa.c
2289 +@@ -1,5 +1,5 @@
2290 +-#define trace_reg_sysnum (20 * 4) /* PT_GR20 */
2291 +-#define trace_reg_ret (28 * 4) /* PT_GR28 */
2292 ++#define trace_reg_sysnum gr[20]
2293 ++#define trace_reg_ret gr[28]
2294 +
2295 + static unsigned long trace_arg(void *vregs, int num)
2296 + {
2297 +--
2298 +1.7.9.7
2299 +
2300
2301 diff --git a/sys-apps/sandbox/metadata.xml b/sys-apps/sandbox/metadata.xml
2302 new file mode 100644
2303 index 0000000..9e13eae
2304 --- /dev/null
2305 +++ b/sys-apps/sandbox/metadata.xml
2306 @@ -0,0 +1,11 @@
2307 +<?xml version="1.0" encoding="UTF-8"?>
2308 +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
2309 +<pkgmetadata>
2310 +
2311 +<!-- portage lacks a herd. correct this when we have one. -->
2312 +
2313 +<maintainer>
2314 + <email>sandbox@g.o</email>
2315 + <description>Sandbox Maintainers</description>
2316 +</maintainer>
2317 +</pkgmetadata>
2318
2319 diff --git a/sys-apps/sandbox/sandbox-1.6-r2.ebuild b/sys-apps/sandbox/sandbox-1.6-r2.ebuild
2320 new file mode 100644
2321 index 0000000..0ab72fc
2322 --- /dev/null
2323 +++ b/sys-apps/sandbox/sandbox-1.6-r2.ebuild
2324 @@ -0,0 +1,104 @@
2325 +# Copyright 1999-2012 Gentoo Foundation
2326 +# Distributed under the terms of the GNU General Public License v2
2327 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-1.6-r2.ebuild,v 1.17 2012/03/30 15:58:53 aballier Exp $
2328 +
2329 +#
2330 +# don't monkey with this ebuild unless contacting portage devs.
2331 +# period.
2332 +#
2333 +
2334 +inherit eutils flag-o-matic toolchain-funcs multilib unpacker
2335 +
2336 +DESCRIPTION="sandbox'd LD_PRELOAD hack"
2337 +HOMEPAGE="http://www.gentoo.org/"
2338 +SRC_URI="mirror://gentoo/${P}.tar.lzma
2339 + http://dev.gentoo.org/~vapier/dist/${P}.tar.lzma"
2340 +
2341 +LICENSE="GPL-2"
2342 +SLOT="0"
2343 +KEYWORDS="~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux"
2344 +IUSE=""
2345 +
2346 +DEPEND="app-arch/xz-utils
2347 + >=app-misc/pax-utils-0.1.19" #265376
2348 +RDEPEND=""
2349 +
2350 +EMULTILIB_PKG="true"
2351 +has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
2352 +
2353 +sandbox_death_notice() {
2354 + ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
2355 + ewarn "FEATURES=-sandbox emerge sandbox"
2356 +}
2357 +
2358 +src_unpack() {
2359 + unpacker_src_unpack
2360 + cd "${S}"
2361 + epatch "${FILESDIR}"/${P}-disable-qa-static.patch
2362 + epatch "${FILESDIR}"/${P}-disable-pthread.patch
2363 + epatch "${FILESDIR}"/0001-libsandbox-handle-more-at-functions.patch
2364 +}
2365 +
2366 +src_compile() {
2367 + filter-lfs-flags #90228
2368 +
2369 + local OABI=${ABI}
2370 + for ABI in $(get_install_abis) ; do
2371 + mkdir "${WORKDIR}/build-${ABI}"
2372 + cd "${WORKDIR}/build-${ABI}"
2373 +
2374 + multilib_toolchain_setup ${ABI}
2375 +
2376 + einfo "Configuring sandbox for ABI=${ABI}..."
2377 + ECONF_SOURCE="../${P}/" \
2378 + econf ${myconf} || die
2379 + einfo "Building sandbox for ABI=${ABI}..."
2380 + emake || die
2381 + done
2382 + ABI=${OABI}
2383 +}
2384 +
2385 +src_test() {
2386 + local OABI=${ABI}
2387 + for ABI in $(get_install_abis) ; do
2388 + cd "${WORKDIR}/build-${ABI}"
2389 + einfo "Checking sandbox for ABI=${ABI}..."
2390 + emake check || die "make check failed for ${ABI}"
2391 + done
2392 + ABI=${OABI}
2393 +}
2394 +
2395 +src_install() {
2396 + local OABI=${ABI}
2397 + for ABI in $(get_install_abis) ; do
2398 + cd "${WORKDIR}/build-${ABI}"
2399 + einfo "Installing sandbox for ABI=${ABI}..."
2400 + emake DESTDIR="${D}" install || die "make install failed for ${ABI}"
2401 + done
2402 + ABI=${OABI}
2403 +
2404 + doenvd "${FILESDIR}"/09sandbox
2405 +
2406 + keepdir /var/log/sandbox
2407 + use prefix || fowners root:portage /var/log/sandbox
2408 + fperms 0770 /var/log/sandbox
2409 +
2410 + cd "${S}"
2411 + dodoc AUTHORS ChangeLog* NEWS README
2412 +}
2413 +
2414 +pkg_preinst() {
2415 + use prefix || chown root:portage "${ED}"/var/log/sandbox
2416 + chmod 0770 "${ED}"/var/log/sandbox
2417 +
2418 + local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
2419 + if [[ -n ${old} ]] ; then
2420 + elog "Removing old sandbox libraries for you:"
2421 + elog ${old//${EROOT}}
2422 + find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
2423 + fi
2424 +}
2425 +
2426 +pkg_postinst() {
2427 + chmod 0755 "${EROOT}"/etc/sandbox.d #265376
2428 +}
2429
2430 diff --git a/sys-apps/sandbox/sandbox-2.3-r1.ebuild b/sys-apps/sandbox/sandbox-2.3-r1.ebuild
2431 new file mode 100755
2432 index 0000000..ede162c
2433 --- /dev/null
2434 +++ b/sys-apps/sandbox/sandbox-2.3-r1.ebuild
2435 @@ -0,0 +1,103 @@
2436 +# Copyright 1999-2012 Gentoo Foundation
2437 +# Distributed under the terms of the GNU General Public License v2
2438 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.3-r1.ebuild,v 1.10 2012/02/05 04:50:08 vapier Exp $
2439 +
2440 +#
2441 +# don't monkey with this ebuild unless contacting portage devs.
2442 +# period.
2443 +#
2444 +
2445 +inherit eutils flag-o-matic toolchain-funcs multilib unpacker
2446 +
2447 +DESCRIPTION="sandbox'd LD_PRELOAD hack"
2448 +HOMEPAGE="http://www.gentoo.org/"
2449 +SRC_URI="mirror://gentoo/${P}.tar.xz
2450 + http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
2451 +
2452 +LICENSE="GPL-2"
2453 +SLOT="0"
2454 +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd"
2455 +IUSE="multilib"
2456 +
2457 +DEPEND="app-arch/xz-utils
2458 + >=app-misc/pax-utils-0.1.19" #265376
2459 +RDEPEND=""
2460 +
2461 +EMULTILIB_PKG="true"
2462 +has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
2463 +
2464 +sandbox_death_notice() {
2465 + ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
2466 + ewarn "FEATURES=-sandbox emerge sandbox"
2467 +}
2468 +
2469 +sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
2470 +
2471 +src_compile() {
2472 + filter-lfs-flags #90228
2473 +
2474 + local OABI=${ABI}
2475 + for ABI in $(sb_get_install_abis) ; do
2476 + mkdir "${WORKDIR}/build-${ABI}"
2477 + cd "${WORKDIR}/build-${ABI}"
2478 +
2479 + use multilib && multilib_toolchain_setup ${ABI}
2480 +
2481 + einfo "Configuring sandbox for ABI=${ABI}..."
2482 + ECONF_SOURCE="../${P}/" \
2483 + econf ${myconf} || die
2484 + einfo "Building sandbox for ABI=${ABI}..."
2485 + emake || die
2486 + done
2487 + ABI=${OABI}
2488 +}
2489 +
2490 +src_test() {
2491 + local OABI=${ABI}
2492 + for ABI in $(sb_get_install_abis) ; do
2493 + cd "${WORKDIR}/build-${ABI}"
2494 + einfo "Checking sandbox for ABI=${ABI}..."
2495 + emake check || die "make check failed for ${ABI}"
2496 + done
2497 + ABI=${OABI}
2498 +}
2499 +
2500 +src_install() {
2501 + local OABI=${ABI}
2502 + for ABI in $(sb_get_install_abis) ; do
2503 + cd "${WORKDIR}/build-${ABI}"
2504 + einfo "Installing sandbox for ABI=${ABI}..."
2505 + emake DESTDIR="${D}" install || die "make install failed for ${ABI}"
2506 + insinto /etc/sandbox.d #333131
2507 + doins etc/sandbox.d/00default || die
2508 + done
2509 + ABI=${OABI}
2510 +
2511 + doenvd "${FILESDIR}"/09sandbox
2512 +
2513 + # fix 00default install #333131
2514 + rm "${D}"/etc/sandbox.d/*.in || die
2515 +
2516 + keepdir /var/log/sandbox
2517 + fowners root:portage /var/log/sandbox
2518 + fperms 0770 /var/log/sandbox
2519 +
2520 + cd "${S}"
2521 + dodoc AUTHORS ChangeLog* NEWS README
2522 +}
2523 +
2524 +pkg_preinst() {
2525 + chown root:portage "${D}"/var/log/sandbox
2526 + chmod 0770 "${D}"/var/log/sandbox
2527 +
2528 + local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
2529 + if [[ -n ${old} ]] ; then
2530 + elog "Removing old sandbox libraries for you:"
2531 + elog ${old//${ROOT}}
2532 + find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
2533 + fi
2534 +}
2535 +
2536 +pkg_postinst() {
2537 + chmod 0755 "${ROOT}"/etc/sandbox.d #265376
2538 +}
2539
2540 diff --git a/sys-apps/sandbox/sandbox-2.4.ebuild b/sys-apps/sandbox/sandbox-2.4.ebuild
2541 new file mode 100755
2542 index 0000000..b008ab3
2543 --- /dev/null
2544 +++ b/sys-apps/sandbox/sandbox-2.4.ebuild
2545 @@ -0,0 +1,100 @@
2546 +# Copyright 1999-2012 Gentoo Foundation
2547 +# Distributed under the terms of the GNU General Public License v2
2548 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.4.ebuild,v 1.11 2012/02/05 04:50:08 vapier Exp $
2549 +
2550 +#
2551 +# don't monkey with this ebuild unless contacting portage devs.
2552 +# period.
2553 +#
2554 +
2555 +inherit eutils flag-o-matic toolchain-funcs multilib unpacker
2556 +
2557 +DESCRIPTION="sandbox'd LD_PRELOAD hack"
2558 +HOMEPAGE="http://www.gentoo.org/"
2559 +SRC_URI="mirror://gentoo/${P}.tar.xz
2560 + http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
2561 +
2562 +LICENSE="GPL-2"
2563 +SLOT="0"
2564 +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd"
2565 +IUSE="multilib"
2566 +
2567 +DEPEND="app-arch/xz-utils
2568 + >=app-misc/pax-utils-0.1.19" #265376
2569 +RDEPEND=""
2570 +
2571 +EMULTILIB_PKG="true"
2572 +has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
2573 +
2574 +sandbox_death_notice() {
2575 + ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
2576 + ewarn "FEATURES=-sandbox emerge sandbox"
2577 +}
2578 +
2579 +sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
2580 +
2581 +src_compile() {
2582 + filter-lfs-flags #90228
2583 +
2584 + local OABI=${ABI}
2585 + for ABI in $(sb_get_install_abis) ; do
2586 + mkdir "${WORKDIR}/build-${ABI}"
2587 + cd "${WORKDIR}/build-${ABI}"
2588 +
2589 + use multilib && multilib_toolchain_setup ${ABI}
2590 +
2591 + einfo "Configuring sandbox for ABI=${ABI}..."
2592 + ECONF_SOURCE="../${P}/" \
2593 + econf ${myconf} || die
2594 + einfo "Building sandbox for ABI=${ABI}..."
2595 + emake || die
2596 + done
2597 + ABI=${OABI}
2598 +}
2599 +
2600 +src_test() {
2601 + local OABI=${ABI}
2602 + for ABI in $(sb_get_install_abis) ; do
2603 + cd "${WORKDIR}/build-${ABI}"
2604 + einfo "Checking sandbox for ABI=${ABI}..."
2605 + emake check || die "make check failed for ${ABI}"
2606 + done
2607 + ABI=${OABI}
2608 +}
2609 +
2610 +src_install() {
2611 + local OABI=${ABI}
2612 + for ABI in $(sb_get_install_abis) ; do
2613 + cd "${WORKDIR}/build-${ABI}"
2614 + einfo "Installing sandbox for ABI=${ABI}..."
2615 + emake DESTDIR="${D}" install || die "make install failed for ${ABI}"
2616 + insinto /etc/sandbox.d #333131
2617 + doins etc/sandbox.d/00default || die
2618 + done
2619 + ABI=${OABI}
2620 +
2621 + doenvd "${FILESDIR}"/09sandbox
2622 +
2623 + keepdir /var/log/sandbox
2624 + fowners root:portage /var/log/sandbox
2625 + fperms 0770 /var/log/sandbox
2626 +
2627 + cd "${S}"
2628 + dodoc AUTHORS ChangeLog* NEWS README
2629 +}
2630 +
2631 +pkg_preinst() {
2632 + chown root:portage "${D}"/var/log/sandbox
2633 + chmod 0770 "${D}"/var/log/sandbox
2634 +
2635 + local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
2636 + if [[ -n ${old} ]] ; then
2637 + elog "Removing old sandbox libraries for you:"
2638 + elog ${old//${ROOT}}
2639 + find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
2640 + fi
2641 +}
2642 +
2643 +pkg_postinst() {
2644 + chmod 0755 "${ROOT}"/etc/sandbox.d #265376
2645 +}
2646
2647 diff --git a/sys-apps/sandbox/sandbox-2.5.ebuild b/sys-apps/sandbox/sandbox-2.5.ebuild
2648 new file mode 100644
2649 index 0000000..cad9a5d
2650 --- /dev/null
2651 +++ b/sys-apps/sandbox/sandbox-2.5.ebuild
2652 @@ -0,0 +1,126 @@
2653 +# Copyright 1999-2012 Gentoo Foundation
2654 +# Distributed under the terms of the GNU General Public License v2
2655 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.5.ebuild,v 1.10 2012/06/24 05:35:02 vapier Exp $
2656 +
2657 +#
2658 +# don't monkey with this ebuild unless contacting portage devs.
2659 +# period.
2660 +#
2661 +
2662 +inherit eutils flag-o-matic toolchain-funcs multilib unpacker multiprocessing prefix
2663 +
2664 +DESCRIPTION="sandbox'd LD_PRELOAD hack"
2665 +HOMEPAGE="http://www.gentoo.org/"
2666 +SRC_URI="mirror://gentoo/${P}.tar.xz
2667 + http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
2668 +
2669 +LICENSE="GPL-2"
2670 +SLOT="0"
2671 +KEYWORDS="~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux"
2672 +IUSE="multilib"
2673 +
2674 +DEPEND="app-arch/xz-utils
2675 + >=app-misc/pax-utils-0.1.19" #265376
2676 +RDEPEND=""
2677 +
2678 +EMULTILIB_PKG="true"
2679 +has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
2680 +
2681 +sandbox_death_notice() {
2682 + ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
2683 + ewarn "FEATURES=-sandbox emerge sandbox"
2684 +}
2685 +
2686 +sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
2687 +
2688 +src_unpack() {
2689 + unpacker_src_unpack
2690 + cd "${S}"
2691 + epatch "${FILESDIR}"/${PN}-2.2-prefix.patch
2692 +}
2693 +
2694 +sb_foreach_abi() {
2695 + # enable usage of absolute libpath in prefix
2696 + use prefix && append-flags -DGENTOO_PREFIX
2697 +
2698 + local OABI=${ABI}
2699 + for ABI in $(sb_get_install_abis) ; do
2700 + cd "${WORKDIR}/build-${ABI}"
2701 + einfo "Running $1 for ABI=${ABI}..."
2702 + "$@"
2703 + done
2704 + ABI=${OABI}
2705 +}
2706 +
2707 +sb_configure() {
2708 + mkdir "${WORKDIR}/build-${ABI}"
2709 + cd "${WORKDIR}/build-${ABI}"
2710 +
2711 + use multilib && multilib_toolchain_setup ${ABI}
2712 +
2713 + einfo "Configuring sandbox for ABI=${ABI}..."
2714 + ECONF_SOURCE="../${P}/" \
2715 + econf ${myconf} || die
2716 +}
2717 +
2718 +sb_compile() {
2719 + emake || die
2720 +}
2721 +
2722 +src_compile() {
2723 + filter-lfs-flags #90228
2724 +
2725 + # Run configures in parallel!
2726 + multijob_init
2727 + local OABI=${ABI}
2728 + for ABI in $(sb_get_install_abis) ; do
2729 + multijob_child_init sb_configure
2730 + done
2731 + ABI=${OABI}
2732 + multijob_finish
2733 +
2734 + sb_foreach_abi sb_compile
2735 +}
2736 +
2737 +sb_test() {
2738 + emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" || die
2739 +}
2740 +
2741 +src_test() {
2742 + sb_foreach_abi sb_test
2743 +}
2744 +
2745 +sb_install() {
2746 + emake DESTDIR="${D}" install || die
2747 + insinto /etc/sandbox.d #333131
2748 + doins etc/sandbox.d/00default || die
2749 +}
2750 +
2751 +src_install() {
2752 + sb_foreach_abi sb_install
2753 +
2754 + doenvd "${FILESDIR}"/09sandbox
2755 +
2756 + keepdir /var/log/sandbox
2757 + use prefix || fowners root:portage /var/log/sandbox
2758 + fperms 0770 /var/log/sandbox
2759 +
2760 + cd "${S}"
2761 + dodoc AUTHORS ChangeLog* NEWS README
2762 +}
2763 +
2764 +pkg_preinst() {
2765 + use prefix || chown root:portage "${ED}"/var/log/sandbox
2766 + chmod 0770 "${ED}"/var/log/sandbox
2767 +
2768 + local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
2769 + if [[ -n ${old} ]] ; then
2770 + elog "Removing old sandbox libraries for you:"
2771 + elog ${old//${EROOT}}
2772 + find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
2773 + fi
2774 +}
2775 +
2776 +pkg_postinst() {
2777 + chmod 0755 "${EROOT}"/etc/sandbox.d #265376
2778 +}
2779
2780 diff --git a/sys-apps/sandbox/sandbox-2.6-r1.ebuild b/sys-apps/sandbox/sandbox-2.6-r1.ebuild
2781 new file mode 100755
2782 index 0000000..b61254b
2783 --- /dev/null
2784 +++ b/sys-apps/sandbox/sandbox-2.6-r1.ebuild
2785 @@ -0,0 +1,132 @@
2786 +# Copyright 1999-2013 Gentoo Foundation
2787 +# Distributed under the terms of the GNU General Public License v2
2788 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.6-r1.ebuild,v 1.13 2013/09/05 09:54:16 vapier Exp $
2789 +
2790 +EAPI=5
2791 +#
2792 +# don't monkey with this ebuild unless contacting portage devs.
2793 +# period.
2794 +#
2795 +
2796 +inherit eutils flag-o-matic toolchain-funcs multilib unpacker multiprocessing prefix
2797 +
2798 +DESCRIPTION="sandbox'd LD_PRELOAD hack"
2799 +HOMEPAGE="http://www.gentoo.org/"
2800 +SRC_URI="mirror://gentoo/${P}.tar.xz
2801 + http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
2802 +
2803 +LICENSE="GPL-2"
2804 +SLOT="0"
2805 +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd"
2806 +IUSE="multilib"
2807 +
2808 +DEPEND="app-arch/xz-utils
2809 + >=app-misc/pax-utils-0.1.19" #265376
2810 +RDEPEND=""
2811 +
2812 +EMULTILIB_PKG="true"
2813 +has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
2814 +
2815 +sandbox_death_notice() {
2816 + ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
2817 + ewarn "FEATURES=-sandbox emerge sandbox"
2818 +}
2819 +
2820 +sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
2821 +
2822 +sb_foreach_abi() {
2823 + local OABI=${ABI}
2824 + for ABI in $(sb_get_install_abis) ; do
2825 + cd "${WORKDIR}/build-${ABI}"
2826 + einfo "Running $1 for ABI=${ABI}..."
2827 + "$@"
2828 + done
2829 + ABI=${OABI}
2830 +}
2831 +
2832 +src_prepare() {
2833 + epatch "${FILESDIR}"/${P}-trace-hppa.patch #425062
2834 + epatch "${FILESDIR}"/${P}-log-var.patch
2835 + epatch "${FILESDIR}"/${P}-static-close-fd.patch #364877
2836 + epatch "${FILESDIR}"/${P}-desktop.patch #443672
2837 + epatch "${FILESDIR}"/${P}-open-nofollow.patch #413441
2838 + epatch "${FILESDIR}"/${P}-check-empty-paths-at.patch #346929
2839 + epatch "${FILESDIR}"/${P}-prefix.patch
2840 + eprefixify data/sandbox.bashrc src/sandbox.c libsbutil/sbutil.h
2841 + epatch_user
2842 +}
2843 +
2844 +sb_configure() {
2845 + mkdir "${WORKDIR}/build-${ABI}"
2846 + cd "${WORKDIR}/build-${ABI}"
2847 +
2848 + use multilib && multilib_toolchain_setup ${ABI}
2849 +
2850 + einfo "Configuring sandbox for ABI=${ABI}..."
2851 + ECONF_SOURCE="../${P}/" \
2852 + econf ${myconf}
2853 +}
2854 +
2855 +src_configure() {
2856 + filter-lfs-flags #90228
2857 +
2858 + # Run configures in parallel!
2859 + multijob_init
2860 + local OABI=${ABI}
2861 + for ABI in $(sb_get_install_abis) ; do
2862 + multijob_child_init sb_configure
2863 + done
2864 + ABI=${OABI}
2865 + multijob_finish
2866 +}
2867 +
2868 +sb_compile() {
2869 + emake
2870 +}
2871 +
2872 +src_compile() {
2873 + sb_foreach_abi sb_compile
2874 +}
2875 +
2876 +sb_test() {
2877 + emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)"
2878 +}
2879 +
2880 +src_test() {
2881 + sb_foreach_abi sb_test
2882 +}
2883 +
2884 +sb_install() {
2885 + emake DESTDIR="${D}" install
2886 + insinto /etc/sandbox.d #333131
2887 + doins etc/sandbox.d/00default
2888 +}
2889 +
2890 +src_install() {
2891 + sb_foreach_abi sb_install
2892 +
2893 + doenvd "${FILESDIR}"/09sandbox
2894 +
2895 + keepdir /var/log/sandbox
2896 + fowners root:portage /var/log/sandbox
2897 + fperms 0770 /var/log/sandbox
2898 +
2899 + cd "${S}"
2900 + dodoc AUTHORS ChangeLog* NEWS README
2901 +}
2902 +
2903 +pkg_preinst() {
2904 + fowners root:portage /var/log/sandbox
2905 + fperms 0770 /var/log/sandbox
2906 +
2907 + local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
2908 + if [[ -n ${old} ]] ; then
2909 + elog "Removing old sandbox libraries for you:"
2910 + elog ${old//${ROOT}}
2911 + find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
2912 + fi
2913 +}
2914 +
2915 +pkg_postinst() {
2916 + chmod 0755 "${EROOT}"/etc/sandbox.d #265376
2917 +}
2918
2919 diff --git a/sys-apps/sandbox/sandbox-2.6.ebuild b/sys-apps/sandbox/sandbox-2.6.ebuild
2920 new file mode 100644
2921 index 0000000..7fa9050
2922 --- /dev/null
2923 +++ b/sys-apps/sandbox/sandbox-2.6.ebuild
2924 @@ -0,0 +1,132 @@
2925 +# Copyright 1999-2012 Gentoo Foundation
2926 +# Distributed under the terms of the GNU General Public License v2
2927 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.6.ebuild,v 1.2 2012/07/06 19:53:10 vapier Exp $
2928 +
2929 +#
2930 +# don't monkey with this ebuild unless contacting portage devs.
2931 +# period.
2932 +#
2933 +
2934 +inherit eutils flag-o-matic toolchain-funcs multilib unpacker multiprocessing prefix
2935 +
2936 +DESCRIPTION="sandbox'd LD_PRELOAD hack"
2937 +HOMEPAGE="http://www.gentoo.org/"
2938 +SRC_URI="mirror://gentoo/${P}.tar.xz
2939 + http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
2940 +
2941 +LICENSE="GPL-2"
2942 +SLOT="0"
2943 +KEYWORDS="~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux"
2944 +IUSE="multilib"
2945 +
2946 +DEPEND="app-arch/xz-utils
2947 + >=app-misc/pax-utils-0.1.19" #265376
2948 +RDEPEND=""
2949 +
2950 +EMULTILIB_PKG="true"
2951 +has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
2952 +
2953 +sandbox_death_notice() {
2954 + ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
2955 + ewarn "FEATURES=-sandbox emerge sandbox"
2956 +}
2957 +
2958 +sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
2959 +
2960 +src_unpack() {
2961 + unpacker_src_unpack
2962 + cd "${S}"
2963 + epatch "${FILESDIR}"/${PN}-2.2-prefix.patch
2964 +}
2965 +
2966 +sb_foreach_abi() {
2967 + # enable usage of absolute libpath in prefix
2968 + use prefix && append-flags -DGENTOO_PREFIX
2969 +
2970 + local OABI=${ABI}
2971 + for ABI in $(sb_get_install_abis) ; do
2972 + cd "${WORKDIR}/build-${ABI}"
2973 + einfo "Running $1 for ABI=${ABI}..."
2974 + "$@"
2975 + done
2976 + ABI=${OABI}
2977 +}
2978 +
2979 +src_unpack() {
2980 + unpacker
2981 + cd "${S}"
2982 + epatch "${FILESDIR}"/${P}-trace-hppa.patch #425062
2983 +}
2984 +
2985 +sb_configure() {
2986 + mkdir "${WORKDIR}/build-${ABI}"
2987 + cd "${WORKDIR}/build-${ABI}"
2988 +
2989 + use multilib && multilib_toolchain_setup ${ABI}
2990 +
2991 + einfo "Configuring sandbox for ABI=${ABI}..."
2992 + ECONF_SOURCE="../${P}/" \
2993 + econf ${myconf} || die
2994 +}
2995 +
2996 +sb_compile() {
2997 + emake || die
2998 +}
2999 +
3000 +src_compile() {
3001 + filter-lfs-flags #90228
3002 +
3003 + # Run configures in parallel!
3004 + multijob_init
3005 + local OABI=${ABI}
3006 + for ABI in $(sb_get_install_abis) ; do
3007 + multijob_child_init sb_configure
3008 + done
3009 + ABI=${OABI}
3010 + multijob_finish
3011 +
3012 + sb_foreach_abi sb_compile
3013 +}
3014 +
3015 +sb_test() {
3016 + emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" || die
3017 +}
3018 +
3019 +src_test() {
3020 + sb_foreach_abi sb_test
3021 +}
3022 +
3023 +sb_install() {
3024 + emake DESTDIR="${D}" install || die
3025 + insinto /etc/sandbox.d #333131
3026 + doins etc/sandbox.d/00default || die
3027 +}
3028 +
3029 +src_install() {
3030 + sb_foreach_abi sb_install
3031 +
3032 + doenvd "${FILESDIR}"/09sandbox
3033 +
3034 + keepdir /var/log/sandbox
3035 + use prefix || fowners root:portage /var/log/sandbox
3036 + fperms 0770 /var/log/sandbox
3037 +
3038 + cd "${S}"
3039 + dodoc AUTHORS ChangeLog* NEWS README
3040 +}
3041 +
3042 +pkg_preinst() {
3043 + use prefix || chown root:portage "${ED}"/var/log/sandbox
3044 + chmod 0770 "${ED}"/var/log/sandbox
3045 +
3046 + local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
3047 + if [[ -n ${old} ]] ; then
3048 + elog "Removing old sandbox libraries for you:"
3049 + elog ${old//${EROOT}}
3050 + find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
3051 + fi
3052 +}
3053 +
3054 +pkg_postinst() {
3055 + chmod 0755 "${EROOT}"/etc/sandbox.d #265376
3056 +}
Report Message
Find on MARC Find on Google Groups