1 |
commit: 62cb6701ed08aaa7afcc397577bb4734293ebdc2 |
2 |
Author: Mike Frysinger <vapier <AT> chromium <DOT> org> |
3 |
AuthorDate: Sat Jan 25 08:58:32 2020 +0000 |
4 |
Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Jan 25 08:58:58 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=62cb6701 |
7 |
|
8 |
sys-apps/minijail: version bump to 12 |
9 |
|
10 |
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org> |
11 |
|
12 |
sys-apps/minijail/Manifest | 1 + |
13 |
sys-apps/minijail/files/minijail-12-makefile.patch | 41 ++++++++++++ |
14 |
sys-apps/minijail/minijail-12.ebuild | 77 ++++++++++++++++++++++ |
15 |
3 files changed, 119 insertions(+) |
16 |
|
17 |
diff --git a/sys-apps/minijail/Manifest b/sys-apps/minijail/Manifest |
18 |
index 96fa50c32ca..b48d120cca4 100644 |
19 |
--- a/sys-apps/minijail/Manifest |
20 |
+++ b/sys-apps/minijail/Manifest |
21 |
@@ -1 +1,2 @@ |
22 |
+DIST minijail-12.tar.gz 157030 BLAKE2B 55a1bb2aeb31290c211da8b8322672abadab7a2729b0afd6eafce9854a51320a2515bedc54864debc7ede6e437607dad8532ae76c14828d6c4f4265fec404dbe SHA512 feb829fc113f0041b9ab25e845560af47408f3d5f0704cdf756d0b8162ae7aae331c350908c3b17a4a5593ffa7326044f222a35e6794471cd5ed60173b2befa2 |
23 |
DIST minijail-9.tar.gz 118700 BLAKE2B 7d2959d5dd71bd9d8d8a0b7c278dab66771740f73acec20f19502da33990ca858796b4734676ffedc404cef72eee8c419c669ba7092ac00cbafa2e410564aba2 SHA512 6d05fbe8615f410e8314045d11f7a3638f563f3311f7d52b5a0c47cad8692d11b0a7db4fbb45141b56453a9beb0de7683d58e5298f0a27029aa017539bb48717 |
24 |
|
25 |
diff --git a/sys-apps/minijail/files/minijail-12-makefile.patch b/sys-apps/minijail/files/minijail-12-makefile.patch |
26 |
new file mode 100644 |
27 |
index 00000000000..10d97197bb0 |
28 |
--- /dev/null |
29 |
+++ b/sys-apps/minijail/files/minijail-12-makefile.patch |
30 |
@@ -0,0 +1,41 @@ |
31 |
+--- a/Makefile |
32 |
++++ b/Makefile |
33 |
+@@ -46,9 +46,9 @@ ifeq ($(USE_SYSTEM_GTEST),no) |
34 |
+ GTEST_CXXFLAGS := -std=gnu++14 |
35 |
+ GTEST_LIBS := gtest.a |
36 |
+ else |
37 |
+-GTEST_CXXFLAGS := $(shell gtest-config --cxxflags 2>/dev/null || \ |
38 |
++GTEST_CXXFLAGS ?= $(shell gtest-config --cxxflags 2>/dev/null || \ |
39 |
+ echo "-pthread") |
40 |
+-GTEST_LIBS := $(shell gtest-config --libs 2>/dev/null || \ |
41 |
++GTEST_LIBS ?= $(shell gtest-config --libs 2>/dev/null || \ |
42 |
+ echo "-lgtest -pthread -lpthread") |
43 |
+ endif |
44 |
+ |
45 |
+@@ -73,6 +73,7 @@ clean: CLEAN(minijail0) |
46 |
+ |
47 |
+ |
48 |
+ CC_LIBRARY(libminijail.so): LDLIBS += -lcap |
49 |
++CC_LIBRARY(libminijail.so): LDFLAGS += -Wl,-soname,libminijail.so |
50 |
+ CC_LIBRARY(libminijail.so): $(CORE_OBJECT_FILES) |
51 |
+ clean: CLEAN(libminijail.so) |
52 |
+ |
53 |
+@@ -91,6 +92,7 @@ TEST(CXX_BINARY(libminijail_unittest)): CC_LIBRARY(libminijailpreload.so) |
54 |
+ |
55 |
+ |
56 |
+ CC_LIBRARY(libminijailpreload.so): LDLIBS += -lcap -ldl |
57 |
++CC_LIBRARY(libminijailpreload.so): LDFLAGS += -Wl,-soname,libminijail.so |
58 |
+ CC_LIBRARY(libminijailpreload.so): libminijailpreload.o $(CORE_OBJECT_FILES) |
59 |
+ clean: CLEAN(libminijailpreload.so) |
60 |
+ |
61 |
+--- a/common.mk |
62 |
++++ b/common.mk |
63 |
+@@ -323,7 +323,7 @@ COMMON_CFLAGS := -Wall -Wunused -Wno-unused-parameter -Werror -Wformat=2 \ |
64 |
+ -fno-strict-aliasing $(SSP_CFLAGS) -O1 |
65 |
+ CXXFLAGS += $(COMMON_CFLAGS) $(COMMON_CFLAGS-$(CXXDRIVER)) -std=gnu++14 |
66 |
+ CFLAGS += $(COMMON_CFLAGS) $(COMMON_CFLAGS-$(CDRIVER)) -std=gnu11 |
67 |
+-CPPFLAGS += -D_FORTIFY_SOURCE=2 |
68 |
++CPPFLAGS += |
69 |
+ |
70 |
+ # Enable large file support. |
71 |
+ CPPFLAGS += -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE |
72 |
|
73 |
diff --git a/sys-apps/minijail/minijail-12.ebuild b/sys-apps/minijail/minijail-12.ebuild |
74 |
new file mode 100644 |
75 |
index 00000000000..bf20c5f832a |
76 |
--- /dev/null |
77 |
+++ b/sys-apps/minijail/minijail-12.ebuild |
78 |
@@ -0,0 +1,77 @@ |
79 |
+# Copyright 1999-2020 Gentoo Authors |
80 |
+# Distributed under the terms of the GNU General Public License v2 |
81 |
+ |
82 |
+EAPI="7" |
83 |
+ |
84 |
+inherit linux-info toolchain-funcs |
85 |
+ |
86 |
+DESCRIPTION="helper binary and library for sandboxing & restricting privs of service" |
87 |
+HOMEPAGE="https://android.googlesource.com/platform/external/minijail" |
88 |
+ |
89 |
+# Use GitHub mirror as Gitiles doesn't generate stable tarballs. |
90 |
+SRC_URI="https://github.com/google/${PN}/archive/linux-v${PV}.tar.gz -> ${P}.tar.gz" |
91 |
+ |
92 |
+LICENSE="BSD" |
93 |
+SLOT="0" |
94 |
+KEYWORDS="~amd64 ~x86" |
95 |
+IUSE="+seccomp test" |
96 |
+RESTRICT="!test? ( test )" |
97 |
+ |
98 |
+RDEPEND="sys-libs/libcap-ng:=" |
99 |
+DEPEND="${RDEPEND} |
100 |
+ test? ( |
101 |
+ virtual/pkgconfig |
102 |
+ >=dev-cpp/gtest-1.8.0:= |
103 |
+ )" |
104 |
+ |
105 |
+S="${WORKDIR}/${PN}-linux-v${PV}" |
106 |
+ |
107 |
+PATCHES=( |
108 |
+ "${FILESDIR}/minijail-12-makefile.patch" |
109 |
+) |
110 |
+ |
111 |
+pkg_pretend() { |
112 |
+ local CONFIG_CHECK="~NAMESPACES ~UTS_NS ~IPC_NS ~USER_NS ~PID_NS ~NET_NS |
113 |
+ ~SECCOMP ~SECCOMP_FILTER ~CGROUPS" |
114 |
+ check_extra_config |
115 |
+} |
116 |
+ |
117 |
+src_configure() { |
118 |
+ export LIBDIR="/usr/$(get_libdir)" |
119 |
+ export USE_seccomp="$(usex seccomp)" |
120 |
+ export USE_SYSTEM_GTEST=yes |
121 |
+ if use test; then |
122 |
+ export GTEST_CXXFLAGS="$($(tc-getPKG_CONFIG) --cflags gtest_main)" |
123 |
+ export GTEST_LIBS="$($(tc-getPKG_CONFIG) --libs gtest_main)" |
124 |
+ else |
125 |
+ export GTEST_CXXFLAGS='' GTEST_LIBS='' |
126 |
+ fi |
127 |
+ export VERBOSE=1 |
128 |
+} |
129 |
+ |
130 |
+src_compile() { |
131 |
+ tc-env_build emake all parse_seccomp_policy |
132 |
+} |
133 |
+ |
134 |
+src_test() { |
135 |
+ GTEST_FILTER="-NamespaceTest.test_tmpfs_userns:NamespaceTest.test_namespaces" \ |
136 |
+ tc-env_build emake tests |
137 |
+} |
138 |
+ |
139 |
+src_install() { |
140 |
+ dosbin minijail0 |
141 |
+ dolib.so libminijail{,preload}.so |
142 |
+ dobin parse_seccomp_policy |
143 |
+ |
144 |
+ doman minijail0.[15] |
145 |
+ dodoc README.md |
146 |
+ |
147 |
+ local include_dir="/usr/include" |
148 |
+ |
149 |
+ "${S}"/platform2_preinstall.sh "${PV}" "${include_dir}" |
150 |
+ insinto "/usr/$(get_libdir)/pkgconfig" |
151 |
+ doins libminijail.pc |
152 |
+ |
153 |
+ insinto "${include_dir}" |
154 |
+ doins libminijail.h scoped_minijail.h |
155 |
+} |