Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-portage-dev

From: Zac Medico <zmedico@g.o>
To: gentoo-portage-dev@l.g.o
Cc: Zac Medico <zmedico@g.o>
Subject: [gentoo-portage-dev] [PATCH] PORTAGE_XATTR_EXCLUDE: preserve security.capability (bug 548516)
Date: Sun, 03 May 2015 19:19:15
Message-Id: 1430680734-25765-1-git-send-email-zmedico@gentoo.org
1 Also, fix BinpkgExtractorAsync tar options to preserve
2 security.capability attributes.
3
4 X-Gentoo-Bug: 548516
5 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=548516
6 ---
7 cnf/make.globals | 6 ++++--
8 pym/_emerge/BinpkgExtractorAsync.py | 3 ++-
9 2 files changed, 6 insertions(+), 3 deletions(-)
10
11 diff --git a/cnf/make.globals b/cnf/make.globals
12 index dd99618..5698636 100644
13 --- a/cnf/make.globals
14 +++ b/cnf/make.globals
15 @@ -123,9 +123,11 @@ PORTAGE_ELOG_MAILFROM="portage@localhost"
16 PORTAGE_GPG_SIGNING_COMMAND="gpg --sign --digest-algo SHA256 --clearsign --yes --default-key \"\${PORTAGE_GPG_KEY}\" --homedir \"\${PORTAGE_GPG_DIR}\" \"\${FILE}\""
17
18 # btrfs.* attributes are irrelevant, see bug #527636.
19 -# Security labels are special, see bug #461868.
20 +# security.* attributes may be special (see bug 461868), but
21 +# security.capabilities is specifically not excluded (bug 548516).
22 # system.nfs4_acl attributes are irrelevant, see bug #475496.
23 -PORTAGE_XATTR_EXCLUDE="btrfs.* security.* system.nfs4_acl"
24 +PORTAGE_XATTR_EXCLUDE="btrfs.* security.evm security.ima
25 + security.selinux system.nfs4_acl"
26
27 # *****************************
28 # ** DO NOT EDIT THIS FILE **
29 diff --git a/pym/_emerge/BinpkgExtractorAsync.py b/pym/_emerge/BinpkgExtractorAsync.py
30 index 6aaa448..6b5539a 100644
31 --- a/pym/_emerge/BinpkgExtractorAsync.py
32 +++ b/pym/_emerge/BinpkgExtractorAsync.py
33 @@ -23,7 +23,8 @@ class BinpkgExtractorAsync(SpawnProcess):
34 process = subprocess.Popen(["tar", "--help"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
35 output = process.communicate()[0]
36 if b"--xattrs" in output:
37 - tar_options = "--xattrs"
38 + tar_options = ("--xattrs --xattrs-include='*' --xattrs-exclude="
39 + "'%s'" % self.env.get("PORTAGE_XATTR_EXCLUDE", ""))
40
41 decomp_cmd = _decompressors.get(
42 compression_probe(self.pkg_path))
43 --
44 2.3.5

Replies

Subject Author
[gentoo-portage-dev] [PATCH v2] PORTAGE_XATTR_EXCLUDE: preserve security.capability (bug 548516) Zac Medico <zmedico@g.o>
Report Message
Find on MARC Find on Google Groups