commit: 44a8ff0d8ea8e992e7956f99f9665f6d7439b84a Author: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> AuthorDate: Fri Jul 12 06:48:30 2019 +0000 Commit: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> CommitDate: Fri Jul 12 06:48:46 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=44a8ff0d
sys-apps/sandbox: bump up to 2.18, bug #549108 The main change from 2.17 is basic musl support. Closes: https://bugs.gentoo.org/549108 Package-Manager: Portage-2.3.69, Repoman-2.3.16 Signed-off-by: Sergei Trofimovich <slyfox <AT> gentoo.org> sys-apps/sandbox/Manifest | 1 + sys-apps/sandbox/files/musl.patch | 42 ++++++++++++++++++++ sys-apps/sandbox/sandbox-2.18.ebuild | 74 ++++++++++++++++++++++++++++++++++++ 3 files changed, 117 insertions(+) diff --git a/sys-apps/sandbox/Manifest b/sys-apps/sandbox/Manifest index 974844caf43..bcb90be6572 100644 --- a/sys-apps/sandbox/Manifest +++ b/sys-apps/sandbox/Manifest @@ -3,3 +3,4 @@ DIST sandbox-2.13.tar.xz 424968 BLAKE2B efcbf527853e8cfe8b3fec026041f55f51cba780 DIST sandbox-2.14.tar.xz 426992 BLAKE2B a30984f613b773cb5e53b2b0297ada32d11797699418aebf3014e11f3ec2b69a1c4b4e22ce96c28b1df022617cab6787cfe61f84b37ed61e966ac425eae1c7eb SHA512 b84584cffc54678646798bc58d8b60cdc10a0a58c9f1a49276dcac205a06dd7a2e664d2a9c40c78b48eae8ac36e3ac498ba35674f10e6e06c3c2bab777e05ced DIST sandbox-2.15.tar.xz 426948 BLAKE2B e40bb728192ef3793a9129bc88a63878516b0977a19effd5b02ded644ec6fe1627fab34786b22024957d96725fc5c53f488f7b09119be7b7ca91692dcee985dc SHA512 7249b594864267311ce8e2c04275df49c6d8e8e811dde5780f7f676cb43928728b9abed77beb8f5ee32061efcdb03753cce44d5bf1827bd519d6be8fa54912e6 DIST sandbox-2.17.tar.xz 431700 BLAKE2B 461404f5b98ac83d9e5bc63fc7251cdfbb04a0ccedb340a7a5b8595b68ab34034a56c0a0cfa8478961c9282f6450de89ef5b512b13d427a7f63c17a4141cbcbf SHA512 b5d7a76d894471f6610b41aa05f007d257c69ae5c90f8db455d626e0d1209b9d276678c36e90d2e4214d15074512be182b4f5f905ed2b7e236ff714cbf51958f +DIST sandbox-2.18.tar.xz 427760 BLAKE2B 26199ff8f919dcecdfdb74d508e0802e2e929a003ff1caddc54c1ea0f7887938c4f69065e585d61f7e96b29be26a34a1cdb62b397309e993511097ecaebe0620 SHA512 1775d4d6f80d414ab94eafae73966c12c4dd80857e21f0849703a3230ddb80501d8e574b14296e554932766cd71aa7b48a802fc388aaab43ba882ee7d005a60d diff --git a/sys-apps/sandbox/files/musl.patch b/sys-apps/sandbox/files/musl.patch new file mode 100644 index 00000000000..419d067f2a2 --- /dev/null +++ b/sys-apps/sandbox/files/musl.patch @@ -0,0 +1,42 @@ +--- a/libsandbox/trace.c ++++ b/libsandbox/trace.c +@@ -10,7 +10,16 @@ + #include "sb_nr.h" + + static long do_peekdata(long offset); +-static long _do_ptrace(enum __ptrace_request request, const char *srequest, void *addr, void *data); ++/* Note on _do_ptrace argument types: ++ glibc defines ptrace as: ++ long ptrace(enum __ptrace_request request, pid_t pid, void *addr, void *data); ++ musl defines ptrace as: ++ long ptrace(int, ...); ++ ++ Let's clobber to 'int' lowest common denominator. ++ */ ++typedef int sb_ptrace_req_t; ++static long _do_ptrace(sb_ptrace_req_t request, const char *srequest, void *addr, void *data); + #define do_ptrace(request, addr, data) _do_ptrace(request, #request, addr, data) + #define _trace_possible(data) true + +@@ -44,7 +53,7 @@ static void trace_exit(int status) + _exit(status); + } + +-static long _do_ptrace(enum __ptrace_request request, const char *srequest, void *addr, void *data) ++static long _do_ptrace(sb_ptrace_req_t request, const char *srequest, void *addr, void *data) + { + long ret; + try_again: +--- a/scripts/gen_symbol_header.awk ++++ b/scripts/gen_symbol_header.awk +@@ -117,6 +117,10 @@ END { + gsub(/@|\./, "_", sym_real_name); + } + ++ # Avoid libc's symbol rename via #define. musl defines aliases as: ++ # #define mkstemp64 mkstemp ++ # #define mkstemps64 mkstemps ++ printf("#undef %s\n", sym_index); + printf("#define symname_%s \"%s\"\n", sym_real_name, sym_index); + + # We handle non-versioned libc's by setting symver_* diff --git a/sys-apps/sandbox/sandbox-2.18.ebuild b/sys-apps/sandbox/sandbox-2.18.ebuild new file mode 100644 index 00000000000..179163388c4 --- /dev/null +++ b/sys-apps/sandbox/sandbox-2.18.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit eutils flag-o-matic multilib-minimal multiprocessing pax-utils + +DESCRIPTION="sandbox'd LD_PRELOAD hack" +HOMEPAGE="https://www.gentoo.org/proj/en/portage/sandbox/"; +SRC_URI="https://dev.gentoo.org/~slyfox/distfiles/${P}.tar.xz"; + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86" +IUSE="" + +DEPEND="app-arch/xz-utils + >=app-misc/pax-utils-0.1.19" #265376 +RDEPEND="" + +has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" + +sandbox_death_notice() { + ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" + ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox" +} + +multilib_src_configure() { + filter-lfs-flags #90228 + + ECONF_SOURCE="${S}" econf +} + +multilib_src_test() { + # Default sandbox build will run with --jobs set to # cpus. + emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" +} + +multilib_src_install_all() { + doenvd "${FILESDIR}"/09sandbox + + keepdir /var/log/sandbox + fowners root:portage /var/log/sandbox + fperms 0770 /var/log/sandbox + + dodoc AUTHORS ChangeLog* NEWS README +} + +pkg_preinst() { + chown root:portage "${ED}"/var/log/sandbox + chmod 0770 "${ED}"/var/log/sandbox + + local v + for v in ${REPLACING_VERSIONS}; do + # 1.x was removed from ::gentoo in 2016 + if [[ ${v} == 1.* ]] ; then + local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*') + if [[ -n ${old} ]] ; then + elog "Removing old sandbox libraries for you:" + find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -print -delete + fi + fi + done +} + +pkg_postinst() { + local v + for v in ${REPLACING_VERSIONS}; do + # 1.x was removed from ::gentoo in 2016 + if [[ ${v} == 1.* ]] ; then + chmod 0755 "${EROOT}"/etc/sandbox.d #265376 + fi + done +}
