Date: Monday, July 25, 2016 @ 09:51:32 Author: tredaelli Revision: 183955
upgpkg: snap-confine 1.0.38-1 Added: snap-confine/trunk/dont-mount-media.patch Modified: snap-confine/trunk/PKGBUILD ------------------------+ PKGBUILD | 16 +++++++++++++--- dont-mount-media.patch | 10 ++++++++++ 2 files changed, 23 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2016-07-25 09:50:37 UTC (rev 183954) +++ PKGBUILD 2016-07-25 09:51:32 UTC (rev 183955) @@ -3,7 +3,7 @@ # Contributor: Zygmunt Krynicki <me at zygoon dot pl> pkgname=snap-confine -pkgver=1.0.35 +pkgver=1.0.38 pkgrel=1 pkgdesc="Confinement system for snap applications" arch=('i686' 'x86_64') @@ -12,9 +12,19 @@ depends=('bash' 'libseccomp' 'libsystemd') makedepends=('python-docutils' 'systemd') checkdepends=('indent' 'shellcheck') -source=("https://github.com/snapcore/$pkgname/releases/download/$pkgver/$pkgname-$pkgver.tar.gz") -md5sums=('d4e1f8e978d4ce07eb07f394174af185') +source=("https://github.com/snapcore/$pkgname/releases/download/$pkgver/$pkgname-$pkgver.tar.gz" + "dont-mount-media.patch") +md5sums=('1ab7bcb5074f47b3dc818c0d06c1eb37' + '89b887eccd0bf96b7b88f2f86329e085') +prepare() { + cd "$pkgname-$pkgver" + + # Revert "add /media to source_mounts to allow access to mounted devices" + # since Arch Linux doesn't have /media directory anymore + patch -Np1 -i "$srcdir"/dont-mount-media.patch +} + build() { cd "$pkgname-$pkgver" Added: dont-mount-media.patch =================================================================== --- dont-mount-media.patch (rev 0) +++ dont-mount-media.patch 2016-07-25 09:51:32 UTC (rev 183955) @@ -0,0 +1,10 @@ +--- a/src/mount-support.c ++++ b/src/mount-support.c +@@ -205,7 +205,6 @@ void setup_snappy_os_mounts() + "/var/lib/snapd", // to get access to snapd state and seccomp profiles + "/var/tmp", // to get access to the other temporary directory + "/run", // to get /run with sockets and what not +- "/media", // access to the users removable devices + "/lib/modules", // access to the modules of the running kernel + }; + for (int i = 0; i < sizeof(source_mounts) / sizeof *source_mounts; i++) {