summaryrefslogtreecommitdiff
path: root/sys-apps/minijail
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2023-06-29 13:40:31 +0100
committerV3n3RiX <venerix@koprulu.sector>2023-06-29 13:40:31 +0100
commite745e1d281540da525df5eaae0904b62bc27852f (patch)
treefe71391505cd5188d417ddc468859a54f0c648ae /sys-apps/minijail
parent05f2a11918a15ef57166e74d69d6c4737673e75c (diff)
gentoo auto-resync : 29:06:2023 - 13:40:31
Diffstat (limited to 'sys-apps/minijail')
-rw-r--r--sys-apps/minijail/Manifest5
-rw-r--r--sys-apps/minijail/files/minijail-18-makefile.patch41
-rw-r--r--sys-apps/minijail/metadata.xml3
-rw-r--r--sys-apps/minijail/minijail-18.ebuild78
4 files changed, 126 insertions, 1 deletions
diff --git a/sys-apps/minijail/Manifest b/sys-apps/minijail/Manifest
index b6618aa26139..b92d33bd85c6 100644
--- a/sys-apps/minijail/Manifest
+++ b/sys-apps/minijail/Manifest
@@ -1,5 +1,8 @@
AUX minijail-12-makefile.patch 1511 BLAKE2B 74b620f44ffa3a3f82771d10dfff5999f223613ee734a38be770ac91e128c3e4f26cbbdff197a0636cb8c3b094c70fbed08443560bea095407736327f9d485ac SHA512 c727ff4752345f08d89dab5bc7489793763bf459bc169f132a285bc40c1d8e1e40d366bc8336e35c5362f4e4b999ec9d07db2b3bcd5f394954dae54cb533515a
AUX minijail-17-no-werror.patch 594 BLAKE2B 7afa3b6179ce975d8dac6496532222057db0f27c134b0fa6f783f1f18e7166d310ccfbaa387482fb27f91e7f9cf5b478267e6a4db2ced380efbcd77bfa1b7b6e SHA512 27f7e2c4ca046e86c81ec419fe745bc25547ff5217340af772b331448c19cbcb228835c3ddd1d2879e3b13bf59f85724dcf3cc455c22e0fd27ac81a28efd135d
+AUX minijail-18-makefile.patch 1546 BLAKE2B 7b4ccf54fe13b5614dc119306c06b23e899919f17b6e880044d65d7117095023e318233695d20a55f9012d3172d100e4ba94bf2fee8d3cc728cc944494ea1f8a SHA512 8922874c2a3b319b3699fc75f4f85428f2cc9045794d44f2cdf5cc57ae0034971162ae87ebca9d679b75840614d1ed9a3e9f247a466d52ad26976fb9b207077d
DIST minijail-17.tar.gz 212425 BLAKE2B 411a0e2f1af21dd689fa669f9658e78c3c3c6439fdbea01b41b1d0cb3cbc1dc017634177350a3d5392783201f80874ec2a1604ed2577dbf5d7dbdf584a087267 SHA512 4b9aa29a78f7525ffeedfb927f6b567044ff7c9d32ef0e6771ed2b5c2d47c7a14ccbe000efc988ce6bb4173c5a9ae734b222aac1a00fb0e60777d7dccc149acf
+DIST minijail-18.tar.gz 223537 BLAKE2B 894cca4bd31b12e74a309a99d98eefe24f57e4dae186e79b5800b9857ef6b87c2094ead9a1788d00557d68b0d174bdf1e22f247ffb4fbb2d44a952a8df2c953d SHA512 685f744b4783600b4c91ec678ae87dd9ae0138638e1e754520f406c203f4d92f6b510b1bcf1a921b9e93965026c461d6fe8e5efb5f90393a54ca27db7c8033e5
EBUILD minijail-17.ebuild 1847 BLAKE2B 4a29b4c111a215a627fca5349a3b00271e71985113dd4e820b48f27a230a886b440bc01101ff07de6b7ceab02c1381afaabe22adea07bba6f027b284679df606 SHA512 2a437e1cb4a841ee7898516f12ed688c7130ae0d8dd54617a8aeddfc185c83465910c6308eeaa50a26b53624f2e8cc43e7bfd04b5facf488282cd2840b7c5bfe
-MISC metadata.xml 316 BLAKE2B 1c0d0d8d3d56290e6c416abd016b8e9884d281b4c8700d5e229bbd820946c9b962c148f4d838b3206f091c9340d93febf69c8dab0af58101c5c5128fceea888e SHA512 f31d33694241be5dc691ca273d0712a062b84eaccb44adc3a50a1085a451543ff1c2d20960444474c2d32121a52c2b15c2510c802a59983534c6176906fbaaee
+EBUILD minijail-18.ebuild 1858 BLAKE2B 5a398dcaae440f5512f6d67cafd266d0202c1c4fa57bec3541246267267d3fca19266b37889bdcf82f380d17eeab8d4f9d5dc63bc43ff0128ac6cc2c97e98230 SHA512 0638e0c204c2a96c5ae4a88ea6bb9584db013e068b692c2a7506e48899aadcbc57eeeea83c63581eb92ed1d486e722cf3eb26aff8c95827b2bf0ee59acb95913
+MISC metadata.xml 396 BLAKE2B 2abccc653acbb41fb627d83894b7e22159994295bc7342a89e590742a22167f5e4d4cf4aac5cfe4554aa236f6449889f6e8ec249ef8e7225af6271fc34672043 SHA512 46660ec9367ef20a84b3ec32f562c1204d9102e13afd4d813444be3cb2c4378127e15fb19987c53270e283e024f2e6e9fead95a377bbfe8883c36a3065652393
diff --git a/sys-apps/minijail/files/minijail-18-makefile.patch b/sys-apps/minijail/files/minijail-18-makefile.patch
new file mode 100644
index 000000000000..c1a2509dff5a
--- /dev/null
+++ b/sys-apps/minijail/files/minijail-18-makefile.patch
@@ -0,0 +1,41 @@
+--- a/Makefile
++++ b/Makefile
+@@ -72,9 +72,9 @@ GTEST_CXXFLAGS := -std=gnu++14
+ GTEST_LIBS := gtest.a
+ UNITTEST_DEPS += $(GTEST_LIBS)
+ else
+-GTEST_CXXFLAGS := $(shell gtest-config --cxxflags 2>/dev/null || \
++GTEST_CXXFLAGS ?= $(shell gtest-config --cxxflags 2>/dev/null || \
+ echo "-pthread")
+-GTEST_LIBS := $(shell gtest-config --libs 2>/dev/null || \
++GTEST_LIBS ?= $(shell gtest-config --libs 2>/dev/null || \
+ echo "-lgtest -pthread -lpthread")
+ endif
+ UNITTEST_LIBS += $(GTEST_LIBS)
+@@ -104,6 +104,7 @@ clean: CLEAN(minijail0)
+
+
+ CC_LIBRARY(libminijail.so): LDLIBS += -lcap
++CC_LIBRARY(libminijail.so): LDFLAGS += -Wl,-soname,libminijail.so
+ CC_LIBRARY(libminijail.so): $(CORE_OBJECT_FILES)
+ clean: CLEAN(libminijail.so)
+
+@@ -125,6 +126,7 @@ TEST(CXX_BINARY(libminijail_unittest)): CC_LIBRARY(libminijailpreload.so)
+
+
+ CC_LIBRARY(libminijailpreload.so): LDLIBS += -lcap -ldl
++CC_LIBRARY(libminijailpreload.so): LDFLAGS += -Wl,-soname,libminijail.so
+ CC_LIBRARY(libminijailpreload.so): libminijailpreload.o $(CORE_OBJECT_FILES)
+ clean: CLEAN(libminijailpreload.so)
+
+--- a/common.mk
++++ b/common.mk
+@@ -323,7 +323,7 @@ COMMON_CFLAGS := -Wall -Wunused -Wno-unused-parameter -Werror -Wformat=2 \
+ -fno-strict-aliasing $(SSP_CFLAGS) -O1
+ CXXFLAGS += $(COMMON_CFLAGS) $(COMMON_CFLAGS-$(CXXDRIVER)) -std=gnu++14
+ CFLAGS += $(COMMON_CFLAGS) $(COMMON_CFLAGS-$(CDRIVER)) -std=gnu11
+-CPPFLAGS += -D_FORTIFY_SOURCE=2
++CPPFLAGS +=
+
+ # Enable large file support.
+ CPPFLAGS += -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
diff --git a/sys-apps/minijail/metadata.xml b/sys-apps/minijail/metadata.xml
index 7b5b4ce46bdf..b60ec207b068 100644
--- a/sys-apps/minijail/metadata.xml
+++ b/sys-apps/minijail/metadata.xml
@@ -7,4 +7,7 @@
<maintainer type="person">
<email>chutzpah@gentoo.org</email>
</maintainer>
+ <upstream>
+ <remote-id type="github">google/minijail</remote-id>
+ </upstream>
</pkgmetadata>
diff --git a/sys-apps/minijail/minijail-18.ebuild b/sys-apps/minijail/minijail-18.ebuild
new file mode 100644
index 000000000000..237a6aa5dafb
--- /dev/null
+++ b/sys-apps/minijail/minijail-18.ebuild
@@ -0,0 +1,78 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit linux-info toolchain-funcs
+
+DESCRIPTION="helper binary and library for sandboxing & restricting privs of service"
+HOMEPAGE="https://android.googlesource.com/platform/external/minijail"
+# Use GitHub mirror as Gitiles doesn't generate stable tarballs.
+SRC_URI="https://github.com/google/${PN}/archive/linux-v${PV}.tar.gz -> ${P}.tar.gz"
+S="${WORKDIR}/${PN}-linux-v${PV}"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+seccomp test"
+RESTRICT="!test? ( test )"
+
+RDEPEND="sys-libs/libcap-ng:="
+DEPEND="
+ ${RDEPEND}
+ test? (
+ >=dev-cpp/gtest-1.8.0:=
+ )
+"
+BDEPEND="test? ( virtual/pkgconfig )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-18-makefile.patch"
+ "${FILESDIR}/${PN}-17-no-werror.patch"
+)
+
+pkg_pretend() {
+ local CONFIG_CHECK="~NAMESPACES ~UTS_NS ~IPC_NS ~USER_NS ~PID_NS ~NET_NS
+ ~SECCOMP ~SECCOMP_FILTER ~CGROUPS"
+ check_extra_config
+}
+
+src_configure() {
+ export LIBDIR="/usr/$(get_libdir)"
+ export USE_seccomp="$(usex seccomp)"
+ export USE_SYSTEM_GTEST=yes
+ if use test; then
+ export GTEST_CXXFLAGS="$($(tc-getPKG_CONFIG) --cflags gtest_main)"
+ export GTEST_LIBS="$($(tc-getPKG_CONFIG) --libs gtest_main)"
+ else
+ export GTEST_CXXFLAGS='' GTEST_LIBS=''
+ fi
+ export VERBOSE=1
+}
+
+src_compile() {
+ tc-env_build emake all parse_seccomp_policy
+}
+
+src_test() {
+ GTEST_FILTER="-NamespaceTest.test_tmpfs_userns:NamespaceTest.test_namespaces" \
+ tc-env_build emake tests
+}
+
+src_install() {
+ dosbin minijail0
+ dolib.so libminijail{,preload}.so
+ dobin parse_seccomp_policy
+
+ doman minijail0.[15]
+ dodoc README.md
+
+ local include_dir="/usr/include"
+
+ "${S}"/platform2_preinstall.sh "${PV}" "${include_dir}"
+ insinto "/usr/$(get_libdir)/pkgconfig"
+ doins libminijail.pc
+
+ insinto "${include_dir}"
+ doins libminijail.h scoped_minijail.h
+}