summaryrefslogtreecommitdiff
path: root/sys-apps/sandbox
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2021-10-26 00:10:07 +0100
committerV3n3RiX <venerix@koprulu.sector>2021-10-26 00:10:07 +0100
commit95461df035e3867364495f065e5e805bf629b2d7 (patch)
tree867dce371a84a696e91be255d89f282975aa0480 /sys-apps/sandbox
parent46eedbedafdb0040c37884982d4c775ce277fb7b (diff)
gentoo resync : 25.10.2021
Diffstat (limited to 'sys-apps/sandbox')
-rw-r--r--sys-apps/sandbox/Manifest8
-rw-r--r--sys-apps/sandbox/metadata.xml3
-rw-r--r--sys-apps/sandbox/sandbox-2.25.ebuild2
-rw-r--r--sys-apps/sandbox/sandbox-2.26.ebuild60
-rw-r--r--sys-apps/sandbox/sandbox-2.27.ebuild64
5 files changed, 134 insertions, 3 deletions
diff --git a/sys-apps/sandbox/Manifest b/sys-apps/sandbox/Manifest
index 950fee7043ab..2d8b6bd2ff16 100644
--- a/sys-apps/sandbox/Manifest
+++ b/sys-apps/sandbox/Manifest
@@ -1,6 +1,10 @@
AUX 09sandbox 37 BLAKE2B 181213e2cc0bcfa328310cced40bfaba4530d8d2f80e892cb5649d5277c5d59d345ce96ca802a5529a22892c929bafac04c616458fa147a3bee5c89d31b0baf1 SHA512 4e8a9c58debde6480224a45559c5f2db4765213d151e47937f9142f110cac3681bf6402acaf21249a37bb17398e7bc00ae7feee68ecdb5b9363c432eac1b052a
DIST sandbox-2.24.tar.xz 438408 BLAKE2B 5e725d17da0abc06d56216f4df2f4034076f50163db1c3bbddbf4fd07dbd5b7d92ef2f1b2c01eb77ff6cf531c5cc6a05e60b028f585310ac56eef96240882843 SHA512 8df5414e334a15f367acfd218ba1b74ba618b93d7bdeca8a039b69cbd81ab048ec5a6cecb24df09fa9a5f4fe214d647acf5138004defd45e6396eec5ae7c93d0
DIST sandbox-2.25.tar.xz 436004 BLAKE2B c9c7d351cdefbb2b1a585904c38742a5a3bde50d3d690c57cff9cdc71ffb822e78a2b56c47afd03fbc70834de5dda13c5a300d9d6b35e09ec400a050d4f8e82c SHA512 4e998c4d9ba6eb69369cc49849060a2e90535eae91fbb64c4d46371fe0ed5182413b14674f10c773fd997b6895bc870ccb23586351f5bb06b69dc11a0cddbe1d
+DIST sandbox-2.26.tar.xz 444412 BLAKE2B 3bc88d86ba4e2522895c4448dff6da2cffceb912e5ff9610fe4c3aea255ffd9b9ca9bbe8e45d94508f45e9c141aa6945a9a8d82cba0f3ca102ff6a1624c84161 SHA512 f20766daf2ce43753772a184c86a7b6847f96ab7b60b202616e15d791bc1f770162035a9b1ffe38765dff8d2567ad971a9a2bdeba9a8769845a758fcd95206fa
+DIST sandbox-2.27.tar.xz 448948 BLAKE2B 03a311c8c7c8719bac398e39ce49e7149bdaa1d5b2811f395eb2251a32aabba995f97c3d5d27461aadb64bf43adf2b0cbaa7c2f141dd86f64f8dd326422ac104 SHA512 2a53e6fc87cec975962737b1fadc447d86985d27b18ad2caed711116da2ba435f54db0f7dadb02664b2638b9dc77752831cd4820390f5c3e61a42429e13462a7
EBUILD sandbox-2.24.ebuild 1617 BLAKE2B 5bb22638ea5e5735242e538cb8e0e2598a38237001162fa0cd4d4c3dba6ddb7b9d4607b04ab20b00cb2e7b17c7a759808117d6c0c521a7ba6843fb42e29d1ab2 SHA512 845b5ae83d2c12dc7101d01b76af6693ae888237eda43d2207ef4a1fd3c121d79c554cbb1e7395365867cb96b6a27bbae1c26ff79c301ed00e536acef396dae9
-EBUILD sandbox-2.25.ebuild 1623 BLAKE2B 89f1946e8c8984c422bd4837eae4e20e0878496fc2b9dda84e5a53fd3db1d199f449967ed0af3156e26b8d8dedbc38c99db92e57eb2cf928b63da7fff2827e27 SHA512 40ddf4bf456b789e8d45997659057a0247dca25a6f7874860ca63e839cd915c819c2d0faae7e5facd7361dfe76e5e49c391b9f96d8b32967358c5d11f25aa9b5
-MISC metadata.xml 253 BLAKE2B 67da03c96f16f23fc1bbed2f09b3ace7f1309ae149005999bf271479a6d142783d69d44aff75f4a7169f20f5bd1f0f605bcda292953a15454896a56c7ba9e7cf SHA512 3148011cc25751dc4d0e6c077963880e10cd49f79b5d9778f31c73f161d958e2dce687dea8dd84e2b5a7762b00d3ff843b1fbc8b1827379ccbd4e3fac8eefcc3
+EBUILD sandbox-2.25.ebuild 1615 BLAKE2B b42f819adc73df7f3c7b0f2654eeaa41f23840763c3fe5abe64ba147b20cf74f1df7411a1309d2581b4264a9a5152eda6386551acadfc04125d31251557c10b6 SHA512 df4789dff85f482c7e9750d8581d2b74686bef82a5b4dd15d1a4b7923f7a2541f68afa5e5b5c091ccdab8234eba2708110401bad527c99e25e236dd8921e8abd
+EBUILD sandbox-2.26.ebuild 1544 BLAKE2B 379c4679d0c7c98aa3cbe454f8d3bc3a147b5879aea7e004528a1d0616fb8ec38a4f08dceef9123cbd7b763ab1ea3dde0b6845ae61b053e59cc9f3887e608560 SHA512 2cbfe0f5d0398b684034a67031f9d3ac0f14d3a8b2f6c8615413d5dc73774da7ce2b7995b9d1f10f9a16686b59e4c4e4b83d9590bc63d85a75e8e2eac16eab4a
+EBUILD sandbox-2.27.ebuild 1649 BLAKE2B 64bd35d61dbbd9084a9459ed3a67b9049b0c84ffb94fc76978919f060da0e79625cb94fe1cb3b6a6c246dd9ebab0363c261ab8461f7348f15828cf0252309eee SHA512 6fc2fa2b81f247da62ce318a34d37aabef92e9df7114c7a2c830477ab51daeb4abcaab4c0c2db9476d84624656e488fb201af77b7c4eaafa981c7e099718b46a
+MISC metadata.xml 377 BLAKE2B fcbc91501a4a61bfa3c3cc01b0746f5f638093933cf8a9ba1e6206071cb0482c9ba18c5c10541d934327cf805ee0e40c010b3f25a221ab63fefa2fd9f39da0d7 SHA512 92aa26a3200dd1508fb86da0e0bc70be66ccbcf66593ee6833102c9961ac17c8a99c5b070a2cd2e79dba8e5daa0316cdb6744baa3fbd9342953fcc00b1277d35
diff --git a/sys-apps/sandbox/metadata.xml b/sys-apps/sandbox/metadata.xml
index e270f4674f61..11e084f7c9b9 100644
--- a/sys-apps/sandbox/metadata.xml
+++ b/sys-apps/sandbox/metadata.xml
@@ -5,4 +5,7 @@
<email>sandbox@gentoo.org</email>
<name>Sandbox Maintainers</name>
</maintainer>
+<use>
+ <flag name="nnp">Enable NO_NEW_PRIVS which blocks set*id programs from gaining privileges (e.g. sudo)</flag>
+</use>
</pkgmetadata>
diff --git a/sys-apps/sandbox/sandbox-2.25.ebuild b/sys-apps/sandbox/sandbox-2.25.ebuild
index d35f5327d29f..70179abd1b9f 100644
--- a/sys-apps/sandbox/sandbox-2.25.ebuild
+++ b/sys-apps/sandbox/sandbox-2.25.ebuild
@@ -11,7 +11,7 @@ SRC_URI="https://dev.gentoo.org/~mgorny/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
IUSE=""
DEPEND="app-arch/xz-utils
diff --git a/sys-apps/sandbox/sandbox-2.26.ebuild b/sys-apps/sandbox/sandbox-2.26.ebuild
new file mode 100644
index 000000000000..5203f1537c28
--- /dev/null
+++ b/sys-apps/sandbox/sandbox-2.26.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit flag-o-matic multilib-minimal multiprocessing
+
+DESCRIPTION="sandbox'd LD_PRELOAD hack"
+HOMEPAGE="https://wiki.gentoo.org/wiki/Project:Sandbox"
+SRC_URI="https://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE=""
+
+DEPEND="app-arch/xz-utils
+ >=app-misc/pax-utils-0.1.19" #265376
+RDEPEND=""
+
+has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS+=" sandbox_death_notice"
+
+sandbox_death_notice() {
+ ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
+ ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox"
+}
+
+src_prepare() {
+ default
+
+ # sandbox uses `__asm__ (".symver "...` which does
+ # not play well with gcc's LTO: https://gcc.gnu.org/PR48200
+ append-flags -fno-lto
+ append-ldflags -fno-lto
+}
+
+multilib_src_configure() {
+ filter-lfs-flags #90228
+
+ ECONF_SOURCE="${S}" econf
+}
+
+multilib_src_test() {
+ # Default sandbox build will run with --jobs set to # cpus.
+ # -j1 to prevent test faiures caused by file descriptor
+ # injection GNU make does.
+ emake -j1 check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)"
+}
+
+multilib_src_install_all() {
+ doenvd "${FILESDIR}"/09sandbox
+
+ dodoc AUTHORS ChangeLog* README.md
+}
+
+pkg_postinst() {
+ mkdir -p "${EROOT}"/var/log/sandbox
+ chown root:portage "${EROOT}"/var/log/sandbox
+ chmod 0770 "${EROOT}"/var/log/sandbox
+}
diff --git a/sys-apps/sandbox/sandbox-2.27.ebuild b/sys-apps/sandbox/sandbox-2.27.ebuild
new file mode 100644
index 000000000000..ed70783105b7
--- /dev/null
+++ b/sys-apps/sandbox/sandbox-2.27.ebuild
@@ -0,0 +1,64 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit flag-o-matic multilib-minimal multiprocessing
+
+DESCRIPTION="sandbox'd LD_PRELOAD hack"
+HOMEPAGE="https://wiki.gentoo.org/wiki/Project:Sandbox"
+SRC_URI="https://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="+nnp"
+
+DEPEND="app-arch/xz-utils
+ >=app-misc/pax-utils-0.1.19" #265376
+RDEPEND=""
+
+has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS+=" sandbox_death_notice"
+
+sandbox_death_notice() {
+ ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
+ ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox"
+}
+
+src_prepare() {
+ default
+
+ if ! use nnp ; then
+ sed -i 's:PR_SET_NO_NEW_PRIVS:___disable_nnp_hack:' src/sandbox.c || die
+ fi
+
+ # sandbox uses `__asm__ (".symver "...` which does
+ # not play well with gcc's LTO: https://gcc.gnu.org/PR48200
+ append-flags -fno-lto
+ append-ldflags -fno-lto
+}
+
+multilib_src_configure() {
+ filter-lfs-flags #90228
+
+ ECONF_SOURCE="${S}" econf
+}
+
+multilib_src_test() {
+ # Default sandbox build will run with --jobs set to # cpus.
+ # -j1 to prevent test faiures caused by file descriptor
+ # injection GNU make does.
+ emake -j1 check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)"
+}
+
+multilib_src_install_all() {
+ doenvd "${FILESDIR}"/09sandbox
+
+ dodoc AUTHORS ChangeLog* README.md
+}
+
+pkg_postinst() {
+ mkdir -p "${EROOT}"/var/log/sandbox
+ chown root:portage "${EROOT}"/var/log/sandbox
+ chmod 0770 "${EROOT}"/var/log/sandbox
+}