diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2017-10-03 20:34:30 +0200 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2017-10-03 21:09:27 +0200 |
| commit | c2390a856ea0fc637d077170b3343e2c5523a4b6 (patch) | |
| tree | 8777d8ca171db89558bc379cd4c8db24b95f013e /sys-apps | |
| parent | sys-apps/sandbox: Fix REPLACING_VERSIONS use (diff) | |
| download | gentoo-c2390a856ea0fc637d077170b3343e2c5523a4b6.tar.gz gentoo-c2390a856ea0fc637d077170b3343e2c5523a4b6.tar.bz2 gentoo-c2390a856ea0fc637d077170b3343e2c5523a4b6.zip | |
sys-apps/sandbox: Remove permanently masked 2.11 versions
Diffstat (limited to 'sys-apps')
| -rw-r--r-- | sys-apps/sandbox/Manifest | 1 | ||||
| -rw-r--r-- | sys-apps/sandbox/files/sandbox-2.11-exec-hash.patch | 96 | ||||
| -rw-r--r-- | sys-apps/sandbox/files/sandbox-2.11-exec-prelink.patch | 107 | ||||
| -rw-r--r-- | sys-apps/sandbox/files/sandbox-2.11-execvpe.patch | 30 | ||||
| -rw-r--r-- | sys-apps/sandbox/sandbox-2.11-r3.ebuild | 84 | ||||
| -rw-r--r-- | sys-apps/sandbox/sandbox-2.11-r4.ebuild | 85 | ||||
| -rw-r--r-- | sys-apps/sandbox/sandbox-2.11-r5.ebuild | 86 |
7 files changed, 0 insertions, 489 deletions
diff --git a/sys-apps/sandbox/Manifest b/sys-apps/sandbox/Manifest index fb977aaa2c7d..5ca849484329 100644 --- a/sys-apps/sandbox/Manifest +++ b/sys-apps/sandbox/Manifest @@ -1,5 +1,4 @@ DIST sandbox-2.10.tar.xz 417068 SHA256 019d6a2646b3a5f9b6fc3fcb6ff99332901017eb845442bec8573b9901506fa6 SHA512 178b3b8fcb54e6ff67df1c8101866739b49e4d31a66717c21ef502dd2ab609fca70f1a0c662b913e207bfc1ba6994cefdcf5c92ff32add9dd98bd9707f301305 WHIRLPOOL 5d6cffa7317cafeba02af75de9ae914d4365a62b54d3dfcc14cb272e621f2f76a60a945591ccb57dd59d6750152087cb2f21e43ded3ec181d6b42df173147192 -DIST sandbox-2.11.tar.xz 423492 SHA256 a1cb203f95057176ca0c5b53b8b9dafd41d1b64a6cf5039a9e1fb4a51b17f237 SHA512 0aa6c773c109749180442d1a46d1b957dea0c30f893e4be1ac0b410e1aad48fdd2972ec591aa2da3a0c74b32d2b7bd51b7c2263bd7b26f8a34bb762d8a48ea0b WHIRLPOOL a2222cc778f2181473cf23b46a62257e5f3857edebb457dcf230f02da0d153e38a28f78a20dee67c9e564c10239d8bd6982a6e894de666f6eff4550f7ad8cdee DIST sandbox-2.12.tar.xz 424252 SHA256 265a490a8c528237c55ad26dfd7f62336fa5727c82358fc9cfbaa2e52c47fc50 SHA512 98bd2ee8807d81e65ee0c9f11cfaf2b37da2ee4d8763c68d18c0ff6b14f3cc847ae2d3a0aa30cbe86063a2108ed4d4dcf7cc3fc4f37cb7549d266d4c1989c2a9 WHIRLPOOL 4f3089746a11616c60057165f387122b74e8d2f30a2d77db296405a2b6f401fc625645bca73092436162f5d98a88bfb2a3b42909b0eceb9a59ab810d803441b0 DIST sandbox-2.6.tar.xz 366356 SHA256 95615c5879dfc419713f22ba5506a2802a50ea0ce8a2f57c656354f2e50b1c4d SHA512 32ba7fb675c67fdc8bc52da1db7ed6878e5fea8753accb30d9aca00f708e0dde03287b5962caf5ef031bea6934d6ef3e18404b015c70ebd551d3fd8109ad2371 WHIRLPOOL bab2d015fb0de92a2266408ca7941c8fb66b599179040cfc727ffce5b2424a9722dc55ba89d198e3361044d8cb357314205488d2a980c7b8af063fd8940f0c03 DIST sandbox-2.7.tar.xz 390304 SHA256 d6e1230180d84fb64c9788dd372a73a1cd2496ead91cad333a211320d3041149 SHA512 81056460afabe3f9163594f662f5faf87b6dfe8511a001fc4d6ce0171492eb29f3b645a45320032d34475bb2c24bf212d1d05b50878a340f1e2ca580f8f8f38a WHIRLPOOL ad070df6351537e49f939ba195f27ccf5e4566bb8b6e4ba391ab8174771eacf909571284c6fa873d5b55e8540605d2766a3de5d451b6af132c0ff6d96e43f554 diff --git a/sys-apps/sandbox/files/sandbox-2.11-exec-hash.patch b/sys-apps/sandbox/files/sandbox-2.11-exec-hash.patch deleted file mode 100644 index 8a4cd9b0b9b7..000000000000 --- a/sys-apps/sandbox/files/sandbox-2.11-exec-hash.patch +++ /dev/null @@ -1,96 +0,0 @@ -From e11815bb7f0656f39e122073e0e3284ec7f5d021 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger <vapier@gentoo.org> -Date: Tue, 29 Mar 2016 23:35:44 -0400 -Subject: [PATCH] libsandbox: fix symtab walking with some ELFs -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The strtab assumption works if there is no SysV hash table. -Add logic to handle that scenario. - -URL: https://bugs.gentoo.org/578524 -Reported-by: Toralf Förster <toralf.foerster@gmx.de> -Signed-off-by: Mike Frysinger <vapier@gentoo.org> ---- - libsandbox/wrapper-funcs/__wrapper_exec.c | 30 +++++++++++++++++------------- - 1 file changed, 17 insertions(+), 13 deletions(-) - -diff --git a/libsandbox/wrapper-funcs/__wrapper_exec.c b/libsandbox/wrapper-funcs/__wrapper_exec.c -index f7f51ab..d372366 100644 ---- a/libsandbox/wrapper-funcs/__wrapper_exec.c -+++ b/libsandbox/wrapper-funcs/__wrapper_exec.c -@@ -83,10 +83,10 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - ({ \ - Elf##n##_Ehdr *ehdr = (void *)elf; \ - Elf##n##_Phdr *phdr = (void *)(elf + ehdr->e_phoff); \ -- Elf##n##_Addr vaddr, filesz, vsym = 0, vstr = 0; \ -- Elf##n##_Off offset, symoff = 0, stroff = 0; \ -+ Elf##n##_Addr vaddr, filesz, vsym = 0, vstr = 0, vhash = 0; \ -+ Elf##n##_Off offset, symoff = 0, stroff = 0, hashoff = 0; \ - Elf##n##_Dyn *dyn; \ -- Elf##n##_Sym *sym; \ -+ Elf##n##_Sym *sym, *symend; \ - uint##n##_t ent_size = 0, str_size = 0; \ - bool dynamic = false; \ - size_t i; \ -@@ -106,6 +106,7 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - case DT_SYMENT: ent_size = dyn->d_un.d_val; break; \ - case DT_STRTAB: vstr = dyn->d_un.d_val; break; \ - case DT_STRSZ: str_size = dyn->d_un.d_val; break; \ -+ case DT_HASH: vhash = dyn->d_un.d_val; break; \ - } \ - ++dyn; \ - } \ -@@ -123,6 +124,8 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - symoff = offset + (vsym - vaddr); \ - if (vstr >= vaddr && vstr < vaddr + filesz) \ - stroff = offset + (vstr - vaddr); \ -+ if (vhash >= vaddr && vhash < vaddr + filesz) \ -+ hashoff = offset + (vhash - vaddr); \ - } \ - \ - /* Finally walk the symbol table. This should generally be fast as \ -@@ -130,18 +133,20 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - * out there do not export any symbols at all. \ - */ \ - if (symoff && stroff) { \ -- sym = (void *)(elf + symoff); \ -+ /* Hash entries are always 32-bits. */ \ -+ uint32_t *hashes = (void *)(elf + hashoff); \ - /* Nowhere is the # of symbols recorded, or the size of the symbol \ -- * table. Instead, we do what glibc does: assume that the string \ -- * table always follows the symbol table. This seems like a poor \ -- * assumption to make, but glibc has gotten by this long. We could \ -- * rely on DT_HASH and walking all the buckets to find the largest \ -- * symbol index, but that's also a bit hacky. \ -+ * table. Instead, we do what glibc does: use the sysv hash table \ -+ * if it exists, else assume that the string table always directly \ -+ * follows the symbol table. This seems like a poor assumption to \ -+ * make, but glibc has gotten by this long. \ - * \ - * We don't sanity check the ranges here as you aren't executing \ - * corrupt programs in the sandbox. \ - */ \ -- for (i = 0; i < (vstr - vsym) / ent_size; ++i) { \ -+ sym = (void *)(elf + symoff); \ -+ symend = vhash ? (sym + hashes[1]) : (void *)(elf + stroff); \ -+ while (sym < symend) { \ - char *symname = (void *)(elf + stroff + sym->st_name); \ - if (ELF##n##_ST_VISIBILITY(sym->st_other) == STV_DEFAULT && \ - sym->st_shndx != SHN_UNDEF && sym->st_shndx < SHN_LORESERVE && \ -@@ -149,9 +154,8 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - /* Minor optimization to avoid strcmp. */ \ - symname[0] == '_' && symname[1] == '_') { \ - /* Blacklist internal C library symbols. */ \ -- size_t j; \ -- for (j = 0; j < ARRAY_SIZE(libc_alloc_syms); ++j) \ -- if (!strcmp(symname, libc_alloc_syms[j])) { \ -+ for (i = 0; i < ARRAY_SIZE(libc_alloc_syms); ++i) \ -+ if (!strcmp(symname, libc_alloc_syms[i])) { \ - run_in_process = false; \ - goto use_trace; \ - } \ --- -2.7.4 - diff --git a/sys-apps/sandbox/files/sandbox-2.11-exec-prelink.patch b/sys-apps/sandbox/files/sandbox-2.11-exec-prelink.patch deleted file mode 100644 index 067824f7e703..000000000000 --- a/sys-apps/sandbox/files/sandbox-2.11-exec-prelink.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 5628d830548e91819953d2d14397170e219df7c6 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger <vapier@gentoo.org> -Date: Wed, 16 Nov 2016 15:59:28 -0500 -Subject: [PATCH] libsandbox: fix symtab walking with prelinked ELFs - -When prelink runs on an ELF, it moves the string table from right -after the symbol table to the end, and then replaces the string -table with its liblist table. This ends up breaking sandbox's -assumption that the string table always follows the symbol table -leading to prelinked ELFs crashing. - -Update the range check to use the liblist table when available. -Since the prelink code has this logic hardcoded (swapping the -string table for the liblist table), this should be OK for now. - -URL: https://bugs.gentoo.org/599894 -Reported-by: Anders Larsson <anders.gentoo@larsson.xyz> -Reported-by: Kenton Groombridge <rustyvega@comcast.net> -Reported-by: Marien Zwart <marien.zwart@gmail.com> -Signed-off-by: Mike Frysinger <vapier@gentoo.org> ---- - libsandbox/wrapper-funcs/__wrapper_exec.c | 39 ++++++++++++++++++++++--------- - 1 file changed, 28 insertions(+), 11 deletions(-) - -diff --git a/libsandbox/wrapper-funcs/__wrapper_exec.c b/libsandbox/wrapper-funcs/__wrapper_exec.c -index d372366c5478..226c0c0f4407 100644 ---- a/libsandbox/wrapper-funcs/__wrapper_exec.c -+++ b/libsandbox/wrapper-funcs/__wrapper_exec.c -@@ -83,8 +83,8 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - ({ \ - Elf##n##_Ehdr *ehdr = (void *)elf; \ - Elf##n##_Phdr *phdr = (void *)(elf + ehdr->e_phoff); \ -- Elf##n##_Addr vaddr, filesz, vsym = 0, vstr = 0, vhash = 0; \ -- Elf##n##_Off offset, symoff = 0, stroff = 0, hashoff = 0; \ -+ Elf##n##_Addr vaddr, filesz, vsym = 0, vstr = 0, vhash = 0, vliblist = 0; \ -+ Elf##n##_Off offset, symoff = 0, stroff = 0, hashoff = 0, liblistoff = 0; \ - Elf##n##_Dyn *dyn; \ - Elf##n##_Sym *sym, *symend; \ - uint##n##_t ent_size = 0, str_size = 0; \ -@@ -102,11 +102,12 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - dyn = (void *)(elf + phdr[i].p_offset); \ - while (dyn->d_tag != DT_NULL) { \ - switch (dyn->d_tag) { \ -- case DT_SYMTAB: vsym = dyn->d_un.d_val; break; \ -- case DT_SYMENT: ent_size = dyn->d_un.d_val; break; \ -- case DT_STRTAB: vstr = dyn->d_un.d_val; break; \ -- case DT_STRSZ: str_size = dyn->d_un.d_val; break; \ -- case DT_HASH: vhash = dyn->d_un.d_val; break; \ -+ case DT_SYMTAB: vsym = dyn->d_un.d_val; break; \ -+ case DT_SYMENT: ent_size = dyn->d_un.d_val; break; \ -+ case DT_STRTAB: vstr = dyn->d_un.d_val; break; \ -+ case DT_STRSZ: str_size = dyn->d_un.d_val; break; \ -+ case DT_HASH: vhash = dyn->d_un.d_val; break; \ -+ case DT_GNU_LIBLIST: vliblist = dyn->d_un.d_val; break; \ - } \ - ++dyn; \ - } \ -@@ -126,6 +127,8 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - stroff = offset + (vstr - vaddr); \ - if (vhash >= vaddr && vhash < vaddr + filesz) \ - hashoff = offset + (vhash - vaddr); \ -+ if (vliblist >= vaddr && vliblist < vaddr + filesz) \ -+ liblistoff = offset + (vliblist - vaddr); \ - } \ - \ - /* Finally walk the symbol table. This should generally be fast as \ -@@ -133,19 +136,33 @@ static bool sb_check_exec(const char *filename, char *const argv[]) - * out there do not export any symbols at all. \ - */ \ - if (symoff && stroff) { \ -- /* Hash entries are always 32-bits. */ \ -- uint32_t *hashes = (void *)(elf + hashoff); \ - /* Nowhere is the # of symbols recorded, or the size of the symbol \ - * table. Instead, we do what glibc does: use the sysv hash table \ - * if it exists, else assume that the string table always directly \ - * follows the symbol table. This seems like a poor assumption to \ -- * make, but glibc has gotten by this long. \ -+ * make, but glibc has gotten by this long. See determine_info in \ -+ * glibc's elf/dl-addr.c. \ -+ * \ -+ * Turns out prelink will violate that assumption. Fortunately it \ -+ * will insert its liblist at the same location all the time -- it \ -+ * replaces the string table with its liblist table. \ -+ * \ -+ * Long term, we should behave the same as glibc and walk the gnu \ -+ * hash table first before falling back to the raw symbol table. \ - * \ - * We don't sanity check the ranges here as you aren't executing \ - * corrupt programs in the sandbox. \ - */ \ - sym = (void *)(elf + symoff); \ -- symend = vhash ? (sym + hashes[1]) : (void *)(elf + stroff); \ -+ if (vhash) { \ -+ /* Hash entries are always 32-bits. */ \ -+ uint32_t *hashes = (void *)(elf + hashoff); \ -+ symend = sym + hashes[1]; \ -+ } else if (vliblist) \ -+ symend = (void *)(elf + liblistoff); \ -+ else \ -+ symend = (void *)(elf + stroff); \ -+ \ - while (sym < symend) { \ - char *symname = (void *)(elf + stroff + sym->st_name); \ - if (ELF##n##_ST_VISIBILITY(sym->st_other) == STV_DEFAULT && \ --- -2.10.2 - diff --git a/sys-apps/sandbox/files/sandbox-2.11-execvpe.patch b/sys-apps/sandbox/files/sandbox-2.11-execvpe.patch deleted file mode 100644 index 7e8130b51e6a..000000000000 --- a/sys-apps/sandbox/files/sandbox-2.11-execvpe.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 31a135d261a9bc1d65b1fa484345a858bab84db8 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger <vapier@gentoo.org> -Date: Wed, 30 Mar 2016 01:17:21 -0400 -Subject: [PATCH] libsandbox: whitelist execvpe -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -URL: https://bugs.gentoo.org/578516 -Reported-by: Toralf Förster <toralf.foerster@gmx.de> -Signed-off-by: Mike Frysinger <vapier@gentoo.org> ---- - libsandbox/libsandbox.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c -index cbe1aa1..e809308 100644 ---- a/libsandbox/libsandbox.c -+++ b/libsandbox/libsandbox.c -@@ -710,6 +710,7 @@ static int check_access(sbcontext_t *sbcontext, int sb_nr, const char *func, - sb_nr == SB_NR_EXECV || - sb_nr == SB_NR_EXECVP || - sb_nr == SB_NR_EXECVE || -+ sb_nr == SB_NR_EXECVPE || - sb_nr == SB_NR_FEXECVE)) - { - retval = check_prefixes(sbcontext->read_prefixes, --- -2.7.4 - diff --git a/sys-apps/sandbox/sandbox-2.11-r3.ebuild b/sys-apps/sandbox/sandbox-2.11-r3.ebuild deleted file mode 100644 index e49dd8c5a1a9..000000000000 --- a/sys-apps/sandbox/sandbox-2.11-r3.ebuild +++ /dev/null @@ -1,84 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# -# don't monkey with this ebuild unless contacting portage devs. -# period. -# - -EAPI="5" - -inherit eutils flag-o-matic multilib-minimal multiprocessing pax-utils - -DESCRIPTION="sandbox'd LD_PRELOAD hack" -HOMEPAGE="https://www.gentoo.org/proj/en/portage/sandbox/" -SRC_URI="mirror://gentoo/${P}.tar.xz - https://dev.gentoo.org/~vapier/dist/${P}.tar.xz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" -IUSE="" - -DEPEND="app-arch/xz-utils - >=app-misc/pax-utils-0.1.19" #265376 -RDEPEND="" - -has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" - -sandbox_death_notice() { - ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" - ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox" -} - -src_prepare() { - epatch "${FILESDIR}"/${P}-execvpe.patch #578516 - epatch "${FILESDIR}"/${P}-exec-hash.patch #578524 - epatch "${FILESDIR}"/${P}-exec-prelink.patch #599894 - epatch_user -} - -multilib_src_configure() { - filter-lfs-flags #90228 - - local myconf=() - host-is-pax && myconf+=( --disable-pch ) #301299 #425524 #572092 - - ECONF_SOURCE="${S}" \ - econf "${myconf[@]}" -} - -multilib_src_test() { - # Default sandbox build will run with --jobs set to # cpus. - emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" -} - -multilib_src_install_all() { - doenvd "${FILESDIR}"/09sandbox - - keepdir /var/log/sandbox - fowners root:portage /var/log/sandbox - fperms 0770 /var/log/sandbox - - cd "${S}" - dodoc AUTHORS ChangeLog* NEWS README -} - -pkg_preinst() { - chown root:portage "${ED}"/var/log/sandbox - chmod 0770 "${ED}"/var/log/sandbox - - if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then - local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*') - if [[ -n ${old} ]] ; then - elog "Removing old sandbox libraries for you:" - find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -print -delete - fi - fi -} - -pkg_postinst() { - if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then - chmod 0755 "${EROOT}"/etc/sandbox.d #265376 - fi -} diff --git a/sys-apps/sandbox/sandbox-2.11-r4.ebuild b/sys-apps/sandbox/sandbox-2.11-r4.ebuild deleted file mode 100644 index 0cba4b731e78..000000000000 --- a/sys-apps/sandbox/sandbox-2.11-r4.ebuild +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# -# don't monkey with this ebuild unless contacting portage devs. -# period. -# - -EAPI="5" - -inherit eutils flag-o-matic multilib-minimal multiprocessing pax-utils - -DESCRIPTION="sandbox'd LD_PRELOAD hack" -HOMEPAGE="https://www.gentoo.org/proj/en/portage/sandbox/" -SRC_URI="mirror://gentoo/${P}.tar.xz - https://dev.gentoo.org/~vapier/dist/${P}.tar.xz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" -IUSE="" - -DEPEND="app-arch/xz-utils - >=app-misc/pax-utils-0.1.19" #265376 -RDEPEND="" - -has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" - -sandbox_death_notice() { - ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" - ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox" -} - -src_prepare() { - epatch "${FILESDIR}"/${P}-execvpe.patch #578516 - epatch "${FILESDIR}"/${P}-exec-hash.patch #578524 - epatch "${FILESDIR}"/${P}-exec-prelink.patch #599894 - epatch "${FILESDIR}"/${PN}-2.10-fix-opendir.patch #553092 - epatch_user -} - -multilib_src_configure() { - filter-lfs-flags #90228 - - local myconf=() - host-is-pax && myconf+=( --disable-pch ) #301299 #425524 #572092 - - ECONF_SOURCE="${S}" \ - econf "${myconf[@]}" -} - -multilib_src_test() { - # Default sandbox build will run with --jobs set to # cpus. - emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" -} - -multilib_src_install_all() { - doenvd "${FILESDIR}"/09sandbox - - keepdir /var/log/sandbox - fowners root:portage /var/log/sandbox - fperms 0770 /var/log/sandbox - - cd "${S}" - dodoc AUTHORS ChangeLog* NEWS README -} - -pkg_preinst() { - chown root:portage "${ED}"/var/log/sandbox - chmod 0770 "${ED}"/var/log/sandbox - - if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then - local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*') - if [[ -n ${old} ]] ; then - elog "Removing old sandbox libraries for you:" - find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -print -delete - fi - fi -} - -pkg_postinst() { - if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then - chmod 0755 "${EROOT}"/etc/sandbox.d #265376 - fi -} diff --git a/sys-apps/sandbox/sandbox-2.11-r5.ebuild b/sys-apps/sandbox/sandbox-2.11-r5.ebuild deleted file mode 100644 index 48dd1a7ad99b..000000000000 --- a/sys-apps/sandbox/sandbox-2.11-r5.ebuild +++ /dev/null @@ -1,86 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# -# don't monkey with this ebuild unless contacting portage devs. -# period. -# - -EAPI="5" - -inherit eutils flag-o-matic multilib-minimal multiprocessing pax-utils - -DESCRIPTION="sandbox'd LD_PRELOAD hack" -HOMEPAGE="https://www.gentoo.org/proj/en/portage/sandbox/" -SRC_URI="mirror://gentoo/${P}.tar.xz - https://dev.gentoo.org/~vapier/dist/${P}.tar.xz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" -IUSE="" - -DEPEND="app-arch/xz-utils - >=app-misc/pax-utils-0.1.19" #265376 -RDEPEND="" - -has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice" - -sandbox_death_notice() { - ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:" - ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox" -} - -src_prepare() { - epatch "${FILESDIR}"/${P}-execvpe.patch #578516 - epatch "${FILESDIR}"/${P}-exec-hash.patch #578524 - epatch "${FILESDIR}"/${P}-exec-prelink.patch #599894 - epatch "${FILESDIR}"/${PN}-2.10-fix-opendir.patch #553092 - epatch "${FILESDIR}"/${P}-symlinkat-renameat.patch #612202 - epatch_user -} - -multilib_src_configure() { - filter-lfs-flags #90228 - - local myconf=() - host-is-pax && myconf+=( --disable-pch ) #301299 #425524 #572092 - - ECONF_SOURCE="${S}" \ - econf "${myconf[@]}" -} - -multilib_src_test() { - # Default sandbox build will run with --jobs set to # cpus. - emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" -} - -multilib_src_install_all() { - doenvd "${FILESDIR}"/09sandbox - - keepdir /var/log/sandbox - fowners root:portage /var/log/sandbox - fperms 0770 /var/log/sandbox - - cd "${S}" - dodoc AUTHORS ChangeLog* NEWS README -} - -pkg_preinst() { - chown root:portage "${ED}"/var/log/sandbox - chmod 0770 "${ED}"/var/log/sandbox - - if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then - local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*') - if [[ -n ${old} ]] ; then - elog "Removing old sandbox libraries for you:" - find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -print -delete - fi - fi -} - -pkg_postinst() { - if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then - chmod 0755 "${EROOT}"/etc/sandbox.d #265376 - fi -} |