mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-01 03:41:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

bump(sys-apps/sandbox): sync with upstream

Browse Source 
Signed-off-by: Geoff Levand <geoff@infradead.org>
This commit is contained in:
Geoff Levand 2018-04-24 17:21:28 -07:00
parent 6882f080e6
commit dda35d37cd
27 changed files with 658 additions and 1948 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

754
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/ChangeLog vendored
View File

@ -1,754 +0,0 @@
# ChangeLog for sys-apps/sandbox
# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/ChangeLog,v 1.183 2015/04/15 03:25:06 vapier Exp $
15 Apr 2015; Mike Frysinger <vapier@gentoo.org>
+files/sandbox-2.6-gcc-5.patch, sandbox-2.6-r1.ebuild:
Fix building w/gcc-5.
18 Jan 2014; Mike Frysinger <vapier@gentoo.org> sandbox-2.6-r1.ebuild:
Add arm64 love.
28 Nov 2013; Mike Frysinger <vapier@gentoo.org>
+files/sandbox-2.6-no-pch.patch, sandbox-2.6-r1.ebuild:
Disable pch logic for now #425524 by J.C. Wren.
14 Nov 2013; Mike Frysinger <vapier@gentoo.org> sandbox-1.6-r2.ebuild,
sandbox-2.3-r1.ebuild, sandbox-2.4.ebuild, sandbox-2.5.ebuild,
sandbox-2.6-r1.ebuild:
Point HOMEPAGE to the sandbox page #475956 by Jonas Stein.
05 Sep 2013; Mike Frysinger <vapier@gentoo.org> sandbox-2.6-r1.ebuild:
Mark m68k stable #472624.
02 Jul 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for sh, wrt bug #472624
30 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for s390, wrt bug #472624
29 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for sparc, wrt bug #472624
26 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for arm, wrt bug #472624
26 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for ia64, wrt bug #472624
26 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for alpha, wrt bug #472624
25 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for amd64, wrt bug #472624
25 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for x86, wrt bug #472624
25 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for ppc64, wrt bug #472624
24 Jun 2013; Agostino Sarubbo <ago@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for ppc, wrt bug #472624
23 Jun 2013; Jeroen Roovers <jer@gentoo.org> sandbox-2.6-r1.ebuild:
Stable for HPPA (bug #472624).
*sandbox-2.6-r1 (23 Mar 2013)
23 Mar 2013; Mike Frysinger <vapier@gentoo.org>
+files/sandbox-2.6-check-empty-paths-at.patch,
+files/sandbox-2.6-desktop.patch, +files/sandbox-2.6-log-var.patch,
+files/sandbox-2.6-open-nofollow.patch,
+files/sandbox-2.6-static-close-fd.patch, +sandbox-2.6-r1.ebuild,
-sandbox-2.6.ebuild:
Apply random set of bugfixes.
26 Dec 2012; Mike Frysinger <vapier@gentoo.org> sandbox-2.6.ebuild:
Add epatch_user #413441#9.
06 Jul 2012; Mike Frysinger <vapier@gentoo.org>
+files/sandbox-2.6-trace-hppa.patch, sandbox-2.6.ebuild:
Fix building of trace code for hppa #425062 by Jeroen Roovers.
*sandbox-2.6 (03 Jul 2012)
03 Jul 2012; Mike Frysinger <vapier@gentoo.org> +sandbox-2.6.ebuild:
Various fixes, and x32 support.
24 Jun 2012; Mike Frysinger <vapier@gentoo.org> sandbox-2.5.ebuild:
Parallelize configure steps for multiple ABIs, and run tests in parallel.
30 Mar 2012; Alexis Ballier <aballier@gentoo.org> sandbox-1.6-r2.ebuild:
keyword -x86-fbsd for bug #374425, sandbox is broken of fbsd and this leaves
us with nothing.
05 Feb 2012; Mike Frysinger <vapier@gentoo.org> sandbox-1.6-r2.ebuild,
sandbox-2.3-r1.ebuild, sandbox-2.4.ebuild, sandbox-2.5.ebuild:
Move to new unpacker eclass.
02 Feb 2012; Samuli Suominen <ssuominen@gentoo.org> sandbox-2.5.ebuild:
ppc/ppc64 stable wrt #389981
03 Dec 2011; Raúl Porcel <armin76@gentoo.org> sandbox-2.5.ebuild:
alpha/ia64/m68k/s390/sh/sparc stable wrt #389981
13 Nov 2011; Markus Meier <maekke@gentoo.org> sandbox-2.5.ebuild:
arm stable, bug #389981
11 Nov 2011; Pawel Hajdan jr <phajdan.jr@gentoo.org> sandbox-2.5.ebuild:
x86 stable wrt bug #389981
10 Nov 2011; Jeroen Roovers <jer@gentoo.org> sandbox-2.5.ebuild:
Stable for HPPA (bug #389981).
10 Nov 2011; Tony Vroon <chainsaw@gentoo.org> sandbox-2.5.ebuild:
Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo &
Elijah "Armageddon" El Lazkani in bug #389981.
10 May 2011; Jeremy Olexa <darkside@gentoo.org> sandbox-2.4.ebuild,
sandbox-2.5.ebuild:
Don't restore ownership while extracting, bug 366759
*sandbox-2.5 (14 Feb 2011)
14 Feb 2011; Mike Frysinger <vapier@gentoo.org> +sandbox-2.5.ebuild:
Version bump.
12 Feb 2011; Raúl Porcel <armin76@gentoo.org> sandbox-2.4.ebuild:
sparc stable wrt #348549
02 Jan 2011; Mike Frysinger <vapier@gentoo.org> sandbox-2.4.ebuild:
Mark alpha/ia64/s390/sh stable #348549.
21 Dec 2010; Markus Meier <maekke@gentoo.org> sandbox-2.4.ebuild:
arm stable, bug #348549
19 Dec 2010; Samuli Suominen <ssuominen@gentoo.org> sandbox-2.4.ebuild:
ppc64 stable wrt #348549
14 Dec 2010; Markos Chandras <hwoarang@gentoo.org> sandbox-2.4.ebuild:
Stable on amd64 wrt bug #348549
13 Dec 2010; Jeroen Roovers <jer@gentoo.org> sandbox-2.4.ebuild:
Stable for HPPA PPC (bug #348549).
13 Dec 2010; Jeroen Roovers <jer@gentoo.org> sandbox-2.4.ebuild:
Stable for HPPA (bug #348549).
12 Dec 2010; Pawel Hajdan jr <phajdan.jr@gentoo.org> sandbox-2.4.ebuild:
x86 stable wrt bug #348549
30 Nov 2010; Michael Weber <xmw@gentoo.org> sandbox-2.3-r1.ebuild:
sparc stable (bug 338113)
*sandbox-2.4 (24 Nov 2010)
24 Nov 2010; Mike Frysinger <vapier@gentoo.org> +sandbox-2.4.ebuild:
Fix hardened issues #339157 and flesh out *at func handling some more
#342983.
23 Nov 2010; Mike Frysinger <vapier@gentoo.org> sandbox-2.3-r1.ebuild:
Add back ~sparc since it has its ptrace disabled.
16 Oct 2010; Brent Baude <ranger@gentoo.org> sandbox-2.3-r1.ebuild:
stable ppc, bug 338113
10 Oct 2010; Samuli Suominen <ssuominen@gentoo.org> sandbox-2.3-r1.ebuild:
ppc64 stable wrt #338113
10 Oct 2010; Raúl Porcel <armin76@gentoo.org> sandbox-2.3-r1.ebuild:
alpha/arm/ia64/m68k/s390/sh stable wrt #338113
05 Oct 2010; Markus Meier <maekke@gentoo.org> sandbox-2.3-r1.ebuild:
x86 stable, bug #338113
29 Sep 2010; Jeroen Roovers <jer@gentoo.org> sandbox-2.3-r1.ebuild:
Stable for HPPA (bug #338113).
24 Sep 2010; Markos Chandras <hwoarang@gentoo.org> sandbox-2.3-r1.ebuild:
Stable on amd64 wrt bug #338113
*sandbox-2.3-r1 (17 Aug 2010)
17 Aug 2010; Mike Frysinger <vapier@gentoo.org> +sandbox-2.3-r1.ebuild:
Fix sandbox.d config install #333131 by Hans Nieser.
*sandbox-2.3 (17 Aug 2010)
17 Aug 2010; Mike Frysinger <vapier@gentoo.org> +sandbox-2.3.ebuild:
Version bump. Lots o fixes.
15 Aug 2010; Mike Frysinger <vapier@gentoo.org> sandbox-1.6-r2.ebuild,
sandbox-2.2.ebuild:
Manually decompress the lzma archive if host PM cannot #271543.
21 Nov 2009; Raúl Porcel <armin76@gentoo.org> sandbox-2.2.ebuild:
Mark 2.2 -sparc as it doesn't work very well, bug #293632
*sandbox-2.2 (26 Oct 2009)
26 Oct 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-2.2.ebuild:
Version bump (includes fixes for #202765 #288227 #288863 and SPARC
ptrace).
27 Sep 2009; Mike Frysinger <vapier@gentoo.org> sandbox-2.1.ebuild:
Fix new multilib code on non-multilib systems #286599 by Norman Yarvin.
25 Sep 2009; Thomas Sachau (Tommy[D]) <tommy@gentoo.org>
sandbox-2.1.ebuild:
Add multilib useflag for multilib building with ok from vapier
*sandbox-2.1 (25 Aug 2009)
25 Aug 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-2.1.ebuild:
Version bump.
13 Aug 2009; Mike Frysinger <vapier@gentoo.org>
sandbox-1.2.18.1-r2.ebuild, sandbox-1.2.18.1-r3.ebuild,
sandbox-1.2.20_alpha2-r1.ebuild, sandbox-1.3.0.ebuild,
sandbox-1.3.1.ebuild, sandbox-1.3.2.ebuild, sandbox-1.3.3.ebuild,
sandbox-1.3.4.ebuild, sandbox-1.3.5.ebuild, sandbox-1.3.6.ebuild,
sandbox-1.3.7.ebuild, sandbox-1.3.8.ebuild, sandbox-1.3.9.ebuild,
sandbox-1.4.ebuild, sandbox-1.5.ebuild, sandbox-1.6.ebuild,
sandbox-1.6-r1.ebuild, sandbox-1.6-r2.ebuild, sandbox-1.7.ebuild,
sandbox-1.8.ebuild, sandbox-1.9.ebuild, sandbox-2.0.ebuild:
Drop duplicate eutils inherit #279607 by Justin Lecher.
*sandbox-2.0 (04 Jun 2009)
04 Jun 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-2.0.ebuild:
Version bump to improve static tracing.
17 May 2009; Diego E. Pettenò <flameeyes@gentoo.org> sandbox-1.7.ebuild,
sandbox-1.8.ebuild, sandbox-1.9.ebuild:
Remove x86-fbsd keyword for sandbox versions that are known incompatible
with FreeBSD.
26 Apr 2009; Brent Baude <ranger@gentoo.org> sandbox-1.6-r2.ebuild:
stable ppc, bug 265376
20 Apr 2009; Raúl Porcel <armin76@gentoo.org> sandbox-1.6-r2.ebuild:
ia64 stable wrt #265376
18 Apr 2009; Mike Frysinger <vapier@gentoo.org> sandbox-1.6-r2.ebuild,
sandbox-1.9.ebuild:
Force latest stable pax-utils as some people are lazy and dont upgrade
#265376 by Jerome Potts.
18 Apr 2009; Raúl Porcel <armin76@gentoo.org> sandbox-1.6-r2.ebuild:
arm/m68k/s390/sh stable wrt #265376
15 Apr 2009; Markus Meier <maekke@gentoo.org> sandbox-1.6-r2.ebuild:
amd64/x86 stable, bug #265376
13 Apr 2009; Jeroen Roovers <jer@gentoo.org> sandbox-1.6-r2.ebuild:
Stable for HPPA (bug #265376).
12 Apr 2009; Brent Baude <ranger@gentoo.org> sandbox-1.6-r2.ebuild:
stable ppc64, bug 265376
12 Apr 2009; Tobias Klausmann <klausman@gentoo.org> sandbox-1.6-r2.ebuild:
Stable on alpha, bug #265376
09 Apr 2009; Friedrich Oslage <bluebird@gentoo.org> sandbox-1.6-r2.ebuild:
Stable on sparc, bug #265376
09 Apr 2009; Mike Frysinger <vapier@gentoo.org> sandbox-1.6-r2.ebuild,
sandbox-1.9.ebuild:
Make sure /etc/sandbox.d has 0755 perms #265376 by Friedrich Oslage.
*sandbox-1.9 (09 Apr 2009)
09 Apr 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.9.ebuild:
Version bump.
*sandbox-1.8 (05 Apr 2009)
05 Apr 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.8.ebuild:
Version bump to fix #263657 #264399 #264476 #264478 #264676.
*sandbox-1.6-r2 (02 Apr 2009)
02 Apr 2009; Mike Frysinger <vapier@gentoo.org>
+files/sandbox-1.6-disable-pthread.patch, +sandbox-1.6-r2.ebuild:
Disable pthread locks to make 1.6 regression free #264476.
*sandbox-1.6-r1 (31 Mar 2009)
31 Mar 2009; Mike Frysinger <vapier@gentoo.org>
+files/sandbox-1.6-disable-qa-static.patch,
+files/0001-libsandbox-handle-more-at-functions.patch,
+sandbox-1.6-r1.ebuild:
Backport a fix or two so we can stabilize this version.
*sandbox-1.7 (31 Mar 2009)
31 Mar 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.7.ebuild:
Version bump.
*sandbox-1.6 (12 Mar 2009)
12 Mar 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.6.ebuild:
Version bump.
*sandbox-1.5 (11 Mar 2009)
11 Mar 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.5.ebuild:
Version bump.
*sandbox-1.4 (08 Mar 2009)
08 Mar 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.4.ebuild:
Version bump.
*sandbox-1.3.9 (05 Mar 2009)
05 Mar 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.9.ebuild:
Version bump.
*sandbox-1.3.8 (20 Feb 2009)
20 Feb 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.8.ebuild:
Version bump.
*sandbox-1.3.7 (14 Feb 2009)
14 Feb 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.7.ebuild:
Version bump
*sandbox-1.3.6 (11 Feb 2009)
11 Feb 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.6.ebuild:
Version bump.
*sandbox-1.3.5 (08 Feb 2009)
08 Feb 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.5.ebuild:
Version bump for regressions.
07 Feb 2009; Mike Frysinger <vapier@gentoo.org>
+files/0001-sandbox-fix-typo-in-struct-sandbox_info_t-decl.patch,
sandbox-1.3.4.ebuild:
Fix for hardened systems #258031.
*sandbox-1.3.4 (07 Feb 2009)
07 Feb 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.4.ebuild:
Version bump.
29 Jan 2009; Javier Villavicencio <the_paya@gentoo.org>
sandbox-1.3.3.ebuild:
Keyword -sparc/x86-fbsd til next version bump, bug 256741.
*sandbox-1.3.3 (28 Jan 2009)
28 Jan 2009; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.3.ebuild:
Version bump.
26 Dec 2008; Mike Frysinger <vapier@gentoo.org> sandbox-1.3.2.ebuild:
Add lzma-utils to DEPEND #252598 by Albert W. Hopkins.
*sandbox-1.3.2 (23 Dec 2008)
23 Dec 2008; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.2.ebuild:
Fix some portability issues and more *at updates.
09 Dec 2008; Alexis Ballier <aballier@gentoo.org> sandbox-1.3.0.ebuild,
sandbox-1.3.1.ebuild:
Keyword -sparc/x86-fbsd versions that do not build there, lets keep with
the half broken but half working old version, bug #250366
*sandbox-1.3.1 (29 Nov 2008)
29 Nov 2008; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.1.ebuild:
Fix up #248254 and #248263.
*sandbox-1.3.0 (16 Nov 2008)
16 Nov 2008; Mike Frysinger <vapier@gentoo.org> +sandbox-1.3.0.ebuild:
Version bump.
09 Nov 2008; Mike Frysinger <vapier@gentoo.org>
sandbox-1.2.20_alpha2-r1.ebuild:
Use EBUILD_DEATH_HOOKS #113780 by Petteri Räty.
09 Nov 2008; Mike Frysinger <vapier@gentoo.org>
+files/sandbox-1.2.20_alpha2-parallel.patch,
sandbox-1.2.20_alpha2-r1.ebuild:
Rewrite multilib handling and apply parallel build fix by Jose Luis Rivero
#190051 by David Pykee.
09 Nov 2008; Harald van Dijk <truedfx@gentoo.org>
sandbox-1.2.18.1-r3.ebuild, sandbox-1.2.20_alpha2-r1.ebuild:
Avoid bashism in configure script (#236868)
*sandbox-1.2.18.1-r3 (27 Jun 2008)
27 Jun 2008; Robin H. Johnson <robbat2@gentoo.org>
+files/sandbox-1.2.18.1-rtld-validation.patch,
+sandbox-1.2.18.1-r3.ebuild:
Fix for bug #206678. Variations of it have been running on infra boxes for
two months now, we seem to have traced it down to RTLD_NEXT not always
having a usable value under hardened on new libc.
*sandbox-1.2.20_alpha2-r1 (04 Nov 2007)
04 Nov 2007; Diego Pettenò <flameeyes@gentoo.org>
+sandbox-1.2.20_alpha2-r1.ebuild:
Fix the problem with GLIBC 2.7 even for the alpha version.
27 Oct 2007; Jose Luis Rivero <yoswink@gentoo.org>
sandbox-1.2.18.1-r2.ebuild:
Stable on alpha wrt #182361
27 Oct 2007; Raúl Porcel <armin76@gentoo.org> sandbox-1.2.18.1-r2.ebuild:
ia64 stable wrt #182361
26 Oct 2007; nixnut <nixnut@gentoo.org> sandbox-1.2.18.1-r2.ebuild:
Stable on ppc wrt bug 182361
25 Oct 2007; Dawid Węgliński <cla@gentoo.org>
sandbox-1.2.18.1-r2.ebuild:
Stable on x86 (bug #182361)
25 Oct 2007; Daniel Gryniewicz <dang@gentoo.org>
sandbox-1.2.18.1-r2.ebuild:
Marked stable on amd64 for bug #182361
25 Oct 2007; Markus Rothe <corsair@gentoo.org> sandbox-1.2.18.1-r2.ebuild:
Stable on ppc64; bug #182361
25 Oct 2007; Christian Faulhammer <opfer@gentoo.org>
sandbox-1.2.18.1-r1.ebuild:
stable x86, bug 180985
25 Oct 2007; Jeroen Roovers <jer@gentoo.org> sandbox-1.2.18.1-r2.ebuild:
Stable for SPARC (bug #182361).
25 Oct 2007; Jeroen Roovers <jer@gentoo.org> sandbox-1.2.18.1-r2.ebuild:
Stable for HPPA (bug #182361). Fixed quoting issues.
*sandbox-1.2.18.1-r2 (23 Oct 2007)
23 Oct 2007; Mike Frysinger <vapier@gentoo.org>
+files/sandbox-1.2.18.1-open-cloexec.patch, +sandbox-1.2.18.1-r2.ebuild:
Work with new "e" fopen() flag in glibc-2.7 #196720.
*sandbox-1.2.18.1-r1 (17 Oct 2007)
17 Oct 2007; Daniel Drake <dsd@gentoo.org>
+files/sandbox-1.2.18.1-open-normal-fail.patch,
+sandbox-1.2.18.1-r1.ebuild:
Allow open() on non-existent files to fail in the normal way without
violation. Fixes bug #135745.
15 Oct 2007; Markus Rothe <corsair@gentoo.org> sandbox-1.2.18.1.ebuild:
Stable on ppc64
06 Jul 2007; Jose Luis Rivero <yoswink@gentoo.org>
sandbox-1.2.18.1.ebuild:
Stable on alpha. See bug #183673
01 Jul 2007; Piotr Jaroszyński <peper@gentoo.org> sandbox-1.2.12.ebuild,
sandbox-1.2.16.ebuild, sandbox-1.2.17.ebuild, sandbox-1.2.18.ebuild,
sandbox-1.2.18.1.ebuild, sandbox-1.2.20_alpha1-r2.ebuild,
sandbox-1.2.20_alpha2.ebuild:
(QA) RESTRICT="multilib-pkg-force" -> EMULTILIB_PKG="true"
24 Jun 2007; Piotr Jaroszyński <peper@gentoo.org> sandbox-1.2.18.ebuild:
(QA) Don't use KEYWORDS="-*". bug #160519.
22 Nov 2006; Diego Pettenò <flameeyes@gentoo.org>
sandbox-1.2.20_alpha2.ebuild:
Add ~sparc-fbsd keyword.
04 Sep 2006; Diego Pettenò <flameeyes@gentoo.org>
sandbox-1.2.20_alpha2.ebuild:
Add ~x86-fbsd keyword.
*sandbox-1.2.20_alpha2 (11 Jul 2006)
11 Jul 2006; Martin Schlemmer <azarah@gentoo.org>
+sandbox-1.2.20_alpha2.ebuild:
New testing version.
09 Jul 2006; Joshua Kinard <kumba@gentoo.org> sandbox-1.2.17.ebuild:
Marked stable on mips (even though it doesn't even work, best to keep up...)
*sandbox-1.2.20_alpha1-r2 (08 Jul 2006)
*sandbox-1.2.20_alpha1-r1 (08 Jul 2006)
08 Jul 2006; Martin Schlemmer <azarah@gentoo.org>
+files/sandbox-1.2.20_alpha1-double-free.patch,
+sandbox-1.2.20_alpha1-r1.ebuild, +sandbox-1.2.20_alpha1-r2.ebuild:
More bugfixes.
*sandbox-1.2.20_alpha1 (07 Jul 2006)
07 Jul 2006; Martin Schlemmer <azarah@gentoo.org> +files/09sandbox,
+sandbox-1.2.20_alpha1.ebuild:
Testing release for feedback. Check package.mask for details.
20 May 2006; Bryan Østergaard <kloeri@gentoo.org> sandbox-1.2.17.ebuild:
Stable on ia64.
20 May 2006; Bryan Østergaard <kloeri@gentoo.org> sandbox-1.2.17.ebuild:
Stable on alpha.
*sandbox-1.2.18.1 (19 May 2006)
19 May 2006; Martin Schlemmer <azarah@gentoo.org>
+sandbox-1.2.18.1.ebuild:
New bugfix release.
11 May 2006; Joshua Jackson <tsunam@gentoo.org> sandbox-1.2.17.ebuild:
stable x86; bug #132025
10 May 2006; Martin Schlemmer <azarah@gentoo.org> sandbox-1.2.18.ebuild:
Mask 1.2.18 for now, as it have a double-free issue.
03 May 2006; Joseph Jezak <josejx@gentoo.org> sandbox-1.2.17.ebuild:
Marked ppc stable for bug #132025.
03 May 2006; Patrick McLean <chutzpah@gentoo.org> sandbox-1.2.17.ebuild:
Stable on amd64 (bug #132025)
03 May 2006; Gustavo Zacarias <gustavoz@gentoo.org> sandbox-1.2.17.ebuild:
Stable on hppa wrt #132025
*sandbox-1.2.18 (03 May 2006)
03 May 2006; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.18.ebuild:
New release.
03 May 2006; Markus Rothe <corsair@gentoo.org> sandbox-1.2.17.ebuild:
Stable on ppc64; bug #132025
02 May 2006; Gustavo Zacarias <gustavoz@gentoo.org> sandbox-1.2.17.ebuild:
Stable on sparc wrt #132025
19 Feb 2006; Joshua Kinard <kumba@gentoo.org> sandbox-1.2.12.ebuild:
Marked stable on mips (doesn't actually work well, but we disable it in
profiles).
06 Feb 2006; Martin Schlemmer <azarah@gentoo.org> sandbox-1.2.17.ebuild:
Fix docs installation.
*sandbox-1.2.17 (05 Dec 2005)
05 Dec 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.17.ebuild:
New release.
*sandbox-1.2.16 (02 Dec 2005)
02 Dec 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.16.ebuild:
New release.
*sandbox-1.2.15 (01 Dec 2005)
01 Dec 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.15.ebuild:
New release.
*sandbox-1.2.14 (28 Nov 2005)
28 Nov 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.14.ebuild:
New release.
14 Nov 2005; Martin Schlemmer <azarah@gentoo.org> sandbox-1.2.13.ebuild:
Simplify multilib building logic. Other cleanups.
13 Oct 2005; Martin Schlemmer <azarah@gentoo.org> sandbox-1.2.12.ebuild,
sandbox-1.2.13.ebuild:
Add workaround for bug #109036.
07 Oct 2005; Jeremy Huddleston <eradicator@gentoo.org>
sandbox-1.2.9.ebuild, sandbox-1.2.10.ebuild, sandbox-1.2.11.ebuild,
sandbox-1.2.12.ebuild, sandbox-1.2.13.ebuild:
Some changes for amd64 2006.0.
*sandbox-1.2.13 (12 Sep 2005)
12 Sep 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.13.ebuild:
New release.
30 Aug 2005; Fernando J. Pereda <ferdy@gentoo.org> sandbox-1.2.12.ebuild:
stable on alpha wrt bug #101433
16 Aug 2005; Gustavo Zacarias <gustavoz@gentoo.org> sandbox-1.2.12.ebuild:
Stable on sparc wrt #101433
15 Aug 2005; Danny van Dyk <kugelfang@gentoo.org> sandbox-1.2.12.ebuild:
Marked stable on amd64.
15 Aug 2005; Michael Hanselmann <hansmi@gentoo.org> sandbox-1.2.12.ebuild:
Stable on ppc and hppa.
15 Aug 2005; Ian Leitch <port001@gentoo.org> sandbox-1.2.12.ebuild:
Stable on x86, #101433
15 Aug 2005; Markus Rothe <corsair@gentoo.org> sandbox-1.2.12.ebuild:
Stable on ppc64 (bug #101433)
*sandbox-1.2.12 (05 Aug 2005)
05 Aug 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.12.ebuild:
New release.
23 Jul 2005; MATSUU Takuto <matsuu@gentoo.org> sandbox-1.2.11.ebuild:
Stable on sh.
22 Jul 2005; Jason Stubbs <jstubbs@gentoo.org> sandbox-1.2.11.ebuild:
Stable on mips per hardave's request. #96782
21 Jul 2005; Rene Nussbaumer <killerfox@gentoo.org> sandbox-1.2.11.ebuild:
Stable on hppa. bug #96782
21 Jul 2005; Aron Griffis <agriffis@gentoo.org> sandbox-1.2.11.ebuild:
stable on alpha
21 Jul 2005; Aron Griffis <agriffis@gentoo.org> sandbox-1.2.11.ebuild:
stable on ia64
21 Jul 2005; Chris Gianelloni <wolf31o2@gentoo.org> sandbox-1.2.11.ebuild:
Marking stable on x86 for bug #96782.
21 Jul 2005; Joseph Jezak <josejx@gentoo.org> sandbox-1.2.11.ebuild:
Marked ppc stable for bug #96782.
20 Jul 2005; Markus Rothe <corsair@gentoo.org> sandbox-1.2.11.ebuild:
Stable on ppc64 (bug #96782)
20 Jul 2005; Gustavo Zacarias <gustavoz@gentoo.org> sandbox-1.2.11.ebuild:
Stable on sparc wrt #96782
20 Jul 2005; Danny van Dyk <kugelfang@gentoo.org> sandbox-1.2.11.ebuild:
Marked stable on amd64.
18 Jul 2005; Guy Martin <gmsoft@gentoo.org> sandbox-1.2.10.ebuild:
Stable on hppa.
15 Jul 2005; Bryan Østergaard <kloeri@gentoo.org> sandbox-1.2.10.ebuild:
Stable on alpha + ia64, bug 99019.
14 Jul 2005; Gustavo Zacarias <gustavoz@gentoo.org> sandbox-1.2.10.ebuild:
Stable on sparc wrt #99019
14 Jul 2005; Joseph Jezak <josejx@gentoo.org> sandbox-1.2.10.ebuild:
Marked ppc stable for bug #99019.
15 Jul 2005; Jason Stubbs <jstubbs@gentoo.org> sandbox-1.2.9.ebuild,
sandbox-1.2.10.ebuild, sandbox-1.2.11.ebuild:
Removed ppc-macos from keywords as sandbox does not work there yet.
*sandbox-1.2.11 (14 Jul 2005)
14 Jul 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.11.ebuild:
New release.
14 Jul 2005; Jeremy Huddleston <eradicator@gentoo.org>
sandbox-1.2.10.ebuild:
Stable amd64.
12 Jul 2005; Markus Rothe <corsair@gentoo.org> sandbox-1.2.10.ebuild:
Stable on ppc64
10 Jul 2005; Martin Schlemmer <azarah@gentoo.org>
+files/sandbox-1.2.9-uclibc-getcwd.patch,
+files/sandbox-1.2.10-uclibc-getcwd.patch, sandbox-1.2.9.ebuild,
sandbox-1.2.10.ebuild:
Add some fixes to the getcwd implementation, bug #98419.
05 Jul 2005; Jeremy Huddleston <eradicator@gentoo.org>
sandbox-1.2.9.ebuild:
Stable amd64 for 2005.1
*sandbox-1.2.10 (03 Jul 2005)
03 Jul 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.10.ebuild:
Update version.
*sandbox-1.2.9 (09 Jun 2005)
09 Jun 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.9.ebuild:
Update version.
*sandbox-1.2.8 (13 May 2005)
13 May 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.8.ebuild:
Cleanups and hopefully finally kill bug #91541. Fix bug #92478.
*sandbox-1.2.7 (12 May 2005)
12 May 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.7.ebuild:
Lots of cleanups and fixes - see ChangeLog in /usr/share/doc.
*sandbox-1.2.6 (10 May 2005)
10 May 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.6.ebuild:
Workaround for tsocks incompatability, bug #91541.
*sandbox-1.2.5-r2 (09 May 2005)
09 May 2005; Jeremy Huddleston <eradicator@gentoo.org>
+sandbox-1.2.5-r2.ebuild:
On some versions of portage, CFLAGS_* do not survive across ebuild.sh
stages, so we must ensure the multilib setup always gets rerun for each
stage.
*sandbox-1.2.5-r1 (06 May 2005)
06 May 2005; Jeremy Huddleston <eradicator@gentoo.org>
+sandbox-1.2.5-r1.ebuild:
Revbump to fix problems with amd64 2004.3's multilib. Cleaned up multilib
handling in general. 2004.3 amd64 users should have working 32bit sandbox
again.
04 May 2005; Mike Frysinger <vapier@gentoo.org> sandbox-1.2.5.ebuild:
Fix multilib building on amd64/2004.3 profiles.
*sandbox-1.2.5 (04 May 2005)
04 May 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.5.ebuild:
General fixes. Fix for bug #91431.
*sandbox-1.2.4 (03 May 2005)
03 May 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.4.ebuild:
Some speedups (bug #91040) and uclibc fixes.
*sandbox-1.2.3 (29 Apr 2005)
29 Apr 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.3.ebuild:
Fixup libc detection. Fix bug or two.
*sandbox-1.2.2 (28 Apr 2005)
28 Apr 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.2.ebuild:
Bug fixes for bug #90592.
*sandbox-1.2.1-r3 (24 Apr 2005)
24 Apr 2005; Jeremy Huddleston <eradicator@gentoo.org>
+sandbox-1.2.1-r3.ebuild:
Fix multilib.
*sandbox-1.2.1 (24 Apr 2005)
24 Apr 2005; Brian Harring <ferringb@gentoo.org> +sandbox-1.2.1-r2.ebuild:
Amd64 fix for 90135.
*sandbox-1.2.1 (24 Apr 2005)
24 Apr 2005; Jason Stubbs <jstubbs@gentoo.org> +sandbox-1.2.1-r1.ebuild:
Added missing check_multilib function.
*sandbox-1.2.1 (23 Apr 2005)
23 Apr 2005; Martin Schlemmer <azarah@gentoo.org> +sandbox-1.2.1.ebuild:
Fix for bug #90153.
*sandbox-1.2 (Apr 23 2005)
23 Apr 2005; Brian Harring <ferringb@gentoo.org>; sandbox-1.2.ebuild
Initial import of cvs head sandbox code. Multilib portion of it
could stand testing.

57
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/Manifest vendored
View File

@ -1,44 +1,13 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
AUX 0001-libsandbox-handle-more-at-functions.patch 1473 SHA256 7681e867bb4dea26d165f9a066dca798519e2fd57b49c7b31c0c2fc254037523 SHA512 ec3655a6fd12347ffd454648428be16a02394f6dfd592075753bb794771a15824675f612ed22206b0e14665706aa24405f8d9aa94a099238344c1525803de72a WHIRLPOOL dc4918171f8501cdab072cb8dc953056bfcb24c1b4f78e683fb01902a7029d1aed4fd47f42e6e0d493bceacbed99535c2ef9bf4c4df57fdb6d789821b1479888
AUX 09sandbox 37 SHA256 73e9e9d12ba54f1c649813ec86107924050528852c890a8ba1e2853796781bbe SHA512 4e8a9c58debde6480224a45559c5f2db4765213d151e47937f9142f110cac3681bf6402acaf21249a37bb17398e7bc00ae7feee68ecdb5b9363c432eac1b052a WHIRLPOOL 80d55a34d3faf3314f2b9de2200d4b46a800128514be9e30eb59e5f03fb7a0a5197a9e5b5ab33d6b68d35bf83c86a1bd7ba734a33ccd382fe0af3b2c2a11d0bd
AUX sandbox-1.6-disable-pthread.patch 959 SHA256 c4fefddab05d440b3b1c2df766c5b2abd7c543cd2aa4cf1e61c0d3c3dd905f0c SHA512 3cbb244f7c8e77030dd2194770a2dcae7b052c302d9b4cb0549465ebfb18f719d93daefbd6d1cdee2a630fc077b04e83c5b7c7f72b667adb6b8e322dee6d7056 WHIRLPOOL 1c603db0b7d810715dc5461740103ac29061e1eace2459bfb59ed576f45f81aadb9883a1afedf0ddde51bcda56b23abd26936426fd2a6ae3becb7e0c6054fc9e
AUX sandbox-1.6-disable-qa-static.patch 332 SHA256 060afa33dcfb6836676dc0febd5bc272b66b55e3753f739b56664e9ebce0eb20 SHA512 8839d4e279be41f1ee118b897c7eae8fd4058e4b7ecc1b5872450c177e09b5eefe569964efc294bd6f3e4ea92a3b4ba9840852d2be8db14810cd4578640ca6c4 WHIRLPOOL 6730b53afc16033911527492b0bf14a35f0e4b0b7cf3d42b1af299e9caa4a82f5e424e514aec81720da53a497cbc31b4f3928fc85dc8b04f979b726dce5ff2d8
AUX sandbox-2.6-check-empty-paths-at.patch 7454 SHA256 a48759a4d3e9a70713473b6fad59bdd750b5cd37e7d632c786205ff20004ae2c SHA512 5eba7915dedf57f44c37881e9c6b48db8733d1493779a33127d08bb9ea77056d788ec9ace72c13eb101f42f01c95309c7cebca6c76212a8c99a8655372c0b7d7 WHIRLPOOL 46eb3a8ef8f22030cd793f3b16adc190b5750019c0df83e161c6918f08555a8ad890c1425b03cbf7e53ebcd34a07a9dd9b594d0c0fe31834656ffce3d58fa284
AUX sandbox-2.6-desktop.patch 875 SHA256 2eecf67790aeac210f9aa899a86f7664776ed65d9b55159e1b359162dfb9ff74 SHA512 b72ec7f414d19bf513dfb1aea10523fa5dc07a1375d8f08f664d204b64b23c891a79ca14987528c595936f441e1f595b366aabbc57313667c7639d73d089ed9a WHIRLPOOL 7f787b8be9b5712eb2b2a0cd2ff825df1045ebf1cc4e73a50f610e620d30752045690a5c28835465d0ab0c3c4a9eaf8b92a5c123cd741ad69dfedb31aa457fa0
AUX sandbox-2.6-gcc-5.patch 455 SHA256 1807ba66a53462b67f74f43232aaebde20889a553a24dde36025d751928a2e1c SHA512 9d6aa204fc60aae7f2243f403fbadf41a83aa1232e92d96fc1f6b772b27e0e6a3b25097cf23d7138145efddc3a194e879a0e2e84b687b05e89b470bd4a849a77 WHIRLPOOL 678125baa90fa568ca58053086bbe299484c5f6ce0ebc1943a91e72e01fff13cdd99a821a93d36ca71ba2a8f552bf6cc917994209203c45e90315bae64202f2c
AUX sandbox-2.6-log-var.patch 2039 SHA256 f464a29cdd9de0c510277310f4febc8f96515ff2ff03fc92df1c75b9cbd75619 SHA512 cf6f900b4078eff5870b63b2bc7c81c5b00488e030d7e9ce3007693e9d1339ac6201ddacfaff552c6c9b99b6d32383229133c80190404b7e4fde06ad376b2050 WHIRLPOOL db99737a6567788194f7b37b12b92fcfb4c263df40f40aef9e0a3ef2b6a1523331313b791fffa2b26775b646795364ab1db1711eb4329cda3337df27aebfeffa
AUX sandbox-2.6-no-pch.patch 702 SHA256 d95a65ffe23c6c81f6b1e695f27cffc1cb617ebf62ca467c8eae5e4c3771089b SHA512 2269b806c2b04c0891644c694d2e0cb87b3ad9236457add50df58d3af62ca5daf17e8b599d0190b4efcae7e84ba99308ea4b0f4a1482d08314d4f3b64bdaf884 WHIRLPOOL 343b62bcf88b0491d69b507eb2feb02b21e9e66cb9006c2043fcaee87f461b3228d37e9053f092e32fff4eb73b14db32a262b79c7430cddf0ddde6f90958e21b
AUX sandbox-2.6-open-nofollow.patch 2027 SHA256 c8816ae4e1991f9941abd43ec4bfdbf4e99cf36ee90694f77ab88754c53785ce SHA512 dd5222f32a40def38c9719363a24c48d5b112e3560b44c5f32afc3daa0614fe9bc5cb68ca8ac69032cc8d6299f09b25d4d7c72e16892188b42768ffb28c19f07 WHIRLPOOL 03cb5fb9df04a8d7f92855c292a6c431d01d330fecae198f2c4b95d824454f10ce1ad66db1a9d54d1bef5f74989cf6debb2d98de28ee0c2c6a09c1a0752b5519
AUX sandbox-2.6-static-close-fd.patch 2945 SHA256 807eb4dc1ba6543c94a90a9a53bb89f42079ea20ed7c196f82d65f280e5de96a SHA512 e2f57c4d80816241f3ba4828c2b27c67d1d604b14b2d575888a978e5c4e8e47e60e3a609d81e59c615bc5b7cee6194cc362e255ae8508f632862a35180c30de8 WHIRLPOOL e08f60227fe954894d3a3a01297e9988f4d7722ea75ffbd2b0f3971d38c8ce00af230fcaecb1f53243a868d54f48bb680e2d547bbeb2ee3e5a11f8942d2084fd
AUX sandbox-2.6-trace-hppa.patch 850 SHA256 20688b2f33162f95af4af5e3c7d3700f2e7776e454b785ac1398f0870f84efa9 SHA512 fb7bf2202f960e952edc1e52fe4b6b085042158223d96b9baa899e871abcdef711ede3122c971120f55f71cc1aad71496a6079222dbaaa6c14b0c6f7ea182454 WHIRLPOOL 80f7fb529b912d19d81b9d71ee4a648db7b217583f2e8f2054cc666839030ea7d0112d69d52a2bf35c4d3549ffbd81dbd0cd39d5993bfabbb43bcb6a4455ade4
DIST sandbox-1.6.tar.lzma 307014 SHA256 52cfd286da3d5d51f3b6e012e409e931b21e32b4f2f16ba5677e46328680f4f4 SHA512 f470599a67443fa107612fef1cc73b64b3146003ae21bb5ae5abd852c4c37aec93ac09be646fda9d55d4c3aeef0cf28a42fa675f2acbb53c1d903e400538ba4c WHIRLPOOL 7c7fbe57cc831d0eb7853476e264a85bb8113620948e761563a872d3d55fd3c0ff063332397199001ea9dcb8258f348b827f337b876b2a26f727f10abbc8f712
DIST sandbox-2.3.tar.xz 344260 SHA256 8670f7508453c2fd300ca29ad2eb457691c3df01c4c22fa27d4a7c880fd291d5 SHA512 06ddaa6dc0822474c263650e95284af6cb69c60c9443b5caaf95af8140283f937d5594849064847fe3a4ad89b29b6ef6d6e909a9b85bb5d7fcf8b427d0e9c7e4 WHIRLPOOL 5d3f45a0bbb1aeffb8c83f8978bea65764aa438a5abcb50c66b5f66232d972bde84013694f6806fcc0026cd6d37420c69655d66ec5984a1c6f71a68dcfc95d11
DIST sandbox-2.4.tar.xz 344664 SHA256 450599cb3052296d42f81a04dbbda82d220415fc2d16f5dc6e26b042d580fd3e SHA512 c0f8b789bcabd48e03a20a97c9daa82c48f264d7641ecfa51dff7a2d2c34be398cf1db6235eb0211bf0fa78b07bd6e633e06bc102904bf9dd8a95f9fde1ca615 WHIRLPOOL 22f0f55f6e638275781ab5afa29b1a7f5e7f3335a3d2ff37d9fcce0bf9284b271bf1d69b98bcd4b06fdb9ff1528d044f9fb111a58c2a1a5ce33cbe28c0cb869d
DIST sandbox-2.5.tar.xz 355680 SHA256 c0e98767fb70750d79591a6d08f81d5c2f13ce783bf94bd90677022e9103878a SHA512 7b870295bb78c1da5550b650a3983d93e503935a8e8452a29a5c6310cc2c2d569a898ea1534e2c670b4a3e5607504fac55f69da6878e0adc9c2c65a5476b4fb0 WHIRLPOOL 887d36638111b09d77674002c07ebad84c24bc4f645d9fb78e180a6c6e7407eb3fb6857877bc152e0cefb676f01df60b20857b8487ce28ff3e4438aef744fe53
DIST sandbox-2.6.tar.xz 366356 SHA256 95615c5879dfc419713f22ba5506a2802a50ea0ce8a2f57c656354f2e50b1c4d SHA512 32ba7fb675c67fdc8bc52da1db7ed6878e5fea8753accb30d9aca00f708e0dde03287b5962caf5ef031bea6934d6ef3e18404b015c70ebd551d3fd8109ad2371 WHIRLPOOL bab2d015fb0de92a2266408ca7941c8fb66b599179040cfc727ffce5b2424a9722dc55ba89d198e3361044d8cb357314205488d2a980c7b8af063fd8940f0c03
EBUILD sandbox-1.6-r2.ebuild 2698 SHA256 8009ef1c543c35eb4bf9ad02000c9facf24693e8539e94cdd155c846f6d52452 SHA512 eece242ef812d1ff3678fc131f0e261599afa89bfcb13ba91d2b3a395d262d42230c2fa90ed24ed0b03375b8c39267bdbc0ab3acbdd638cf38414a61e5ee1b0c WHIRLPOOL 94bc932d8a08b788affe8d6f016993dd837d4958bf7c4e61b43a7acfc69aca3efca96d85fc56f0b6e3f03faf9699b969d53e9257105c4af2cf118f3c8857e645
EBUILD sandbox-2.3-r1.ebuild 2737 SHA256 6e00ef844e302a4b6624e0c338820edb450bc0031862797e6f93b88c3debc7e7 SHA512 43245163ad47b5062002f58d34611a63ed2500bff12883aed476b29be9cfaf876dd977df57438c886b105174b4bef79c299945252c6d4edaa5c4a84eb5201294 WHIRLPOOL 99f920efc06109d580141507927ed6f4cc9634830ade2600649bb0841487c3ab59b78a7b894e16d223a94c92c112bd8e5d7d172e5595d5a4895248fc94901a0d
EBUILD sandbox-2.4.ebuild 2663 SHA256 3e8223119db75ef1624e1aef40a4c42fca0bd9bae94c446f892f4aa6e519b6e0 SHA512 e5016d9e548eeb4db1817955646463c9cb503a8b1a4b44352683b6fd3639e5d80a09ce19c0b22d7221eddeb8d62d6e8dba80f77eaa90cbb80cdb8542da1cf8fa WHIRLPOOL fd2f3f2ac4401a1f67cb8c9eb392aa57ec60c8cdf73da1bfb0c72dd37152ab280dc1a62420a713788a5cdb02da2ce85df9d9e2b4577ddc763543b360b8f890f2
EBUILD sandbox-2.5.ebuild 2715 SHA256 236a1edd16571aa802fd6da0d9751b53d3354b865857d247b065ccf69e5ccb14 SHA512 ab65669bb0bc19d7fc0295d60970e75d4967a18d4a258ee9aa92c7afd7aead86f966e38c4741c8d5f9c7d4f3070da43fac09701112a7f24da945735244f798a0 WHIRLPOOL d51b5a8cfd3b745159d6e61e0c5137e778442bd8926ec65b9d6290d1fc24b40b2ea1339a4b3bc1f915f6e38dabc09d1b1508288270bb126c746c1d223fdbe7ee
EBUILD sandbox-2.6-r1.ebuild 3179 SHA256 2ebc510ce5f85c5a5d9dd893324fdde89ead1b198ed41215427cc2b4a3eda8e6 SHA512 372af1ac72ddf6e6c1f8f31eea04b4f9d07b6c9e11757811567923c4f2f51242fcb5495ac76f3e9f04a0e8035b14b7fee9534368709c7e5cd60e9ccd08e9b44a WHIRLPOOL 28329eeb87f85102e32d2c4807f47c48011fa656e3a8347af7cf7cde5817d3cbb72c942a4e26aa8a58ee8a95e0b5cc3d29757e12f16e6f7d2e749524835a4e7a
MISC ChangeLog 25325 SHA256 9e1e3512cb2dceb07f7f480661aa00528d23e41765893244a6dae27bf039f0f6 SHA512 6c714a72b2d1848381543031478dca397fd8150a8ac82febdf4017a339ebdc0dfca8adac95aef4682311e2ada9742aaf9b86d49c9bb6768ca9c802af00744a53 WHIRLPOOL ebffa03ba18522039481fcdf1bfccc2ab5936e0fd4e0d081ae56eca0c784a8e250850855635e7a20025cb38e99e8f7dd80e448bf9e1ba70e6b8295f9aa502312
MISC metadata.xml 316 SHA256 488f8a1ba1e1d07a159d22ac198aefee5dfa9ded04de2969019f177161abef1b SHA512 2b4ddea0bb5a40cac834a09b89624049b8561a4a4f648b4d5072c413d4eca78b5cc24859664fa746be36c8b60188e88f2ae38c2c5af30d91dc6273c0f85de278 WHIRLPOOL 64ed27fc7abb1b3b82621f6bb91f03d0070933d0423f9d323ac803354fc6acf2182df1dd85a083fa047d63561a5e92d44287ef4935a11a733244d4393edf8f6f
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJVLdoTAAoJEPGu1DbS6WIArBwQAJKcnbsrhoshwEPgnFQVLUfh
CNgt3jIqUS2+K46wCUVGReZaAVDBjhjBSCkux9w/Qrgv+l8h8GM+aftzuahDLMm2
2k1bgkpzbEExWa1OBSc2L1JC9N5dbIvmX1+SscErfvg6VcPz5JLg+nPmQCNM5EaV
r8FpTdylzG0VaA8PQVdFE+NVa+3id54ETcPOiXf1WSsYwr3rEMGeUyN7m/lF8v7b
rJWAoieJtqfYGKfRPxdnjfmvn1B4olQ0goFnWUDQj5R+xh4yommiNp7c0LisOWwO
pgqsZYrkjhKtDHKsOyZQgZzh6840UbEcbzN2rr0OXT9zkMbaed3v9k8WRr9Ius2O
o1/GN8DjJUhdTBXzIEkBBjYg8L6+di1eGBZlAgofNDaeHqONTU5iRpIN9ihtQQLS
WuwDNUKl94PBXNUtIzmQCzNJZivdxFXoEWtbj69cZndtyGTWyBnt5zebZy2U8dM/
S12CbmNUZY9aFBdc1cnsdzPhrqAqlxHp8JGVTmdtH9Ztc1atSav296+VOk4T01iT
wOQ46CTRKHZctlWHXdnlzuJc8AxEgRUpEUcm2SWvZV3aHQTRLCqQhGMZ8P/Txkrk
6g4y97O7sN8/snDo5avhovAJT3izKhPKD0YePQjVKBMVWbOyrBfhLJaBBK/lvTNc
LcJXGSLo7TemAYC4E7Hw
=BdkZ
-----END PGP SIGNATURE-----
AUX 09sandbox 37 BLAKE2B 181213e2cc0bcfa328310cced40bfaba4530d8d2f80e892cb5649d5277c5d59d345ce96ca802a5529a22892c929bafac04c616458fa147a3bee5c89d31b0baf1 SHA512 4e8a9c58debde6480224a45559c5f2db4765213d151e47937f9142f110cac3681bf6402acaf21249a37bb17398e7bc00ae7feee68ecdb5b9363c432eac1b052a
AUX sandbox-2.10-disable-same.patch 2547 BLAKE2B 72976e698d1e95cc9153745744e3e9790ade9923ade2459b66969fdd04b0532fad70f08babaf5bbf2240deba9fb92a4a1090cfaec7b2d9a85d6d98adb23926f9 SHA512 bf005fbde7b6ba88df36bb75064658764e488dd2f3c96a6f92c69ad3f2e8d2db12ba2c7bafa9656326b7fde73301c330f68bd064efa0fce2a7eb28fff6ce0a1e
AUX sandbox-2.10-fix-opendir.patch 3311 BLAKE2B d8a604720da1c623e7299215298d6ce3502b58641006e2667047a2477a85e4c071426ae30e5f0a436dfe3d74cc4f34de7fab6729dafec6acddb44974edffe619 SHA512 5c0650d6838b8171a87409ebd8565a90a42603874893708c2cdee5b50535e637f145fa2e51142db857c35a9bc11713b45b7e50c31f96f9ecd6ba342ce8d87928
AUX sandbox-2.10-memory-corruption.patch 1515 BLAKE2B 2c0ef4ca1899efd2d525aafb26dcb7ecaf40c3b107e38e3c5d1a39455dd2cd36f8ac8fff43bb1dec22b910e479f328fa139a02f5a8f584ecefcf0ed86e60ad6a SHA512 1eb650824cc7a876fabef382cafb451a507326a8422fb7bb5014699046b64ea8f4cf2bba9efcb75d7a2eac4eff493d06153422f85c119f49635ac0840071660c
AUX sandbox-2.11-symlinkat-renameat.patch 3418 BLAKE2B 4864dd5794abbf70d70f30949ee39921f9dafea4445f4cd49d88a5bef9b19769ed0c2c37a7a30fd6e241c159b21aad4f6465ef159ec1652cbb0d4a65e6531869 SHA512 cbefae8aa9c289db0bfe7b2429f64aa4c437be0e269eaa657eb3b22a3086db1fca45a624cb181978b4157f0cb9b475b4ece2eb9337285bf8bede709ad4431c52
DIST sandbox-2.10.tar.xz 417068 BLAKE2B 78bb5b29b520d41c582e7f7cb444ce580f9f8f05ce80795986ff8e1f84f9320e21fda0c5ae092cce8e5a3dc1c0efa48e1ce69c21107e541d2c569e6369ccb5b0 SHA512 178b3b8fcb54e6ff67df1c8101866739b49e4d31a66717c21ef502dd2ab609fca70f1a0c662b913e207bfc1ba6994cefdcf5c92ff32add9dd98bd9707f301305
DIST sandbox-2.12.tar.xz 424252 BLAKE2B 55eb06cbc15ad9ff8b0c272b8d071591ce3533a6ff807719df79131e6c966d60c3b37d9d8e4e1d466df0992836c4594bf6927b496ecb343a71d7b0656219a6d7 SHA512 98bd2ee8807d81e65ee0c9f11cfaf2b37da2ee4d8763c68d18c0ff6b14f3cc847ae2d3a0aa30cbe86063a2108ed4d4dcf7cc3fc4f37cb7549d266d4c1989c2a9
DIST sandbox-2.13.tar.xz 424968 BLAKE2B efcbf527853e8cfe8b3fec026041f55f51cba78029f92195ec76a45e84cb2b6cc129267c6e50608584607de72a86b2e7836e77f20677de9b94bb5c40999e4712 SHA512 46ad79335e51a1ec0aaa34ab5eeabe9d007818c518682409c5aaf97d49ec23021ece8fa53264ce5332cdd04ef6b3fd9beff0dc0a3cb5dfe2f9b6a6e359f8c1cf
EBUILD sandbox-2.10-r3.ebuild 2156 BLAKE2B fecdef4a769d481e6479c82c341626de5d935f031b33df13eaae51b2041e0793a9854f3726ae90586586dc7d0008230f7ba6ae948c48d145d5c05bd4fd0aa027 SHA512 a08a00c80dcd282c929078c7c3afed16a7c30d710294e1621cf2ca1841f01f95872dd92a0bea1f3d7bb8850c05cffcefb68c58a36c9b1eac1960d1d4b04e3224
EBUILD sandbox-2.10-r4.ebuild 2222 BLAKE2B 5f0e178bafb0f28dcf320452c64317d9883afee0a68c09190e3293bd857b5ee816e4656b01b5e1dbb7664802d0e13a05540ab4ba61a04c93788dc1d21cee7c95 SHA512 dca8808e22888f5542a1233604a84b0a5e9952bf6e8792b24a716e477b254fc90ac1efc0cff0eccf832f10026cf56341011e227001c70f0d5eaab36c89b5a23c
EBUILD sandbox-2.12.ebuild 1931 BLAKE2B cd545ca0c7b3b1ca9672e7a0562da03b9eae5dbef36cec7d1eb59d452785ee8f11c03b9a25a9cfe0862a923d5b0f9349c15c6076f9735062cb43505607520b73 SHA512 2a5ec9b1aacfb63d3c4d8f64d067091ab28c7f54ca295a857d14d11d1f4e410c5475cf32d0801cfa1362ce57045da0ef5e1f413a1b56dc541c5efe56d4410d7c
EBUILD sandbox-2.13.ebuild 1938 BLAKE2B 26db9bc8c8334a4a20bcb09765861f6ed6b6a3da6edd02cc9438943fc18271a9ffa90a26d37e2f648cdd5073a22de71decc21417db1ea331833f11d146f5ce4d SHA512 11cd256384d562de308cd579a04c3742dc436a8e3f4e30cc66d837373c2352b99b23bd4fbfee6fa61b74b7e1eaae95b7ffec1f0fb9785979b783c17f420cdbe7
MISC metadata.xml 252 BLAKE2B d709f9b334b2810c5ffe7d73ef430f0f347f26f7649bca4bb8803c8e0be106534bcee6efae4f80b6fb1781b09284bb3dbc32d8dff4a3aa01a924fd3437b9da7c SHA512 de8b6a78dcc379d1d34960caecdab8da9fdb9a9f010ec8611cab79487b5f28f6ae80c8b0884731fa91c4ae98482a195faa8d1ec911b1d95fafdfe9cd622cc5d9

42
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch vendored
View File

@ -1,42 +0,0 @@
From 25425878243c5ca1ff21e6f479e585c60b943930 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Mon, 30 Mar 2009 19:56:29 -0400
Subject: [PATCH] libsandbox: handle more *at functions
Add some more *at functions to the main checking code.
URL: http://bugs.gentoo.org/264320
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Reported-by: Harald van Dijk <truedfx@gentoo.org>
---
libsandbox/libsandbox.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 88248af..c3f0b55 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -681,15 +681,20 @@ static int check_access(sbcontext_t *sbcontext, int sb_nr, const char *func,
sb_nr == SB_NR_CREAT ||
sb_nr == SB_NR_CREAT64 ||
sb_nr == SB_NR_MKDIR ||
+ sb_nr == SB_NR_MKDIRAT ||
sb_nr == SB_NR_MKNOD ||
sb_nr == SB_NR_MKNODAT ||
sb_nr == SB_NR__XMKNOD ||
sb_nr == SB_NR___XMKNOD ||
sb_nr == SB_NR___XMKNODAT ||
sb_nr == SB_NR_MKFIFO ||
+ sb_nr == SB_NR_MKFIFOAT ||
sb_nr == SB_NR_LINK ||
+ sb_nr == SB_NR_LINKAT ||
sb_nr == SB_NR_SYMLINK ||
+ sb_nr == SB_NR_SYMLINKAT ||
sb_nr == SB_NR_RENAME ||
+ sb_nr == SB_NR_RENAMEAT ||
sb_nr == SB_NR_LUTIMES ||
sb_nr == SB_NR_UTIMENSAT ||
sb_nr == SB_NR_UTIME ||
--
1.6.2

37
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-1.6-disable-pthread.patch vendored
View File

@ -1,37 +0,0 @@
http://bugs.gentoo.org/263657
disable pthread locks ... this is how stable has always worked, so there
wont be any regressions ...
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 034d0e7..595d17f 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -814,9 +814,6 @@
return result;
}
-/* Need to protect the global sbcontext structure */
-static pthread_mutex_t sb_syscall_lock = PTHREAD_MUTEX_INITIALIZER;
-
bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, int flags)
{
int old_errno = errno;
@@ -843,8 +840,6 @@
file = at_file_buf;
}
- pthread_mutex_lock(&sb_syscall_lock);
-
if (!sb_init) {
init_context(&sbcontext);
sb_init = true;
@@ -885,8 +880,6 @@
result = check_syscall(&sbcontext, sb_nr, func, file, flags);
- pthread_mutex_unlock(&sb_syscall_lock);
-
if (0 == result) {
if ((NULL != getenv(ENV_SANDBOX_PID)) && (is_env_on(ENV_SANDBOX_ABORT)))

13
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch vendored
View File

@ -1,13 +0,0 @@
sandbox-1.7 traces static apps so disable the qa notice as it just scares
users ... dont want scary stuff in stable!
--- libsandbox/wrapper-funcs/__wrapper_exec.c
+++ libsandbox/wrapper-funcs/__wrapper_exec.c
@@ -221,7 +221,6 @@
if (!FUNCTION_SANDBOX_SAFE(path))
return result;
- sb_check_exec(path, argv);
}
#endif

77
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.10-disable-same.patch vendored Normal file
View File

@ -0,0 +1,77 @@
From 7a923f646ce10b7dec3c7ae5fe2079c10aa21752 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sun, 20 Dec 2015 16:08:16 -0500
Subject: [PATCH] libsbutil: gnulib: hand disable same_name usage
We don't provide same_name because the one caller we don't use, but it
relies on gc-sections to avoid link errors. That flag doesn't work on
ia64 though, so we need to hand delete the one caller. Ugh.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsbutil/gnulib/hash-triple.c | 9 ---------
libsbutil/gnulib/same.h | 25 -------------------------
2 files changed, 34 deletions(-)
delete mode 100644 libsbutil/gnulib/same.h
diff --git a/libsbutil/gnulib/hash-triple.c b/libsbutil/gnulib/hash-triple.c
index c3b6d9f..06cfbdf 100644
--- a/libsbutil/gnulib/hash-triple.c
+++ b/libsbutil/gnulib/hash-triple.c
@@ -24,7 +24,6 @@
#include <string.h>
#include "hash-pjw.h"
-#include "same.h"
#include "same-inode.h"
#define STREQ(a, b) (strcmp (a, b) == 0)
@@ -52,14 +51,6 @@ triple_hash_no_name (void const *x, size_t table_size)
/* Compare two F_triple structs. */
bool
-triple_compare (void const *x, void const *y)
-{
- struct F_triple const *a = x;
- struct F_triple const *b = y;
- return (SAME_INODE (*a, *b) && same_name (a->name, b->name)) ? true : false;
-}
-
-bool
triple_compare_ino_str (void const *x, void const *y)
{
struct F_triple const *a = x;
diff --git a/libsbutil/gnulib/same.h b/libsbutil/gnulib/same.h
deleted file mode 100644
index ee313c5..0000000
--- a/libsbutil/gnulib/same.h
+++ /dev/null
@@ -1,25 +0,0 @@
-/* Determine whether two file names refer to the same file.
-
- Copyright (C) 1997-2000, 2003-2004, 2009-2015 Free Software Foundation, Inc.
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>. */
-
-#ifndef SAME_H_
-# define SAME_H_ 1
-
-# include <stdbool.h>
-
-bool same_name (const char *source, const char *dest);
-
-#endif /* SAME_H_ */
--
2.6.2

79
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.10-fix-opendir.patch vendored Normal file
View File

@ -0,0 +1,79 @@
From 3f668dc6ba1910085e61b3a24167ab1352c60d92 Mon Sep 17 00:00:00 2001
From: Mart Raudsepp <leio@gentoo.org>
Date: Fri, 11 Nov 2016 12:34:48 +0200
Subject: [PATCH] libsandbox: do not abort with a long name to opendir
Add a pre-check for opendir that catches too long name arguments
given to opendir, as it would get messed up and abort before it
even gets to the open*() syscall (which would handle it correctly),
due to opendir going through before_syscall/check_syscall, even
though it isn't a true syscall and it getting cut to SB_PATH_MAX
inbetween and getting confused somewhere.
URL: https://bugs.gentoo.org/553092
Signed-off-by: Mart Raudsepp <leio@gentoo.org>
---
libsandbox/wrapper-funcs/opendir.c | 2 ++
libsandbox/wrapper-funcs/opendir_pre_check.c | 26 ++++++++++++++++++++++++++
libsandbox/wrappers.h | 1 +
3 files changed, 29 insertions(+)
create mode 100644 libsandbox/wrapper-funcs/opendir_pre_check.c
diff --git a/libsandbox/wrapper-funcs/opendir.c b/libsandbox/wrapper-funcs/opendir.c
index 7670775..70c2692 100644
--- a/libsandbox/wrapper-funcs/opendir.c
+++ b/libsandbox/wrapper-funcs/opendir.c
@@ -10,4 +10,6 @@
#define WRAPPER_SAFE() SB_SAFE(name)
#define WRAPPER_RET_TYPE DIR *
#define WRAPPER_RET_DEFAULT NULL
+#define WRAPPER_PRE_CHECKS() sb_opendir_pre_check(STRING_NAME, name)
+
#include "__wrapper_simple.c"
diff --git a/libsandbox/wrapper-funcs/opendir_pre_check.c b/libsandbox/wrapper-funcs/opendir_pre_check.c
new file mode 100644
index 0000000..60c869f
--- /dev/null
+++ b/libsandbox/wrapper-funcs/opendir_pre_check.c
@@ -0,0 +1,26 @@
+/*
+ * opendir() pre-check.
+ *
+ * Copyright 1999-2016 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+bool sb_opendir_pre_check(const char *func, const char *name)
+{
+ /* If length of name is larger than PATH_MAX, we would mess it up
+ * before it reaches the open syscall, which would cleanly error out
+ * via sandbox as well (actually with much smaller lengths than even
+ * PATH_MAX).
+ * So error out early in this case, in order to avoid an abort in
+ * check_syscall later on, which gets ran for opendir, despite it not
+ * being a syscall.
+ */
+ if (strnlen(name, PATH_MAX) == PATH_MAX) {
+ errno = ENAMETOOLONG;
+ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
+ func, name, strerror(errno));
+ return false;
+ }
+
+ return true;
+}
diff --git a/libsandbox/wrappers.h b/libsandbox/wrappers.h
index 0aa58bb..bf5bf64 100644
--- a/libsandbox/wrappers.h
+++ b/libsandbox/wrappers.h
@@ -27,6 +27,7 @@ attribute_hidden bool sb_fopen64_pre_check (const char *func, const char *pathn
attribute_hidden bool sb_mkdirat_pre_check (const char *func, const char *pathname, int dirfd);
attribute_hidden bool sb_openat_pre_check (const char *func, const char *pathname, int dirfd, int flags);
attribute_hidden bool sb_openat64_pre_check (const char *func, const char *pathname, int dirfd, int flags);
+attribute_hidden bool sb_opendir_pre_check (const char *func, const char *name);
attribute_hidden bool sb_unlinkat_pre_check (const char *func, const char *pathname, int dirfd);
attribute_hidden bool sb_common_at_pre_check(const char *func, const char **pathname, int dirfd,
char *dirfd_path, size_t dirfd_path_len);
--
2.9.0

42
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.10-memory-corruption.patch vendored Normal file
View File

@ -0,0 +1,42 @@
From 529a388ebb1b4e9d6ad8a1bb61dd8211833a5976 Mon Sep 17 00:00:00 2001
From: Denis Lisov <dennis.lissov@gmail.com>
Date: Sat, 19 Dec 2015 19:13:58 +0300
Subject: [PATCH] libsandbox: fix old_malloc_size check on realloc
Realloc uses SB_MALLOC_TO_SIZE assuming it returns the usable size,
while it is really the mmap size, which is greater. Thus it may fail
to reallocate even if required.
URL: https://bugs.gentoo.org/568714
Signed-off-by: Denis Lisov <dennis.lissov@gmail.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsandbox/memory.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libsandbox/memory.c b/libsandbox/memory.c
index 8581128..a2d69a2 100644
--- a/libsandbox/memory.c
+++ b/libsandbox/memory.c
@@ -40,7 +40,8 @@ static int sb_munmap(void *addr, size_t length)
#define SB_MALLOC_TO_MMAP(ptr) ((void*)((uintptr_t)(ptr) - MIN_ALIGN))
#define SB_MMAP_TO_MALLOC(ptr) ((void*)((uintptr_t)(ptr) + MIN_ALIGN))
-#define SB_MALLOC_TO_SIZE(ptr) (*((size_t*)SB_MALLOC_TO_MMAP(ptr)))
+#define SB_MALLOC_TO_MMAP_SIZE(ptr) (*((size_t*)SB_MALLOC_TO_MMAP(ptr)))
+#define SB_MALLOC_TO_SIZE(ptr) (SB_MALLOC_TO_MMAP_SIZE(ptr) - MIN_ALIGN)
void *malloc(size_t size)
{
@@ -57,7 +58,7 @@ void free(void *ptr)
{
if (ptr == NULL)
return;
- if (munmap(SB_MALLOC_TO_MMAP(ptr), SB_MALLOC_TO_SIZE(ptr)))
+ if (munmap(SB_MALLOC_TO_MMAP(ptr), SB_MALLOC_TO_MMAP_SIZE(ptr)))
sb_ebort("sandbox memory corruption with free(%p): %s\n",
ptr, strerror(errno));
}
--
2.6.2

124
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.11-symlinkat-renameat.patch vendored Normal file
View File

@ -0,0 +1,124 @@
From 4c47cfa22802fd8201586bef233d8161df4ff61b Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Fri, 10 Mar 2017 10:15:50 -0800
Subject: [PATCH] libsandbox: whitelist renameat/symlinkat as symlink funcs
These funcs don't deref their path args, so flag them as such.
URL: https://bugs.gentoo.org/612202
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsandbox/libsandbox.c | 4 +++-
tests/renameat-2.sh | 12 ++++++++++++
tests/renameat-3.sh | 11 +++++++++++
tests/renameat.at | 2 ++
tests/symlinkat-2.sh | 10 ++++++++++
tests/symlinkat-3.sh | 9 +++++++++
tests/symlinkat.at | 2 ++
7 files changed, 49 insertions(+), 1 deletion(-)
create mode 100755 tests/renameat-2.sh
create mode 100755 tests/renameat-3.sh
create mode 100755 tests/symlinkat-2.sh
create mode 100755 tests/symlinkat-3.sh
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index e809308d717d..de48bd79ba53 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -650,8 +650,10 @@ static bool symlink_func(int sb_nr, int flags, const char *abs_path)
sb_nr == SB_NR_LCHOWN ||
sb_nr == SB_NR_REMOVE ||
sb_nr == SB_NR_RENAME ||
+ sb_nr == SB_NR_RENAMEAT ||
sb_nr == SB_NR_RMDIR ||
- sb_nr == SB_NR_SYMLINK))
+ sb_nr == SB_NR_SYMLINK ||
+ sb_nr == SB_NR_SYMLINKAT))
{
/* These funcs sometimes operate on symlinks */
if (!((sb_nr == SB_NR_FCHOWNAT ||
diff --git a/tests/renameat-2.sh b/tests/renameat-2.sh
new file mode 100755
index 000000000000..d0fbe8ae4574
--- /dev/null
+++ b/tests/renameat-2.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+# make sure we can clobber symlinks #612202
+
+addwrite $PWD
+
+ln -s /asdf sym || exit 1
+touch file
+renameat-0 0 AT_FDCWD file AT_FDCWD sym || exit 1
+[ ! -e file ]
+[ ! -L sym ]
+[ -e sym ]
+test ! -s "${SANDBOX_LOG}"
diff --git a/tests/renameat-3.sh b/tests/renameat-3.sh
new file mode 100755
index 000000000000..9ae5c9a6511a
--- /dev/null
+++ b/tests/renameat-3.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+# make sure we reject bad renames #612202
+
+addwrite $PWD
+mkdir deny
+adddeny $PWD/deny
+
+touch file
+renameat-0 -1,EACCES AT_FDCWD file AT_FDCWD deny/file || exit 1
+[ -e file ]
+test -s "${SANDBOX_LOG}"
diff --git a/tests/renameat.at b/tests/renameat.at
index 081d7d20277e..eec4638deeaa 100644
--- a/tests/renameat.at
+++ b/tests/renameat.at
@@ -1 +1,3 @@
SB_CHECK(1)
+SB_CHECK(2)
+SB_CHECK(3)
diff --git a/tests/symlinkat-2.sh b/tests/symlinkat-2.sh
new file mode 100755
index 000000000000..168362e8806f
--- /dev/null
+++ b/tests/symlinkat-2.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+# make sure we can clobber symlinks #612202
+
+addwrite $PWD
+
+symlinkat-0 0 /asdf AT_FDCWD ./sym || exit 1
+[ -L sym ]
+symlinkat-0 -1,EEXIST /asdf AT_FDCWD ./sym || exit 1
+[ -L sym ]
+test ! -s "${SANDBOX_LOG}"
diff --git a/tests/symlinkat-3.sh b/tests/symlinkat-3.sh
new file mode 100755
index 000000000000..a01c750dd2b6
--- /dev/null
+++ b/tests/symlinkat-3.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+# make sure we reject bad symlinks #612202
+
+addwrite $PWD
+mkdir deny
+adddeny $PWD/deny
+
+symlinkat-0 -1,EACCES ./ AT_FDCWD deny/sym || exit 1
+test -s "${SANDBOX_LOG}"
diff --git a/tests/symlinkat.at b/tests/symlinkat.at
index 081d7d20277e..eec4638deeaa 100644
--- a/tests/symlinkat.at
+++ b/tests/symlinkat.at
@@ -1 +1,3 @@
SB_CHECK(1)
+SB_CHECK(2)
+SB_CHECK(3)
--
2.12.0

201
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.6-check-empty-paths-at.patch vendored
View File

@ -1,201 +0,0 @@
From dd726dcc6a95355d0e0cc949018d9c8aefc89a02 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Mon, 24 Dec 2012 19:41:49 -0500
Subject: [PATCH 1/2] libsandbox: reject "" paths with *at funcs before
checking the dirfd
When it comes to processing errors, an empty path is checked before
an invalid dirfd. Make sure sandbox matches that behavior for the
random testsuites out there that look for this.
URL: https://bugs.gentoo.org/346929
Reported-by: Marien Zwart <marienz@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsandbox/wrapper-funcs/__pre_check.c | 2 ++
libsandbox/wrapper-funcs/mkdirat_pre_check.c | 17 +++++------------
libsandbox/wrapper-funcs/openat_pre_check.c | 15 ++++-----------
libsandbox/wrapper-funcs/unlinkat_pre_check.c | 17 +++++------------
libsandbox/wrappers.h | 2 ++
tests/mkdirat-3.sh | 7 +++++++
tests/mkdirat.at | 1 +
tests/openat-2.sh | 9 +++++++++
tests/openat.at | 1 +
tests/unlinkat-4.sh | 7 +++++++
tests/unlinkat.at | 1 +
11 files changed, 44 insertions(+), 35 deletions(-)
create mode 100755 tests/mkdirat-3.sh
create mode 100755 tests/openat-2.sh
create mode 100755 tests/unlinkat-4.sh
diff --git a/libsandbox/wrapper-funcs/__pre_check.c b/libsandbox/wrapper-funcs/__pre_check.c
index 2d5711f..28ad91f 100644
--- a/libsandbox/wrapper-funcs/__pre_check.c
+++ b/libsandbox/wrapper-funcs/__pre_check.c
@@ -20,3 +20,5 @@
#if SB_NR_UNLINK != SB_NR_UNDEF && SB_NR_UNLINKAT == SB_NR_UNDEF
# include "unlinkat_pre_check.c"
#endif
+
+#include "__pre_at_check.c"
diff --git a/libsandbox/wrapper-funcs/mkdirat_pre_check.c b/libsandbox/wrapper-funcs/mkdirat_pre_check.c
index 77a65df..0b48d1f 100644
--- a/libsandbox/wrapper-funcs/mkdirat_pre_check.c
+++ b/libsandbox/wrapper-funcs/mkdirat_pre_check.c
@@ -1,20 +1,13 @@
bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd)
{
char canonic[SB_PATH_MAX];
- char dirfd_path[SB_PATH_MAX];
save_errno();
- /* Expand the dirfd path first */
- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
- case -1:
- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
- func, pathname, strerror(errno));
- return false;
- case 0:
- pathname = dirfd_path;
- break;
- }
+ /* Check incoming args against common *at issues */
+ char dirfd_path[SB_PATH_MAX];
+ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path)))
+ return false;
/* Then break down any relative/symlink paths */
if (-1 == canonicalize(pathname, canonic))
diff --git a/libsandbox/wrapper-funcs/openat_pre_check.c b/libsandbox/wrapper-funcs/openat_pre_check.c
index 0127708..5fd5eaa 100644
--- a/libsandbox/wrapper-funcs/openat_pre_check.c
+++ b/libsandbox/wrapper-funcs/openat_pre_check.c
@@ -15,17 +15,10 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int
save_errno();
- /* Expand the dirfd path first */
+ /* Check incoming args against common *at issues */
char dirfd_path[SB_PATH_MAX];
- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
- case -1:
- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
- func, pathname, strerror(errno));
- return false;
- case 0:
- pathname = dirfd_path;
- break;
- }
+ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path)))
+ return false;
/* Doesn't exist -> skip permission checks */
struct stat st;
diff --git a/libsandbox/wrapper-funcs/unlinkat_pre_check.c b/libsandbox/wrapper-funcs/unlinkat_pre_check.c
index 9f5e7d7..c004d15 100644
--- a/libsandbox/wrapper-funcs/unlinkat_pre_check.c
+++ b/libsandbox/wrapper-funcs/unlinkat_pre_check.c
@@ -1,20 +1,13 @@
bool sb_unlinkat_pre_check(const char *func, const char *pathname, int dirfd)
{
char canonic[SB_PATH_MAX];
- char dirfd_path[SB_PATH_MAX];
save_errno();
- /* Expand the dirfd path first */
- switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
- case -1:
- sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
- func, pathname, strerror(errno));
- return false;
- case 0:
- pathname = dirfd_path;
- break;
- }
+ /* Check incoming args against common *at issues */
+ char dirfd_path[SB_PATH_MAX];
+ if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path)))
+ return false;
/* Then break down any relative/symlink paths */
if (-1 == canonicalize(pathname, canonic))
diff --git a/libsandbox/wrappers.h b/libsandbox/wrappers.h
index 5b97787..0aa58bb 100644
--- a/libsandbox/wrappers.h
+++ b/libsandbox/wrappers.h
@@ -28,5 +28,7 @@ attribute_hidden bool sb_mkdirat_pre_check (const char *func, const char *pathn
attribute_hidden bool sb_openat_pre_check (const char *func, const char *pathname, int dirfd, int flags);
attribute_hidden bool sb_openat64_pre_check (const char *func, const char *pathname, int dirfd, int flags);
attribute_hidden bool sb_unlinkat_pre_check (const char *func, const char *pathname, int dirfd);
+attribute_hidden bool sb_common_at_pre_check(const char *func, const char **pathname, int dirfd,
+ char *dirfd_path, size_t dirfd_path_len);
#endif
--
1.8.1.2
From 0b8a6d9773cc0e6d86bf1187f46817d5716698fe Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Mon, 24 Dec 2012 19:41:49 -0500
Subject: [PATCH 2/2] libsandbox: reject "" paths with *at funcs before
checking the dirfd [missing file]
When it comes to processing errors, an empty path is checked before
an invalid dirfd. Make sure sandbox matches that behavior for the
random testsuites out there that look for this.
Forgot to `git add` in the previous commit :/.
URL: https://bugs.gentoo.org/346929
Reported-by: Marien Zwart <marienz@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsandbox/wrapper-funcs/__pre_at_check.c | 34 +++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
create mode 100644 libsandbox/wrapper-funcs/__pre_at_check.c
diff --git a/libsandbox/wrapper-funcs/__pre_at_check.c b/libsandbox/wrapper-funcs/__pre_at_check.c
new file mode 100644
index 0000000..f72c40c
--- /dev/null
+++ b/libsandbox/wrapper-funcs/__pre_at_check.c
@@ -0,0 +1,34 @@
+/*
+ * common *at() pre-checks.
+ *
+ * Copyright 1999-2012 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+/* We assume the parent has nested use with save/restore errno */
+bool sb_common_at_pre_check(const char *func, const char **pathname, int dirfd,
+ char *dirfd_path, size_t dirfd_path_len)
+{
+ /* the empty path name should fail with ENOENT before any dirfd
+ * checks get a chance to run #346929
+ */
+ if (*pathname && *pathname[0] == '\0') {
+ errno = ENOENT;
+ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
+ func, *pathname, strerror(errno));
+ return false;
+ }
+
+ /* Expand the dirfd path first */
+ switch (resolve_dirfd_path(dirfd, *pathname, dirfd_path, dirfd_path_len)) {
+ case -1:
+ sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
+ func, *pathname, strerror(errno));
+ return false;
+ case 0:
+ *pathname = dirfd_path;
+ break;
+ }
+
+ return true;
+}
--
1.8.1.2

30
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.6-desktop.patch vendored
View File

@ -1,30 +0,0 @@
From 00044ab0c8aaaabf048b5ff0ec2da5b3d7d25752 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sat, 17 Nov 2012 14:14:26 -0500
Subject: [PATCH] sandbox.desktop: drop .svg from Icon field
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
URL: http://bugs.gentoo.org/443672
Reported-by: Petteri Räty <betelgeuse@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
data/sandbox.desktop | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/data/sandbox.desktop b/data/sandbox.desktop
index 5b5b576..27a887e 100644
--- a/data/sandbox.desktop
+++ b/data/sandbox.desktop
@@ -5,6 +5,6 @@ Type=Application
Comment=launch a sandboxed shell ... useful for debugging ebuilds
Exec=sandbox
TryExec=sandbox
-Icon=sandbox.svg
+Icon=sandbox
Categories=Development;
Terminal=true
--
1.8.1.2

13
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.6-gcc-5.patch vendored
View File

@ -1,13 +0,0 @@
fix building w/gcc-5
--- a/libsandbox/Makefile.in
+++ b/libsandbox/Makefile.in
@@ -68,7 +68,7 @@ sb_nr.h: symbols.h $(SB_NR_FILE)
TRACE_MAKE_HEADER = \
$(SB_AWK) $(GEN_TRACE_SCRIPT) -v MODE=gen | \
- $(COMPILE) -E -include $(top_srcdir)/headers.h - $$f | \
+ $(COMPILE) -E -P -include $(top_srcdir)/headers.h - $$f | \
$(SB_AWK) $(GEN_TRACE_SCRIPT) -v syscall_prefix=$$t > $$header
trace_syscalls.h: $(GEN_TRACE_SCRIPT) Makefile
if SB_SCHIZO

51
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.6-log-var.patch vendored
View File

@ -1,51 +0,0 @@
From 853b42c86432eefc6d4cfba86197fb37d446366d Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sun, 3 Mar 2013 05:34:09 -0500
Subject: [PATCH] sandbox: accept SANDBOX_LOG vars whatever their values
Commit 40abb498ca4a24495fe34e133379382ce8c3eaca subtly broke the sandbox
with portage. It changed how the sandbox log env var was accessed by
moving from getenv() to get_sandbox_log(). The latter has path checking
and will kick out values that contain a slash. That means every time a
new process starts, a new sandbox log path will be generated, and when a
program triggers a violation, it'll write to the new file. Meanwhile,
portage itself watches the original one which never gets updated.
This code has been around forever w/out documentation, and I can't think
of a reason we need it. So punt it.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsbutil/get_sandbox_log.c | 14 +++++---------
1 file changed, 5 insertions(+), 9 deletions(-)
diff --git a/libsbutil/get_sandbox_log.c b/libsbutil/get_sandbox_log.c
index a79b399..bdb4278 100644
--- a/libsbutil/get_sandbox_log.c
+++ b/libsbutil/get_sandbox_log.c
@@ -21,17 +21,13 @@ static void _get_sb_log(char *path, const char *tmpdir, const char *env, const c
sandbox_log_env = getenv(env);
- if (sandbox_log_env && is_env_on(ENV_SANDBOX_TESTING)) {
- /* When testing, just use what the env says to */
+ if (sandbox_log_env) {
+ /* If the env is viable, roll with it. We aren't really
+ * about people breaking the security of the sandbox by
+ * exporting SANDBOX_LOG=/dev/null.
+ */
strncpy(path, sandbox_log_env, SB_PATH_MAX);
} else {
- /* THIS CHUNK BREAK THINGS BY DOING THIS:
- * SANDBOX_LOG=/tmp/sandbox-app-admin/superadduser-1.0.7-11063.log
- */
- if ((NULL != sandbox_log_env) &&
- (NULL != strchr(sandbox_log_env, '/')))
- sandbox_log_env = NULL;
-
snprintf(path, SB_PATH_MAX, "%s%s%s%s%d%s",
SANDBOX_LOG_LOCATION, prefix,
(sandbox_log_env == NULL ? "" : sandbox_log_env),
--
1.8.1.2

29
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.6-no-pch.patch vendored
View File

@ -1,29 +0,0 @@
gcc crashes when trying to use pch under hardened kernels
http://bugs.gentoo.org/425524
--- Makefile.in
+++ Makefile.in
@@ -300,7 +300,7 @@
src \
tests
-SANDBOX_PCH = headers.h.gch libsandbox/headers.h.gch libsbutil/headers.h.gch
+SANDBOX_PCH =
BUILT_SOURCES = $(SANDBOX_PCH)
noinst_LTLIBRARIES = libpch.la
nodist_libpch_la_SOURCES = $(SANDBOX_PCH)
@@ -862,10 +862,9 @@
$(builddir)/headers.h.gch: headers.h
$(AM_V_GEN)$(COMPILE) -c -o $@.o $< && $(GCH_CP)
-libsbutil: libsbutil/headers.h.gch
-libsandbox: libsbutil libsandbox/headers.h.gch
-src: libsbutil headers.h.gch
-tests: src headers.h.gch
+libsandbox: libsbutil
+src: libsbutil
+tests: src
ChangeLog:
touch ChangeLog

54
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.6-open-nofollow.patch vendored
View File

@ -1,54 +0,0 @@
From 45fa8714a1d35e6555083d88a71851ada2aacac4 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Mon, 24 Dec 2012 18:46:29 -0500
Subject: [PATCH] libsandbox: handle open(O_NOFOLLOW)
We don't check for O_NOFOLLOW in the open wrappers, so we end up
returning the wrong error when operating on broken symlinks.
URL: https://bugs.gentoo.org/413441
Reported-by: Marien Zwart <marienz@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsandbox/wrapper-funcs/__64_post.h | 1 +
libsandbox/wrapper-funcs/__64_pre.h | 1 +
libsandbox/wrapper-funcs/openat_pre_check.c | 2 +-
tests/open-2.sh | 10 ++++++++++
tests/open.at | 1 +
5 files changed, 14 insertions(+), 1 deletion(-)
create mode 100755 tests/open-2.sh
diff --git a/libsandbox/wrapper-funcs/__64_post.h b/libsandbox/wrapper-funcs/__64_post.h
index 2fd2182..82d2a16 100644
--- a/libsandbox/wrapper-funcs/__64_post.h
+++ b/libsandbox/wrapper-funcs/__64_post.h
@@ -1,3 +1,4 @@
#undef SB64
#undef stat
+#undef lstat
#undef off_t
diff --git a/libsandbox/wrapper-funcs/__64_pre.h b/libsandbox/wrapper-funcs/__64_pre.h
index 2132110..0b34b25 100644
--- a/libsandbox/wrapper-funcs/__64_pre.h
+++ b/libsandbox/wrapper-funcs/__64_pre.h
@@ -1,3 +1,4 @@
#define SB64
#define stat stat64
+#define lstat lstat64
#define off_t off64_t
diff --git a/libsandbox/wrapper-funcs/openat_pre_check.c b/libsandbox/wrapper-funcs/openat_pre_check.c
index c827ee6..0127708 100644
--- a/libsandbox/wrapper-funcs/openat_pre_check.c
+++ b/libsandbox/wrapper-funcs/openat_pre_check.c
@@ -29,7 +29,7 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int
/* Doesn't exist -> skip permission checks */
struct stat st;
- if (-1 == stat(pathname, &st)) {
+ if (((flags & O_NOFOLLOW) ? lstat(pathname, &st) : stat(pathname, &st)) == -1) {
sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
func, pathname, strerror(errno));
return false;
--
1.8.1.2

93
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.6-static-close-fd.patch vendored
View File

@ -1,93 +0,0 @@
From a3ff1534945c3898332b2481c9fd355dfbd56e1f Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sat, 23 Jun 2012 11:52:51 -0700
Subject: [PATCH] libsandbox: clean up open file handles in parent tracing
process
Currently, if a non-static app sets up a pipe (with cloexec enabled) and
executes a static app, the handle to that pipe is left open in the parent
process. This causes trouble when the parent is waiting for that to be
closed immediately.
Since none of the fds in the forked parent process matter to us, we can
just go ahead and clean up all fds before we start tracing the child.
URL: http://bugs.gentoo.org/364877
Reported-by: Victor Stinner <victor.stinner@haypocalc.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsandbox/trace.c | 3 +-
libsbutil/sb_close.c | 26 +++++++++++-
libsbutil/sbutil.h | 1 +
tests/Makefile.am | 2 +
tests/pipe-fork_static_tst.c | 18 +++++++++
tests/pipe-fork_tst.c | 95 ++++++++++++++++++++++++++++++++++++++++++++
tests/script-9.sh | 5 +++
tests/script.at | 1 +
8 files changed, 149 insertions(+), 2 deletions(-)
create mode 100644 tests/pipe-fork_static_tst.c
create mode 100644 tests/pipe-fork_tst.c
create mode 100755 tests/script-9.sh
diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index 32ad2d6..dfbab18 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -504,8 +504,9 @@ void trace_main(const char *filename, char *const argv[])
/* Not all kernel versions support this, so ignore return */
ptrace(PTRACE_SETOPTIONS, trace_pid, NULL, (void *)PTRACE_O_TRACESYSGOOD);
#endif
+ sb_close_all_fds();
trace_loop();
- return;
+ sb_ebort("ISE: child should have quit, as should we\n");
}
sb_debug("child setting up ...");
diff --git a/libsbutil/sb_close.c b/libsbutil/sb_close.c
index 17a4560..5379197 100644
--- a/libsbutil/sb_close.c
+++ b/libsbutil/sb_close.c
@@ -29,3 +29,27 @@ int sb_close(int fd)
return res;
}
+
+/* Quickly close all the open fds (good for daemonization) */
+void sb_close_all_fds(void)
+{
+ DIR *dirp;
+ struct dirent *de;
+ int dfd, fd;
+ const char *fd_dir = sb_get_fd_dir();
+
+ dirp = opendir(fd_dir);
+ if (!dirp)
+ sb_ebort("could not process %s\n", fd_dir);
+ dfd = dirfd(dirp);
+
+ while ((de = readdir(dirp)) != NULL) {
+ if (de->d_name[0] == '.')
+ continue;
+ fd = atoi(de->d_name);
+ if (fd != dfd)
+ close(fd);
+ }
+
+ closedir(dirp);
+}
diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h
index 02b88cb..479734b 100644
--- a/libsbutil/sbutil.h
+++ b/libsbutil/sbutil.h
@@ -97,6 +97,7 @@ int sb_open(const char *path, int flags, mode_t mode);
size_t sb_read(int fd, void *buf, size_t count);
size_t sb_write(int fd, const void *buf, size_t count);
int sb_close(int fd);
+void sb_close_all_fds(void);
int sb_copy_file_to_fd(const char *file, int ofd);
/* Reliable output */
--
1.8.1.2

27
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/files/sandbox-2.6-trace-hppa.patch vendored
View File

@ -1,27 +0,0 @@
From 7b01f6103a9baddaf0252e7f850a4cef91a48b67 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Fri, 6 Jul 2012 14:58:16 -0400
Subject: [PATCH] libsandbox: fix hppa trace code
URL: https://bugs.gentoo.org/425062
Reported-by: Jeroen Roovers <jer@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
libsandbox/trace/linux/hppa.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libsandbox/trace/linux/hppa.c b/libsandbox/trace/linux/hppa.c
index d23b0d1..5414354 100644
--- a/libsandbox/trace/linux/hppa.c
+++ b/libsandbox/trace/linux/hppa.c
@@ -1,5 +1,5 @@
-#define trace_reg_sysnum (20 * 4) /* PT_GR20 */
-#define trace_reg_ret (28 * 4) /* PT_GR28 */
+#define trace_reg_sysnum gr[20]
+#define trace_reg_ret gr[28]
static unsigned long trace_arg(void *vregs, int num)
{
--
1.7.9.7

7
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/metadata.xml vendored
View File

@ -1,11 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<!-- portage lacks a herd. correct this when we have one. -->
<maintainer>
<maintainer type="project">
<email>sandbox@gentoo.org</email>
<description>Sandbox Maintainers</description>
<name>Sandbox Maintainers</name>
</maintainer>
</pkgmetadata>

104
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-1.6-r2.ebuild vendored
View File

@ -1,104 +0,0 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-1.6-r2.ebuild,v 1.18 2013/11/14 21:36:59 vapier Exp $
#
# don't monkey with this ebuild unless contacting portage devs.
# period.
#
inherit eutils flag-o-matic toolchain-funcs multilib unpacker
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="http://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="mirror://gentoo/${P}.tar.lzma
http://dev.gentoo.org/~vapier/dist/${P}.tar.lzma"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd"
IUSE=""
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
EMULTILIB_PKG="true"
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES=-sandbox emerge sandbox"
}
src_unpack() {
unpacker_src_unpack
cd "${S}"
epatch "${FILESDIR}"/${P}-disable-qa-static.patch
epatch "${FILESDIR}"/${P}-disable-pthread.patch
epatch "${FILESDIR}"/0001-libsandbox-handle-more-at-functions.patch
}
src_compile() {
filter-lfs-flags #90228
local OABI=${ABI}
for ABI in $(get_install_abis) ; do
mkdir "${WORKDIR}/build-${ABI}"
cd "${WORKDIR}/build-${ABI}"
multilib_toolchain_setup ${ABI}
einfo "Configuring sandbox for ABI=${ABI}..."
ECONF_SOURCE="../${P}/" \
econf ${myconf} || die
einfo "Building sandbox for ABI=${ABI}..."
emake || die
done
ABI=${OABI}
}
src_test() {
local OABI=${ABI}
for ABI in $(get_install_abis) ; do
cd "${WORKDIR}/build-${ABI}"
einfo "Checking sandbox for ABI=${ABI}..."
emake check || die "make check failed for ${ABI}"
done
ABI=${OABI}
}
src_install() {
local OABI=${ABI}
for ABI in $(get_install_abis) ; do
cd "${WORKDIR}/build-${ABI}"
einfo "Installing sandbox for ABI=${ABI}..."
emake DESTDIR="${D}" install || die "make install failed for ${ABI}"
done
ABI=${OABI}
doenvd "${FILESDIR}"/09sandbox
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
cd "${S}"
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${D}"/var/log/sandbox
chmod 0770 "${D}"/var/log/sandbox
local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
elog ${old//${ROOT}}
find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
fi
}
pkg_postinst() {
chmod 0755 "${ROOT}"/etc/sandbox.d #265376
}

84
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-2.10-r3.ebuild vendored Normal file
View File

@ -0,0 +1,84 @@
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
#
# don't monkey with this ebuild unless contacting portage devs.
# period.
#
EAPI="5"
inherit eutils flag-o-matic multilib-minimal multiprocessing pax-utils
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="https://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="mirror://gentoo/${P}.tar.xz
https://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd"
IUSE=""
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox"
}
src_prepare() {
epatch "${FILESDIR}"/${P}-memory-corruption.patch #568714
epatch "${FILESDIR}"/${P}-disable-same.patch
epatch "${FILESDIR}"/${P}-fix-opendir.patch #553092
epatch_user
}
multilib_src_configure() {
filter-lfs-flags #90228
local myconf=()
host-is-pax && myconf+=( --disable-pch ) #301299 #425524 #572092
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
}
multilib_src_test() {
# Default sandbox build will run with --jobs set to # cpus.
emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)"
}
multilib_src_install_all() {
doenvd "${FILESDIR}"/09sandbox
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
cd "${S}"
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${ED}"/var/log/sandbox
chmod 0770 "${ED}"/var/log/sandbox
if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then
local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -print -delete
fi
fi
}
pkg_postinst() {
if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then
chmod 0755 "${EROOT}"/etc/sandbox.d #265376
fi
}

85
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-2.10-r4.ebuild vendored Normal file
View File

@ -0,0 +1,85 @@
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
#
# don't monkey with this ebuild unless contacting portage devs.
# period.
#
EAPI="5"
inherit eutils flag-o-matic multilib-minimal multiprocessing pax-utils
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="https://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="mirror://gentoo/${P}.tar.xz
https://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd"
IUSE=""
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox"
}
src_prepare() {
epatch "${FILESDIR}"/${P}-memory-corruption.patch #568714
epatch "${FILESDIR}"/${P}-disable-same.patch
epatch "${FILESDIR}"/${P}-fix-opendir.patch #553092
epatch "${FILESDIR}"/${PN}-2.11-symlinkat-renameat.patch #612202
epatch_user
}
multilib_src_configure() {
filter-lfs-flags #90228
local myconf=()
host-is-pax && myconf+=( --disable-pch ) #301299 #425524 #572092
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
}
multilib_src_test() {
# Default sandbox build will run with --jobs set to # cpus.
emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)"
}
multilib_src_install_all() {
doenvd "${FILESDIR}"/09sandbox
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
cd "${S}"
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${ED}"/var/log/sandbox
chmod 0770 "${ED}"/var/log/sandbox
if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then
local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -print -delete
fi
fi
}
pkg_postinst() {
if [[ ${REPLACING_VERSIONS} == 1.* ]] ; then
chmod 0755 "${EROOT}"/etc/sandbox.d #265376
fi
}

76
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-2.12.ebuild vendored Normal file
View File

@ -0,0 +1,76 @@
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="6"
inherit eutils flag-o-matic multilib-minimal multiprocessing pax-utils
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="https://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="https://dev.gentoo.org/~mgorny/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha amd64 ~arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd"
IUSE=""
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox"
}
multilib_src_configure() {
filter-lfs-flags #90228
local myconf=()
host-is-pax && myconf+=( --disable-pch ) #301299 #425524 #572092
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
}
multilib_src_test() {
# Default sandbox build will run with --jobs set to # cpus.
emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)"
}
multilib_src_install_all() {
doenvd "${FILESDIR}"/09sandbox
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${ED}"/var/log/sandbox
chmod 0770 "${ED}"/var/log/sandbox
local v
for v in ${REPLACING_VERSIONS}; do
if [[ ${v} == 1.* ]] ; then
local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -print -delete
fi
fi
done
}
pkg_postinst() {
local v
for v in ${REPLACING_VERSIONS}; do
if [[ ${v} == 1.* ]] ; then
chmod 0755 "${EROOT}"/etc/sandbox.d #265376
fi
done
}

76
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-2.13.ebuild vendored Normal file
View File

@ -0,0 +1,76 @@
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="6"
inherit eutils flag-o-matic multilib-minimal multiprocessing pax-utils
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="https://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="https://dev.gentoo.org/~mgorny/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
IUSE=""
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES='-sandbox -usersandbox' emerge sandbox"
}
multilib_src_configure() {
filter-lfs-flags #90228
local myconf=()
host-is-pax && myconf+=( --disable-pch ) #301299 #425524 #572092
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
}
multilib_src_test() {
# Default sandbox build will run with --jobs set to # cpus.
emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)"
}
multilib_src_install_all() {
doenvd "${FILESDIR}"/09sandbox
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${ED}"/var/log/sandbox
chmod 0770 "${ED}"/var/log/sandbox
local v
for v in ${REPLACING_VERSIONS}; do
if [[ ${v} == 1.* ]] ; then
local old=$(find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
find "${EROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -print -delete
fi
fi
done
}
pkg_postinst() {
local v
for v in ${REPLACING_VERSIONS}; do
if [[ ${v} == 1.* ]] ; then
chmod 0755 "${EROOT}"/etc/sandbox.d #265376
fi
done
}

103
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-2.3-r1.ebuild vendored
View File

@ -1,103 +0,0 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.3-r1.ebuild,v 1.11 2013/11/14 21:36:59 vapier Exp $
#
# don't monkey with this ebuild unless contacting portage devs.
# period.
#
inherit eutils flag-o-matic toolchain-funcs multilib unpacker
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="http://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="mirror://gentoo/${P}.tar.xz
http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd"
IUSE="multilib"
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
EMULTILIB_PKG="true"
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES=-sandbox emerge sandbox"
}
sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
src_compile() {
filter-lfs-flags #90228
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
mkdir "${WORKDIR}/build-${ABI}"
cd "${WORKDIR}/build-${ABI}"
use multilib && multilib_toolchain_setup ${ABI}
einfo "Configuring sandbox for ABI=${ABI}..."
ECONF_SOURCE="../${P}/" \
econf ${myconf} || die
einfo "Building sandbox for ABI=${ABI}..."
emake || die
done
ABI=${OABI}
}
src_test() {
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
cd "${WORKDIR}/build-${ABI}"
einfo "Checking sandbox for ABI=${ABI}..."
emake check || die "make check failed for ${ABI}"
done
ABI=${OABI}
}
src_install() {
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
cd "${WORKDIR}/build-${ABI}"
einfo "Installing sandbox for ABI=${ABI}..."
emake DESTDIR="${D}" install || die "make install failed for ${ABI}"
insinto /etc/sandbox.d #333131
doins etc/sandbox.d/00default || die
done
ABI=${OABI}
doenvd "${FILESDIR}"/09sandbox
# fix 00default install #333131
rm "${D}"/etc/sandbox.d/*.in || die
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
cd "${S}"
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${D}"/var/log/sandbox
chmod 0770 "${D}"/var/log/sandbox
local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
elog ${old//${ROOT}}
find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
fi
}
pkg_postinst() {
chmod 0755 "${ROOT}"/etc/sandbox.d #265376
}

100
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-2.4.ebuild vendored
View File

@ -1,100 +0,0 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.4.ebuild,v 1.12 2013/11/14 21:36:59 vapier Exp $
#
# don't monkey with this ebuild unless contacting portage devs.
# period.
#
inherit eutils flag-o-matic toolchain-funcs multilib unpacker
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="http://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="mirror://gentoo/${P}.tar.xz
http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd"
IUSE="multilib"
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
EMULTILIB_PKG="true"
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES=-sandbox emerge sandbox"
}
sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
src_compile() {
filter-lfs-flags #90228
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
mkdir "${WORKDIR}/build-${ABI}"
cd "${WORKDIR}/build-${ABI}"
use multilib && multilib_toolchain_setup ${ABI}
einfo "Configuring sandbox for ABI=${ABI}..."
ECONF_SOURCE="../${P}/" \
econf ${myconf} || die
einfo "Building sandbox for ABI=${ABI}..."
emake || die
done
ABI=${OABI}
}
src_test() {
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
cd "${WORKDIR}/build-${ABI}"
einfo "Checking sandbox for ABI=${ABI}..."
emake check || die "make check failed for ${ABI}"
done
ABI=${OABI}
}
src_install() {
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
cd "${WORKDIR}/build-${ABI}"
einfo "Installing sandbox for ABI=${ABI}..."
emake DESTDIR="${D}" install || die "make install failed for ${ABI}"
insinto /etc/sandbox.d #333131
doins etc/sandbox.d/00default || die
done
ABI=${OABI}
doenvd "${FILESDIR}"/09sandbox
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
cd "${S}"
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${D}"/var/log/sandbox
chmod 0770 "${D}"/var/log/sandbox
local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
elog ${old//${ROOT}}
find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
fi
}
pkg_postinst() {
chmod 0755 "${ROOT}"/etc/sandbox.d #265376
}

117
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-2.5.ebuild vendored
View File

@ -1,117 +0,0 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.5.ebuild,v 1.11 2013/11/14 21:36:59 vapier Exp $
#
# don't monkey with this ebuild unless contacting portage devs.
# period.
#
inherit eutils flag-o-matic toolchain-funcs multilib unpacker multiprocessing
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="http://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="mirror://gentoo/${P}.tar.xz
http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd"
IUSE="multilib"
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
EMULTILIB_PKG="true"
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES=-sandbox emerge sandbox"
}
sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
sb_foreach_abi() {
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
cd "${WORKDIR}/build-${ABI}"
einfo "Running $1 for ABI=${ABI}..."
"$@"
done
ABI=${OABI}
}
sb_configure() {
mkdir "${WORKDIR}/build-${ABI}"
cd "${WORKDIR}/build-${ABI}"
use multilib && multilib_toolchain_setup ${ABI}
einfo "Configuring sandbox for ABI=${ABI}..."
ECONF_SOURCE="../${P}/" \
econf ${myconf} || die
}
sb_compile() {
emake || die
}
src_compile() {
filter-lfs-flags #90228
# Run configures in parallel!
multijob_init
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
multijob_child_init sb_configure
done
ABI=${OABI}
multijob_finish
sb_foreach_abi sb_compile
}
sb_test() {
emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" || die
}
src_test() {
sb_foreach_abi sb_test
}
sb_install() {
emake DESTDIR="${D}" install || die
insinto /etc/sandbox.d #333131
doins etc/sandbox.d/00default || die
}
src_install() {
sb_foreach_abi sb_install
doenvd "${FILESDIR}"/09sandbox
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
cd "${S}"
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${D}"/var/log/sandbox
chmod 0770 "${D}"/var/log/sandbox
local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
elog ${old//${ROOT}}
find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
fi
}
pkg_postinst() {
chmod 0755 "${ROOT}"/etc/sandbox.d #265376
}

131
sdk_container/src/third_party/portage-stable/sys-apps/sandbox/sandbox-2.6-r1.ebuild vendored
View File

@ -1,131 +0,0 @@
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/sandbox/sandbox-2.6-r1.ebuild,v 1.17 2015/04/15 03:25:06 vapier Exp $
#
# don't monkey with this ebuild unless contacting portage devs.
# period.
#
inherit eutils flag-o-matic toolchain-funcs multilib unpacker multiprocessing
DESCRIPTION="sandbox'd LD_PRELOAD hack"
HOMEPAGE="http://www.gentoo.org/proj/en/portage/sandbox/"
SRC_URI="mirror://gentoo/${P}.tar.xz
http://dev.gentoo.org/~vapier/dist/${P}.tar.xz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd -x86-fbsd"
IUSE="multilib"
DEPEND="app-arch/xz-utils
>=app-misc/pax-utils-0.1.19" #265376
RDEPEND=""
EMULTILIB_PKG="true"
has sandbox_death_notice ${EBUILD_DEATH_HOOKS} || EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} sandbox_death_notice"
sandbox_death_notice() {
ewarn "If configure failed with a 'cannot run C compiled programs' error, try this:"
ewarn "FEATURES=-sandbox emerge sandbox"
}
sb_get_install_abis() { use multilib && get_install_abis || echo ${ABI:-default} ; }
sb_foreach_abi() {
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
cd "${WORKDIR}/build-${ABI}"
einfo "Running $1 for ABI=${ABI}..."
"$@"
done
ABI=${OABI}
}
src_unpack() {
unpacker
cd "${S}"
epatch "${FILESDIR}"/${P}-trace-hppa.patch #425062
epatch "${FILESDIR}"/${P}-log-var.patch
epatch "${FILESDIR}"/${P}-static-close-fd.patch #364877
epatch "${FILESDIR}"/${P}-desktop.patch #443672
epatch "${FILESDIR}"/${P}-open-nofollow.patch #413441
epatch "${FILESDIR}"/${P}-check-empty-paths-at.patch #346929
epatch "${FILESDIR}"/${P}-no-pch.patch #425524
epatch "${FILESDIR}"/${P}-gcc-5.patch
epatch_user
}
sb_configure() {
mkdir "${WORKDIR}/build-${ABI}"
cd "${WORKDIR}/build-${ABI}"
use multilib && multilib_toolchain_setup ${ABI}
einfo "Configuring sandbox for ABI=${ABI}..."
ECONF_SOURCE="../${P}/" \
econf ${myconf} || die
}
sb_compile() {
emake || die
}
src_compile() {
filter-lfs-flags #90228
# Run configures in parallel!
multijob_init
local OABI=${ABI}
for ABI in $(sb_get_install_abis) ; do
multijob_child_init sb_configure
done
ABI=${OABI}
multijob_finish
sb_foreach_abi sb_compile
}
sb_test() {
emake check TESTSUITEFLAGS="--jobs=$(makeopts_jobs)" || die
}
src_test() {
sb_foreach_abi sb_test
}
sb_install() {
emake DESTDIR="${D}" install || die
insinto /etc/sandbox.d #333131
doins etc/sandbox.d/00default || die
}
src_install() {
sb_foreach_abi sb_install
doenvd "${FILESDIR}"/09sandbox
keepdir /var/log/sandbox
fowners root:portage /var/log/sandbox
fperms 0770 /var/log/sandbox
cd "${S}"
dodoc AUTHORS ChangeLog* NEWS README
}
pkg_preinst() {
chown root:portage "${D}"/var/log/sandbox
chmod 0770 "${D}"/var/log/sandbox
local old=$(find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*')
if [[ -n ${old} ]] ; then
elog "Removing old sandbox libraries for you:"
elog ${old//${ROOT}}
find "${ROOT}"/lib* -maxdepth 1 -name 'libsandbox*' -exec rm -fv {} \;
fi
}
pkg_postinst() {
chmod 0755 "${ROOT}"/etc/sandbox.d #265376
}