From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 4A35B1396D0 for ; Wed, 4 Oct 2017 17:44:41 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B70F1E0C09; Wed, 4 Oct 2017 17:44:40 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 855FFE0C09 for ; Wed, 4 Oct 2017 17:44:40 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 2207C34178A for ; Wed, 4 Oct 2017 17:44:39 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 66464746E for ; Wed, 4 Oct 2017 17:44:37 +0000 (UTC) From: "Michał Górny" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Michał Górny" Message-ID: <1507139046.6294e7f0ecb82eb0f47cd3a6ea2aefd5d02edd86.mgorny@gentoo> Subject: [gentoo-commits] proj/pms:eapi-7 commit in: / X-VCS-Repository: proj/pms X-VCS-Files: eapi-differences.tex pkg-mgr-commands.tex X-VCS-Directories: / X-VCS-Committer: mgorny X-VCS-Committer-Name: Michał Górny X-VCS-Revision: 6294e7f0ecb82eb0f47cd3a6ea2aefd5d02edd86 X-VCS-Branch: eapi-7 Date: Wed, 4 Oct 2017 17:44:37 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 6ab18ec5-7a54-41d6-aaf4-dd2b3bce11cd X-Archives-Hash: a39ba48c5c1763cbbea90e9773c9391d commit: 6294e7f0ecb82eb0f47cd3a6ea2aefd5d02edd86 Author: Michał Górny gentoo org> AuthorDate: Wed Oct 4 17:44:06 2017 +0000 Commit: Michał Górny gentoo org> CommitDate: Wed Oct 4 17:44:06 2017 +0000 URL: https://gitweb.gentoo.org/proj/pms.git/commit/?id=6294e7f0 EAPI 7 has sandbox directory removal functions. Bug: https://bugs.gentoo.org/630422 eapi-differences.tex | 4 ++++ pkg-mgr-commands.tex | 29 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/eapi-differences.tex b/eapi-differences.tex index 441de70..0055070 100644 --- a/eapi-differences.tex +++ b/eapi-differences.tex @@ -41,6 +41,9 @@ of this document for a complete table of previous EAPIs. \bottomrule \endlastfoot +\t{rm*} sandbox functions & \compactfeatureref{sandbox-rm} & + No & No & No & No & Yes \\ + \t{IUSE_RUNTIME} & \compactfeatureref{iuse-runtime} & No & No & No & No & Yes \\ @@ -475,6 +478,7 @@ EAPI 7 is EAPI 6 with the following changes: \item automatic enforcing of \t{REQUIRED_USE} is supported, \featureref{auto-req-use}. \item binding leftmost-of (\t{||=}) dependency group is supported, \featureref{binding-leftmost-of}. \item runtime-modifiable USE flags (\t{IUSE_RUNTIME}) are supported, \featureref{iuse-runtime}. +\item sandbox path removal flags (\t{rm*}) are supported, \featureref{sandbox-rm}. \end{compactitem} \ChangeWhenAddingAnEAPI{7} diff --git a/pkg-mgr-commands.tex b/pkg-mgr-commands.tex index eac9bc8..70f4d5b 100644 --- a/pkg-mgr-commands.tex +++ b/pkg-mgr-commands.tex @@ -88,6 +88,35 @@ argument. Ebuilds must not run any of these commands once the current phase func \item[adddeny] Add a directory to the deny list. \end{description} +\featurelabel{sandbox-rm} Additionally, in EAPIs listed in table~\ref{tab:sandbox-command-table} +as supporting the respective commands, the following commands are available: +\begin{description} +\item[rmread] Remove a directory from the permitted read list. +\item[rmwrite] Remove a directory from the permitted write list. +\item[rmpredict] Remove a directory from the predict list. +\item[rmdeny] Remove a directory from the deny list. +\end{description} + +All of those commands match paths exactly. Removing a directory that is not present on the list +is silently ignored. + +\ChangeWhenAddingAnEAPI{7} +\begin{centertable}{Additional sandbox commands by EAPI} + \label{tab:sandbox-command-table} + \begin{tabular}{lllll} + \toprule + \multicolumn{1}{c}{\textbf{EAPI}} & + \multicolumn{1}{c}{\textbf{\t{rmread}?}} & + \multicolumn{1}{c}{\textbf{\t{rmwrite}?}} & + \multicolumn{1}{c}{\textbf{\t{rmpredict}?}} & + \multicolumn{1}{c}{\textbf{\t{rmdeny}?}} \\ + \midrule + 0, 1, 2, 3, 4, 5, 6 & No & No & No & No \\ + 7 & Yes & Yes & Yes & Yes \\ + \bottomrule + \end{tabular} +\end{centertable} + \subsubsection{Package manager query commands} These commands are used to extract information about the system. Ebuilds must not run any of these commands in parallel with any other package manager command. Ebuilds must not run any of