From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id B2ACE1381F1 for ; Sat, 24 Feb 2018 12:59:07 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 045D9E0876; Sat, 24 Feb 2018 12:58:53 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C119BE0875 for ; Sat, 24 Feb 2018 12:58:52 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 9E3AB335C31 for ; Sat, 24 Feb 2018 12:58:51 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 814E2247 for ; Sat, 24 Feb 2018 12:58:47 +0000 (UTC) From: "Ulrich Müller" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Ulrich Müller" Message-ID: <1519476924.34a7b3903ba14f05b7702784d83e3ef7ae1dc5f1.ulm@gentoo> Subject: [gentoo-commits] proj/pms:eapi-7 commit in: / X-VCS-Repository: proj/pms X-VCS-Files: eapi-differences.tex pkg-mgr-commands.tex X-VCS-Directories: / X-VCS-Committer: ulm X-VCS-Committer-Name: Ulrich Müller X-VCS-Revision: 34a7b3903ba14f05b7702784d83e3ef7ae1dc5f1 X-VCS-Branch: eapi-7 Date: Sat, 24 Feb 2018 12:58:47 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 1d402054-e5e5-4ad8-84d2-a7ee57ddecb9 X-Archives-Hash: bf83c7e81f01ff9348d51832ad8d9b3b commit: 34a7b3903ba14f05b7702784d83e3ef7ae1dc5f1 Author: Michał Górny gentoo org> AuthorDate: Wed Oct 4 17:44:06 2017 +0000 Commit: Ulrich Müller gentoo org> CommitDate: Sat Feb 24 12:55:24 2018 +0000 URL: https://gitweb.gentoo.org/proj/pms.git/commit/?id=34a7b390 EAPI 7 has sandbox directory removal functions. Bug: https://bugs.gentoo.org/630422 eapi-differences.tex | 4 ++++ pkg-mgr-commands.tex | 29 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/eapi-differences.tex b/eapi-differences.tex index 7bddf41..96e0c0c 100644 --- a/eapi-differences.tex +++ b/eapi-differences.tex @@ -230,6 +230,9 @@ Most utilities die & \compactfeatureref{die-on-failure} & \t{libopts} & \compactfeatureref{banned-commands} & Yes & Yes & Yes & Yes & Banned \\ +Sandbox \t{rm*} commands & \compactfeatureref{sandbox-rm} & + No & No & No & No & Yes \\ + Query command options & \compactfeatureref{pm-query-options} & None & None & \t{-{}-host-root} & \t{-{}-host-root} & \t{-b}, \t{-d}, \t{-r} \\ @@ -457,6 +460,7 @@ EAPI 7 is EAPI 6 with the following changes: \item \t{nonfatal} is both a shell function and an external command, \featureref{nonfatal}. \item \t{dohtml} banned, \featureref{banned-commands}. \item \t{dolib} and \t{libopts} banned, \featureref{banned-commands}. +\item Sandbox path removal commands, \featureref{sandbox-rm}. \end{compactitem} \ChangeWhenAddingAnEAPI{7} diff --git a/pkg-mgr-commands.tex b/pkg-mgr-commands.tex index 7b01ab8..db871c3 100644 --- a/pkg-mgr-commands.tex +++ b/pkg-mgr-commands.tex @@ -87,6 +87,35 @@ argument. Ebuilds must not run any of these commands once the current phase func \item[adddeny] Add a directory to the deny list. \end{description} +\featurelabel{sandbox-rm} Additionally, in EAPIs listed in table~\ref{tab:sandbox-command-table} +as supporting the respective commands, the following commands are available: +\begin{description} +\item[rmread] Remove a directory from the permitted read list. +\item[rmwrite] Remove a directory from the permitted write list. +\item[rmpredict] Remove a directory from the predict list. +\item[rmdeny] Remove a directory from the deny list. +\end{description} + +All of these commands match paths exactly. Removing a directory that is not present on the list +is silently ignored. + +\ChangeWhenAddingAnEAPI{7} +\begin{centertable}{Additional sandbox commands in EAPIs} + \label{tab:sandbox-command-table} + \begin{tabular}{lllll} + \toprule + \multicolumn{1}{c}{\textbf{EAPI}} & + \multicolumn{1}{c}{\textbf{\t{rmread}?}} & + \multicolumn{1}{c}{\textbf{\t{rmwrite}?}} & + \multicolumn{1}{c}{\textbf{\t{rmpredict}?}} & + \multicolumn{1}{c}{\textbf{\t{rmdeny}?}} \\ + \midrule + 0, 1, 2, 3, 4, 5, 6 & No & No & No & No \\ + 7 & Yes & Yes & Yes & Yes \\ + \bottomrule + \end{tabular} +\end{centertable} + \subsection{Package manager query commands} These commands are used to extract information about the system. Ebuilds must not run any of these commands in parallel with any other package manager command. Ebuilds must not run any of