From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 7E7D91382C5 for ; Sun, 11 Mar 2018 22:38:01 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 994B9E0805; Sun, 11 Mar 2018 22:37:59 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 78654E0805 for ; Sun, 11 Mar 2018 22:37:59 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 09E8D335C43 for ; Sun, 11 Mar 2018 22:37:58 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 5CB30240 for ; Sun, 11 Mar 2018 22:37:56 +0000 (UTC) From: "Mike Frysinger" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" Message-ID: <1520807788.1088728d5541b66d6e572a431ac15d1013f8fc7d.vapier@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/sed/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-apps/sed/metadata.xml sys-apps/sed/sed-4.4-r1.ebuild X-VCS-Directories: sys-apps/sed/ X-VCS-Committer: vapier X-VCS-Committer-Name: Mike Frysinger X-VCS-Revision: 1088728d5541b66d6e572a431ac15d1013f8fc7d X-VCS-Branch: master Date: Sun, 11 Mar 2018 22:37:56 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 1f7abd50-75be-40a0-a908-e419e3d97bd9 X-Archives-Hash: 5d7964ac267a59c1ba4918c3c6aaa1bc commit: 1088728d5541b66d6e572a431ac15d1013f8fc7d Author: Mike Frysinger gentoo org> AuthorDate: Sun Mar 11 22:30:04 2018 +0000 Commit: Mike Frysinger gentoo org> CommitDate: Sun Mar 11 22:36:28 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1088728d sys-apps/sed: use bootstrap logic with USE=forced-sandbox #650052 The build system runs sed scripts that use r (read) commands, so if the system version had sandbox enabled, we won't be able to rebuild sed. Use the existing bootstrap logic so people can enable/disable this flag on the fly w/out wedging their systems. Bug: https://bugs.gentoo.org/650052 sys-apps/sed/metadata.xml | 6 +++++- sys-apps/sed/sed-4.4-r1.ebuild | 4 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/sys-apps/sed/metadata.xml b/sys-apps/sed/metadata.xml index ea2a7bdbf75..504b6a5e464 100644 --- a/sys-apps/sed/metadata.xml +++ b/sys-apps/sed/metadata.xml @@ -9,6 +9,10 @@ sed - Always enable --sandbox mode for simpler/secure runtime (disables e/r/w commands) + + Always enable --sandbox mode for simpler/secure runtime (disables e/r/w commands). + Note: This may break many configure scripts, so it should be avoided on dev systems + (and generally used on binpkg/final systems only). + diff --git a/sys-apps/sed/sed-4.4-r1.ebuild b/sys-apps/sed/sed-4.4-r1.ebuild index 194b1b19369..39c3d130eac 100644 --- a/sys-apps/sed/sed-4.4-r1.ebuild +++ b/sys-apps/sed/sed-4.4-r1.ebuild @@ -21,8 +21,8 @@ DEPEND="${RDEPEND} nls? ( sys-devel/gettext )" src_bootstrap_sed() { - # make sure system-sed works #40786 - if ! type -p sed > /dev/null ; then + # make sure system-sed works #40786 #650052 + if ! type -p sed > /dev/null || has_version 'sys-apps/sed[forced-sandbox]' ; then mkdir -p "${T}/bootstrap" printf '#!/bin/sh\nexec busybox sed "$@"\n' > "${T}/bootstrap/sed" || die chmod a+rx "${T}/bootstrap/sed"