From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id A0FFC1382C5 for ; Wed, 24 Jun 2020 09:28:04 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 8B98BE08CD; Wed, 24 Jun 2020 09:28:02 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 6289CE08CD for ; Wed, 24 Jun 2020 09:28:02 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id D5A3134F1A5 for ; Wed, 24 Jun 2020 09:28:00 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id EA136253 for ; Wed, 24 Jun 2020 09:27:56 +0000 (UTC) From: "Lars Wendler" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Lars Wendler" Message-ID: <1592990870.0e7234f3304d3a7471390c4699892d49d41028e2.polynomial-c@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/file/files/, sys-apps/file/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-apps/file/file-5.39-r1.ebuild sys-apps/file/files/file-5.39-portage_sandbox.patch X-VCS-Directories: sys-apps/file/files/ sys-apps/file/ X-VCS-Committer: polynomial-c X-VCS-Committer-Name: Lars Wendler X-VCS-Revision: 0e7234f3304d3a7471390c4699892d49d41028e2 X-VCS-Branch: master Date: Wed, 24 Jun 2020 09:27:56 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 95e4d637-37e7-470b-ad24-57790ed47314 X-Archives-Hash: 415d4e116cb1bbc5edc21f38276129fd commit: 0e7234f3304d3a7471390c4699892d49d41028e2 Author: Lars Wendler gentoo org> AuthorDate: Wed Jun 24 09:26:16 2020 +0000 Commit: Lars Wendler gentoo org> CommitDate: Wed Jun 24 09:27:50 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0e7234f3 sys-apps/file: Attempt to fix seccomp in portage's sandbox Thanks-to: tka kamph.org> Bug: https://bugs.gentoo.org/728978 Package-Manager: Portage-2.3.102, Repoman-2.3.23 Signed-off-by: Lars Wendler gentoo.org> sys-apps/file/file-5.39-r1.ebuild | 140 +++++++++++++++++++++ .../file/files/file-5.39-portage_sandbox.patch | 28 +++++ 2 files changed, 168 insertions(+) diff --git a/sys-apps/file/file-5.39-r1.ebuild b/sys-apps/file/file-5.39-r1.ebuild new file mode 100644 index 00000000000..8333fd922e2 --- /dev/null +++ b/sys-apps/file/file-5.39-r1.ebuild @@ -0,0 +1,140 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{6..9} ) +DISTUTILS_OPTIONAL=1 + +inherit autotools distutils-r1 libtool toolchain-funcs multilib-minimal + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="https://github.com/glensc/file.git" + inherit git-r3 +else + SRC_URI="ftp://ftp.astron.com/pub/file/${P}.tar.gz" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +fi + +DESCRIPTION="identify a file's format by scanning binary data for patterns" +HOMEPAGE="https://www.darwinsys.com/file/" + +LICENSE="BSD-2" +SLOT="0" +IUSE="bzip2 lzma python seccomp static-libs zlib" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +DEPEND=" + bzip2? ( app-arch/bzip2[${MULTILIB_USEDEP}] ) + lzma? ( app-arch/xz-utils[${MULTILIB_USEDEP}] ) + python? ( + ${PYTHON_DEPS} + dev-python/setuptools[${PYTHON_USEDEP}] + ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )" +RDEPEND="${DEPEND} + python? ( !dev-python/python-magic ) + seccomp? ( sys-libs/libseccomp[${MULTILIB_USEDEP}] )" + +PATCHES=( + "${FILESDIR}/${PN}-5.39-portage_sandbox.patch" #713710 #728978 +) + +src_prepare() { + default + eautoreconf + elibtoolize + + # don't let python README kill main README #60043 + mv python/README.md python/README.python.md || die + sed 's@README.md@README.python.md@' -i python/setup.py || die #662090 +} + +multilib_src_configure() { + local myeconfargs=( + --enable-fsect-man5 + $(use_enable bzip2 bzlib) + $(use_enable lzma xzlib) + $(use_enable seccomp libseccomp) + $(use_enable static-libs static) + $(use_enable zlib) + ) + econf "${myeconfargs[@]}" +} + +build_src_configure() { + local myeconfargs=( + --disable-shared + --disable-libseccomp + --disable-bzlib + --disable-xzlib + --disable-zlib + ) + tc-env_build econf "${myeconfargs[@]}" +} + +need_build_file() { + # when cross-compiling, we need to build up our own file + # because people often don't keep matching host/target + # file versions #362941 + tc-is-cross-compiler && ! has_version -b "~${CATEGORY}/${P}" +} + +src_configure() { + local ECONF_SOURCE=${S} + + if need_build_file; then + mkdir -p "${WORKDIR}"/build || die + cd "${WORKDIR}"/build || die + build_src_configure + fi + + multilib-minimal_src_configure +} + +multilib_src_compile() { + if multilib_is_native_abi ; then + emake + else + cd src || die + emake magic.h #586444 + emake libmagic.la + fi +} + +src_compile() { + if need_build_file; then + emake -C "${WORKDIR}"/build/src magic.h #586444 + emake -C "${WORKDIR}"/build/src file + local -x PATH="${WORKDIR}/build/src:${PATH}" + fi + multilib-minimal_src_compile + + if use python ; then + cd python || die + distutils-r1_src_compile + fi +} + +multilib_src_install() { + if multilib_is_native_abi ; then + default + else + emake -C src install-{nodist_includeHEADERS,libLTLIBRARIES} DESTDIR="${D}" + fi +} + +multilib_src_install_all() { + dodoc ChangeLog MAINT README + + # Required for `file -C` + dodir /usr/share/misc/magic + insinto /usr/share/misc/magic + doins -r magic/Magdir/* + + if use python ; then + cd python || die + distutils-r1_src_install + fi + find "${ED}" -type f -name "*.la" -delete || die +} diff --git a/sys-apps/file/files/file-5.39-portage_sandbox.patch b/sys-apps/file/files/file-5.39-portage_sandbox.patch new file mode 100644 index 00000000000..ff2caed413f --- /dev/null +++ b/sys-apps/file/files/file-5.39-portage_sandbox.patch @@ -0,0 +1,28 @@ +From 7e1d9d51329a0e0f3d9cd1dbc3f9509251950e81 Mon Sep 17 00:00:00 2001 +From: tka +Date: Wed, 24 Jun 2020 11:18:45 +0200 +Subject: [PATCH] Allow getcwd for Gentoo's portage sandbox + +Gentoo-bug: https://bugs.gentoo.org/728978 +Signed-off-by: Lars Wendler +--- + src/seccomp.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/seccomp.c b/src/seccomp.c +index 68c56485..af55918e 100644 +--- a/src/seccomp.c ++++ b/src/seccomp.c +@@ -227,6 +227,9 @@ enable_sandbox_full(void) + ALLOW_RULE(unlink); + ALLOW_RULE(write); + ++ // needed by Gentoo's portage sandbox ++ ALLOW_RULE(getcwd); ++ + + #if 0 + // needed by valgrind +-- +2.27.0 +