aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAvatar Ali Polatel <polatel@gmail.com> 2009-08-30 19:05:46 +0300
committerAvatar David Leverton <levertond@googlemail.com> 2009-08-30 17:12:16 +0100
commit15e65f0b3c8bf419ff86d44764c0959ff27d5ea7 (patch)
tree6280851589cb18919bb6c9f1989903d0d811799a
parent5232e1cfd59e4f9bb4fcdab0a6ac0a2a4995a47b (diff)
downloadpaludis-15e65f0b3c8bf419ff86d44764c0959ff27d5ea7.tar.gz
paludis-15e65f0b3c8bf419ff86d44764c0959ff27d5ea7.tar.xz
Allow the user disable network sandboxing via sydbox.conf
Don't call the magic commands sand{,un}box/net in ebuild.bash to make it possible for the user to disable network sandboxing by specifying sandbox.network = false in sydbox's configuration file. Signed-off-by: Ali Polatel <polatel@gmail.com>
-rwxr-xr-xpaludis/repositories/e/ebuild/ebuild.bash4
1 files changed, 1 insertions, 3 deletions
diff --git a/paludis/repositories/e/ebuild/ebuild.bash b/paludis/repositories/e/ebuild/ebuild.bash
index 93f552a..81e4bf3 100755
--- a/paludis/repositories/e/ebuild/ebuild.bash
+++ b/paludis/repositories/e/ebuild/ebuild.bash
@@ -581,9 +581,9 @@ ebuild_main()
export ${PALUDIS_EBUILD_PHASE_VAR}="${action}"
perform_hook ebuild_${action}_pre
# Restrict network access to local if running under sydbox
+ # We don't do sydboxcmd sand{un,}box/net here to allow the user set it in the configuration file.
if [[ $action != unpack ]] && [[ $action != fetch_extra ]] ; then
if sydboxcheck 2>/dev/null; then
- sydboxcmd sandbox/net || ebuild_notice "warning" "sydboxcmd sandbox/net returned failure"
sydboxcmd net/local || ebuild_notice "warning" "sydboxcmd net/local returned failure"
sydboxcmd net/restrict/connect || ebuild_notice "warning" "sydboxcmd net/restrict_connect return failure"
fi
@@ -591,7 +591,6 @@ ebuild_main()
if ! ${PALUDIS_F_FUNCTION_PREFIX:-ebuild_f}_${action} ; then
if [[ $action != unpack ]] && [[ $action != fetch_extra ]] ; then
if sydboxcheck 2>/dev/null; then
- sydboxcmd sandunbox/net || ebuild_notice "warning" "sydboxcmd sandunbox/net returned failure"
sydboxcmd net/allow || ebuild_notice "warning" "sydboxcmd net/allow returned failure"
sydboxcmd net/unrestrict/connect || ebuild_notice "warning" "sydboxcmd net/unrestrict/connect returned failure"
fi
@@ -601,7 +600,6 @@ ebuild_main()
fi
if [[ $action != unpack ]] && [[ $action != fetch_extra ]] ; then
if sydboxcheck 2>/dev/null; then
- sydboxcmd sandunbox/net || ebuild_notice "warning" "sydboxcmd sandunbox/net returned failure"
sydboxcmd net/allow || ebuild_notice "warning" "sydboxcmd net/allow returned failure"
sydboxcmd net/unrestrict/connect || ebuild_notice "warning" "sydboxcmd net/unrestrict/connect returned failure"
fi