aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAvatar Ciaran McCreesh <ciaran.mccreesh@googlemail.com> 2006-11-21 07:10:37 +0000
committerAvatar Ciaran McCreesh <ciaran.mccreesh@googlemail.com> 2006-11-21 07:10:37 +0000
commit63791dc326a121bdad255843a80816207b7b3803 (patch)
tree70b286cc16076eff5c84d7c2f97c239279276817
parentc957af8349597f2f38225b3e5b30b333c97a66c3 (diff)
downloadpaludis-63791dc326a121bdad255843a80816207b7b3803.tar.gz
paludis-63791dc326a121bdad255843a80816207b7b3803.tar.xz
If PALUDIS_DO_NOTHING_SANDBOXY is non-empty, don't do anything sandboxy
-rw-r--r--ebuild/builtin_fetch.bash4
-rw-r--r--ebuild/builtin_fetch_bin.bash4
-rw-r--r--ebuild/builtin_merge.bash8
-rw-r--r--ebuild/builtin_unmerge.bash8
-rwxr-xr-xebuild/ebuild.bash20
-rw-r--r--ebuild/pkg_nofetch.bash4
-rw-r--r--ebuild/pkg_postinst.bash4
-rw-r--r--ebuild/pkg_postrm.bash4
-rw-r--r--ebuild/pkg_preinst.bash4
-rw-r--r--ebuild/pkg_prerm.bash4
-rw-r--r--ebuild/pkg_setup.bash4
-rw-r--r--ebuild/src_test.bash4
-rw-r--r--paludis/util/system.cc8
13 files changed, 44 insertions, 36 deletions
diff --git a/ebuild/builtin_fetch.bash b/ebuild/builtin_fetch.bash
index 6013295..a43238c 100644
--- a/ebuild/builtin_fetch.bash
+++ b/ebuild/builtin_fetch.bash
@@ -116,7 +116,7 @@ builtin_fetch()
ebuild_f_fetch()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${DISTDIR}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${DISTDIR}"
if hasq "fetch" ${RESTRICT} ; then
ebuild_section "Skipping builtin_fetch (RESTRICT)"
elif hasq "fetch" ${SKIP_FUNCTIONS} ; then
@@ -126,7 +126,7 @@ ebuild_f_fetch()
builtin_fetch
ebuild_section "Done builtin_fetch"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
}
diff --git a/ebuild/builtin_fetch_bin.bash b/ebuild/builtin_fetch_bin.bash
index f8103f0..d0a6b5c 100644
--- a/ebuild/builtin_fetch_bin.bash
+++ b/ebuild/builtin_fetch_bin.bash
@@ -65,7 +65,7 @@ builtin_fetch_bin()
ebuild_f_fetch_bin()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${PKGDIR}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${PKGDIR}"
if hasq "fetch_bin" ${RESTRICT} ; then
ebuild_section "Skipping builtin_fetch_bin (RESTRICT)"
elif hasq "fetch_bin" ${SKIP_FUNCTIONS} ; then
@@ -75,7 +75,7 @@ ebuild_f_fetch_bin()
builtin_fetch_bin
ebuild_section "Done builtin_fetch_bin"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
}
diff --git a/ebuild/builtin_merge.bash b/ebuild/builtin_merge.bash
index ef3103f..0231499 100644
--- a/ebuild/builtin_merge.bash
+++ b/ebuild/builtin_merge.bash
@@ -108,9 +108,9 @@ builtin_merge()
ebuild_f_merge()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
local old_sandbox_on="${SANDBOX_ON}"
- [[ "$(canonicalise ${ROOT} )" != "/" ]] || SANDBOX_ON=0
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && [[ "$(canonicalise ${ROOT} )" != "/" ]] || SANDBOX_ON=0
if hasq "merge" ${RESTRICT} ; then
ebuild_section "Skipping builtin_merge (RESTRICT)"
@@ -122,7 +122,7 @@ ebuild_f_merge()
ebuild_section "Done builtin_merge"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
- SANDBOX_ON="${old_sandbox_on}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_ON="${old_sandbox_on}"
}
diff --git a/ebuild/builtin_unmerge.bash b/ebuild/builtin_unmerge.bash
index 6ef569b..3e550b4 100644
--- a/ebuild/builtin_unmerge.bash
+++ b/ebuild/builtin_unmerge.bash
@@ -87,9 +87,9 @@ builtin_unmerge()
ebuild_f_unmerge()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
local old_sandbox_on="${SANDBOX_ON}"
- [[ "$(canonicalise ${ROOT} )" != "/" ]] || SANDBOX_ON=0
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && [[ "$(canonicalise ${ROOT} )" != "/" ]] || SANDBOX_ON=0
if hasq "unmerge" ${RESTRICT} ; then
ebuild_section "Skipping builtin_unmerge (RESTRICT)"
@@ -101,8 +101,8 @@ ebuild_f_unmerge()
ebuild_section "Done builtin_unmerge"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
- SANDBOX_ON="${old_sandbox_on}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_ON="${old_sandbox_on}"
}
diff --git a/ebuild/ebuild.bash b/ebuild/ebuild.bash
index a4b629a..6d9e293 100755
--- a/ebuild/ebuild.bash
+++ b/ebuild/ebuild.bash
@@ -25,13 +25,15 @@ unalias -a
unset GZIP BZIP BZIP2 CDPATH GREP_OPTIONS GREP_COLOR GLOBIGNORE
eval unset LANG ${!LC_*}
-export SANDBOX_PREDICT="${SANDBOX_PREDICT+${SANDBOX_PREDICT}:}"
-export SANDBOX_PREDICT="${SANDBOX_PREDICT}/proc/self/maps:/dev/console:/dev/random"
-export SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}"
-export SANDBOX_WRITE="${SANDBOX_WRITE}/dev/shm:/dev/stdout:/dev/stderr:/dev/null:/dev/tty"
-export SANDBOX_WRITE="${SANDBOX_WRITE}:${PALUDIS_TMPDIR}:/var/cache"
-export SANDBOX_WRITE="${SANDBOX_WRITE}:/proc/self/attr:/proc/self/task:/selinux/context"
-export SANDBOX_ON="1"
+if [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] ; then
+ export SANDBOX_PREDICT="${SANDBOX_PREDICT+${SANDBOX_PREDICT}:}"
+ export SANDBOX_PREDICT="${SANDBOX_PREDICT}/proc/self/maps:/dev/console:/dev/random"
+ export SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}"
+ export SANDBOX_WRITE="${SANDBOX_WRITE}/dev/shm:/dev/stdout:/dev/stderr:/dev/null:/dev/tty"
+ export SANDBOX_WRITE="${SANDBOX_WRITE}:${PALUDIS_TMPDIR}:/var/cache"
+ export SANDBOX_WRITE="${SANDBOX_WRITE}:/proc/self/attr:/proc/self/task:/selinux/context"
+ export SANDBOX_ON="1"
+fi
export REAL_CHOST="${CHOST}"
shopt -s expand_aliases
@@ -210,7 +212,7 @@ perform_hook()
ebuild_notice "debug" "Starting hook '${HOOK}'"
local old_sandbox_on="${SANDBOX_ON}"
- export SANDBOX_ON="0"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && export SANDBOX_ON="0"
local hook_dir
for hook_dir in ${PALUDIS_HOOK_DIRS} ; do
@@ -227,7 +229,7 @@ perform_hook()
done
done
- export SANDBOX_ON="${old_sandbox_on}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && export SANDBOX_ON="${old_sandbox_on}"
}
ebuild_main()
diff --git a/ebuild/pkg_nofetch.bash b/ebuild/pkg_nofetch.bash
index d3b3757..1d9298b 100644
--- a/ebuild/pkg_nofetch.bash
+++ b/ebuild/pkg_nofetch.bash
@@ -39,7 +39,7 @@ pkg_nofetch()
ebuild_f_nofetch()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${DISTDIR}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${DISTDIR}"
if hasq "nofetch" ${SKIP_FUNCTIONS} ; then
ebuild_section "Skipping pkg_nofetch (SKIP_FUNCTIONS)"
else
@@ -58,5 +58,5 @@ ebuild_f_nofetch()
die "Manual fetching is required"
fi
fi
- SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
}
diff --git a/ebuild/pkg_postinst.bash b/ebuild/pkg_postinst.bash
index b3588d8..2cf1a7f 100644
--- a/ebuild/pkg_postinst.bash
+++ b/ebuild/pkg_postinst.bash
@@ -29,7 +29,7 @@ pkg_postinst()
ebuild_f_postinst()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
if hasq "postinst" ${RESTRICT} ; then
ebuild_section "Skipping pkg_postinst (RESTRICT)"
@@ -41,6 +41,6 @@ ebuild_f_postinst()
ebuild_section "Done pkg_postinst"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
}
diff --git a/ebuild/pkg_postrm.bash b/ebuild/pkg_postrm.bash
index f5809ca..d5bb285 100644
--- a/ebuild/pkg_postrm.bash
+++ b/ebuild/pkg_postrm.bash
@@ -29,7 +29,7 @@ pkg_postrm()
ebuild_f_postrm()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
if hasq "postrm" ${RESTRICT} ; then
ebuild_section "Skipping pkg_postrm (RESTRICT)"
@@ -41,7 +41,7 @@ ebuild_f_postrm()
ebuild_section "Done pkg_postrm"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
}
diff --git a/ebuild/pkg_preinst.bash b/ebuild/pkg_preinst.bash
index 7a9caf4..7b3a085 100644
--- a/ebuild/pkg_preinst.bash
+++ b/ebuild/pkg_preinst.bash
@@ -29,7 +29,7 @@ pkg_preinst()
ebuild_f_preinst()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
if hasq "preinst" ${RESTRICT} ; then
ebuild_section "Skipping pkg_preinst (RESTRICT)"
@@ -41,6 +41,6 @@ ebuild_f_preinst()
ebuild_section "Done pkg_preinst"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
}
diff --git a/ebuild/pkg_prerm.bash b/ebuild/pkg_prerm.bash
index bd4eda9..d94bab0 100644
--- a/ebuild/pkg_prerm.bash
+++ b/ebuild/pkg_prerm.bash
@@ -29,7 +29,7 @@ pkg_prerm()
ebuild_f_prerm()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
if hasq "prerm" ${RESTRICT} ; then
ebuild_section "Skipping pkg_prerm (RESTRICT)"
@@ -41,6 +41,6 @@ ebuild_f_prerm()
ebuild_section "Done pkg_prerm"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
}
diff --git a/ebuild/pkg_setup.bash b/ebuild/pkg_setup.bash
index 12183ed..d21eb5e 100644
--- a/ebuild/pkg_setup.bash
+++ b/ebuild/pkg_setup.bash
@@ -29,7 +29,7 @@ pkg_setup()
ebuild_f_setup()
{
local old_sandbox_write="${SANDBOX_WRITE}"
- SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${SANDBOX_WRITE+${SANDBOX_WRITE}:}${ROOT%/}/"
if hasq "setup" ${RESTRICT} ; then
ebuild_section "Skipping pkg_setup (RESTRICT)"
@@ -41,6 +41,6 @@ ebuild_f_setup()
ebuild_section "Done pkg_setup"
fi
- SANDBOX_WRITE="${old_sandbox_write}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_WRITE="${old_sandbox_write}"
}
diff --git a/ebuild/src_test.bash b/ebuild/src_test.bash
index abdc859..b041747 100644
--- a/ebuild/src_test.bash
+++ b/ebuild/src_test.bash
@@ -42,7 +42,7 @@ src_test()
ebuild_f_test()
{
local old_sandbox_predict="${SANDBOX_PREDICT}"
- SANDBOX_PREDICT="${SANDBOX_PREDICT+${SANDBOX_PREDICT}:}/"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_PREDICT="${SANDBOX_PREDICT+${SANDBOX_PREDICT}:}/"
if hasq "test" ${RESTRICT} ; then
ebuild_section "Skipping src_test (RESTRICT)"
@@ -54,6 +54,6 @@ ebuild_f_test()
ebuild_section "Done src_test"
fi
- SANDBOX_PREDICT="${old_sandbox_predict}"
+ [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]] && SANDBOX_PREDICT="${old_sandbox_predict}"
}
diff --git a/paludis/util/system.cc b/paludis/util/system.cc
index d88198b..10126b3 100644
--- a/paludis/util/system.cc
+++ b/paludis/util/system.cc
@@ -215,7 +215,13 @@ const std::string
paludis::make_sandbox_command(const std::string & cmd)
{
#if HAVE_SANDBOX
- if (! getenv_with_default("SANDBOX_ACTIVE", "").empty())
+ if (! getenv_with_default("PALUDIS_DO_NOTHING_SANDBOXY", "").empty())
+ {
+ Log::get_instance()->message(ll_warning, lc_no_context,
+ "PALUDIS_DO_NOTHING_SANDBOXY is set, not using sandbox");
+ return cmd;
+ }
+ else if (! getenv_with_default("SANDBOX_ACTIVE", "").empty())
{
Log::get_instance()->message(ll_warning, lc_no_context,
"Already inside sandbox, not spawning another sandbox instance");