blob: 35a5cda6801d9d2660fd9254214af623dcd5c5bd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
# Copyright 2009, 2010, 2011, 2012, 2013, 2021 Ali Polatel <alip@exherbo.org>
# Copyright 2015 Wouter van Kesteren <woutershep@gmail.com>
# Distributed under the terms of the GNU General Public License v2
export_exlib_phases src_test pkg_postinst
SUMMARY="Sydbox, the other sandbox"
DESCRIPTION="Sydbox is a ptrace based sandbox for Linux."
ever is_scm || DOWNLOADS="https://dev.exherbo.org/distfiles/${PN}/${PNV}.tar.bz2"
LICENCES="GPL-2"
SLOT="0"
MYOPTIONS=""
DEPENDENCIES=""
REMOTE_IDS="freecode:${PN}"
if ever at_least 2; then
HOMEPAGE="https://sydbox.exherbo.org"
MYOPTIONS+="debug"
DEPENDENCIES+="
build:
sys-kernel/linux-headers[>=5.6]
debug? ( dev-libs/libunwind )
test:
net-dns/bind-tools
"
elif ever at_least 1; then
HOMEPAGE="https://gitlab.exherbo.org/exherbo-misc/sydbox-1.git"
# sydbox 1(_pre): has seccomp
MYOPTIONS+="
debug
seccomp [[ description = [ Enable seccomp user filter support ] ]]"
DEPENDENCIES+="
build:
debug? ( dev-libs/libunwind )
seccomp? ( sys-kernel/linux-headers[>=3.5] )"
DEFAULT_SRC_CONFIGURE_OPTION_ENABLES=( debug seccomp )
if ever at_least 1.0.0; then
# sydbox 1: external pinktrace
DEPENDENCIES+="
build+run:
dev-libs/pinktrace[>=0.9.0]"
else
# sydbox 1_pre: internal pinktrace
MYOPTIONS+="
doc [[ description = [ Build API documentation of included pinktrace library ] ]]"
DEPENDENCIES+="
build:
doc? ( app-doc/doxygen )"
DEFAULT_SRC_CONFIGURE_PARAMS=( --enable-ipv6 )
DEFAULT_SRC_CONFIGURE_OPTION_ENABLES+=( "doc doxygen" )
fi
else
HOMEPAGE="https://gitlab.exherbo.org/exherbo-misc/sydbox.git"
# sydbox 0: no seccomp, glib, external pinktrace
DEPENDENCIES+="
build+run:
dev-libs/glib:2[>=2.18]
dev-libs/pinktrace[>=0.1.2]"
fi
if ever at_least 2; then
MYOPTIONS+="
static
"
DEFAULT_SRC_CONFIGURE_OPTION_ENABLES+=( static )
fi
sydbox_src_test() {
if ! esandbox check 2>/dev/null; then
default
else
elog "Not running tests because sydbox doesn't work under sydbox"
elog "set PALUDIS_DO_NOTHING_SANDBOXY=1 if you want to run the tests"
if ever at_least 1.0.2; then
elog "As of sydbox-1.0.2, tests are installed by default."
elog "You can use the helper utility sydtest to run the tests."
fi
fi
}
sydbox_pkg_postinst() {
if ever at_least 2; then
elog "SydBox-2 does not use ptrace() and uses seccomp notify."
elog "You may safely uninstall PinkTrace."
elog
elog "Paludis does not support SydBox API 2 yet!"
elog "See this Merge Request for current progress:"
elog "https://gitlab.exherbo.org/paludis/paludis/-/merge_requests/36"
elog
elog "You need a recent Linux kernel, 5.6 or newer is required."
elog "Use \`sydbox --test' to verify SydBox-2 is supported on your system."
elog "Use the helper utility \`syd-test' to verify SydBox-2 works on your system."
elog "Use a non-privileged (not root!) user when running tests!"
elog
elog "Report any bugs to alip@exherbo.org"
elog "You may also use https://todo.sr.ht/~alip/sydbox"
elog "Attaching poems encourages consideration tremendously."
fi
default
}
|
