gentoo resync : 17.01.2010

author: V3n3RiX <venerix@redcorelinux.org> 2020-01-17 22:43:15 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2020-01-17 22:43:15 +0000
commit: 52f895faaaf01579a8d9528cafec20bf2c873f5c (patch)
tree: d552df2a24a2e21fd08b08caef93840452b9889c /sys-apps
parent: 0704956f7256f1f618cc5e03af2c1dbd0e83dbc5 (diff)
17 files changed, 74 insertions, 412 deletions
diff --git a/sys-apps/Manifest.gz b/sys-apps/Manifest.gz
index 5a094f3cea85..998ae2ffb7c1 100644
--- a/sys-apps/Manifest.gz
+++ b/sys-apps/Manifest.gz
diff --git a/sys-apps/gawk/Manifest b/sys-apps/gawk/Manifest
index 6e36962fff6d..351c2bdd7afc 100644
--- a/sys-apps/gawk/Manifest
+++ b/sys-apps/gawk/Manifest
@@ -1,7 +1,7 @@
 DIST gawk-4.2.1.tar.xz 2985412 BLAKE2B ea0635904ae8af8943d545b21affbfad64de5a688a615e22e1af2634583d0002094c0668c3260837184f965452ccf84141fff705bbf42d55b6d55c7516c24d8b SHA512 0e3006a795dc3ac91359a7d2590c0cccbfd39b18a1d491617d68505c55a2800355b1439050681b4fcacf65fb0d533151a046babe0fd774503037bab363ef2ae4
 DIST gawk-5.0.0.tar.xz 3000432 BLAKE2B d7885442c615e2b7986d6cb617db3ac376a5e572ab2aca3c6b2bd0f43feca4374f310bbf2e2a875b617df97cfebf98cb983d169468d51db39058b83eb9771afa SHA512 9eb663bbcad53165b7ddb7d72cfb8377252b68004733a9eb8c191b2ddddaff857e48ba811280311384243eb67574fbe7ac9edf4e507f9a82d67b4b2adff8ef6e
 DIST gawk-5.0.1.tar.xz 3136004 BLAKE2B 1dd8a9bca2488f2d3c946406b01fcbdce0487922ece49fe2121c39d6d10bcfcb6a056edbbf88ba6c22772ef88a250fc8ffcba33ead399c0d7c8f5d19d0e896d3 SHA512 ff9842a91035f843482d93eac8a35cddf2ce16acaa43a0112c1efff08802aebf705ee70d47eff74a190dca7be330c31f7204ad27cb63bdee65333f9b9c984212
-EBUILD gawk-4.2.1-r1.ebuild 2532 BLAKE2B b6c831c2ae3b278eb4515a953d3a7c2f2bda0ab2dbb8a7c55064a816ebb26db222906a29a10ed3a7aa67467bbdcb7885d9e78f7f674526e6e5283cf9028a67f8 SHA512 b43b2d5b899ac3465d455e7f594829d188b279c72f78460e134e4fa8689fc623dbdb774de40d28b07aad9307af0109ce4f4077e3dc60a67edbb1fdf879b5fe42
-EBUILD gawk-5.0.0.ebuild 2545 BLAKE2B 0d97f6770dc1b90259d96f44c4367a34feeae2bec1978a6c3d3de0bd102d445846030de7b05a3d1f739bbd9fbc5cb3558800ba5ff58c23fd9d44df07d293a828 SHA512 c3d71f94f551d3c73e70fa88606ea71a7c57dbf732672e802c33d91f33b3b71dbaed6dc949fb2cd8998d7fec6df20a2c2eaf13e1058299199fee83c53ab8c975
-EBUILD gawk-5.0.1.ebuild 2603 BLAKE2B 56dba7d85408309daade26628430906686fd050fabc37fa093720eed811a2f19e21c744a03aaa8b83f8bea89d1c42629e9af40cdba33220a620f0b63c8717d21 SHA512 b933dee03aeb9a080155dc762fd289c5d81ef0ea8efec91536978acb8d3b75c1fab4e1e2ff13f1a0dd5717412e9591d8507eb8512ca58bf0437a55207ece70d6
-MISC metadata.xml 465 BLAKE2B 4ae9d07b535014b76695db5d04b7a8b984c045dd78e90c8e7b0b3215a3021e5b190bfd89ca3f0dd5d9d8f1b55340ac57e40e02509e0d65288032458a0a247096 SHA512 517baceec7b9ea9311d1a946df59da35e6a5619344426ecdca6ff56e0da876ae1e6f793417e5d563da0f4528c535026deedf451eb6da8c7140db69709342a3cc
+EBUILD gawk-4.2.1-r1.ebuild 2164 BLAKE2B b41a354c456b3a327e87e274c14042a7ad0204508fcd2d0319a852e587674dc1f1900443a774044dbbfc4e42bda8a44ed90ad5f3aad8c036529ec1d17634a097 SHA512 dda88e30ca1d3c41b9440a08080b9abf32b0b322a96ce8b615280b9da42a5a5dbef125fab5e84990e05fe8d72bd64599aba248b7c5e523d9e647960ce6db8728
+EBUILD gawk-5.0.0.ebuild 2177 BLAKE2B ba3033bf44fe5f2fdd506eb633ea5dd4d8541ea6303095e847ea003bbdf7712f25c740fab5829f4833dd2be5ab3a6dbcd56b491c793b7de3f3c14d81b4a1e329 SHA512 d542138bffa5826d736a1e0421485d9d795aad49aed29e1990f8b72d527b75fbc2a7da07ccd22579b93079097b935068be15bb4b02c82fbe84077cf0b6bb3b02
+EBUILD gawk-5.0.1.ebuild 2235 BLAKE2B df3b4d97a21028080d3be390c071e3955ffbc66e2ebda2df2a96b99def1a6dbd12b024cb8ece247786e005185716ebff4f93ffa71866e4173dd0271b23b938cc SHA512 c37f3e0f9205e7dfe3bfd70e5dea043eaa3644e4c447a1c5d6e15863fef178ed8a177c9c7efed392fdc2a129cf0888ef3cbd7fadce6d0c3b0a269e22c01d3abb
+MISC metadata.xml 347 BLAKE2B 3b0515d5ca37d12fbced19fc573e31fee27137e618aea3db03395a6bdecd8ad89d0d231fd3bb566ee993704a57b090a32697016885456e386b2c33ec37761b64 SHA512 1150e37d64393f26ef81056ff25e9720a4bc82dd28c9cffd164d144bb6d2f660f802a31d5ebf4fd121a01b36a4a5073893ebec6b735d3eb570da36705d5f446e
diff --git a/sys-apps/gawk/gawk-4.2.1-r1.ebuild b/sys-apps/gawk/gawk-4.2.1-r1.ebuild
index 146e9b23cf45..a458de478a44 100644
--- a/sys-apps/gawk/gawk-4.2.1-r1.ebuild
+++ b/sys-apps/gawk/gawk-4.2.1-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI="6"
@@ -12,7 +12,7 @@ SRC_URI="mirror://gnu/gawk/${P}.tar.xz"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 ~riscv s390 sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="forced-sandbox mpfr nls readline"
+IUSE="mpfr nls readline"
 
 RDEPEND="
 	dev-libs/gmp:0=
@@ -38,16 +38,6 @@ src_prepare() {
 			-e '/\<_XOPEN_SOURCE_EXTENDED\>/s/1//' \
 			extension/inplace.c || die
 	fi
-
-	if use forced-sandbox ; then
-		# Upstream doesn't want to add a configure flag for this.
-		# https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
-		sed -i \
-			-e '/^int do_flags = false;/s:false:DO_SANDBOX:' \
-			main.c || die
-		# Make sure the sed took.
-		grep -q '^int do_flags = DO_SANDBOX;' main.c || die "forcing sandbox failed"
-	fi
 }
 
 src_configure() {
diff --git a/sys-apps/gawk/gawk-5.0.0.ebuild b/sys-apps/gawk/gawk-5.0.0.ebuild
index 36ac1b77e8d9..403c0d5ab7e9 100644
--- a/sys-apps/gawk/gawk-5.0.0.ebuild
+++ b/sys-apps/gawk/gawk-5.0.0.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI="6"
@@ -12,7 +12,7 @@ SRC_URI="mirror://gnu/gawk/${P}.tar.xz"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="forced-sandbox mpfr nls readline"
+IUSE="mpfr nls readline"
 
 RDEPEND="
 	dev-libs/gmp:0=
@@ -38,16 +38,6 @@ src_prepare() {
 			-e '/\<_XOPEN_SOURCE_EXTENDED\>/s/1//' \
 			extension/inplace.c || die
 	fi
-
-	if use forced-sandbox ; then
-		# Upstream doesn't want to add a configure flag for this.
-		# https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
-		sed -i \
-			-e '/^int do_flags = false;/s:false:DO_SANDBOX:' \
-			main.c || die
-		# Make sure the sed took.
-		grep -q '^int do_flags = DO_SANDBOX;' main.c || die "forcing sandbox failed"
-	fi
 }
 
 src_configure() {
diff --git a/sys-apps/gawk/gawk-5.0.1.ebuild b/sys-apps/gawk/gawk-5.0.1.ebuild
index d5b5bb4e27ce..d07f70d6d8ec 100644
--- a/sys-apps/gawk/gawk-5.0.1.ebuild
+++ b/sys-apps/gawk/gawk-5.0.1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -12,7 +12,7 @@ SRC_URI="mirror://gnu/gawk/${P}.tar.xz"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="forced-sandbox mpfr nls readline"
+IUSE="mpfr nls readline"
 
 RDEPEND="
 	dev-libs/gmp:0=
@@ -40,16 +40,6 @@ src_prepare() {
 			-e '/\<_XOPEN_SOURCE_EXTENDED\>/s/1//' \
 			extension/inplace.c || die
 	fi
-
-	if use forced-sandbox ; then
-		# Upstream doesn't want to add a configure flag for this.
-		# https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
-		sed -i \
-			-e '/^int do_flags = false;/s:false:DO_SANDBOX:' \
-			main.c || die
-		# Make sure the sed took.
-		grep -q '^int do_flags = DO_SANDBOX;' main.c || die "forcing sandbox failed"
-	fi
 }
 
 src_configure() {
diff --git a/sys-apps/gawk/metadata.xml b/sys-apps/gawk/metadata.xml
index 58cec04bdcb0..3fa1f9889991 100644
--- a/sys-apps/gawk/metadata.xml
+++ b/sys-apps/gawk/metadata.xml
@@ -6,7 +6,6 @@
 	<name>Gentoo Base System</name>
 </maintainer>
 <use>
-	<flag name="forced-sandbox">Always enable --sandbox mode for simpler/secure runtime (disables e/r/w commands)</flag>
 	<flag name="mpfr">use mpfr for high precision arithmetic (-M / --bignum)</flag>
 </use>
 </pkgmetadata>
diff --git a/sys-apps/mawk/Manifest b/sys-apps/mawk/Manifest
index 6e48168c2f2d..17781aafa935 100644
--- a/sys-apps/mawk/Manifest
+++ b/sys-apps/mawk/Manifest
@@ -1,9 +1,7 @@
-AUX mawk-1.3.4-sandbox-default.patch 2720 BLAKE2B 3f0a25b06f1045659b9dc7decbbd54c9355f94a6879cad0f121e825cb705652b14b7a4c4655f2fe89c2f921aea511f8b8755cd398d28ce9a47ffa6bfef158953 SHA512 bdceb22a51464de5786d469ffcc6fc7157a0aca3e3dc89553418a401de3735b95439691ccf5553d0746b3e793824821db85a2dfe14633db1ad5f1256fa3e65ab
-AUX mawk-1.3.4-sandbox.patch 3805 BLAKE2B a7d55816bea03fb949387c8a1acf310b6dbae60014601bc514f44cbf3a8632c275bf6b786b016e93450ecf60d61052b14b029e56d559656dc87fed72a66239af SHA512 03149ba3d3e0cd5fa6d50573cc50260346e91d82bfd510d8a069a3e076df49d2b85edd2b42632a34e21f9d82c384212272e99b1cf305b4c1a78e252b75da4eb3
 DIST mawk-1.3.4-20161120.tgz 461464 BLAKE2B 7481345b391198cc9ec47f6ad84f0f07e31c931a40d59bde401d00ea7bc74b728c8149f80187e5d73923496e2eef1ec70bc097aedf0b68630f73264d45d96ebd SHA512 c5edcbff4ab1e40eb9b178a045fcd426a5f3c93a3ab5bc1ca1fa85a0977b8c9060967fcbda4e4a6e9e68628f50a2814e22939676008dced529377d2cf9bda5b2
-DIST mawk-1.3.4-20171017.tgz 460819 BLAKE2B 91cb4cd039ea7773b788db87389f8ec34914afc8b299fecfdd579fe89fc4e6d731bfdc9c06a2c6c3d75ab9e1022bf5dbe1c662962d6ccd8a8f6fe4f8589927ca SHA512 4ed6ca0ecca12e7409d3d364b72dc6a2b411c61bf53fe8aa0b0cac65a3bdb941921c0b81d94f34c8ac9f4922c8c7566d347b5e6b5c74518ae3a88904f9e20f27
 DIST mawk-1.3.4-20190203.tgz 466481 BLAKE2B f647c52872ff510f02ab44f13f6c51497abdecf3d6ab40faa2e419f726a15ebdb531607465bcaf2f53d032284251f9fd25e73734a72fc31c014a0a9f200613ed SHA512 64d5b1838d34d30e32966f46cb7457c865caccfe9fe1049d2645ba301b1ddb4efc18588115dbcf96234a2a0b791211a7f82264a3c81899459dc3029e65837646
+DIST mawk-1.3.4-20200106.tgz 468031 BLAKE2B b125eecf780f0658d3a1c06875fdac221ffe5999e38646d71b15159c50271a7bbfb594fb6347442239c3eab6703f9c782739bd2a5a055e1ff8cd44a0e8a6545d SHA512 f6f65f3b73965f520a6f9bb7e2b6ad2a3c532c0768461744e6cfb2e72e2c718dacd1c5eea995dfa267facfc4e0ee71d337809cd45d5c75cfbc65294b45280ff9
 EBUILD mawk-1.3.4_p20161120.ebuild 863 BLAKE2B 2c9b4e89575906b66e5abe75e9325700025f98fe399c84d318aa7c4ac1b170a8b95e83e90eb27253ed9c3c824bde01aa1ba5b029066c25743d7a66e04aa36c48 SHA512 b58813aaa987f2469d83ebaeffd4a58156d3971a01cc427715b2c1d96bdd163a7beb5eba80f9454c58a0d5c470db390c030b0b0d0aeed3bb9c952f541e69ed17
-EBUILD mawk-1.3.4_p20171017-r1.ebuild 1027 BLAKE2B f4d0252ad3a10d2555b7a702f245ed7febcc2b175d1f0fff0b4620d8525915fbe705af519964d812b72ed7e24a889983b2bd1e328205d9c8f721e8ffb90ba1ab SHA512 60c19694ad829c574d943d4c465abd4c2e8bb35dd64ca22b96ea1e762dba594520176d3e95a71c65c43864280aff4e1ff2b6c24a5526a74cd390ac8281ba8d72
-EBUILD mawk-1.3.4_p20190203.ebuild 1028 BLAKE2B 4d30609ee1f43658a0e5acd65f1bd9afd1b94db33f1cab301ecb9b9dfbb79f559b13552e9cfbe2887f30ce3554091a41cff1fbfc93cf0fc689b0e5e1e7d7a28a SHA512 4e3eb9222369dc1d34a9a582734443ebd2c16e07797fe25a8ead5a99c1d470c9d76c2d1889603559e85ef158e14096258fd60802e29cb132a9b764d78b6f88b8
-MISC metadata.xml 359 BLAKE2B 988733eff41a4556cdb4f8d66adbe2864f33f4245ab1ba3a1456cb3b189fd12138cec7666d2fc125d275865a028274aaf5a41396430721ac96b913dc2f667f94 SHA512 bb64e60075207240fabd037108c2885b934d0dc0a72bdcce4c8c138555b1ebb4de811745235ee11fde75559ddf55f9488b71f53aab7e92df61099cba5ec28d2f
+EBUILD mawk-1.3.4_p20190203-r1.ebuild 874 BLAKE2B dbe9ab4f5bbadf78e1b86c1f1161dd96d795d7e744b3caff1149ebbc85c2f45842fedb01df0649d9676c9488d998adb1daacbeec81a5ac609ec29f6efbb78ed3 SHA512 c0239d36b1b88c8094cf75167dfc65db56b7329a44297cea02fe579a3f07ed804dcae77517875467fe5ffc571cd347dec26b98560981d505548c68582b64101e
+EBUILD mawk-1.3.4_p20200106-r1.ebuild 882 BLAKE2B f76f8c13ce3ea63d330455091223707a24b12ee87b634c00da4c808de7b602d82b051ae0f28464b2cc6ec8be245c0e38ca39b58292fbdb9141fdbabec8b32924 SHA512 2f024e689e5198c622bfe666669285fcf9a0b68d4bb8355aedb2dc71956a963df5983211fd42cf482fe157252539550ed5765f0c17631e746c9de30621fed6fe
+MISC metadata.xml 253 BLAKE2B 295e9d6d93aaa12af413972e1590c67087801cc09c9aa6b59d4606c0f4106d1dacf2baa9858559083b4c6d91beeef218d0729e8593a33788958da6d2897e8ce2 SHA512 54a9069aeb4165d2dff3d473c8001bc51613aac9dff3f7f5e9971a9891a737a31511ffa11cbd523febe581ac1d9de2bdf2f40410f0c4239138f2ccca3ef15555
diff --git a/sys-apps/mawk/files/mawk-1.3.4-sandbox-default.patch b/sys-apps/mawk/files/mawk-1.3.4-sandbox-default.patch
deleted file mode 100644
index c3b0fc1c892d..000000000000
--- a/sys-apps/mawk/files/mawk-1.3.4-sandbox-default.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-https://github.com/ThomasDickey/original-mawk/issues/49
-
-Note: We hand modify the configure file here because the version of autotools
-used by upstream is very old/finicky, and it's a simple enough change.
-
-From 1ac333b97615c451d7a4743b4724edd46d37a8b2 Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@chromium.org>
-Date: Tue, 7 Nov 2017 01:07:47 -0500
-Subject: [PATCH 2/2] add a configure flag to lock sandbox by default
-
-This lets us deploy systems with the sandbox always enabled.
----
- configure    | 23 +++++++++++++++++++++++
- configure.in | 11 +++++++++++
- init.c       |  4 ++++
- 3 files changed, 38 insertions(+)
-
-diff --git a/configure.in b/configure.in
-index 8b795fbd264b..770092005386 100644
---- a/configure.in
-+++ b/configure.in
-@@ -112,6 +112,17 @@ fi
- AC_MSG_RESULT($with_init_srand)
- 
- ###############################################################################
-+AC_MSG_CHECKING(if you want mawk to always run in sandbox mode)
-+CF_ARG_ENABLE([forced-sandbox],
-+[  --enable-forced-sandbox always run in sandbox mode],
-+	[with_forced_sandbox=yes],
-+	[with_forced_sandbox=no])
-+if test "x${with_forced_sandbox}" != xno; then
-+	CPPFLAGS="$CPPFLAGS -DFORCED_SANDBOX"
-+fi
-+AC_MSG_RESULT($with_forced_sandbox)
-+
-+###############################################################################
- 
- AC_PROG_YACC
- CF_PROG_LINT
-diff --git a/init.c b/init.c
-index f7babb337e04..e035d6ea2fc0 100644
---- a/init.c
-+++ b/init.c
-@@ -492,6 +492,10 @@ process_cmdline(int argc, char **argv)
- 
-   no_more_opts:
- 
-+#ifdef FORCED_SANDBOX
-+    sandbox_flag = 1;
-+#endif
-+
-     tail->link = (PFILE *) 0;
-     pfile_list = dummy.link;
- 
-diff --git a/configure b/configure
-index a3bf42fe9245..442875b8e58a 100755
---- a/configure
-+++ b/configure
-@@ -4132,6 +4132,29 @@ echo "$as_me:4131: result: $with_init_srand" >&5
- echo "${ECHO_T}$with_init_srand" >&6
- 
- ###############################################################################
-+echo "$as_me:4109: checking if you want mawk to always run in sandbox mode" >&5
-+echo $ECHO_N "checking if you want mawk to always run in sandbox mode... $ECHO_C" >&6
-+
-+if test "${enable_forced_sandbox+set}" = set; then
-+  enableval="$enable_forced_sandbox"
-+  test "$enableval" != yes && enableval=no
-+	if test "$enableval" != "no" ; then
-+    with_forced_sandbox=yes
-+	else
-+		with_forced_sandbox=no
-+	fi
-+else
-+  enableval=no
-+	with_forced_sandbox=no
-+
-+fi;
-+if test "x${with_forced_sandbox}" != xno; then
-+	CPPFLAGS="$CPPFLAGS -DFORCED_SANDBOX"
-+fi
-+echo "$as_me:4131: result: $with_forced_sandbox" >&5
-+echo "${ECHO_T}$with_forced_sandbox" >&6
-+
-+###############################################################################
- 
- for ac_prog in 'bison -y' byacc
- do
--- 
-2.13.5
-
diff --git a/sys-apps/mawk/files/mawk-1.3.4-sandbox.patch b/sys-apps/mawk/files/mawk-1.3.4-sandbox.patch
deleted file mode 100644
index ae2ccbd50ec1..000000000000
--- a/sys-apps/mawk/files/mawk-1.3.4-sandbox.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-https://github.com/ThomasDickey/original-mawk/issues/49
-
-From ae3a324a5af1350aa1a6f648e10b9d6656d9fde4 Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@chromium.org>
-Date: Tue, 7 Nov 2017 00:41:36 -0500
-Subject: [PATCH 1/2] add a -W sandbox mode
-
-This is like gawk's sandbox mode where arbitrary code execution and
-file redirection are locked down.  This way awk can be a more secure
-input/output mode.
----
- bi_funct.c | 3 +++
- init.c     | 8 ++++++++
- man/mawk.1 | 4 ++++
- mawk.h     | 2 +-
- scan.c     | 6 ++++++
- 5 files changed, 22 insertions(+), 1 deletion(-)
-
-diff --git a/bi_funct.c b/bi_funct.c
-index 7742308c72a5..b524ac8dac8b 100644
---- a/bi_funct.c
-+++ b/bi_funct.c
-@@ -908,6 +908,9 @@ bi_system(CELL *sp GCC_UNUSED)
- #ifdef HAVE_REAL_PIPES
-     int ret_val;
- 
-+    if (sandbox_flag)
-+	rt_error("'system' function not allowed in sandbox mode");
-+
-     TRACE_FUNC("bi_system", sp);
- 
-     if (sp->type < C_STRING)
-diff --git a/init.c b/init.c
-index 0ab17b003f20..f7babb337e04 100644
---- a/init.c
-+++ b/init.c
-@@ -40,6 +40,7 @@ typedef enum {
-     W_RANDOM,
-     W_SPRINTF,
-     W_POSIX_SPACE,
-+    W_SANDBOX,
-     W_USAGE
- } W_OPTIONS;
- 
-@@ -96,6 +97,7 @@ initialize(int argc, char **argv)
- 
- int dump_code_flag;		/* if on dump internal code */
- short posix_space_flag;
-+short sandbox_flag;
- 
- #ifdef	 DEBUG
- int dump_RE = 1;		/* if on dump compiled REs  */
-@@ -153,6 +155,7 @@ usage(void)
- 	"    -W random=number set initial random seed.",
- 	"    -W sprintf=number adjust size of sprintf buffer.",
- 	"    -W posix_space   do not consider \"\\n\" a space.",
-+	"    -W sandbox       disable system() and I/O redirection.",
- 	"    -W usage         show this message and exit.",
-     };
-     size_t n;
-@@ -255,6 +258,7 @@ parse_w_opt(char *source, char **next)
- 	    DATA(RANDOM),
- 	    DATA(SPRINTF),
- 	    DATA(POSIX_SPACE),
-+	    DATA(SANDBOX),
- 	    DATA(USAGE)
-     };
- #undef DATA
-@@ -389,6 +393,10 @@ process_cmdline(int argc, char **argv)
- 		    posix_space_flag = 1;
- 		    break;
- 
-+		case W_SANDBOX:
-+		    sandbox_flag = 1;
-+		    break;
-+
- 		case W_RANDOM:
- 		    if (haveValue(optNext)) {
- 			int x = atoi(optNext + 1);
-diff --git a/man/mawk.1 b/man/mawk.1
-index a3c794167dc9..0915d9d7ed5d 100644
---- a/man/mawk.1
-+++ b/man/mawk.1
-@@ -150,6 +150,10 @@ forces
- \fB\*n\fP
- not to consider '\en' to be space.
- .TP
-+\-\fBW \fRsandbox
-+runs in a restricted mode where system(), input redirection (e.g. getline),
-+output redirection (e.g. print and printf), and pipelines are disabled.
-+.TP
- \-\fBW \fRrandom=\fInum\fR
- calls \fBsrand\fP with the given parameter
- (and overrides the auto-seeding behavior).
-diff --git a/mawk.h b/mawk.h
-index 2d04be1adb34..a6ccc0071ecc 100644
---- a/mawk.h
-+++ b/mawk.h
-@@ -63,7 +63,7 @@ extern int dump_RE;
- #define USE_BINMODE 0
- #endif
- 
--extern short posix_space_flag, interactive_flag;
-+extern short posix_space_flag, interactive_flag, sandbox_flag;
- 
- /*----------------
-  *  GLOBAL VARIABLES
-diff --git a/scan.c b/scan.c
-index 3a8fc9181ab8..c1833b8b7315 100644
---- a/scan.c
-+++ b/scan.c
-@@ -455,6 +455,8 @@ yylex(void)
- 	    un_next();
- 
- 	if (getline_flag) {
-+	    if (sandbox_flag)
-+		rt_error("redirection not allowed in sandbox mode");
- 	    getline_flag = 0;
- 	    ct_ret(IO_IN);
- 	} else
-@@ -462,6 +464,8 @@ yylex(void)
- 
-     case SC_GT:		/* '>' */
- 	if (print_flag && paren_cnt == 0) {
-+	    if (sandbox_flag)
-+		rt_error("redirection not allowed in sandbox mode");
- 	    print_flag = 0;
- 	    /* there are 3 types of IO_OUT
- 	       -- build the error string in string_buff */
-@@ -488,6 +492,8 @@ yylex(void)
- 	    un_next();
- 
- 	    if (print_flag && paren_cnt == 0) {
-+		if (sandbox_flag)
-+		    rt_error("pipe execution not allowed in sandbox mode");
- 		print_flag = 0;
- 		yylval.ival = PIPE_OUT;
- 		string_buff[0] = '|';
--- 
-2.13.5
-
diff --git a/sys-apps/mawk/mawk-1.3.4_p20190203.ebuild b/sys-apps/mawk/mawk-1.3.4_p20190203-r1.ebuild
index 84b29b099fcf..110cbc7c9a0f 100644
--- a/sys-apps/mawk/mawk-1.3.4_p20190203.ebuild
+++ b/sys-apps/mawk/mawk-1.3.4_p20190203-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -13,7 +13,6 @@ SRC_URI="ftp://ftp.invisible-island.net/mawk/${MY_P}.tgz"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux ~x86-macos"
-IUSE="forced-sandbox"
 
 RDEPEND="app-eselect/eselect-awk"
 DEPEND="${RDEPEND}"
@@ -22,14 +21,9 @@ S="${WORKDIR}/${MY_P}"
 
 DOCS=( ACKNOWLEDGMENT CHANGES README )
 
-PATCHES=(
-	"${FILESDIR}"/${PN}-1.3.4-sandbox.patch
-	"${FILESDIR}"/${PN}-1.3.4-sandbox-default.patch
-)
-
 src_configure() {
 	tc-export BUILD_CC
-	econf $(use_enable forced-sandbox)
+	econf
 }
 
 src_install() {
diff --git a/sys-apps/mawk/mawk-1.3.4_p20171017-r1.ebuild b/sys-apps/mawk/mawk-1.3.4_p20200106-r1.ebuild
index 3084af0f0e2d..7645505ca1f2 100644
--- a/sys-apps/mawk/mawk-1.3.4_p20171017-r1.ebuild
+++ b/sys-apps/mawk/mawk-1.3.4_p20200106-r1.ebuild
@@ -1,35 +1,29 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=6
+EAPI=7
 
 inherit toolchain-funcs
 
-MY_P=${P/_p/-}
+MY_P="${P/_p/-}"
 DESCRIPTION="an (often faster than gawk) awk-interpreter"
 HOMEPAGE="https://invisible-island.net/mawk/mawk.html"
-SRC_URI="ftp://ftp.invisible-island.net/mawk/${MY_P}.tgz"
+SRC_URI="https://invisible-mirror.net/archives/${PN}/${MY_P}.tgz"
 
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux ~x86-macos"
-IUSE="forced-sandbox"
 
 RDEPEND="app-eselect/eselect-awk"
 DEPEND="${RDEPEND}"
 
-S=${WORKDIR}/${MY_P}
+S="${WORKDIR}/${MY_P}"
 
 DOCS=( ACKNOWLEDGMENT CHANGES README )
 
-PATCHES=(
-	"${FILESDIR}"/${PN}-1.3.4-sandbox.patch
-	"${FILESDIR}"/${PN}-1.3.4-sandbox-default.patch
-)
-
 src_configure() {
 	tc-export BUILD_CC
-	econf $(use_enable forced-sandbox)
+	econf
 }
 
 src_install() {
diff --git a/sys-apps/mawk/metadata.xml b/sys-apps/mawk/metadata.xml
index fb5ddc9df936..56c124413057 100644
--- a/sys-apps/mawk/metadata.xml
+++ b/sys-apps/mawk/metadata.xml
@@ -5,7 +5,4 @@
 	<email>base-system@gentoo.org</email>
 	<name>Gentoo Base System</name>
 </maintainer>
-<use>
-	<flag name="forced-sandbox">Always enable -W sandbox mode for simpler/secure runtime</flag>
-</use>
 </pkgmetadata>
diff --git a/sys-apps/sed/Manifest b/sys-apps/sed/Manifest
index a4323580c64a..b924f8ba9327 100644
--- a/sys-apps/sed/Manifest
+++ b/sys-apps/sed/Manifest
@@ -1,7 +1,7 @@
 DIST sed-4.5.tar.xz 1274252 BLAKE2B 08525659e0e01ec50e736c1665634f3816f57c48aeefa7f6bc7a152cd6c171bb4e96e5c215429fc5edbe6e1de6cc3efe4f2f3bf6865933a30dd1700e921d5b3f SHA512 f95fb27e03b2301dae63878413b4c48e40341cc676945a612e1d0bd911da3192858ae142791292a99fbdaacbc7dab2d6fccb50787c06846f99b0b3740b40c196
 DIST sed-4.7.tar.xz 1298316 BLAKE2B 752bc2e942b6f041710c6811518147c5fa4b143b33ae842ec1f142ec914bfaf4d7e8a94a2b1a5b345789944e5426f7946997f2ccbc43ee5034351a95ce3a677e SHA512 e0be5db4cdf8226b34aaa9071bc5ae0eafde1c52227cee3512eea7fe2520d6c5cebf15266aa5c4adffbb51bf125c140a15644e28d57759893c12823ea9bbf4fb
 DIST sed-4.8.tar.xz 1348048 BLAKE2B 62f6b6500cc9a20a35cafc2b09b12bb7da67fa0afb0b1b26153babc0023424b3126f44d29eba14c25fc4490996c90738b191c9440c66da6c120bbb9bc6f6df65 SHA512 7de25d9bc2981c63321c2223f3fbcab61d7b0df4fcf7d4394b72400b91993e1288d8bf53948ed5fffcf5a98c75265726a68ad4fb98e1d571bf768603a108c1c8
-EBUILD sed-4.5.ebuild 1754 BLAKE2B 378e3f30251c058eb87608c952c941892245e6c41dea873ca7fbf34d1fa1a53248422801a6728b17b3bba0b499233dc32eefe9108e2ce31e5500eb6af691e848 SHA512 a4a9f5d17ff2c46860dbd3da1ebfc1f6eb2ba7f4009b4f39dd4ef27922cf7d31fc0f09ca680ef465ce062ceb28980db7fb97553ad92ea3f580495f99319da37e
-EBUILD sed-4.7.ebuild 1764 BLAKE2B 0da4d5bc5cf60d148028766cffff9638e9b11003a38003528300a1b143a7b47c22cf824f608e115ffcd26dea3432cd38a620eaa87a4151ab11faca2fda14b599 SHA512 63cb466f5263a150e92cc3dc2332bb826292ad651ea0425731471f0c7674ed681c55a9e217eaea79d049492ab1fd860b54c83849f38cd53c2b20f7544e841a00
-EBUILD sed-4.8.ebuild 1767 BLAKE2B f73107d19359fb5143078428ed9e8a8f46dc253b98f2120408b4e4d1562ed71f8f556e7c00082345ad1543c14a8670396ad20e93e283e8c7243a805b33dce37f SHA512 5d7c86fdbfdcf0f86b459b52db1df930623c37e8ef9e7b775b36842a7f27177653855cd0ec80d8d02cbd8d49062207966209656900fc953f023dba9e21d956f6
-MISC metadata.xml 599 BLAKE2B 1e3e9343805c40b2f8ba3be494c1280395ce8edfb85d93b53e136269c774312b5b27d63cd628eb1ca57faa2c1a3849a7b361c9fa68850f47d70d618995b57667 SHA512 6aa22a76f9ec43142548e347dcea74b4c0b02bf0f8ccaff581265ba4b97fc16fca5d01bc3884e27523d138eec3b809bae6b379c7c0d38b344db2f7175e5565d5
+EBUILD sed-4.5.ebuild 1111 BLAKE2B f7564d0ec2c55ea629c0b0d38432297d047ffcab549c9738ad7cd2c7f7f96d986b307b3d9e6892a9cce18851e29a79ba983f461e1e2d69ae1f701b75c3f96dbc SHA512 f873e92e5509782096f8f7fea5cbd59c19d1233e95f1c208d93bd8703242dd5e86d419f3fe662728cc4961fc58a5ece8b69620a0a03aa70b72296f5577173751
+EBUILD sed-4.7.ebuild 1119 BLAKE2B c7844da1e2d55be0f7640acfc919b84557b970aa01023870fc64b66b8fceea6596f95922d0fb50423d4d670c4bb982efc19812283d26ce4d7aed74adaa62389f SHA512 48d676d1cf99ca0e322dfbbb2ffebc77dfc5ded30154ce1e577d232e0a37462bc28a3d295bae0804756e5f35009f0499c41e7021853ff28b631d7fb7357e59cd
+EBUILD sed-4.8.ebuild 1124 BLAKE2B 90231eec93291dcc293916699cf92b1209f09277b674ead4ffffa58985ec946d7eb6a36f2be939f83a80fd15ad48bba22b950dad996b50ededbe4b259c268be0 SHA512 ae2955a2f9195f6fc7ae2c6f9e1af5c7bd55e9489fa7cfb5e4a942b9ac16af8a2901a3dc6788c5c7505743b748e45005c2dae485894adf3c36810491d1eb8259
+MISC metadata.xml 323 BLAKE2B 746a8514f64aa6bc67931a9a1c61ff47dd0ff984dee09d04afd44557986ef1fe87ebdbd844fb68bdbe8158ec16b6d776b6f9956f2b5611495af5aa3d56c8bff5 SHA512 ec3a11f7aafded3d4b5e12680358f39dbeb166f96af51eae8dafb21b186024ddb9b5b9ba36bde626be01b1938fd6f4bbcb58f0f8bad2208a84d44eaadc95652e
diff --git a/sys-apps/sed/metadata.xml b/sys-apps/sed/metadata.xml
index 504b6a5e4649..b738f8c54a01 100644
--- a/sys-apps/sed/metadata.xml
+++ b/sys-apps/sed/metadata.xml
@@ -8,11 +8,4 @@
 <upstream>
 	<remote-id type="sourceforge">sed</remote-id>
 </upstream>
-<use>
-	<flag name="forced-sandbox">
-		Always enable --sandbox mode for simpler/secure runtime (disables e/r/w commands).
-		Note: This may break many configure scripts, so it should be avoided on dev systems
-		(and generally used on binpkg/final systems only).
-	</flag>
-</use>
 </pkgmetadata>
diff --git a/sys-apps/sed/sed-4.5.ebuild b/sys-apps/sed/sed-4.5.ebuild
index 555171c1e834..c6ede4cfc760 100644
--- a/sys-apps/sed/sed-4.5.ebuild
+++ b/sys-apps/sed/sed-4.5.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6
@@ -12,40 +12,23 @@ SRC_URI="mirror://gnu/sed/${P}.tar.xz"
 LICENSE="GPL-3"
 SLOT="0"
 KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 ~riscv s390 sh sparc x86"
-IUSE="acl forced-sandbox nls selinux static"
+IUSE="acl nls selinux static"
 
-RDEPEND="acl? ( virtual/acl )
-	nls? ( virtual/libintl )
-	selinux? ( sys-libs/libselinux )"
+RDEPEND="
+	!static? (
+		acl? ( virtual/acl )
+		nls? ( virtual/libintl )
+		selinux? ( sys-libs/libselinux )
+	)
+"
 DEPEND="${RDEPEND}
-	nls? ( sys-devel/gettext )"
-
-src_bootstrap_sed() {
-	# make sure system-sed works #40786 #650052
-	if ! type -p sed > /dev/null || has_version 'sys-apps/sed[forced-sandbox]' ; then
-		mkdir -p "${T}/bootstrap"
-		printf '#!/bin/sh\nexec busybox sed "$@"\n' > "${T}/bootstrap/sed" || die
-		chmod a+rx "${T}/bootstrap/sed"
-		PATH="${T}/bootstrap:${PATH}"
-	fi
-}
-
-src_prepare() {
-	# Don't use sed before bootstrap if we have to recover a broken host sed.
-	src_bootstrap_sed
-
-	default
-
-	if use forced-sandbox ; then
-		# Upstream doesn't want to add a configure flag for this.
-		# https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
-		sed -i \
-			-e '/^bool sandbox = false;/s:false:true:' \
-			sed/sed.c || die
-		# Make sure the sed took.
-		grep -q '^bool sandbox = true;' sed/sed.c || die "forcing sandbox failed"
-	fi
-}
+	nls? ( sys-devel/gettext )
+	static? (
+		acl? ( virtual/acl[static-libs(+)] )
+		nls? ( virtual/libintl[static-libs(+)] )
+		selinux? ( sys-libs/libselinux[static-libs(+)] )
+	)
+"
 
 src_configure() {
 	local myconf=()
diff --git a/sys-apps/sed/sed-4.7.ebuild b/sys-apps/sed/sed-4.7.ebuild
index 87cc5cb0f6d1..ebcf003708b4 100644
--- a/sys-apps/sed/sed-4.7.ebuild
+++ b/sys-apps/sed/sed-4.7.ebuild
@@ -11,41 +11,24 @@ SRC_URI="mirror://gnu/sed/${P}.tar.xz"
 
 LICENSE="GPL-3"
 SLOT="0"
-KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc x86"
-IUSE="acl forced-sandbox nls selinux static"
-
-RDEPEND="acl? ( virtual/acl )
-	nls? ( virtual/libintl )
-	selinux? ( sys-libs/libselinux )"
+KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sh ~sparc x86"
+IUSE="acl nls selinux static"
+
+RDEPEND="
+	!static? (
+		acl? ( virtual/acl )
+		nls? ( virtual/libintl )
+		selinux? ( sys-libs/libselinux )
+	)
+"
 DEPEND="${RDEPEND}
-	nls? ( sys-devel/gettext )"
-
-src_bootstrap_sed() {
-	# make sure system-sed works #40786 #650052
-	if ! type -p sed > /dev/null || has_version 'sys-apps/sed[forced-sandbox]' ; then
-		mkdir -p "${T}/bootstrap"
-		printf '#!/bin/sh\nexec busybox sed "$@"\n' > "${T}/bootstrap/sed" || die
-		chmod a+rx "${T}/bootstrap/sed"
-		PATH="${T}/bootstrap:${PATH}"
-	fi
-}
-
-src_prepare() {
-	# Don't use sed before bootstrap if we have to recover a broken host sed.
-	src_bootstrap_sed
-
-	default
-
-	if use forced-sandbox ; then
-		# Upstream doesn't want to add a configure flag for this.
-		# https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
-		sed -i \
-			-e '/^bool sandbox = false;/s:false:true:' \
-			sed/sed.c || die
-		# Make sure the sed took.
-		grep -q '^bool sandbox = true;' sed/sed.c || die "forcing sandbox failed"
-	fi
-}
+	nls? ( sys-devel/gettext )
+	static? (
+		acl? ( virtual/acl[static-libs(+)] )
+		nls? ( virtual/libintl[static-libs(+)] )
+		selinux? ( sys-libs/libselinux[static-libs(+)] )
+	)
+"
 
 src_configure() {
 	local myconf=()
diff --git a/sys-apps/sed/sed-4.8.ebuild b/sys-apps/sed/sed-4.8.ebuild
index eee25f42b285..3cf0562a1777 100644
--- a/sys-apps/sed/sed-4.8.ebuild
+++ b/sys-apps/sed/sed-4.8.ebuild
@@ -12,40 +12,23 @@ SRC_URI="mirror://gnu/sed/${P}.tar.xz"
 LICENSE="GPL-3"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86"
-IUSE="acl forced-sandbox nls selinux static"
+IUSE="acl nls selinux static"
 
-RDEPEND="acl? ( virtual/acl )
-	nls? ( virtual/libintl )
-	selinux? ( sys-libs/libselinux )"
+RDEPEND="
+	!static? (
+		acl? ( virtual/acl )
+		nls? ( virtual/libintl )
+		selinux? ( sys-libs/libselinux )
+	)
+"
 DEPEND="${RDEPEND}
-	nls? ( sys-devel/gettext )"
-
-src_bootstrap_sed() {
-	# make sure system-sed works #40786 #650052
-	if ! type -p sed > /dev/null || has_version 'sys-apps/sed[forced-sandbox]' ; then
-		mkdir -p "${T}/bootstrap"
-		printf '#!/bin/sh\nexec busybox sed "$@"\n' > "${T}/bootstrap/sed" || die
-		chmod a+rx "${T}/bootstrap/sed"
-		PATH="${T}/bootstrap:${PATH}"
-	fi
-}
-
-src_prepare() {
-	# Don't use sed before bootstrap if we have to recover a broken host sed.
-	src_bootstrap_sed
-
-	default
-
-	if use forced-sandbox ; then
-		# Upstream doesn't want to add a configure flag for this.
-		# https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
-		sed -i \
-			-e '/^bool sandbox = false;/s:false:true:' \
-			sed/sed.c || die
-		# Make sure the sed took.
-		grep -q '^bool sandbox = true;' sed/sed.c || die "forcing sandbox failed"
-	fi
-}
+	nls? ( sys-devel/gettext )
+	static? (
+		acl? ( virtual/acl[static-libs(+)] )
+		nls? ( virtual/libintl[static-libs(+)] )
+		selinux? ( sys-libs/libselinux[static-libs(+)] )
+	)
+"
 
 src_configure() {
 	local myconf=()
author	V3n3RiX <venerix@redcorelinux.org>	2020-01-17 22:43:15 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2020-01-17 22:43:15 +0000
commit	52f895faaaf01579a8d9528cafec20bf2c873f5c (patch)
tree	d552df2a24a2e21fd08b08caef93840452b9889c /sys-apps
parent	0704956f7256f1f618cc5e03af2c1dbd0e83dbc5 (diff)