diff options
Diffstat (limited to 'sys-apps/minijail')
-rw-r--r-- | sys-apps/minijail/Manifest | 5 | ||||
-rw-r--r-- | sys-apps/minijail/files/minijail-18-makefile.patch | 41 | ||||
-rw-r--r-- | sys-apps/minijail/metadata.xml | 3 | ||||
-rw-r--r-- | sys-apps/minijail/minijail-18.ebuild | 78 |
4 files changed, 126 insertions, 1 deletions
diff --git a/sys-apps/minijail/Manifest b/sys-apps/minijail/Manifest index b6618aa26139..b92d33bd85c6 100644 --- a/sys-apps/minijail/Manifest +++ b/sys-apps/minijail/Manifest @@ -1,5 +1,8 @@ AUX minijail-12-makefile.patch 1511 BLAKE2B 74b620f44ffa3a3f82771d10dfff5999f223613ee734a38be770ac91e128c3e4f26cbbdff197a0636cb8c3b094c70fbed08443560bea095407736327f9d485ac SHA512 c727ff4752345f08d89dab5bc7489793763bf459bc169f132a285bc40c1d8e1e40d366bc8336e35c5362f4e4b999ec9d07db2b3bcd5f394954dae54cb533515a AUX minijail-17-no-werror.patch 594 BLAKE2B 7afa3b6179ce975d8dac6496532222057db0f27c134b0fa6f783f1f18e7166d310ccfbaa387482fb27f91e7f9cf5b478267e6a4db2ced380efbcd77bfa1b7b6e SHA512 27f7e2c4ca046e86c81ec419fe745bc25547ff5217340af772b331448c19cbcb228835c3ddd1d2879e3b13bf59f85724dcf3cc455c22e0fd27ac81a28efd135d +AUX minijail-18-makefile.patch 1546 BLAKE2B 7b4ccf54fe13b5614dc119306c06b23e899919f17b6e880044d65d7117095023e318233695d20a55f9012d3172d100e4ba94bf2fee8d3cc728cc944494ea1f8a SHA512 8922874c2a3b319b3699fc75f4f85428f2cc9045794d44f2cdf5cc57ae0034971162ae87ebca9d679b75840614d1ed9a3e9f247a466d52ad26976fb9b207077d DIST minijail-17.tar.gz 212425 BLAKE2B 411a0e2f1af21dd689fa669f9658e78c3c3c6439fdbea01b41b1d0cb3cbc1dc017634177350a3d5392783201f80874ec2a1604ed2577dbf5d7dbdf584a087267 SHA512 4b9aa29a78f7525ffeedfb927f6b567044ff7c9d32ef0e6771ed2b5c2d47c7a14ccbe000efc988ce6bb4173c5a9ae734b222aac1a00fb0e60777d7dccc149acf +DIST minijail-18.tar.gz 223537 BLAKE2B 894cca4bd31b12e74a309a99d98eefe24f57e4dae186e79b5800b9857ef6b87c2094ead9a1788d00557d68b0d174bdf1e22f247ffb4fbb2d44a952a8df2c953d SHA512 685f744b4783600b4c91ec678ae87dd9ae0138638e1e754520f406c203f4d92f6b510b1bcf1a921b9e93965026c461d6fe8e5efb5f90393a54ca27db7c8033e5 EBUILD minijail-17.ebuild 1847 BLAKE2B 4a29b4c111a215a627fca5349a3b00271e71985113dd4e820b48f27a230a886b440bc01101ff07de6b7ceab02c1381afaabe22adea07bba6f027b284679df606 SHA512 2a437e1cb4a841ee7898516f12ed688c7130ae0d8dd54617a8aeddfc185c83465910c6308eeaa50a26b53624f2e8cc43e7bfd04b5facf488282cd2840b7c5bfe -MISC metadata.xml 316 BLAKE2B 1c0d0d8d3d56290e6c416abd016b8e9884d281b4c8700d5e229bbd820946c9b962c148f4d838b3206f091c9340d93febf69c8dab0af58101c5c5128fceea888e SHA512 f31d33694241be5dc691ca273d0712a062b84eaccb44adc3a50a1085a451543ff1c2d20960444474c2d32121a52c2b15c2510c802a59983534c6176906fbaaee +EBUILD minijail-18.ebuild 1858 BLAKE2B 5a398dcaae440f5512f6d67cafd266d0202c1c4fa57bec3541246267267d3fca19266b37889bdcf82f380d17eeab8d4f9d5dc63bc43ff0128ac6cc2c97e98230 SHA512 0638e0c204c2a96c5ae4a88ea6bb9584db013e068b692c2a7506e48899aadcbc57eeeea83c63581eb92ed1d486e722cf3eb26aff8c95827b2bf0ee59acb95913 +MISC metadata.xml 396 BLAKE2B 2abccc653acbb41fb627d83894b7e22159994295bc7342a89e590742a22167f5e4d4cf4aac5cfe4554aa236f6449889f6e8ec249ef8e7225af6271fc34672043 SHA512 46660ec9367ef20a84b3ec32f562c1204d9102e13afd4d813444be3cb2c4378127e15fb19987c53270e283e024f2e6e9fead95a377bbfe8883c36a3065652393 diff --git a/sys-apps/minijail/files/minijail-18-makefile.patch b/sys-apps/minijail/files/minijail-18-makefile.patch new file mode 100644 index 000000000000..c1a2509dff5a --- /dev/null +++ b/sys-apps/minijail/files/minijail-18-makefile.patch @@ -0,0 +1,41 @@ +--- a/Makefile ++++ b/Makefile +@@ -72,9 +72,9 @@ GTEST_CXXFLAGS := -std=gnu++14 + GTEST_LIBS := gtest.a + UNITTEST_DEPS += $(GTEST_LIBS) + else +-GTEST_CXXFLAGS := $(shell gtest-config --cxxflags 2>/dev/null || \ ++GTEST_CXXFLAGS ?= $(shell gtest-config --cxxflags 2>/dev/null || \ + echo "-pthread") +-GTEST_LIBS := $(shell gtest-config --libs 2>/dev/null || \ ++GTEST_LIBS ?= $(shell gtest-config --libs 2>/dev/null || \ + echo "-lgtest -pthread -lpthread") + endif + UNITTEST_LIBS += $(GTEST_LIBS) +@@ -104,6 +104,7 @@ clean: CLEAN(minijail0) + + + CC_LIBRARY(libminijail.so): LDLIBS += -lcap ++CC_LIBRARY(libminijail.so): LDFLAGS += -Wl,-soname,libminijail.so + CC_LIBRARY(libminijail.so): $(CORE_OBJECT_FILES) + clean: CLEAN(libminijail.so) + +@@ -125,6 +126,7 @@ TEST(CXX_BINARY(libminijail_unittest)): CC_LIBRARY(libminijailpreload.so) + + + CC_LIBRARY(libminijailpreload.so): LDLIBS += -lcap -ldl ++CC_LIBRARY(libminijailpreload.so): LDFLAGS += -Wl,-soname,libminijail.so + CC_LIBRARY(libminijailpreload.so): libminijailpreload.o $(CORE_OBJECT_FILES) + clean: CLEAN(libminijailpreload.so) + +--- a/common.mk ++++ b/common.mk +@@ -323,7 +323,7 @@ COMMON_CFLAGS := -Wall -Wunused -Wno-unused-parameter -Werror -Wformat=2 \ + -fno-strict-aliasing $(SSP_CFLAGS) -O1 + CXXFLAGS += $(COMMON_CFLAGS) $(COMMON_CFLAGS-$(CXXDRIVER)) -std=gnu++14 + CFLAGS += $(COMMON_CFLAGS) $(COMMON_CFLAGS-$(CDRIVER)) -std=gnu11 +-CPPFLAGS += -D_FORTIFY_SOURCE=2 ++CPPFLAGS += + + # Enable large file support. + CPPFLAGS += -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE diff --git a/sys-apps/minijail/metadata.xml b/sys-apps/minijail/metadata.xml index 7b5b4ce46bdf..b60ec207b068 100644 --- a/sys-apps/minijail/metadata.xml +++ b/sys-apps/minijail/metadata.xml @@ -7,4 +7,7 @@ <maintainer type="person"> <email>chutzpah@gentoo.org</email> </maintainer> + <upstream> + <remote-id type="github">google/minijail</remote-id> + </upstream> </pkgmetadata> diff --git a/sys-apps/minijail/minijail-18.ebuild b/sys-apps/minijail/minijail-18.ebuild new file mode 100644 index 000000000000..237a6aa5dafb --- /dev/null +++ b/sys-apps/minijail/minijail-18.ebuild @@ -0,0 +1,78 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit linux-info toolchain-funcs + +DESCRIPTION="helper binary and library for sandboxing & restricting privs of service" +HOMEPAGE="https://android.googlesource.com/platform/external/minijail" +# Use GitHub mirror as Gitiles doesn't generate stable tarballs. +SRC_URI="https://github.com/google/${PN}/archive/linux-v${PV}.tar.gz -> ${P}.tar.gz" +S="${WORKDIR}/${PN}-linux-v${PV}" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~riscv ~x86" +IUSE="+seccomp test" +RESTRICT="!test? ( test )" + +RDEPEND="sys-libs/libcap-ng:=" +DEPEND=" + ${RDEPEND} + test? ( + >=dev-cpp/gtest-1.8.0:= + ) +" +BDEPEND="test? ( virtual/pkgconfig )" + +PATCHES=( + "${FILESDIR}/${PN}-18-makefile.patch" + "${FILESDIR}/${PN}-17-no-werror.patch" +) + +pkg_pretend() { + local CONFIG_CHECK="~NAMESPACES ~UTS_NS ~IPC_NS ~USER_NS ~PID_NS ~NET_NS + ~SECCOMP ~SECCOMP_FILTER ~CGROUPS" + check_extra_config +} + +src_configure() { + export LIBDIR="/usr/$(get_libdir)" + export USE_seccomp="$(usex seccomp)" + export USE_SYSTEM_GTEST=yes + if use test; then + export GTEST_CXXFLAGS="$($(tc-getPKG_CONFIG) --cflags gtest_main)" + export GTEST_LIBS="$($(tc-getPKG_CONFIG) --libs gtest_main)" + else + export GTEST_CXXFLAGS='' GTEST_LIBS='' + fi + export VERBOSE=1 +} + +src_compile() { + tc-env_build emake all parse_seccomp_policy +} + +src_test() { + GTEST_FILTER="-NamespaceTest.test_tmpfs_userns:NamespaceTest.test_namespaces" \ + tc-env_build emake tests +} + +src_install() { + dosbin minijail0 + dolib.so libminijail{,preload}.so + dobin parse_seccomp_policy + + doman minijail0.[15] + dodoc README.md + + local include_dir="/usr/include" + + "${S}"/platform2_preinstall.sh "${PV}" "${include_dir}" + insinto "/usr/$(get_libdir)/pkgconfig" + doins libminijail.pc + + insinto "${include_dir}" + doins libminijail.h scoped_minijail.h +} |