firejail: rebuild with upstream patches

2015-10-25 22:55:47 +01:00 · 2015-10-25 22:55:47 +01:00 · f6cc6c6f3e
commit f6cc6c6f3e
parent 80950842dc
4 changed files with 107 additions and 54 deletions
--- a/srcpkgs/firejail/files/musl_defs.h
+++ b/srcpkgs/firejail/files/musl_defs.h
@ -1,33 +0,0 @@
 #ifndef _MUSL_DEFS_H
 #define _MUSL_DEFS_H
 #include <features.h>
 #define __NEED_FILE
 #define __NEED_dev_t
 #define __NEED_ino_t
 #define __NEED_mode_t
 #define __NEED_nlink_t
 #define __NEED_uid_t
 #define __NEED_gid_t
 #define __NEED_off_t
 #define __NEED_time_t
 #define __NEED_blksize_t
 #define __NEED_blkcnt_t
 #define __NEED_struct_timespec
 #include <bits/alltypes.h>
 #include <bits/stat.h>
 #ifdef __cplusplus
 #define NULL 0L
 #else
 #define NULL ((void*)0)
 #endif
 int printf(const char *format, ...);
 int sprintf(char *buffer, const char *format, ...);
 char *fgets(char *buffer, int size, FILE *fp);
 #endif
--- a/srcpkgs/firejail/patches/firejail-0.9.32-musl.patch
+++ b/srcpkgs/firejail/patches/firejail-0.9.32-musl.patch
@ -0,0 +1,69 @@
 From 14b435a43ab54a718f1a899573fe1ce6bb06fe7a Mon Sep 17 00:00:00 2001
 From: Duncaen <mail@duncano.de>
 Date: Sun, 25 Oct 2015 15:30:09 +0100
 Subject: [PATCH] libtrace: only include fopen64, freopen64 and stat64 if
 __GLIBC__ is defined
 ---
 src/libtrace/libtrace.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)
 diff --git src/libtrace/libtrace.c src/libtrace/libtrace.c
 index 1eb1cf9..12a8c7f 100644
 --- src/libtrace/libtrace.c
 +++ src/libtrace/libtrace.c
@@ -312,6 +312,7 @@ FILE *fopen(const char *pathname, const char *mode) {
 	return rv;
 }
 +#ifdef __GLIBC__
 FILE *fopen64(const char *pathname, const char *mode) {
 	if (!orig_fopen64)
 		orig_fopen64 = (orig_fopen_t)dlsym(RTLD_NEXT, "fopen64");
@@ -320,6 +321,7 @@ FILE *fopen64(const char *pathname, const char *mode) {
 	printf("%u:%s:fopen64 %s\n", pid(), name(), pathname);
 	return rv;
 }
 +#endif /* __GLIBC__ */
 // freopen
@@ -334,6 +336,7 @@ FILE *freopen(const char *pathname, const char *mode, FILE *stream) {
 	return rv;
 }
 +#ifdef __GLIBC__
 typedef FILE *(*orig_freopen64_t)(const char *pathname, const char *mode, FILE *stream);
 static orig_freopen64_t orig_freopen64 = NULL;
 FILE *freopen64(const char *pathname, const char *mode, FILE *stream) {
@@ -344,6 +347,7 @@ FILE *freopen64(const char *pathname, const char *mode, FILE *stream) {
 	printf("%u:%s:freopen64 %s\n", pid(), name(), pathname);
 	return rv;
 }
 +#endif /* __GLIBC__ */
 // unlink
 typedef int (*orig_unlink_t)(const char *pathname);
@@ -414,6 +418,7 @@ int stat(const char *pathname, struct stat *buf) {
 	return rv;
 }
 +#ifdef __GLIBC__
 typedef int (*orig_stat64_t)(const char *pathname, struct stat64 *buf);
 static orig_stat64_t orig_stat64 = NULL;
 int stat64(const char *pathname, struct stat64 *buf) {
@@ -424,6 +429,7 @@ int stat64(const char *pathname, struct stat64 *buf) {
 	printf("%u:%s:stat %s\n", pid(), name(), pathname);
 	return rv;
 }
 +#endif /* __GLIBC__ */
 // access
@@ -625,4 +631,4 @@ int setresgid(gid_t rgid, gid_t egid, gid_t sgid) {
 	printf("%u:%s:setresgid %d %d %d\n", pid(), name(), rgid, egid, sgid);
 	return rv;
 -}
 \ No newline at end of file
 +}
--- a/srcpkgs/firejail/patches/firejail-0.9.32-seccomp.patch
+++ b/srcpkgs/firejail/patches/firejail-0.9.32-seccomp.patch
@ -0,0 +1,37 @@
 From 8014c8d3aa022c851443cbb4226a9481684c9704 Mon Sep 17 00:00:00 2001
 From: netblue30 <netblue30@yahoo.com>
 Date: Sat, 24 Oct 2015 09:41:11 -0400
 Subject: [PATCH] fixed compilation error for --disable-seccomp
 ---
 src/firejail/main.c | 4 ++++
 1 file changed, 4 insertions(+)
 diff --git src/firejail/main.c src/firejail/main.c
 index 422a391..e76f1b4 100644
 --- src/firejail/main.c
 +++ src/firejail/main.c
@@ -396,7 +396,9 @@ int main(int argc, char **argv) {
 	int arg_cgroup = 0;
 	int custom_profile = 0;	// custom profile loaded
 	int arg_noprofile = 0; // use generic.profile if none other found/specified
 +#ifdef HAVE_SECCOMP
 	int highest_errno = errno_highest_nr();
 +#endif
 	// check if we already have a sandbox running
 	int rv = check_kernel_procs();
@@ -1366,11 +1368,13 @@ int main(int argc, char **argv) {
 	waitpid(child, NULL, 0);
 	// free globals
 +#ifdef HAVE_SECCOMP
 	if (arg_seccomp_list_errno) {
 		for (i = 0; i < highest_errno; i++)
 			free(arg_seccomp_list_errno[i]);
 		free(arg_seccomp_list_errno);
 	}
 +#endif
 	myexit(0);
--- a/srcpkgs/firejail/template
+++ b/srcpkgs/firejail/template
@ -1,7 +1,7 @@
 # Template file for 'firejail'
 pkgname=firejail
 version=0.9.32
-revision=1
+revision=2
 build_style=gnu-configure
 build_pie=yes
 conf_files="
@ -53,23 +53,3 @@ case "$XBPS_TARGET_MACHINE" in
 		configure_args+=" --disable-seccomp"
 		;;
 esac
 pre_configure() {
 	sed -i ${wrksrc}/src/firejail/errno.c -e 's;#ifdef HAVE_SECCOMP;#if 1;'
 	case "$XBPS_TARGET_MACHINE" in
 	*-musl) # XXX: dirty hack - very limited stdio.h definitions
 		# to avoid redefinition of intercepted libc functions
 		cp ${FILESDIR}/musl_defs.h ${wrksrc}/src/libtrace
 		# Include our header instead of stdio.h and sys/stat.h
 		# Use struct stat instead of struct stat64 (they are equal)
 		sed -i ${wrksrc}/src/libtrace/libtrace.c \
 			-e 's;#include <stdio.h>;#include "musl_defs.h";' \
 			-e 's;#include <sys/stat.h>;;' \
 			-e 's;struct stat64;struct stat;g'
 	esac
 }
 pre_install() {
 	# remove hardcoded strip(1)
 	sed -i '/strip .*/d' Makefile
 }