From d44daa03cdc6e4d5f74e39242daabf364df2ba50 Mon Sep 17 00:00:00 2001 From: Nikoli Date: Wed, 6 May 2015 17:02:28 +0300 Subject: [PATCH] Disable SOCKSv5-over-UNIX-socket proxy by default, bug #548710 --- man/make.conf.5 | 4 ++++ pym/portage/const.py | 1 + pym/portage/package/ebuild/doebuild.py | 3 ++- 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/man/make.conf.5 b/man/make.conf.5 index 1b71b97..298eb80 100644 --- a/man/make.conf.5 +++ b/man/make.conf.5 @@ -463,6 +463,10 @@ from putting 64bit libraries into anything other than (/usr)/lib64. .B network\-sandbox Isolate the ebuild phase functions from host network interfaces. Supported only on Linux. Requires network namespace support in kernel. +.TP +.B network\-sandbox\-proxy +Enable escaping network-sandbox through SOCKSv5 proxy. Enabling distcc +feature also enables the proxy. If asyncio Python module is available (requires Python 3.3, built-in since Python 3.4) Portage will additionally spawn an isolated SOCKSv5 diff --git a/pym/portage/const.py b/pym/portage/const.py index 6c1201d..617cd96 100644 --- a/pym/portage/const.py +++ b/pym/portage/const.py @@ -158,6 +158,7 @@ SUPPORTED_FEATURES = frozenset([ "mirror", "multilib-strict", "network-sandbox", + "network-sandbox-proxy", "news", "noauto", "noclean", diff --git a/pym/portage/package/ebuild/doebuild.py b/pym/portage/package/ebuild/doebuild.py index 4d926c7..5e4d7b1 100644 --- a/pym/portage/package/ebuild/doebuild.py +++ b/pym/portage/package/ebuild/doebuild.py @@ -1505,7 +1505,8 @@ def spawn(mystring, mysettings, debug=False, free=False, droppriv=False, keywords['unshare_net'] = not networked keywords['unshare_ipc'] = not ipc - if not networked and mysettings.get("EBUILD_PHASE") != "nofetch": + if not networked and mysettings.get("EBUILD_PHASE") != "nofetch" and \ + ("network-sandbox-proxy" in features or "distcc" in features): # Provide a SOCKS5-over-UNIX-socket proxy to escape sandbox # Don't do this for pkg_nofetch, since the spawn_nofetch # function creates a private PORTAGE_TMPDIR. -- 2.0.5