Hello. I have made several improvements to app-misc/jail and would like them to be included in portage. List of improvents: 1) jail did not parse openat() syscall and fails to add many dynamic libraries into the jail directory 2) ldd do not requires program parameters and threats them as the list of programs. jail run ldd passing program parameters too. 3) There was a patch to write correct program into /etc/shells (bin element was missing), but the check was not fixed and subsequent runs added jail multiple times into /etc/shells.
Created attachment 551756 [details, diff] support openat() syscall too
Created attachment 551758 [details, diff] do not pass program parameters to ldd call
Created attachment 551760 [details, diff] do not duplicate jail in shells file
Please forward the patches to upstream too (for the case they return some day) https://github.com/spiculator/jail/issues Thanks
OK. I'll try that too. :) I saw that there were no activity there and last patches were just added to the portage.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b2d45cce35de863eb4ce529cfc5b161349aa3f4d commit b2d45cce35de863eb4ce529cfc5b161349aa3f4d Author: Pacho Ramos <pacho@gentoo.org> AuthorDate: 2018-11-04 12:08:09 +0000 Commit: Pacho Ramos <pacho@gentoo.org> CommitDate: 2018-11-04 12:33:54 +0000 app-misc/jail: Lots of bugfixes - Handle dirs with dots (#646116) - support openat() syscall too (#668898) - do not pass program parameters to ldd call (#668898) - do not duplicate jail in shells file (#668898) Thanks-to: Alexander Zubkov Closes: https://bugs.gentoo.org/646116 Closes: https://bugs.gentoo.org/668898 Signed-off-by: Pacho Ramos <pacho@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 app-misc/jail/files/jail-2.0-duplicate-jail.patch | 19 ++++++ app-misc/jail/files/jail-2.0-fix-paths.patch | 21 +++++++ app-misc/jail/files/jail-2.0-ldd-call.patch | 19 ++++++ app-misc/jail/files/jail-2.0-openat-syscall.patch | 23 +++++++ app-misc/jail/jail-2.0-r3.ebuild | 75 +++++++++++++++++++++++ 5 files changed, 157 insertions(+)
Hello. I'm very sorry. But accidentally I have tested the openat() path in a wront environment and forgot to add additional elements into regex. It tries to match file right after the opening bracket: ...("file..., but with openat() there are additional parameter there: ...(param, "file... I am attaching correct version of the patch now.
Created attachment 554710 [details, diff] support openat() syscall too
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=be3d4a58e7afa0c81d9508762b1e31e63f71910f commit be3d4a58e7afa0c81d9508762b1e31e63f71910f Author: Pacho Ramos <pacho@gentoo.org> AuthorDate: 2018-11-10 11:20:57 +0000 Commit: Pacho Ramos <pacho@gentoo.org> CommitDate: 2018-11-10 12:58:15 +0000 app-misc/jail: Fix openat patch Bug: https://bugs.gentoo.org/668898 Signed-off-by: Pacho Ramos <pacho@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 app-misc/jail/files/jail-2.0-openat-syscall.patch | 4 ++-- app-misc/jail/{jail-2.0-r3.ebuild => jail-2.0-r4.ebuild} | 0 2 files changed, 2 insertions(+), 2 deletions(-)
