Attachment #248497 for bug #212817




BASH_BINARY              = PORTAGE_BASH
MOVE_BINARY              = PORTAGE_MV
PRELINK_BINARY           = "/usr/sbin/prelink"
MACOSSANDBOX_BINARY      = "/usr/bin/sandbox-exec"
MACOSSANDBOX_PROFILE     = '''(version 1)

(allow default)

(deny file-write*)

(allow file-read* file-write*
  (literal
    #"@@WRITEABLE_PREFIX@@"
  )

  (regex
    #"^@@WRITEABLE_PREFIX_RE@@/"
    #"^(/private)?/var/tmp"
    #"^(/private)?/tmp"
  )
)

(allow file-read-data file-write-data
  (regex
    #"^/dev/null$"
    #"^(/private)?/var/run/syslog$"
  )
)'''

PORTAGE_GROUPNAME        = portagegroup
PORTAGE_USERNAME         = portageuser




from portage.exception import InvalidDependString, PortageException
from portage.localization import _
from portage.output import colorize
from portage.process import fakeroot_capable, sandbox_capable, macossandbox_capable
from portage.util import ensure_dirs, getconfig, grabdict, \
	grabdict_package, grabfile, grabfile_package, LazyItemsDict, \
	normalize_path, shlex_split, stack_dictlist, stack_dicts, stack_lists, \

				writemsg(colorize("BAD", _("!!! Problem with sandbox"
					" binary. Disabling...\n\n")), noiselevel=-1)

		if not macossandbox_capable and \
			("macossandbox" in self.features or "macosusersandbox" in self.features):
			if self.profile_path is not None and \
				os.path.realpath(self.profile_path) == \
				os.path.realpath(os.path.join(
				self["PORTAGE_CONFIGROOT"], PROFILE_PATH)):
				""" Don't show this warning when running repoman and the
				sandbox feature came from a profile that doesn't belong to
				the user."""
				writemsg(colorize("BAD", "!!! Problem with macos sandbox" + \
					" binary. Disabling...\n\n"), noiselevel=-1)

		if "fakeroot" in self.features and \
			not fakeroot_capable:
			writemsg(_("!!! FEATURES=fakeroot is enabled, but the "




	_shell_quote, _unicode_decode, _unicode_encode
from portage.const import EBUILD_SH_ENV_FILE, EBUILD_SH_ENV_DIR, \
	EBUILD_SH_BINARY, INVALID_ENV_FILE, MISC_SH_BINARY, \
	EPREFIX, EPREFIX_LSTRIP, MACOSSANDBOX_PROFILE
from portage.data import portage_gid, portage_uid, secpass, \
	uid, userpriv_groups
from portage.dbapi.virtual import fakedbapi

	restrict = settings["PORTAGE_RESTRICT"].split()
	nosandbox = (("userpriv" in features) and \
		("usersandbox" not in features) and \
		("macosusersandbox" not in features) and \
		"userpriv" not in restrict and \
		"nouserpriv" not in restrict)
	if nosandbox and ("userpriv" not in features or \
		"userpriv" in restrict or \
		"nouserpriv" in restrict):
		nosandbox = ("sandbox" not in features and \
			"usersandbox" not in features and \
			"macosusersandbox" not in features)

	if not portage.process.sandbox_capable:
		nosandbox = True

	if not portage.process.macossandbox_capable:
		nosandbox = True

	sesandbox = settings.selinux_enabled() and \
		"sesandbox" in features


	# fake ownership/permissions will have to be converted to real
	# permissions in the merge phase.
	fakeroot = fakeroot and uid != 0 and portage.process.fakeroot_capable
	macossandbox = ("macossandbox" in features or \
		"macosusersandbox" in features)
	if droppriv and not uid and portage_gid and portage_uid:
		keywords.update({"uid":portage_uid,"gid":portage_gid,
			"groups":userpriv_groups,"umask":0o02})
	if not free:
		free=((droppriv and "usersandbox" not in features and
			"macosusersandbox" not in features) or \
			(not droppriv and "sandbox" not in features and \
			"usersandbox" not in features and not fakeroot and \
			not macossandbox))

	# confining the process to a prefix sandbox is disabled by default, if
	# a normal sandbox is requested a this point, it will be used, if no
	# sandbox is requested, a prefix sandbox will be imposed if requested
	# by the appropriate features
	prefixsandbox = False
	if free:
		prefixsandbox = "macosprefixsandbox" in features
		free = not prefixsandbox

	if not free and not (fakeroot or portage.process.sandbox_capable or \
		portage.process.macossandbox_capable):
		free = True

	if mysettings.mycpv is not None:

		keywords["opt_name"] += " fakeroot"
		keywords["fakeroot_state"] = os.path.join(mysettings["T"], "fakeroot.state")
		spawn_func = portage.process.spawn_fakeroot
	elif macossandbox:
		keywords["opt_name"] += " macossandbox"
		if prefixsandbox:
			sbprefixpath = mysettings["EPREFIX"]
		else:
			sbprefixpath = mysettings["PORTAGE_BUILDDIR"]

		# escape some characters with special meaning in re's
		sbprefixre = sbprefixpath.replace("+", "\+")
		sbprefixre = sbprefixre.replace("*", "\*")
		sbprefixre = sbprefixre.replace("[", "\[")
		sbprefixre = sbprefixre.replace("[", "\[")

		sbprofile = MACOSSANDBOX_PROFILE
		sbprofile = sbprofile.replace("@@WRITEABLE_PREFIX@@", sbprefixpath)
		sbprofile = sbprofile.replace("@@WRITEABLE_PREFIX_RE@@", sbprefixre)

		keywords["profile"] = sbprofile
		spawn_func = portage.process.spawn_macossandbox
	else:
		keywords["opt_name"] += " sandbox"
		spawn_func = portage.process.spawn_sandbox

Lines 16-22 Link Here

(-)./prefix-portage-2.2.01.16616/pym/portage/process.py.msb (-1 / +17 lines)
16	'portage.util:dump_traceback',	16	'portage.util:dump_traceback',
17	)	17	)
18		18
19	from portage.const import BASH_BINARY, SANDBOX_BINARY, FAKEROOT_BINARY	19	from portage.const import BASH_BINARY, SANDBOX_BINARY, MACOSSANDBOX_BINARY, FAKEROOT_BINARY
20	from portage.exception import CommandNotFound	20	from portage.exception import CommandNotFound
21		21
22	try:	22	try:
Lines 42-47 Link Here
42	fakeroot_capable = (os.path.isfile(FAKEROOT_BINARY) and	42	fakeroot_capable = (os.path.isfile(FAKEROOT_BINARY) and
43	os.access(FAKEROOT_BINARY, os.X_OK))	43	os.access(FAKEROOT_BINARY, os.X_OK))
44		44
		45	macossandbox_capable = (os.path.isfile(MACOSSANDBOX_BINARY) and
		46	os.access(MACOSSANDBOX_BINARY, os.X_OK))
		47
45	def spawn_bash(mycommand, debug=False, opt_name=None, **keywords):	48	def spawn_bash(mycommand, debug=False, opt_name=None, **keywords):
46	"""	49	"""
47	Spawns a bash shell running a specific commands	50	Spawns a bash shell running a specific commands
Lines 89-94 Link Here
89	args.append(BASH_BINARY)	92	args.append(BASH_BINARY)
90	args.append("-c")	93	args.append("-c")
91	args.append(mycommand)	94	args.append(mycommand)
		95	return spawn(args, opt_name=opt_name, **keywords)
		96
		97	def spawn_macossandbox(mycommand, profile=None, opt_name=None, **keywords):
		98	if not macossandbox_capable:
		99	return spawn_bash(mycommand, opt_name=opt_name, **keywords)
		100	args=[MACOSSANDBOX_BINARY]
		101	if not opt_name:
		102	opt_name = os.path.basename(mycommand.split()[0])
		103	args.append("-p")
		104	args.append(profile)
		105	args.append(BASH_BINARY)
		106	args.append("-c")
		107	args.append(mycommand)
92	return spawn(args, opt_name=opt_name, **keywords)	108	return spawn(args, opt_name=opt_name, **keywords)
93		109
94	_exithandlers = []	110	_exithandlers = []

Lines 132-137 Link Here

(-)./prefix-portage-2.2.01.16616/pym/portage/const.py.msb (+1 lines)
132	"digest", "distcc", "distlocks",	132	"digest", "distcc", "distlocks",
133	"fakeroot", "fail-clean", "fixpackages", "getbinpkg",	133	"fakeroot", "fail-clean", "fixpackages", "getbinpkg",
134	"installsources", "keeptemp", "keepwork", "fixlafiles", "lmirror",	134	"installsources", "keeptemp", "keepwork", "fixlafiles", "lmirror",
		135	"macossandbox", "macosprefixsandbox", "macosusersandbox",
135	"metadata-transfer", "mirror", "multilib-strict", "news",	136	"metadata-transfer", "mirror", "multilib-strict", "news",
136	"noauto", "noclean", "nodoc", "noinfo", "noman", "nostrip",	137	"noauto", "noclean", "nodoc", "noinfo", "noman", "nostrip",
137	"notitles", "parallel-fetch", "parse-eapi-ebuild-head",	138	"notitles", "parallel-fetch", "parse-eapi-ebuild-head",

Return to bug 212817

Lines 35-41 Link Here

(-)./prefix-portage-2.2.01.16616/pym/portage/package/ebuild/doebuild.py.msb (-5 / +43 lines)
35	_shell_quote, _unicode_decode, _unicode_encode	35	_shell_quote, _unicode_decode, _unicode_encode
36	from portage.const import EBUILD_SH_ENV_FILE, EBUILD_SH_ENV_DIR, \	36	from portage.const import EBUILD_SH_ENV_FILE, EBUILD_SH_ENV_DIR, \
37	EBUILD_SH_BINARY, INVALID_ENV_FILE, MISC_SH_BINARY, \	37	EBUILD_SH_BINARY, INVALID_ENV_FILE, MISC_SH_BINARY, \
38	EPREFIX, EPREFIX_LSTRIP	38	EPREFIX, EPREFIX_LSTRIP, MACOSSANDBOX_PROFILE
39	from portage.data import portage_gid, portage_uid, secpass, \	39	from portage.data import portage_gid, portage_uid, secpass, \
40	uid, userpriv_groups	40	uid, userpriv_groups
41	from portage.dbapi.virtual import fakedbapi	41	from portage.dbapi.virtual import fakedbapi
Lines 941-957 Link Here
941	restrict = settings["PORTAGE_RESTRICT"].split()	941	restrict = settings["PORTAGE_RESTRICT"].split()
942	nosandbox = (("userpriv" in features) and \	942	nosandbox = (("userpriv" in features) and \
943	("usersandbox" not in features) and \	943	("usersandbox" not in features) and \
		944	("macosusersandbox" not in features) and \
944	"userpriv" not in restrict and \	945	"userpriv" not in restrict and \
945	"nouserpriv" not in restrict)	946	"nouserpriv" not in restrict)
946	if nosandbox and ("userpriv" not in features or \	947	if nosandbox and ("userpriv" not in features or \
947	"userpriv" in restrict or \	948	"userpriv" in restrict or \
948	"nouserpriv" in restrict):	949	"nouserpriv" in restrict):
949	nosandbox = ("sandbox" not in features and \	950	nosandbox = ("sandbox" not in features and \
950	"usersandbox" not in features)	951	"usersandbox" not in features and \
		952	"macosusersandbox" not in features)
951		953
952	if not portage.process.sandbox_capable:	954	if not portage.process.sandbox_capable:
953	nosandbox = True	955	nosandbox = True
954		956
		957	if not portage.process.macossandbox_capable:
		958	nosandbox = True
		959
955	sesandbox = settings.selinux_enabled() and \	960	sesandbox = settings.selinux_enabled() and \
956	"sesandbox" in features	961	"sesandbox" in features
957		962
Lines 1096-1110 Link Here
1096	# fake ownership/permissions will have to be converted to real	1101	# fake ownership/permissions will have to be converted to real
1097	# permissions in the merge phase.	1102	# permissions in the merge phase.
1098	fakeroot = fakeroot and uid != 0 and portage.process.fakeroot_capable	1103	fakeroot = fakeroot and uid != 0 and portage.process.fakeroot_capable
		1104	macossandbox = ("macossandbox" in features or \
		1105	"macosusersandbox" in features)
1099	if droppriv and not uid and portage_gid and portage_uid:	1106	if droppriv and not uid and portage_gid and portage_uid:
1100	keywords.update({"uid":portage_uid,"gid":portage_gid,	1107	keywords.update({"uid":portage_uid,"gid":portage_gid,
1101	"groups":userpriv_groups,"umask":0o02})	1108	"groups":userpriv_groups,"umask":0o02})
1102	if not free:	1109	if not free:
1103	free=((droppriv and "usersandbox" not in features) or \	1110	free=((droppriv and "usersandbox" not in features and
		1111	"macosusersandbox" not in features) or \
1104	(not droppriv and "sandbox" not in features and \	1112	(not droppriv and "sandbox" not in features and \
1105	"usersandbox" not in features and not fakeroot))	1113	"usersandbox" not in features and not fakeroot and \
		1114	not macossandbox))
		1115
		1116	# confining the process to a prefix sandbox is disabled by default, if
		1117	# a normal sandbox is requested a this point, it will be used, if no
		1118	# sandbox is requested, a prefix sandbox will be imposed if requested
		1119	# by the appropriate features
		1120	prefixsandbox = False
		1121	if free:
		1122	prefixsandbox = "macosprefixsandbox" in features
		1123	free = not prefixsandbox
1106		1124
1107	if not free and not (fakeroot or portage.process.sandbox_capable):	1125	if not free and not (fakeroot or portage.process.sandbox_capable or \
		1126	portage.process.macossandbox_capable):
1108	free = True	1127	free = True
1109		1128
1110	if mysettings.mycpv is not None:	1129	if mysettings.mycpv is not None:
Lines 1120-1125 Link Here
1120	keywords["opt_name"] += " fakeroot"	1139	keywords["opt_name"] += " fakeroot"
1121	keywords["fakeroot_state"] = os.path.join(mysettings["T"], "fakeroot.state")	1140	keywords["fakeroot_state"] = os.path.join(mysettings["T"], "fakeroot.state")
1122	spawn_func = portage.process.spawn_fakeroot	1141	spawn_func = portage.process.spawn_fakeroot
		1142	elif macossandbox:
		1143	keywords["opt_name"] += " macossandbox"
		1144	if prefixsandbox:
		1145	sbprefixpath = mysettings["EPREFIX"]
		1146	else:
		1147	sbprefixpath = mysettings["PORTAGE_BUILDDIR"]
		1148
		1149	# escape some characters with special meaning in re's
		1150	sbprefixre = sbprefixpath.replace("+", "\+")
		1151	sbprefixre = sbprefixre.replace("", "\")
		1152	sbprefixre = sbprefixre.replace("[", "\[")
		1153	sbprefixre = sbprefixre.replace("[", "\[")
		1154
		1155	sbprofile = MACOSSANDBOX_PROFILE
		1156	sbprofile = sbprofile.replace("@@WRITEABLE_PREFIX@@", sbprefixpath)
		1157	sbprofile = sbprofile.replace("@@WRITEABLE_PREFIX_RE@@", sbprefixre)
		1158
		1159	keywords["profile"] = sbprofile
		1160	spawn_func = portage.process.spawn_macossandbox
1123	else:	1161	else:
1124	keywords["opt_name"] += " sandbox"	1162	keywords["opt_name"] += " sandbox"
1125	spawn_func = portage.process.spawn_sandbox	1163	spawn_func = portage.process.spawn_sandbox

Lines 80-85 Link Here

(-)./prefix-portage-2.2.01.16616/pym/portage/const.py.msb (+25 lines)
80	BASH_BINARY = PORTAGE_BASH	80	BASH_BINARY = PORTAGE_BASH
81	MOVE_BINARY = PORTAGE_MV	81	MOVE_BINARY = PORTAGE_MV
82	PRELINK_BINARY = "/usr/sbin/prelink"	82	PRELINK_BINARY = "/usr/sbin/prelink"
		83	MACOSSANDBOX_BINARY = "/usr/bin/sandbox-exec"
		84	MACOSSANDBOX_PROFILE = '''(version 1)
		85
		86	(allow default)
		87
		88	(deny file-write*)
		89
		90	(allow file-read* file-write*
		91	(literal
		92	#"@@WRITEABLE_PREFIX@@"
		93	)
		94
		95	(regex
		96	#"^@@WRITEABLE_PREFIX_RE@@/"
		97	#"^(/private)?/var/tmp"
		98	#"^(/private)?/tmp"
		99	)
		100	)
		101
		102	(allow file-read-data file-write-data
		103	(regex
		104	#"^/dev/null$"
		105	#"^(/private)?/var/run/syslog$"
		106	)
		107	)'''
83		108
84	PORTAGE_GROUPNAME = portagegroup	109	PORTAGE_GROUPNAME = portagegroup
85	PORTAGE_USERNAME = portageuser	110	PORTAGE_USERNAME = portageuser

Lines 39-45 Link Here

(-)./prefix-portage-2.2.01.16616/pym/portage/package/ebuild/config.py.msb (-1 / +13 lines)
39	from portage.exception import InvalidDependString, PortageException	39	from portage.exception import InvalidDependString, PortageException
40	from portage.localization import _	40	from portage.localization import _
41	from portage.output import colorize	41	from portage.output import colorize
42	from portage.process import fakeroot_capable, sandbox_capable	42	from portage.process import fakeroot_capable, sandbox_capable, macossandbox_capable
43	from portage.util import ensure_dirs, getconfig, grabdict, \	43	from portage.util import ensure_dirs, getconfig, grabdict, \
44	grabdict_package, grabfile, grabfile_package, LazyItemsDict, \	44	grabdict_package, grabfile, grabfile_package, LazyItemsDict, \
45	normalize_path, shlex_split, stack_dictlist, stack_dicts, stack_lists, \	45	normalize_path, shlex_split, stack_dictlist, stack_dicts, stack_lists, \
Lines 875-880 Link Here
875	writemsg(colorize("BAD", _("!!! Problem with sandbox"	875	writemsg(colorize("BAD", _("!!! Problem with sandbox"
876	" binary. Disabling...\n\n")), noiselevel=-1)	876	" binary. Disabling...\n\n")), noiselevel=-1)
877		877
		878	if not macossandbox_capable and \
		879	("macossandbox" in self.features or "macosusersandbox" in self.features):
		880	if self.profile_path is not None and \
		881	os.path.realpath(self.profile_path) == \
		882	os.path.realpath(os.path.join(
		883	self["PORTAGE_CONFIGROOT"], PROFILE_PATH)):
		884	""" Don't show this warning when running repoman and the
		885	sandbox feature came from a profile that doesn't belong to
		886	the user."""
		887	writemsg(colorize("BAD", "!!! Problem with macos sandbox" + \
		888	" binary. Disabling...\n\n"), noiselevel=-1)
		889
878	if "fakeroot" in self.features and \	890	if "fakeroot" in self.features and \
879	not fakeroot_capable:	891	not fakeroot_capable:
880	writemsg(_("!!! FEATURES=fakeroot is enabled, but the "	892	writemsg(_("!!! FEATURES=fakeroot is enabled, but the "