Attachment #342656 for bug #462054




# Signing command used by repoman
PORTAGE_GPG_SIGNING_COMMAND="gpg --sign --digest-algo SHA256 --clearsign --yes --default-key \"\${PORTAGE_GPG_KEY}\" --homedir \"\${PORTAGE_GPG_DIR}\" \"\${FILE}\""

# Writeable paths for Mac OS X seatbelt sandbox
#
# If path ends in a slash (/), access will recursively be allowed to directory
# contents (using a regex), not the directory itself. Without a slash, access
# to the directory or file itself will be allowed (using a literal), so it can
# be created, removed and changed. If both is needed, the directory needs to be
# given twice, once with and once without the slash. Obviously this only makes
# sense for directories, not files.
#
# An empty value for either variable will disable all restrictions on the
# corresponding operation.
MACOSSANDBOX_PATHS="/dev/fd/ /private/tmp/ /private/var/tmp/ @@PORTAGE_BUILDDIR@@/ @@PORTAGE_ACTUAL_DISTDIR@@/"
MACOSSANDBOX_PATHS_CONTENT_ONLY="/dev/null /dev/dtracehelper /dev/tty /private/var/run/syslog"

#            *****************************
#            **  DO NOT EDIT THIS FILE  **
# ***************************************************




PRELINK_BINARY           = "/usr/sbin/prelink"
MACOSSANDBOX_BINARY      = "/usr/bin/sandbox-exec"
MACOSSANDBOX_PROFILE     = '''(version 1)

(allow default)

(deny file-write*)
(allow file-write*
@@MACOSSANDBOX_PATHS@@)
(allow file-write-data
@@MACOSSANDBOX_PATHS_CONTENT_ONLY@@)'''
    #"/dev/tty"
    #"/dev/dtracehelper"
  )

  (regex
    #"^@@WRITEABLE_PREFIX_RE@@/"
    #"^(/private)?/var/tmp"
    #"^(/private)?/tmp"
  )
)

(allow file-read-data file-write-data
  (regex
    #"^/dev/null$"
    #"^(/private)?/var/run/syslog$"
  )
)'''

PORTAGE_GROUPNAME        = portagegroup
PORTAGE_USERNAME         = portageuser




		spawn_func = portage.process.spawn_fakeroot
	elif "sandbox" in features and platform.system() == 'Darwin':
		keywords["opt_name"] += " macossandbox"
		sbprofile = MACOSSANDBOX_PROFILE

		# determine variable names from profile: split
		# "text@@VARNAME@@moretext@@OTHERVAR@@restoftext" into
		# ("text", # "VARNAME", "moretext", "OTHERVAR", "restoftext")
		# and extract variable named by reading every second item.
		variables = []
		for line in sbprofile.split("\n"):
			variables.extend(line.split("@@")[1:-1:2])

		for var in variables:
			paths = ""
			if var in mysettings:
				paths = mysettings[var]
			else:
				writemsg("Warning: sandbox profile references variable %s "
						 "which is not set.\nThe rule using it will have no "
						 "effect, which is most likely not the intended "
						 "result.\nPlease check make.conf/make.globals.\n" %
						 var)

			# not set or empty value
			if not paths:
				sbprofile = sbprofile.replace("@@%s@@" % var, "")
				continue

			rules_literal = ""
			rules_regex = ""

			# FIXME: Allow for quoting inside the variable to allow paths with
			# spaces in them?
			for path in paths.split(" "):
				# do a second round of token replacements to be able to
				# reference settings like EPREFIX or PORTAGE_BUILDDIR.
				for token in path.split("@@")[1:-1:2]:
					if token not in mysettings:
						continue

					path = path.replace("@@%s@@" % token, mysettings[token])

				if "@@" in path:
					# unreplaced tokens left - silently ignore path - needed
					# for PORTAGE_ACTUAL_DISTDIR which isn't always set
					pass
				elif path[-1] == os.sep:
					# path ends in slash - make it a regex and allow access
					# recursively.
					path = path.replace("+", "\+")
					path = path.replace("*", "\*")
					path = path.replace("[", "\[")
					path = path.replace("[", "\[")
					rules_regex += "    #\"^%s\"\n" % path
				else:
					rules_literal += "    #\"%s\"\n" % path

			rules = ""
			if rules_literal:
				rules += "  (literal\n" + rules_literal + "  )\n"
			if rules_regex:
				rules += "  (regex\n" + rules_regex + "  )\n"
			sbprofile = sbprofile.replace("@@%s@@" % var, rules)

		keywords["profile"] = sbprofile
		spawn_func = portage.process.spawn_macossandbox

Return to bug 462054

Lines 149-154 Link Here

(-)prefix-portage-2.2.01.21688/cnf/make.globals.orig (+14 lines)
149	# Signing command used by repoman	149	# Signing command used by repoman
150	PORTAGE_GPG_SIGNING_COMMAND="gpg --sign --digest-algo SHA256 --clearsign --yes --default-key \"\${PORTAGE_GPG_KEY}\" --homedir \"\${PORTAGE_GPG_DIR}\" \"\${FILE}\""	150	PORTAGE_GPG_SIGNING_COMMAND="gpg --sign --digest-algo SHA256 --clearsign --yes --default-key \"\${PORTAGE_GPG_KEY}\" --homedir \"\${PORTAGE_GPG_DIR}\" \"\${FILE}\""
151		151
		152	# Writeable paths for Mac OS X seatbelt sandbox
		153	#
		154	# If path ends in a slash (/), access will recursively be allowed to directory
		155	# contents (using a regex), not the directory itself. Without a slash, access
		156	# to the directory or file itself will be allowed (using a literal), so it can
		157	# be created, removed and changed. If both is needed, the directory needs to be
		158	# given twice, once with and once without the slash. Obviously this only makes
		159	# sense for directories, not files.
		160	#
		161	# An empty value for either variable will disable all restrictions on the
		162	# corresponding operation.
		163	MACOSSANDBOX_PATHS="/dev/fd/ /private/tmp/ /private/var/tmp/ @@PORTAGE_BUILDDIR@@/ @@PORTAGE_ACTUAL_DISTDIR@@/"
		164	MACOSSANDBOX_PATHS_CONTENT_ONLY="/dev/null /dev/dtracehelper /dev/tty /private/var/run/syslog"
		165
152	# *****************************	166	# *****************************
153	# DO NOT EDIT THIS FILE	167	# DO NOT EDIT THIS FILE
154	# ***************************************************	168	# ***************************************************

Lines 78-108 Link Here

(-)prefix-portage-2.2.01.21688/pym/portage/const.py.orig (-23 / +4 lines)
78	PRELINK_BINARY = "/usr/sbin/prelink"	78	PRELINK_BINARY = "/usr/sbin/prelink"
79	MACOSSANDBOX_BINARY = "/usr/bin/sandbox-exec"	79	MACOSSANDBOX_BINARY = "/usr/bin/sandbox-exec"
80	MACOSSANDBOX_PROFILE = '''(version 1)	80	MACOSSANDBOX_PROFILE = '''(version 1)
81
82	(allow default)	81	(allow default)
83
84	(deny file-write*)	82	(deny file-write*)
85		83	(allow file-write*
86	(allow file-read* file-write*	84	@@MACOSSANDBOX_PATHS@@)
87	(literal	85	(allow file-write-data
88	#"@@WRITEABLE_PREFIX@@"	86	@@MACOSSANDBOX_PATHS_CONTENT_ONLY@@)'''
89	#"/dev/tty"
90	#"/dev/dtracehelper"
91	)
92
93	(regex
94	#"^@@WRITEABLE_PREFIX_RE@@/"
95	#"^(/private)?/var/tmp"
96	#"^(/private)?/tmp"
97	)
98	)
99
100	(allow file-read-data file-write-data
101	(regex
102	#"^/dev/null$"
103	#"^(/private)?/var/run/syslog$"
104	)
105	)'''
106		87
107	PORTAGE_GROUPNAME = portagegroup	88	PORTAGE_GROUPNAME = portagegroup
108	PORTAGE_USERNAME = portageuser	89	PORTAGE_USERNAME = portageuser

Lines 1477-1493 Link Here

(-)prefix-portage-2.2.01.21688/pym/portage/package/ebuild/doebuild.py.orig (-9 / +59 lines)
1477	spawn_func = portage.process.spawn_fakeroot	1477	spawn_func = portage.process.spawn_fakeroot
1478	elif "sandbox" in features and platform.system() == 'Darwin':	1478	elif "sandbox" in features and platform.system() == 'Darwin':
1479	keywords["opt_name"] += " macossandbox"	1479	keywords["opt_name"] += " macossandbox"
1480	sbprefixpath = mysettings["PORTAGE_BUILDDIR"]	1480	sbprofile = MACOSSANDBOX_PROFILE
1481		1481
1482	# escape some characters with special meaning in re's	1482	# determine variable names from profile: split
1483	sbprefixre = sbprefixpath.replace("+", "\+")	1483	# "text@@VARNAME@@moretext@@OTHERVAR@@restoftext" into
1484	sbprefixre = sbprefixre.replace("", "\")	1484	# ("text", # "VARNAME", "moretext", "OTHERVAR", "restoftext")
1485	sbprefixre = sbprefixre.replace("[", "\[")	1485	# and extract variable named by reading every second item.
1486	sbprefixre = sbprefixre.replace("[", "\[")	1486	variables = []
		1487	for line in sbprofile.split("\n"):
		1488	variables.extend(line.split("@@")[1:-1:2])
		1489
		1490	for var in variables:
		1491	paths = ""
		1492	if var in mysettings:
		1493	paths = mysettings[var]
		1494	else:
		1495	writemsg("Warning: sandbox profile references variable %s "
		1496	"which is not set.\nThe rule using it will have no "
		1497	"effect, which is most likely not the intended "
		1498	"result.\nPlease check make.conf/make.globals.\n" %
		1499	var)
		1500
		1501	# not set or empty value
		1502	if not paths:
		1503	sbprofile = sbprofile.replace("@@%s@@" % var, "")
		1504	continue
1487		1505
1488	sbprofile = MACOSSANDBOX_PROFILE	1506	rules_literal = ""
1489	sbprofile = sbprofile.replace("@@WRITEABLE_PREFIX@@", sbprefixpath)	1507	rules_regex = ""
1490	sbprofile = sbprofile.replace("@@WRITEABLE_PREFIX_RE@@", sbprefixre)	1508
		1509	# FIXME: Allow for quoting inside the variable to allow paths with
		1510	# spaces in them?
		1511	for path in paths.split(" "):
		1512	# do a second round of token replacements to be able to
		1513	# reference settings like EPREFIX or PORTAGE_BUILDDIR.
		1514	for token in path.split("@@")[1:-1:2]:
		1515	if token not in mysettings:
		1516	continue
		1517
		1518	path = path.replace("@@%s@@" % token, mysettings[token])
		1519
		1520	if "@@" in path:
		1521	# unreplaced tokens left - silently ignore path - needed
		1522	# for PORTAGE_ACTUAL_DISTDIR which isn't always set
		1523	pass
		1524	elif path[-1] == os.sep:
		1525	# path ends in slash - make it a regex and allow access
		1526	# recursively.
		1527	path = path.replace("+", "\+")
		1528	path = path.replace("", "\")
		1529	path = path.replace("[", "\[")
		1530	path = path.replace("[", "\[")
		1531	rules_regex += " #\"^%s\"\n" % path
		1532	else:
		1533	rules_literal += " #\"%s\"\n" % path
		1534
		1535	rules = ""
		1536	if rules_literal:
		1537	rules += " (literal\n" + rules_literal + " )\n"
		1538	if rules_regex:
		1539	rules += " (regex\n" + rules_regex + " )\n"
		1540	sbprofile = sbprofile.replace("@@%s@@" % var, rules)
1491		1541
1492	keywords["profile"] = sbprofile	1542	keywords["profile"] = sbprofile
1493	spawn_func = portage.process.spawn_macossandbox	1543	spawn_func = portage.process.spawn_macossandbox