Attachment #362476 for bug #490246

Lines 32-37 AC_PROG_MAKE_SET Link Here

(-)sandbox-2.6/configure.ac (-1 / +4 lines)
32	AC_PROG_AWK	32	AC_PROG_AWK
33	AC_PROG_EGREP	33	AC_PROG_EGREP
34	AC_CHECK_PROGS([READELF], [readelf eu-readelf], [false])	34	AC_CHECK_PROGS([READELF], [readelf eu-readelf], [false])
		35	AC_PATH_PROG([BASH_PATH], [bash])
35	AM_MISSING_PROG([AUTOM4TE], [autom4te])	36	AM_MISSING_PROG([AUTOM4TE], [autom4te])
36		37
37	LT_INIT([disable-static])	38	LT_INIT([disable-static])
Lines 356-362 SB_CHECK_PATH([/proc/$$/cmdline]) Link Here
356	dnl We add to CPPFLAGS rather than doing AC_DEFINE_UNQUOTED	357	dnl We add to CPPFLAGS rather than doing AC_DEFINE_UNQUOTED
357	dnl so we dont have to worry about fully expanding all of	358	dnl so we dont have to worry about fully expanding all of
358	dnl the variables ($sysconfdir defaults to "$prefix/etc")	359	dnl the variables ($sysconfdir defaults to "$prefix/etc")
359	SANDBOX_DEFINES='-DETCDIR="\"$(sysconfdir)\"" -DLIBSANDBOX_PATH="\"$(libdir)\"" -DSANDBOX_BASHRC_PATH="\"$(pkgdatadir)\""'	360	SANDBOX_DEFINES='-DETCDIR="\"$(sysconfdir)\"" -DLIBSANDBOX_PATH="\"$(libdir)\""\
		361	-DBASH="\"$(BASH_PATH)\"" -DSANDBOX_BASHRC_PATH="\"$(pkgdatadir)\""\
		362	-DVARDIR="\"$(localstatedir)\""'
360	AC_SUBST([SANDBOX_DEFINES])	363	AC_SUBST([SANDBOX_DEFINES])
361		364
362	dnl Check for toolchain features	365	dnl Check for toolchain features

Lines 23-30 Link Here

(-)sandbox-2.6/libsbutil/sbutil.h (-2 / +2 lines)
23	#define LIB_NAME "libsandbox.so"	23	#define LIB_NAME "libsandbox.so"
24	#define BASHRC_NAME "sandbox.bashrc"	24	#define BASHRC_NAME "sandbox.bashrc"
25	#define TMPDIR "/tmp"	25	#define TMPDIR "/tmp"
26	#define PORTAGE_TMPDIR "/var/tmp/portage"	26	#define PORTAGE_TMPDIR VARDIR "/tmp/portage"
27	#define SANDBOX_LOG_LOCATION "/var/log/sandbox"	27	#define SANDBOX_LOG_LOCATION VARDIR "/log/sandbox"
28	#define LOG_FILE_PREFIX "/sandbox-"	28	#define LOG_FILE_PREFIX "/sandbox-"
29	#define DEBUG_LOG_FILE_PREFIX "/sandbox-debug-"	29	#define DEBUG_LOG_FILE_PREFIX "/sandbox-debug-"
30	#define LOG_FILE_EXT ".log"	30	#define LOG_FILE_EXT ".log"

Lines 269-275 int main(int argc, char **argv) Link Here

(-)sandbox-2.6/src/sandbox.c (-1 / +1 lines)
269	goto oom_error;	269	goto oom_error;
270		270
271	/* Setup bash argv */	271	/* Setup bash argv */
272	str_list_add_item_copy(argv_bash, "/bin/bash", oom_error);	272	str_list_add_item_copy(argv_bash, BASH, oom_error);
273	str_list_add_item_copy(argv_bash, "-rcfile", oom_error);	273	str_list_add_item_copy(argv_bash, "-rcfile", oom_error);
274	str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, oom_error);	274	str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, oom_error);
275	if (argc >= 2) {	275	if (argc >= 2) {




# Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com
# Distributed under the terms of the GNU General Public License, v2 or later

if [[ -n ${LD_PRELOAD} && ${LD_PRELOAD} != *$SANDBOX_LIB* ]] ; then
	export LD_PRELOAD="${SANDBOX_LIB} ${LD_PRELOAD}"
elif [[ -z ${LD_PRELOAD} ]] ; then
	export LD_PRELOAD="${SANDBOX_LIB}"
fi

export BASH_ENV="${SANDBOX_BASHRC}"

alias make="make LD_PRELOAD=${LD_PRELOAD}"
alias su="su -c '@BASH@ -rcfile ${SANDBOX_BASHRC}'"

declare -r SANDBOX_ACTIVE

# Only do Mike's sandboxshell mojo if we are interactive, and if
# we are connected to a terminal (ie, not piped, etc)
if [[ ${SANDBOX_INTRACTV} == "1" && -t 1 ]] || [[ ${__SANDBOX_TESTING} == "yes" ]] ; then
	trap ":" INT QUIT TSTP

	# Make sure this do not get recusively called
	unset SANDBOX_INTRACTV

	# Do not set this, as user might want to override path, etc ... #139591
	#source /etc/profile

	if [[ ${__SANDBOX_TESTING} != "yes" ]] ; then
		(
		[[ ${NOCOLOR} == "true" || ${NOCOLOR} == "yes" || ${NOCOLOR} == "1" ]] && \
			export RC_NOCOLOR="yes"
		source @sysconfdir@/init.d/functions.sh
		if [ $? -ne 0 ] ; then
			einfo() { echo " INFO: $*"; }
			ewarn() { echo " WARN: $*"; }
			eerror() { echo " ERR: $*"; }
		fi
		echo
		einfo "Loading sandboxed shell"
		einfo " Log File:           ${SANDBOX_LOG}"
		if [[ -n ${SANDBOX_DEBUG_LOG} ]] ; then
			einfo " Debug Log File:     ${SANDBOX_DEBUG_LOG}"
		fi
		einfo " sandboxon:          turn sandbox on"
		einfo " sandboxoff:         turn sandbox off"
		einfo " addread <path>:     allow <path> to be read"
		einfo " addwrite <path>:    allow <path> to be written"
		einfo " adddeny <path>:     deny access to <path>"
		einfo " addpredict <path>:  allow fake access to <path>"
		echo
		)

		# do ebuild environment loading ... detect if we're in portage
		# build area or not ... uNF uNF uNF
		#sbs_pdir=$(portageq envvar PORTAGE_TMPDIR)/portage/ #portageq takes too long imo
		if [[ -z ${PORTAGE_TMPDIR} ]] ; then
			sbs_pdir=$(
				for f in @sysconfdir@/{,portage/}make.globals @sysconfdir@/{,portage/}make.conf ; do
					[[ -e ${f} ]] && source ${f}
				done
				echo $PORTAGE_TMPDIR
			)
		else
			sbs_pdir=${PORTAGE_TMPDIR}
		fi
		: ${sbs_pdir:=@localstatedir@/tmp}
		sbs_pdir=${sbs_pdir}/portage/

		if [[ ${PWD:0:${#sbs_pdir}} == "${sbs_pdir}" ]] ; then
			sbs_bdir=$(echo ${PWD:${#sbs_pdir}} | cut -d/ -f1,2)
			sbs_tmpenvfile=${sbs_pdir}${sbs_bdir}/temp/environment
			if [[ -e ${sbs_tmpenvfile} ]] ; then
				echo "Found environment at ${sbs_tmpenvfile}"
				printf " * Would you like to enter the portage environment ? "
				read env
				sbs_PREPWD=${PWD}
				if [[ ${env} == "y" ]] ; then
					# First try to source variables and export them ...
					eval $(sed -e '/^[[:alnum:]_-]*=/s:^:export :' \
					           -e '/^[[:alnum:]_-]* ()/Q' "${sbs_tmpenvfile}") 2>/dev/null
					# Then grab everything (including functions)
					source "${sbs_tmpenvfile}" 2> /dev/null
					export SANDBOX_WRITE=${SANDBOX_WRITE}:${sbs_pdir}${sbs_bdir}:${sbs_pdir}/homedir
				fi
				PWD=${sbs_PREPWD}
			fi
		fi

		unset sbs_pdir sbs_bdir sbs_tmpenvfile sbs_PREPWD env
	fi

	cd "${PWD}"
	if [[ ${NOCOLOR} != "true" && ${NOCOLOR} != "yes" && ${NOCOLOR} != "1" ]] ; then
		export PS1="\[\e[31;01m\][s]\[\e[0m\] ${PS1}"
	else
		export PS1="[s] ${PS1}"
	fi

	adddeny()    { export SANDBOX_DENY=${SANDBOX_DENY}:$1 ; }
	addpredict() { export SANDBOX_PREDICT=${SANDBOX_PREDICT}:$1 ; }
	addread()    { export SANDBOX_READ=${SANDBOX_READ}:$1 ; }
	addwrite()   { export SANDBOX_WRITE=${SANDBOX_WRITE}:$1 ; }
	sandboxon()  { export SANDBOX_ON="1" ; }
	sandboxoff() { export SANDBOX_ON="0" ; }

	[[ -z ${CCACHE_DIR} ]] && [[ -w /root/.ccache ]] && export CCACHE_DIR=/root/.ccache
	for var in CCACHE_DIR DISTCC_DIR ; do
		[[ ${!var+set} == "set" ]] && addwrite ${!var}
	done
	unset var
fi

Lines 1-4 Link Here

(-)sandbox-2.6/data/Makefile.am (+5 lines)
1	dist_pkgdata_DATA = sandbox.bashrc	1	dist_pkgdata_DATA = sandbox.bashrc
		2	sandbox.bashrc: sandbox.bashrc.in
		3	$(SED) -e "s,[@]sysconfdir[@],$(sysconfdir),"\
		4	-e "s,[@]BASH_PATH[@],$(BASH),"\
		5	-e "s,[@]localstatedir[@],$(localstatedir),"\
		6	$< >$@
2		7
3	pixmapdir = $(datadir)/pixmaps	8	pixmapdir = $(datadir)/pixmaps
4	dist_pixmap_DATA = sandbox.svg	9	dist_pixmap_DATA = sandbox.svg

Lines 674-679 build_cpu Link Here

(-)sandbox-2.6/configure (-63 / +129 lines)
674	build	674	build
675	LIBTOOL	675	LIBTOOL
676	AUTOM4TE	676	AUTOM4TE
		677	BASH_PATH
677	READELF	678	READELF
678	ac_ct_AR	679	ac_ct_AR
679	AR	680	AR
Lines 1403-1412 Optional Features: Link Here
1403	--disable-option-checking ignore unrecognized --enable/--with options	1404	--disable-option-checking ignore unrecognized --enable/--with options
1404	--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)	1405	--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
1405	--enable-FEATURE[=ARG] include FEATURE [ARG=yes]	1406	--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
1406	--enable-silent-rules less verbose build output (undo: `make V=1')	1407	--enable-silent-rules less verbose build output (undo: "make V=1")
1407	--disable-silent-rules verbose build output (undo: `make V=0')	1408	--disable-silent-rules verbose build output (undo: "make V=0")
1408	--disable-dependency-tracking speeds up one-time build	1409	--enable-dependency-tracking
1409	--enable-dependency-tracking do not reject slow dependency extractors	1410	do not reject slow dependency extractors
		1411	--disable-dependency-tracking
		1412	speeds up one-time build
1410	--enable-static[=PKGS] build static libraries [default=no]	1413	--enable-static[=PKGS] build static libraries [default=no]
1411	--enable-shared[=PKGS] build shared libraries [default=yes]	1414	--enable-shared[=PKGS] build shared libraries [default=yes]
1412	--enable-fast-install[=PKGS]	1415	--enable-fast-install[=PKGS]
Lines 2592-2598 ac_link='$CC -o conftest$ac_exeext $CFLA Link Here
2592	ac_compiler_gnu=$ac_cv_c_compiler_gnu	2595	ac_compiler_gnu=$ac_cv_c_compiler_gnu
2593		2596
2594		2597
2595	am__api_version='1.11'	2598	am__api_version='1.12'
2596		2599
2597	ac_aux_dir=	2600	ac_aux_dir=
2598	for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do	2601	for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
Lines 2718-2726 test -z "$INSTALL_DATA" && INSTALL_DATA= Link Here
2718		2721
2719	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5	2722	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5
2720	$as_echo_n "checking whether build environment is sane... " >&6; }	2723	$as_echo_n "checking whether build environment is sane... " >&6; }
2721	# Just in case
2722	sleep 1
2723	echo timestamp > conftest.file
2724	# Reject unsafe characters in $srcdir or the absolute working directory	2724	# Reject unsafe characters in $srcdir or the absolute working directory
2725	# name. Accept space and tab only in the latter.	2725	# name. Accept space and tab only in the latter.
2726	am_lf='	2726	am_lf='
Lines 2731-2762 case `pwd` in Link Here
2731	esac	2731	esac
2732	case $srcdir in	2732	case $srcdir in
2733	[\\\"\#\$\&\'\`$am_lf\ \ ])	2733	[\\\"\#\$\&\'\`$am_lf\ \ ])
2734	as_fn_error $? "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;;	2734	as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;;
2735	esac	2735	esac
2736		2736
2737	# Do `set' in a subshell so we don't clobber the current shell's	2737	# Do 'set' in a subshell so we don't clobber the current shell's
2738	# arguments. Must try -L first in case configure is actually a	2738	# arguments. Must try -L first in case configure is actually a
2739	# symlink; some systems play weird games with the mod time of symlinks	2739	# symlink; some systems play weird games with the mod time of symlinks
2740	# (eg FreeBSD returns the mod time of the symlink's containing	2740	# (eg FreeBSD returns the mod time of the symlink's containing
2741	# directory).	2741	# directory).
2742	if (	2742	if (
2743	set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null`	2743	am_has_slept=no
2744	if test "$*" = "X"; then	2744	for am_try in 1 2; do
2745	# -L didn't work.	2745	echo "timestamp, slept: $am_has_slept" > conftest.file
2746	set X `ls -t "$srcdir/configure" conftest.file`	2746	set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null`
2747	fi	2747	if test "$*" = "X"; then
2748	rm -f conftest.file	2748	# -L didn't work.
2749	if test "$*" != "X $srcdir/configure conftest.file" \	2749	set X `ls -t "$srcdir/configure" conftest.file`
2750	&& test "$*" != "X conftest.file $srcdir/configure"; then	2750	fi
2751		2751	if test "$*" != "X $srcdir/configure conftest.file" \
2752	# If neither matched, then we have a broken ls. This can happen	2752	&& test "$*" != "X conftest.file $srcdir/configure"; then
2753	# if, for instance, CONFIG_SHELL is bash and it inherits a
2754	# broken ls alias from the environment. This has actually
2755	# happened. Such a system could not be considered "sane".
2756	as_fn_error $? "ls -t appears to fail. Make sure there is not a broken
2757	alias in your environment" "$LINENO" 5
2758	fi
2759		2753
		2754	# If neither matched, then we have a broken ls. This can happen
		2755	# if, for instance, CONFIG_SHELL is bash and it inherits a
		2756	# broken ls alias from the environment. This has actually
		2757	# happened. Such a system could not be considered "sane".
		2758	as_fn_error $? "ls -t appears to fail. Make sure there is not a broken
		2759	alias in your environment" "$LINENO" 5
		2760	fi
		2761	if test "$2" = conftest.file \|\| test $am_try -eq 2; then
		2762	break
		2763	fi
		2764	# Just in case.
		2765	sleep 1
		2766	am_has_slept=yes
		2767	done
2760	test "$2" = conftest.file	2768	test "$2" = conftest.file
2761	)	2769	)
2762	then	2770	then
Lines 2768-2773 Check your system clock" "$LINENO" 5 Link Here
2768	fi	2776	fi
2769	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5	2777	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
2770	$as_echo "yes" >&6; }	2778	$as_echo "yes" >&6; }
		2779	# If we didn't sleep, we still need to ensure time stamps of config.status and
		2780	# generated files are strictly newer.
		2781	am_sleep_pid=
		2782	if grep 'slept: no' conftest.file >/dev/null 2>&1; then
		2783	( sleep 1 ) &
		2784	am_sleep_pid=$!
		2785	fi
		2786
		2787	rm -f conftest.file
		2788
2771	test "$program_prefix" != NONE &&	2789	test "$program_prefix" != NONE &&
2772	program_transform_name="s&^&$program_prefix&;$program_transform_name"	2790	program_transform_name="s&^&$program_prefix&;$program_transform_name"
2773	# Use a double $ so make ignores it.	2791	# Use a double $ so make ignores it.
Lines 2794-2801 if eval "$MISSING --run true"; then Link Here
2794	am_missing_run="$MISSING --run "	2812	am_missing_run="$MISSING --run "
2795	else	2813	else
2796	am_missing_run=	2814	am_missing_run=
2797	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`missing' script is too old or missing" >&5	2815	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5
2798	$as_echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;}	2816	$as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;}
2799	fi	2817	fi
2800		2818
2801	if test x"${install_sh}" != xset; then	2819	if test x"${install_sh}" != xset; then
Lines 2807-2816 if test x"${install_sh}" != xset; then Link Here
2807	esac	2825	esac
2808	fi	2826	fi
2809		2827
2810	# Installed binaries are usually stripped using `strip' when the user	2828	# Installed binaries are usually stripped using 'strip' when the user
2811	# run `make install-strip'. However `strip' might not be the right	2829	# run "make install-strip". However 'strip' might not be the right
2812	# tool to use in cross-compilation environments, therefore Automake	2830	# tool to use in cross-compilation environments, therefore Automake
2813	# will honor the `STRIP' environment variable to overrule this program.	2831	# will honor the 'STRIP' environment variable to overrule this program.
2814	if test "$cross_compiling" != no; then	2832	if test "$cross_compiling" != no; then
2815	if test -n "$ac_tool_prefix"; then	2833	if test -n "$ac_tool_prefix"; then
2816	# Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.	2834	# Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
Lines 2949-2960 fi Link Here
2949	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5	2967	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5
2950	$as_echo "$MKDIR_P" >&6; }	2968	$as_echo "$MKDIR_P" >&6; }
2951		2969
2952	mkdir_p="$MKDIR_P"
2953	case $mkdir_p in
2954	[\\/$]* \| ?:[\\/]*) ;;
2955	/) mkdir_p="\$(top_builddir)/$mkdir_p" ;;
2956	esac
2957
2958	for ac_prog in gawk mawk nawk awk	2970	for ac_prog in gawk mawk nawk awk
2959	do	2971	do
2960	# Extract the first word of "$ac_prog", so it can be a program name with args.	2972	# Extract the first word of "$ac_prog", so it can be a program name with args.
Lines 3042-3051 if test "${enable_silent_rules+set}" = s Link Here
3042	enableval=$enable_silent_rules;	3054	enableval=$enable_silent_rules;
3043	fi	3055	fi
3044		3056
3045	case $enable_silent_rules in	3057	case $enable_silent_rules in # (((
3046	yes) AM_DEFAULT_VERBOSITY=0;;	3058	yes) AM_DEFAULT_VERBOSITY=0;;
3047	no) AM_DEFAULT_VERBOSITY=1;;	3059	no) AM_DEFAULT_VERBOSITY=1;;
3048	*) AM_DEFAULT_VERBOSITY=1;;	3060	*) AM_DEFAULT_VERBOSITY=1;;
3049	esac	3061	esac
3050	am_make=${MAKE-make}	3062	am_make=${MAKE-make}
3051	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5	3063	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5
Lines 3126-3131 AUTOHEADER=${AUTOHEADER-"${am_missing_ru Link Here
3126		3138
3127	MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}	3139	MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
3128		3140
		3141	# For better backward compatibility. To be removed once Automake 1.9.x
		3142	# dies out for good. For more background, see:
		3143	# <http://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
		3144	# <http://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
		3145	mkdir_p='$(MKDIR_P)'
		3146
3129	# We need awk for the "check" target. The system "awk" is bad on	3147	# We need awk for the "check" target. The system "awk" is bad on
3130	# some platforms.	3148	# some platforms.
3131	# Always define AMTAR for backward compatibility. Yes, it's still used	3149	# Always define AMTAR for backward compatibility. Yes, it's still used
Lines 3143-3152 if test "${enable_silent_rules+set}" = s Link Here
3143	enableval=$enable_silent_rules;	3161	enableval=$enable_silent_rules;
3144	fi	3162	fi
3145		3163
3146	case $enable_silent_rules in	3164	case $enable_silent_rules in # (((
3147	yes) AM_DEFAULT_VERBOSITY=0;;	3165	yes) AM_DEFAULT_VERBOSITY=0;;
3148	no) AM_DEFAULT_VERBOSITY=1;;	3166	no) AM_DEFAULT_VERBOSITY=1;;
3149	*) AM_DEFAULT_VERBOSITY=0;;	3167	*) AM_DEFAULT_VERBOSITY=0;;
3150	esac	3168	esac
3151	am_make=${MAKE-make}	3169	am_make=${MAKE-make}
3152	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5	3170	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5
Lines 4007-4013 am__quote= Link Here
4007	_am_result=none	4025	_am_result=none
4008	# First try GNU make style include.	4026	# First try GNU make style include.
4009	echo "include confinc" > confmf	4027	echo "include confinc" > confmf
4010	# Ignore all kinds of additional output from `make'.	4028	# Ignore all kinds of additional output from 'make'.
4011	case `$am_make -s -f confmf 2> /dev/null` in #(	4029	case `$am_make -s -f confmf 2> /dev/null` in #(
4012	the\ am__doit\ target)	4030	the\ am__doit\ target)
4013	am__include=include	4031	am__include=include
Lines 4063-4070 else Link Here
4063	# We make a subdir and do the tests there. Otherwise we can end up	4081	# We make a subdir and do the tests there. Otherwise we can end up
4064	# making bogus files that we don't know about and never remove. For	4082	# making bogus files that we don't know about and never remove. For
4065	# instance it was reported that on HP-UX the gcc test will end up	4083	# instance it was reported that on HP-UX the gcc test will end up
4066	# making a dummy file named `D' -- because `-MD' means `put the output	4084	# making a dummy file named 'D' -- because '-MD' means "put the output
4067	# in D'.	4085	# in D".
4068	rm -rf conftest.dir	4086	rm -rf conftest.dir
4069	mkdir conftest.dir	4087	mkdir conftest.dir
4070	# Copy depcomp to subdir because otherwise we won't find it if we're	4088	# Copy depcomp to subdir because otherwise we won't find it if we're
Lines 4099-4114 else Link Here
4099	: > sub/conftest.c	4117	: > sub/conftest.c
4100	for i in 1 2 3 4 5 6; do	4118	for i in 1 2 3 4 5 6; do
4101	echo '#include "conftst'$i'.h"' >> sub/conftest.c	4119	echo '#include "conftst'$i'.h"' >> sub/conftest.c
4102	# Using `: > sub/conftst$i.h' creates only sub/conftst1.h with	4120	# Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
4103	# Solaris 8's {/usr,}/bin/sh.	4121	# Solaris 10 /bin/sh.
4104	touch sub/conftst$i.h	4122	echo '/* dummy */' > sub/conftst$i.h
4105	done	4123	done
4106	echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf	4124	echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
4107		4125
4108	# We check with `-c' and `-o' for the sake of the "dashmstdout"	4126	# We check with '-c' and '-o' for the sake of the "dashmstdout"
4109	# mode. It turns out that the SunPro C++ compiler does not properly	4127	# mode. It turns out that the SunPro C++ compiler does not properly
4110	# handle `-M -o', and we need to detect this. Also, some Intel	4128	# handle '-M -o', and we need to detect this. Also, some Intel
4111	# versions had trouble with output in subdirs	4129	# versions had trouble with output in subdirs.
4112	am__obj=sub/conftest.${OBJEXT-o}	4130	am__obj=sub/conftest.${OBJEXT-o}
4113	am__minus_obj="-o $am__obj"	4131	am__minus_obj="-o $am__obj"
4114	case $depmode in	4132	case $depmode in
Lines 4117-4124 else Link Here
4117	test "$am__universal" = false \|\| continue	4135	test "$am__universal" = false \|\| continue
4118	;;	4136	;;
4119	nosideeffect)	4137	nosideeffect)
4120	# after this tag, mechanisms are not by side-effect, so they'll	4138	# After this tag, mechanisms are not by side-effect, so they'll
4121	# only be used when explicitly requested	4139	# only be used when explicitly requested.
4122	if test "x$enable_dependency_tracking" = xyes; then	4140	if test "x$enable_dependency_tracking" = xyes; then
4123	continue	4141	continue
4124	else	4142	else
Lines 4126-4132 else Link Here
4126	fi	4144	fi
4127	;;	4145	;;
4128	msvc7 \| msvc7msys \| msvisualcpp \| msvcmsys)	4146	msvc7 \| msvc7msys \| msvisualcpp \| msvcmsys)
4129	# This compiler won't grok `-c -o', but also, the minuso test has	4147	# This compiler won't grok '-c -o', but also, the minuso test has
4130	# not run yet. These depmodes are late enough in the game, and	4148	# not run yet. These depmodes are late enough in the game, and
4131	# so weak that their functioning should not be impacted.	4149	# so weak that their functioning should not be impacted.
4132	am__obj=conftest.${OBJEXT-o}	4150	am__obj=conftest.${OBJEXT-o}
Lines 5166-5171 fi Link Here
5166	done	5184	done
5167	test -n "$READELF" \|\| READELF="false"	5185	test -n "$READELF" \|\| READELF="false"
5168		5186
		5187	# Extract the first word of "bash", so it can be a program name with args.
		5188	set dummy bash; ac_word=$2
		5189	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
		5190	$as_echo_n "checking for $ac_word... " >&6; }
		5191	if ${ac_cv_path_BASH_PATH+:} false; then :
		5192	$as_echo_n "(cached) " >&6
		5193	else
		5194	case $BASH_PATH in
		5195	[\\/]* \| ?:[\\/]*)
		5196	ac_cv_path_BASH_PATH="$BASH_PATH" # Let the user override the test with a path.
		5197	;;
		5198	*)
		5199	as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
		5200	for as_dir in $PATH
		5201	do
		5202	IFS=$as_save_IFS
		5203	test -z "$as_dir" && as_dir=.
		5204	for ac_exec_ext in '' $ac_executable_extensions; do
		5205	if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
		5206	ac_cv_path_BASH_PATH="$as_dir/$ac_word$ac_exec_ext"
		5207	$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
		5208	break 2
		5209	fi
		5210	done
		5211	done
		5212	IFS=$as_save_IFS
		5213
		5214	;;
		5215	esac
		5216	fi
		5217	BASH_PATH=$ac_cv_path_BASH_PATH
		5218	if test -n "$BASH_PATH"; then
		5219	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $BASH_PATH" >&5
		5220	$as_echo "$BASH_PATH" >&6; }
		5221	else
		5222	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
		5223	$as_echo "no" >&6; }
		5224	fi
		5225
		5226
5169		5227
5170	AUTOM4TE=${AUTOM4TE-"${am_missing_run}autom4te"}	5228	AUTOM4TE=${AUTOM4TE-"${am_missing_run}autom4te"}
5171		5229
Lines 14356-14362 $as_echo "no" >&6; } Link Here
14356	fi	14414	fi
14357		14415
14358		14416
14359	SANDBOX_DEFINES='-DETCDIR="\"$(sysconfdir)\"" -DLIBSANDBOX_PATH="\"$(libdir)\"" -DSANDBOX_BASHRC_PATH="\"$(pkgdatadir)\""'	14417	SANDBOX_DEFINES='-DETCDIR="\"$(sysconfdir)\"" -DLIBSANDBOX_PATH="\"$(libdir)\""\
		14418	-DBASH="\"$(BASH_PATH)\"" -DSANDBOX_BASHRC_PATH="\"$(pkgdatadir)\""\
		14419	-DVARDIR="\"$(localstatedir)\""'
14360		14420
14361		14421
14362	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to enable exception handling" >&5	14422	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to enable exception handling" >&5
Lines 14880-14885 LIBOBJS=$ac_libobjs Link Here
14880	LTLIBOBJS=$ac_ltlibobjs	14940	LTLIBOBJS=$ac_ltlibobjs
14881		14941
14882		14942
		14943	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5
		14944	$as_echo_n "checking that generated files are newer than configure... " >&6; }
		14945	if test -n "$am_sleep_pid"; then
		14946	# Hide warnings about reused PIDs.
		14947	wait $am_sleep_pid 2>/dev/null
		14948	fi
		14949	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5
		14950	$as_echo "done" >&6; }
14883	if test -n "$EXEEXT"; then	14951	if test -n "$EXEEXT"; then
14884	am__EXEEXT_TRUE=	14952	am__EXEEXT_TRUE=
14885	am__EXEEXT_FALSE='#'	14953	am__EXEEXT_FALSE='#'
Lines 16400-16406 $as_echo "$as_me: executing $ac_file com Link Here
16400	# Strip MF so we end up with the name of the file.	16468	# Strip MF so we end up with the name of the file.
16401	mf=`echo "$mf" \| sed -e 's/:.*$//'`	16469	mf=`echo "$mf" \| sed -e 's/:.*$//'`
16402	# Check whether this is an Automake generated Makefile or not.	16470	# Check whether this is an Automake generated Makefile or not.
16403	# We used to match only the files named `Makefile.in', but	16471	# We used to match only the files named 'Makefile.in', but
16404	# some people rename them; so instead we look at the file content.	16472	# some people rename them; so instead we look at the file content.
16405	# Grep'ing the first line is not enough: some people post-process	16473	# Grep'ing the first line is not enough: some people post-process
16406	# each Makefile.in and add a new line on top of each file to say so.	16474	# each Makefile.in and add a new line on top of each file to say so.
Lines 16434-16454 $as_echo X"$mf" \| Link Here
16434	continue	16502	continue
16435	fi	16503	fi
16436	# Extract the definition of DEPDIR, am__include, and am__quote	16504	# Extract the definition of DEPDIR, am__include, and am__quote
16437	# from the Makefile without running `make'.	16505	# from the Makefile without running 'make'.
16438	DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`	16506	DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
16439	test -z "$DEPDIR" && continue	16507	test -z "$DEPDIR" && continue
16440	am__include=`sed -n 's/^am__include = //p' < "$mf"`	16508	am__include=`sed -n 's/^am__include = //p' < "$mf"`
16441	test -z "am__include" && continue	16509	test -z "am__include" && continue
16442	am__quote=`sed -n 's/^am__quote = //p' < "$mf"`	16510	am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
16443	# When using ansi2knr, U may be empty or an underscore; expand it
16444	U=`sed -n 's/^U = //p' < "$mf"`
16445	# Find all dependency output files, they are included files with	16511	# Find all dependency output files, they are included files with
16446	# $(DEPDIR) in their names. We invoke sed twice because it is the	16512	# $(DEPDIR) in their names. We invoke sed twice because it is the
16447	# simplest approach to changing $(DEPDIR) to its actual value in the	16513	# simplest approach to changing $(DEPDIR) to its actual value in the
16448	# expansion.	16514	# expansion.
16449	for file in `sed -n "	16515	for file in `sed -n "
16450	s/^$am__include $am__quote$.(DEPDIR).$$am__quote"'$/\1/p' <"$mf" \| \	16516	s/^$am__include $am__quote$.(DEPDIR).$$am__quote"'$/\1/p' <"$mf" \| \
16451	sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do	16517	sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do
16452	# Make sure the directory exists.	16518	# Make sure the directory exists.
16453	test -f "$dirpart/$file" && continue	16519	test -f "$dirpart/$file" && continue
16454	fdir=`$as_dirname -- "$file" \|\|	16520	fdir=`$as_dirname -- "$file" \|\|




# Makefile.in generated by automake 1.12.4 from Makefile.am.
# @configure_input@

# Copyright (C) 1994-2012 Free Software Foundation, Inc.

# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.

CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES =
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
am__v_P_0 = false
am__v_P_1 = :
AM_V_GEN = $(am__v_GEN_@AM_V@)
am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
am__v_GEN_0 = @echo "  GEN     " $@;
am__v_GEN_1 = 
AM_V_at = $(am__v_at_@AM_V@)
am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
am__v_at_0 = @
am__v_at_1 = 
SOURCES =
DIST_SOURCES =
am__can_run_installinfo = \

AUTOM4TE = @AUTOM4TE@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
BASH_PATH = @BASH_PATH@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@

ctags: CTAGS
CTAGS:

cscope cscopelist:


distdir: $(DISTFILES)
	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \

	uninstall uninstall-am uninstall-dist_desktopDATA \
	uninstall-dist_pixmapDATA uninstall-dist_pkgdataDATA

sandbox.bashrc: sandbox.bashrc.in
	$(SED) -e "s,[@]sysconfdir[@],$(sysconfdir),"\
		-e "s,[@]BASH_PATH[@],$(BASH),"\
		-e "s,[@]localstatedir[@],$(localstatedir),"\
		$< >$@

# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.




# Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com
# Distributed under the terms of the GNU General Public License, v2 or later 

if [[ -n ${LD_PRELOAD} && ${LD_PRELOAD} != *$SANDBOX_LIB* ]] ; then
	export LD_PRELOAD="${SANDBOX_LIB} ${LD_PRELOAD}"
elif [[ -z ${LD_PRELOAD} ]] ; then
	export LD_PRELOAD="${SANDBOX_LIB}"
fi

export BASH_ENV="${SANDBOX_BASHRC}"

alias make="make LD_PRELOAD=${LD_PRELOAD}"
alias su="su -c '/bin/bash -rcfile ${SANDBOX_BASHRC}'"

declare -r SANDBOX_ACTIVE

# Only do Mike's sandboxshell mojo if we are interactive, and if
# we are connected to a terminal (ie, not piped, etc)
if [[ ${SANDBOX_INTRACTV} == "1" && -t 1 ]] || [[ ${__SANDBOX_TESTING} == "yes" ]] ; then
	trap ":" INT QUIT TSTP

	# Make sure this do not get recusively called
	unset SANDBOX_INTRACTV

	# Do not set this, as user might want to override path, etc ... #139591
	#source /etc/profile

	if [[ ${__SANDBOX_TESTING} != "yes" ]] ; then
		(
		[[ ${NOCOLOR} == "true" || ${NOCOLOR} == "yes" || ${NOCOLOR} == "1" ]] && \
			export RC_NOCOLOR="yes"
		source /etc/init.d/functions.sh
		if [ $? -ne 0 ] ; then
			einfo() { echo " INFO: $*"; }
			ewarn() { echo " WARN: $*"; }
			eerror() { echo " ERR: $*"; }
		fi
		echo
		einfo "Loading sandboxed shell"
		einfo " Log File:           ${SANDBOX_LOG}"
		if [[ -n ${SANDBOX_DEBUG_LOG} ]] ; then
			einfo " Debug Log File:     ${SANDBOX_DEBUG_LOG}"
		fi
		einfo " sandboxon:          turn sandbox on"
		einfo " sandboxoff:         turn sandbox off"
		einfo " addread <path>:     allow <path> to be read"
		einfo " addwrite <path>:    allow <path> to be written"
		einfo " adddeny <path>:     deny access to <path>"
		einfo " addpredict <path>:  allow fake access to <path>"
		echo
		)

		# do ebuild environment loading ... detect if we're in portage
		# build area or not ... uNF uNF uNF
		#sbs_pdir=$(portageq envvar PORTAGE_TMPDIR)/portage/ #portageq takes too long imo
		if [[ -z ${PORTAGE_TMPDIR} ]] ; then
			sbs_pdir=$(
				for f in /etc/{,portage/}make.globals /etc/{,portage/}make.conf ; do
					[[ -e ${f} ]] && source ${f}
				done
				echo $PORTAGE_TMPDIR
			)
		else
			sbs_pdir=${PORTAGE_TMPDIR}
		fi
		: ${sbs_pdir:=/var/tmp}
		sbs_pdir=${sbs_pdir}/portage/

		if [[ ${PWD:0:${#sbs_pdir}} == "${sbs_pdir}" ]] ; then
			sbs_bdir=$(echo ${PWD:${#sbs_pdir}} | cut -d/ -f1,2)
			sbs_tmpenvfile=${sbs_pdir}${sbs_bdir}/temp/environment
			if [[ -e ${sbs_tmpenvfile} ]] ; then
				echo "Found environment at ${sbs_tmpenvfile}"
				printf " * Would you like to enter the portage environment ? "
				read env
				sbs_PREPWD=${PWD}
				if [[ ${env} == "y" ]] ; then
					# First try to source variables and export them ...
					eval $(sed -e '/^[[:alnum:]_-]*=/s:^:export :' \
					           -e '/^[[:alnum:]_-]* ()/Q' "${sbs_tmpenvfile}") 2>/dev/null
					# Then grab everything (including functions)
					source "${sbs_tmpenvfile}" 2> /dev/null
					export SANDBOX_WRITE=${SANDBOX_WRITE}:${sbs_pdir}${sbs_bdir}:${sbs_pdir}/homedir
				fi
				PWD=${sbs_PREPWD}
			fi
		fi

		unset sbs_pdir sbs_bdir sbs_tmpenvfile sbs_PREPWD env
	fi

	cd "${PWD}"
	if [[ ${NOCOLOR} != "true" && ${NOCOLOR} != "yes" && ${NOCOLOR} != "1" ]] ; then
		export PS1="\[\e[31;01m\][s]\[\e[0m\] ${PS1}"
	else
		export PS1="[s] ${PS1}"
	fi

	adddeny()    { export SANDBOX_DENY=${SANDBOX_DENY}:$1 ; }
	addpredict() { export SANDBOX_PREDICT=${SANDBOX_PREDICT}:$1 ; }
	addread()    { export SANDBOX_READ=${SANDBOX_READ}:$1 ; }
	addwrite()   { export SANDBOX_WRITE=${SANDBOX_WRITE}:$1 ; }
	sandboxon()  { export SANDBOX_ON="1" ; }
	sandboxoff() { export SANDBOX_ON="0" ; }

	[[ -z ${CCACHE_DIR} ]] && [[ -w /root/.ccache ]] && export CCACHE_DIR=/root/.ccache
	for var in CCACHE_DIR DISTCC_DIR ; do
		[[ ${!var+set} == "set" ]] && addwrite ${!var}
	done
	unset var
fi

Return to bug 490246

Line 0 Link Here

(-)sandbox-2.6/data/sandbox.bashrc.in (+111 lines)
		1	# Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com
		2	# Distributed under the terms of the GNU General Public License, v2 or later
		3
		4	if [[ -n ${LD_PRELOAD} && ${LD_PRELOAD} != $SANDBOX_LIB ]] ; then
		5	export LD_PRELOAD="${SANDBOX_LIB} ${LD_PRELOAD}"
		6	elif [[ -z ${LD_PRELOAD} ]] ; then
		7	export LD_PRELOAD="${SANDBOX_LIB}"
		8	fi
		9
		10	export BASH_ENV="${SANDBOX_BASHRC}"
		11
		12	alias make="make LD_PRELOAD=${LD_PRELOAD}"
		13	alias su="su -c '@BASH@ -rcfile ${SANDBOX_BASHRC}'"
		14
		15	declare -r SANDBOX_ACTIVE
		16
		17	# Only do Mike's sandboxshell mojo if we are interactive, and if
		18	# we are connected to a terminal (ie, not piped, etc)
		19	if [[ ${SANDBOX_INTRACTV} == "1" && -t 1 ]] \|\| [[ ${__SANDBOX_TESTING} == "yes" ]] ; then
		20	trap ":" INT QUIT TSTP
		21
		22	# Make sure this do not get recusively called
		23	unset SANDBOX_INTRACTV
		24
		25	# Do not set this, as user might want to override path, etc ... #139591
		26	#source /etc/profile
		27
		28	if [[ ${__SANDBOX_TESTING} != "yes" ]] ; then
		29	(
		30	[[ ${NOCOLOR} == "true" \|\| ${NOCOLOR} == "yes" \|\| ${NOCOLOR} == "1" ]] && \
		31	export RC_NOCOLOR="yes"
		32	source @sysconfdir@/init.d/functions.sh
		33	if [ $? -ne 0 ] ; then
		34	einfo() { echo " INFO: $*"; }
		35	ewarn() { echo " WARN: $*"; }
		36	eerror() { echo " ERR: $*"; }
		37	fi
		38	echo
		39	einfo "Loading sandboxed shell"
		40	einfo " Log File: ${SANDBOX_LOG}"
		41	if [[ -n ${SANDBOX_DEBUG_LOG} ]] ; then
		42	einfo " Debug Log File: ${SANDBOX_DEBUG_LOG}"
		43	fi
		44	einfo " sandboxon: turn sandbox on"
		45	einfo " sandboxoff: turn sandbox off"
		46	einfo " addread <path>: allow <path> to be read"
		47	einfo " addwrite <path>: allow <path> to be written"
		48	einfo " adddeny <path>: deny access to <path>"
		49	einfo " addpredict <path>: allow fake access to <path>"
		50	echo
		51	)
		52
		53	# do ebuild environment loading ... detect if we're in portage
		54	# build area or not ... uNF uNF uNF
		55	#sbs_pdir=$(portageq envvar PORTAGE_TMPDIR)/portage/ #portageq takes too long imo
		56	if [[ -z ${PORTAGE_TMPDIR} ]] ; then
		57	sbs_pdir=$(
		58	for f in @sysconfdir@/{,portage/}make.globals @sysconfdir@/{,portage/}make.conf ; do
		59	[[ -e ${f} ]] && source ${f}
		60	done
		61	echo $PORTAGE_TMPDIR
		62	)
		63	else
		64	sbs_pdir=${PORTAGE_TMPDIR}
65	fi
66	: ${sbs_pdir:=@localstatedir@/tmp}
67	sbs_pdir=${sbs_pdir}/portage/
68
69	if [[ ${PWD:0:${#sbs_pdir}} == "${sbs_pdir}" ]] ; then
70	sbs_bdir=$(echo ${PWD:${#sbs_pdir}} \| cut -d/ -f1,2)
71	sbs_tmpenvfile=${sbs_pdir}${sbs_bdir}/temp/environment
72	if [[ -e ${sbs_tmpenvfile} ]] ; then
73	echo "Found environment at ${sbs_tmpenvfile}"
74	printf " * Would you like to enter the portage environment ? "
75	read env
76	sbs_PREPWD=${PWD}
77	if [[ ${env} == "y" ]] ; then
78	# First try to source variables and export them ...
79	eval $(sed -e '/^[[:alnum:]_-]*=/s:^:export :' \
80	-e '/^[[:alnum:]_-]* ()/Q' "${sbs_tmpenvfile}") 2>/dev/null
81	# Then grab everything (including functions)
82	source "${sbs_tmpenvfile}" 2> /dev/null
83	export SANDBOX_WRITE=${SANDBOX_WRITE}:${sbs_pdir}${sbs_bdir}:${sbs_pdir}/homedir
84	fi
85	PWD=${sbs_PREPWD}
86	fi
87	fi
88
89	unset sbs_pdir sbs_bdir sbs_tmpenvfile sbs_PREPWD env
90	fi
91
92	cd "${PWD}"
93	if [[ ${NOCOLOR} != "true" && ${NOCOLOR} != "yes" && ${NOCOLOR} != "1" ]] ; then
94	export PS1="\[\e[31;01m\][s]\[\e[0m\] ${PS1}"
95	else
96	export PS1="[s] ${PS1}"
97	fi
98
99	adddeny() { export SANDBOX_DENY=${SANDBOX_DENY}:$1 ; }
100	addpredict() { export SANDBOX_PREDICT=${SANDBOX_PREDICT}:$1 ; }
101	addread() { export SANDBOX_READ=${SANDBOX_READ}:$1 ; }
102	addwrite() { export SANDBOX_WRITE=${SANDBOX_WRITE}:$1 ; }
103	sandboxon() { export SANDBOX_ON="1" ; }
104	sandboxoff() { export SANDBOX_ON="0" ; }
105
106	[[ -z ${CCACHE_DIR} ]] && [[ -w /root/.ccache ]] && export CCACHE_DIR=/root/.ccache
107	for var in CCACHE_DIR DISTCC_DIR ; do
108	[[ ${!var+set} == "set" ]] && addwrite ${!var}
109	done
110	unset var
111	fi

Lines 1-9 Link Here

(-)sandbox-2.6/data/Makefile.in (-5 / +18 lines)
1	# Makefile.in generated by automake 1.11.5 from Makefile.am.	1	# Makefile.in generated by automake 1.12.4 from Makefile.am.
2	# @configure_input@	2	# @configure_input@
3		3
4	# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,	4	# Copyright (C) 1994-2012 Free Software Foundation, Inc.
5	# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software	5
6	# Foundation, Inc.
7	# This Makefile.in is free software; the Free Software Foundation	6	# This Makefile.in is free software; the Free Software Foundation
8	# gives unlimited permission to copy and/or distribute it,	7	# gives unlimited permission to copy and/or distribute it,
9	# with or without modifications, as long as this notice is preserved.	8	# with or without modifications, as long as this notice is preserved.
Lines 69-80 mkinstalldirs = $(install_sh) -d Link Here
69	CONFIG_HEADER = $(top_builddir)/config.h	68	CONFIG_HEADER = $(top_builddir)/config.h
70	CONFIG_CLEAN_FILES =	69	CONFIG_CLEAN_FILES =
71	CONFIG_CLEAN_VPATH_FILES =	70	CONFIG_CLEAN_VPATH_FILES =
		71	AM_V_P = $(am__v_P_@AM_V@)
		72	am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
		73	am__v_P_0 = false
		74	am__v_P_1 = :
72	AM_V_GEN = $(am__v_GEN_@AM_V@)	75	AM_V_GEN = $(am__v_GEN_@AM_V@)
73	am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)	76	am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
74	am__v_GEN_0 = @echo " GEN " $@;	77	am__v_GEN_0 = @echo " GEN " $@;
		78	am__v_GEN_1 =
75	AM_V_at = $(am__v_at_@AM_V@)	79	AM_V_at = $(am__v_at_@AM_V@)
76	am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)	80	am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
77	am__v_at_0 = @	81	am__v_at_0 = @
		82	am__v_at_1 =
78	SOURCES =	83	SOURCES =
79	DIST_SOURCES =	84	DIST_SOURCES =
80	am__can_run_installinfo = \	85	am__can_run_installinfo = \
Lines 123-128 AUTOHEADER = @AUTOHEADER@ Link Here
123	AUTOM4TE = @AUTOM4TE@	128	AUTOM4TE = @AUTOM4TE@
124	AUTOMAKE = @AUTOMAKE@	129	AUTOMAKE = @AUTOMAKE@
125	AWK = @AWK@	130	AWK = @AWK@
		131	BASH_PATH = @BASH_PATH@
126	CC = @CC@	132	CC = @CC@
127	CCDEPMODE = @CCDEPMODE@	133	CCDEPMODE = @CCDEPMODE@
128	CFLAGS = @CFLAGS@	134	CFLAGS = @CFLAGS@
Lines 348-353 TAGS: Link Here
348	ctags: CTAGS	354	ctags: CTAGS
349	CTAGS:	355	CTAGS:
350		356
		357	cscope cscopelist:
		358
351		359
352	distdir: $(DISTFILES)	360	distdir: $(DISTFILES)
353	@srcdirstrip=`echo "$(srcdir)" \| sed 's/[].[^$$\\*]/\\\\&/g'`; \	361	@srcdirstrip=`echo "$(srcdir)" \| sed 's/[].[^$$\\*]/\\\\&/g'`; \
Lines 500-505 uninstall-am: uninstall-dist_desktopDATA Link Here
500	uninstall uninstall-am uninstall-dist_desktopDATA \	508	uninstall uninstall-am uninstall-dist_desktopDATA \
501	uninstall-dist_pixmapDATA uninstall-dist_pkgdataDATA	509	uninstall-dist_pixmapDATA uninstall-dist_pkgdataDATA
502		510
		511	sandbox.bashrc: sandbox.bashrc.in
		512	$(SED) -e "s,[@]sysconfdir[@],$(sysconfdir),"\
		513	-e "s,[@]BASH_PATH[@],$(BASH),"\
		514	-e "s,[@]localstatedir[@],$(localstatedir),"\
		515	$< >$@
503		516
504	# Tell versions [3.59,3.63) of GNU make to not export all variables.	517	# Tell versions [3.59,3.63) of GNU make to not export all variables.
505	# Otherwise a system limit (for SysV at least) may be exceeded.	518	# Otherwise a system limit (for SysV at least) may be exceeded.

Lines 1-111 Link Here

(-)sandbox-2.6/data/sandbox.bashrc (-111 lines)
1	# Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com
2	# Distributed under the terms of the GNU General Public License, v2 or later
3
4	if [[ -n ${LD_PRELOAD} && ${LD_PRELOAD} != $SANDBOX_LIB ]] ; then
5	export LD_PRELOAD="${SANDBOX_LIB} ${LD_PRELOAD}"
6	elif [[ -z ${LD_PRELOAD} ]] ; then
7	export LD_PRELOAD="${SANDBOX_LIB}"
8	fi
9
10	export BASH_ENV="${SANDBOX_BASHRC}"
11
12	alias make="make LD_PRELOAD=${LD_PRELOAD}"
13	alias su="su -c '/bin/bash -rcfile ${SANDBOX_BASHRC}'"
14
15	declare -r SANDBOX_ACTIVE
16
17	# Only do Mike's sandboxshell mojo if we are interactive, and if
18	# we are connected to a terminal (ie, not piped, etc)
19	if [[ ${SANDBOX_INTRACTV} == "1" && -t 1 ]] \|\| [[ ${__SANDBOX_TESTING} == "yes" ]] ; then
20	trap ":" INT QUIT TSTP
21
22	# Make sure this do not get recusively called
23	unset SANDBOX_INTRACTV
24
25	# Do not set this, as user might want to override path, etc ... #139591
26	#source /etc/profile
27
28	if [[ ${__SANDBOX_TESTING} != "yes" ]] ; then
29	(
30	[[ ${NOCOLOR} == "true" \|\| ${NOCOLOR} == "yes" \|\| ${NOCOLOR} == "1" ]] && \
31	export RC_NOCOLOR="yes"
32	source /etc/init.d/functions.sh
33	if [ $? -ne 0 ] ; then
34	einfo() { echo " INFO: $*"; }
35	ewarn() { echo " WARN: $*"; }
36	eerror() { echo " ERR: $*"; }
37	fi
38	echo
39	einfo "Loading sandboxed shell"
40	einfo " Log File: ${SANDBOX_LOG}"
41	if [[ -n ${SANDBOX_DEBUG_LOG} ]] ; then
42	einfo " Debug Log File: ${SANDBOX_DEBUG_LOG}"
43	fi
44	einfo " sandboxon: turn sandbox on"
45	einfo " sandboxoff: turn sandbox off"
46	einfo " addread <path>: allow <path> to be read"
47	einfo " addwrite <path>: allow <path> to be written"
48	einfo " adddeny <path>: deny access to <path>"
49	einfo " addpredict <path>: allow fake access to <path>"
50	echo
51	)
52
53	# do ebuild environment loading ... detect if we're in portage
54	# build area or not ... uNF uNF uNF
55	#sbs_pdir=$(portageq envvar PORTAGE_TMPDIR)/portage/ #portageq takes too long imo
56	if [[ -z ${PORTAGE_TMPDIR} ]] ; then
57	sbs_pdir=$(
58	for f in /etc/{,portage/}make.globals /etc/{,portage/}make.conf ; do
59	[[ -e ${f} ]] && source ${f}
60	done
61	echo $PORTAGE_TMPDIR
62	)
63	else
64	sbs_pdir=${PORTAGE_TMPDIR}
65	fi
66	: ${sbs_pdir:=/var/tmp}
67	sbs_pdir=${sbs_pdir}/portage/
68
69	if [[ ${PWD:0:${#sbs_pdir}} == "${sbs_pdir}" ]] ; then
70	sbs_bdir=$(echo ${PWD:${#sbs_pdir}} \| cut -d/ -f1,2)
71	sbs_tmpenvfile=${sbs_pdir}${sbs_bdir}/temp/environment
72	if [[ -e ${sbs_tmpenvfile} ]] ; then
73	echo "Found environment at ${sbs_tmpenvfile}"
74	printf " * Would you like to enter the portage environment ? "
75	read env
76	sbs_PREPWD=${PWD}
77	if [[ ${env} == "y" ]] ; then
78	# First try to source variables and export them ...
79	eval $(sed -e '/^[[:alnum:]_-]*=/s:^:export :' \
80	-e '/^[[:alnum:]_-]* ()/Q' "${sbs_tmpenvfile}") 2>/dev/null
81	# Then grab everything (including functions)
82	source "${sbs_tmpenvfile}" 2> /dev/null
83	export SANDBOX_WRITE=${SANDBOX_WRITE}:${sbs_pdir}${sbs_bdir}:${sbs_pdir}/homedir
84	fi
85	PWD=${sbs_PREPWD}
86	fi
87	fi
88
89	unset sbs_pdir sbs_bdir sbs_tmpenvfile sbs_PREPWD env
90	fi
91
92	cd "${PWD}"
93	if [[ ${NOCOLOR} != "true" && ${NOCOLOR} != "yes" && ${NOCOLOR} != "1" ]] ; then
94	export PS1="\[\e[31;01m\][s]\[\e[0m\] ${PS1}"
95	else
96	export PS1="[s] ${PS1}"
97	fi
98
99	adddeny() { export SANDBOX_DENY=${SANDBOX_DENY}:$1 ; }
100	addpredict() { export SANDBOX_PREDICT=${SANDBOX_PREDICT}:$1 ; }
101	addread() { export SANDBOX_READ=${SANDBOX_READ}:$1 ; }
102	addwrite() { export SANDBOX_WRITE=${SANDBOX_WRITE}:$1 ; }
103	sandboxon() { export SANDBOX_ON="1" ; }
104	sandboxoff() { export SANDBOX_ON="0" ; }
105
106	[[ -z ${CCACHE_DIR} ]] && [[ -w /root/.ccache ]] && export CCACHE_DIR=/root/.ccache
107	for var in CCACHE_DIR DISTCC_DIR ; do
108	[[ ${!var+set} == "set" ]] && addwrite ${!var}
109	done
110	unset var
111	fi