|
Lines 3296-3310
def doebuild(myebuild, mydo, myroot, mys
Link Here
|
| 3296 |
|
3296 |
|
| 3297 |
#initial dep checks complete; time to process main commands |
3297 |
#initial dep checks complete; time to process main commands |
| 3298 |
|
3298 |
|
| 3299 |
nosandbox = (("userpriv" in features) and \ |
3299 |
userpriv_nosandbox = (("userpriv" in features) and \ |
| 3300 |
("usersandbox" not in features) and \ |
3300 |
("usersandbox" not in features) and \ |
| 3301 |
("userpriv" not in mysettings["RESTRICT"]) and \ |
3301 |
("userpriv" not in mysettings["RESTRICT"]) and \ |
| 3302 |
("nouserpriv" not in mysettings["RESTRICT"])) |
3302 |
("nouserpriv" not in mysettings["RESTRICT"])) |
| 3303 |
if nosandbox and ("userpriv" not in features or \ |
3303 |
restrict_sandbox = "sandbox" in mysettings["RESTRICT"] |
| 3304 |
"userpriv" in mysettings["RESTRICT"] or \ |
|
|
| 3305 |
"nouserpriv" in mysettings["RESTRICT"]): |
| 3306 |
nosandbox = ("sandbox" not in features and \ |
| 3307 |
"usersandbox" not in features) |
| 3308 |
|
3304 |
|
| 3309 |
sesandbox = mysettings.selinux_enabled() and \ |
3305 |
sesandbox = mysettings.selinux_enabled() and \ |
| 3310 |
"sesandbox" in mysettings.features |
3306 |
"sesandbox" in mysettings.features |
|
Lines 3313-3326
def doebuild(myebuild, mydo, myroot, mys
Link Here
|
| 3313 |
|
3309 |
|
| 3314 |
# args are for the to spawn function |
3310 |
# args are for the to spawn function |
| 3315 |
actionmap = { |
3311 |
actionmap = { |
| 3316 |
"depend": {"cmd":ebuild_sh, "args":{"droppriv":1, "free":0, "sesandbox":0}}, |
3312 |
"depend": {"cmd":ebuild_sh, "args":{"droppriv":1, "sesandbox":0, "free":0}}, |
| 3317 |
"setup": {"cmd":ebuild_sh, "args":{"droppriv":0, "free":1, "sesandbox":0}}, |
3313 |
"setup": {"cmd":ebuild_sh, "args":{"droppriv":0, "sesandbox":0, "free":1}}, |
| 3318 |
"unpack": {"cmd":ebuild_sh, "args":{"droppriv":1, "free":0, "sesandbox":sesandbox}}, |
3314 |
"unpack": {"cmd":ebuild_sh, "args":{"droppriv":1, "sesandbox":sesandbox, |
| 3319 |
"compile":{"cmd":ebuild_sh, "args":{"droppriv":1, "free":nosandbox, "sesandbox":sesandbox}}, |
3315 |
"free":restrict_sandbox or userpriv_nosandbox}}, |
| 3320 |
"test": {"cmd":ebuild_sh, "args":{"droppriv":1, "free":nosandbox, "sesandbox":sesandbox}}, |
3316 |
"compile":{"cmd":ebuild_sh, "args":{"droppriv":1, "sesandbox":sesandbox, |
| 3321 |
"install":{"cmd":ebuild_sh, "args":{"droppriv":0, "free":0, "sesandbox":sesandbox}}, |
3317 |
"free":restrict_sandbox or userpriv_nosandbox}}, |
| 3322 |
"rpm": {"cmd":misc_sh, "args":{"droppriv":0, "free":0, "sesandbox":0}}, |
3318 |
"test": {"cmd":ebuild_sh, "args":{"droppriv":1, "sesandbox":sesandbox, |
| 3323 |
"package":{"cmd":misc_sh, "args":{"droppriv":0, "free":0, "sesandbox":0}}, |
3319 |
"free":restrict_sandbox or userpriv_nosandbox}}, |
|
|
3320 |
"install":{"cmd":ebuild_sh, "args":{"droppriv":0, "sesandbox":sesandbox, |
| 3321 |
"free":restrict_sandbox}}, |
| 3322 |
"rpm": {"cmd":misc_sh, "args":{"droppriv":0, "sesandbox":0, "free":0}}, |
| 3323 |
"package":{"cmd":misc_sh, "args":{"droppriv":0, "sesandbox":0, "free":0}}, |
| 3324 |
} |
3324 |
} |
| 3325 |
|
3325 |
|
| 3326 |
# merge the deps in so we have again a 'full' actionmap |
3326 |
# merge the deps in so we have again a 'full' actionmap |
