---
paludis/repositories/e/ebuild/ebuild.bash | 58 +++++++++++++---------------
1 files changed, 27 insertions(+), 31 deletions(-)
diff --git a/paludis/repositories/e/ebuild/ebuild.bash
b/paludis/repositories/e/ebuild/ebuild.bash
index e2d839d..3e0f50e 100755
--- a/paludis/repositories/e/ebuild/ebuild.bash
+++ b/paludis/repositories/e/ebuild/ebuild.bash
@@ -498,7 +498,7 @@ ebuild_load_em_up_dan()
if [[ -z ${PALUDIS_DO_NOTHING_SANDBOXY} ]] ; then
if [[ -n ${CCACHE_DIR} ]]; then
export SANDBOX_WRITE=${SANDBOX_WRITE}:${CCACHE_DIR}
- sydboxcheck 2>/dev/null && addwrite "${CCACHE_DIR}"
+ ebox check 2>/dev/null && ebox allow "${CCACHE_DIR}"
fi
fi
@@ -517,12 +517,12 @@ perform_hook()
ebuild_notice "debug" "Starting hook '${HOOK}'"
local old_sandbox_on="${SANDBOX_ON}"
- local old_sydbox_enabled
- sydboxcmd enabled 2>/dev/null && old_sydbox_enabled=true ||
old_sydbox_enabled=false
+ local old_box_enabled
+ ebox enabled 2>/dev/null && old_box_enabled=true || old_box_enabled=false
if [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]]; then
export SANDBOX_ON="0"
- if sydboxcheck 2>/dev/null; then
- sydboxcmd off || ebuild_notice "warning" "sydboxcmd off returned
failure"
+ if ebox check 2>/dev/null; then
+ ebox disable || ebuild_notice "warning" "ebox disable returned
failure"
fi
fi
@@ -543,11 +543,11 @@ perform_hook()
if [[ -z "${PALUDIS_DO_NOTHING_SANDBOXY}" ]]; then
export SANDBOX_ON="${old_sandbox_on}"
- if sydboxcheck 2>/dev/null; then
- if $old_sydbox_enabled; then
- sydboxcmd on || ebuild_notice "warning" "sydboxcmd on returned
failure"
+ if ebox check 2>/dev/null; then
+ if $old_box_enabled; then
+ ebox enable || ebuild_notice "warning" "ebox enable returned
failure"
else
- sydboxcmd off || ebuild_notice "warning" "sydboxcmd off
returned failure"
+ ebox disable || ebuild_notice "warning" "ebox disable returned
failure"
fi
fi
fi
@@ -585,9 +585,9 @@ ebuild_main()
ebuild_notice "debug" "Using ebuild '${EBUILD}', EAPI before source is
'${EAPI}'"
- # If we're running under sydbox lock magic commands when execve() is
called.
- if sydboxcheck 2>/dev/null; then
- sydboxcmd exec_lock || ebuild_notice "warning" "sydboxcmd exec_lock
returned failure"
+ # If we're running under sandbox lock magic commands when execve() is
called.
+ if ebox check 2>/dev/null; then
+ ebox exec_lock || ebuild_notice "warning" "ebox exec_lock returned
failure"
fi
if [[ ${#@} -ge 2 ]] ; then
@@ -606,9 +606,9 @@ ebuild_main()
export ${PALUDIS_EBUILD_PHASE_VAR}="${1}"
perform_hook ebuild_${action}_pre
if [[ $1 == metadata ]]; then
- # Ban execve() calls if we're running under sydbox
- if sydboxcheck 2>/dev/null; then
- sydboxcmd sandbox/exec || ebuild_notice "warning" "sydboxcmd
sandbox/exec returned failure"
+ # Ban execve() calls if we're running under sandbox
+ if ebox check 2>/dev/null; then
+ ebox enable_exec || ebuild_notice "warning" "ebox enable_exec
returned failure"
else
for f in cut tr date ; do
eval "${f}() { ebuild_notice qa 'global scope ${f}' ;
$(type -P ${f} ) \"\$@\" ; }"
@@ -616,14 +616,14 @@ ebuild_main()
fi
for f in locked_pipe_command ; do
eval "${f}() { $(type -P ${f} ) \"\$@\" ; }"
- if sydboxcheck 2>/dev/null; then
- sydboxcmd addexec "$(type -P ${f})"
+ if ebox check 2>/dev/null; then
+ ebox allow_exec "$(type -P ${f})"
fi
done
PATH="" ebuild_load_ebuild "${EBUILD}"
- # Unban execve() calls if we're running under sydbox
- if sydboxcheck 2>/dev/null; then
- sydboxcmd sandunbox/exec || ebuild_notice "warning" "sydboxcmd
sandunbox/exec returned failure"
+ # Unban execve() calls if we're running under sandbox
+ if ebox check 2>/dev/null; then
+ ebox disable_exec || ebuild_notice "warning" "ebox
disable_exec returned failure"
fi
else
ebuild_load_em_up_dan
@@ -637,28 +637,24 @@ ebuild_main()
for action in $@ ; do
export ${PALUDIS_EBUILD_PHASE_VAR}="${action}"
perform_hook ebuild_${action}_pre
- # Restrict network access to local if running under sydbox
- # We don't do sydboxcmd sand{un,}box/net here to allow the user
set it in the configuration file.
+ # Restrict network access if running under sandbox
if [[ $action != unpack ]] && [[ $action != fetch_extra ]] ; then
- if sydboxcheck 2>/dev/null; then
- sydboxcmd net/local || ebuild_notice "warning" "sydboxcmd
net/local returned failure"
- sydboxcmd net/restrict/connect || ebuild_notice "warning"
"sydboxcmd net/restrict_connect return failure"
+ if ebox check 2>/dev/null; then
+ ebox enable_net || ebuild_notice "warning" "ebox
enable_net returned failure"
fi
fi
if ! ${PALUDIS_F_FUNCTION_PREFIX:-ebuild_f}_${action} ; then
if [[ $action != unpack ]] && [[ $action != fetch_extra ]] ;
then
- if sydboxcheck 2>/dev/null; then
- sydboxcmd net/allow || ebuild_notice "warning"
"sydboxcmd net/allow returned failure"
- sydboxcmd net/unrestrict/connect || ebuild_notice
"warning" "sydboxcmd net/unrestrict/connect returned failure"
+ if ebox check 2>/dev/null; then
+ ebox disable_net || ebuild_notice "warning" "ebox
disable_net returned failure"
fi
fi
perform_hook ebuild_${action}_fail
die "${action} failed"
fi
if [[ $action != unpack ]] && [[ $action != fetch_extra ]] ; then
- if sydboxcheck 2>/dev/null; then
- sydboxcmd net/allow || ebuild_notice "warning" "sydboxcmd
net/allow returned failure"
- sydboxcmd net/unrestrict/connect || ebuild_notice
"warning" "sydboxcmd net/unrestrict/connect returned failure"
+ if ebox check 2>/dev/null; then
+ ebox disable_net || ebuild_notice "warning" "ebox
disable_net returned failure"
fi
fi
perform_hook ebuild_${action}_post
--
1.7.3.5
_______________________________________________
Exherbo-dev mailing list
[email protected]
http://lists.exherbo.org/mailman/listinfo/exherbo-dev
