diff options
| author |   Piotr Karbowski <slashbeast@gentoo.org> | 2022-07-02 22:23:58 +0200 |
|---|---|---|
| committer | Piotr Karbowski <slashbeast@gentoo.org> | 2022-07-02 22:24:45 +0200 |
| commit | d7035f4e5e6e57a83296e714e2e17771d0e8a886 (patch) | |
| tree | b3ff57454f331f4dfbdcb141efe6a431b440813d /sys-apps/bubblewrap | |
| parent | app-arch/tapeutils: update EAPI 6 -> 8 (diff) | |
| download | gentoo-d7035f4e5e6e57a83296e714e2e17771d0e8a886.tar.gz gentoo-d7035f4e5e6e57a83296e714e2e17771d0e8a886.tar.bz2 gentoo-d7035f4e5e6e57a83296e714e2e17771d0e8a886.zip | |
sys-apps/bubblewrap: 0.8.2-r1: default to no suid.
Closes: https://github.com/gentoo/gentoo/pull/26063
Signed-off-by: Piotr Karbowski <slashbeast@gentoo.org>
Diffstat (limited to 'sys-apps/bubblewrap')
| -rw-r--r-- | sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild b/sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild new file mode 100644 index 000000000000..fa95d51552b8 --- /dev/null +++ b/sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit linux-info meson + +DESCRIPTION="Unprivileged sandboxing tool, namespaces-powered chroot-like solution" +HOMEPAGE="https://github.com/containers/bubblewrap/" +SRC_URI="https://github.com/containers/${PN}/releases/download/v${PV}/${P}.tar.xz" + +LICENSE="LGPL-2+" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~x86" +IUSE="selinux suid" + +RDEPEND=" + sys-libs/libseccomp + sys-libs/libcap + selinux? ( >=sys-libs/libselinux-2.1.9 ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + app-text/docbook-xml-dtd:4.3 + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + virtual/pkgconfig +" + +# tests require root privileges +RESTRICT="test" + +pkg_setup() { + if [[ ${MERGE_TYPE} != buildonly ]]; then + CONFIG_CHECK="~UTS_NS ~IPC_NS ~USER_NS ~PID_NS ~NET_NS" + linux-info_pkg_setup + fi +} + +src_configure() { + local emesonargs=( + -Dbash_completion=enabled + -Dman=enabled + -Dtests=false + -Dzsh_completion=enabled + $(meson_feature selinux) + ) + + meson_src_configure +} + +src_install() { + meson_src_install + + if use suid; then + chmod u+s "${ED}"/usr/bin/bwrap + fi +} |