diff options
author | Andreas Baumann <mail@andreasbaumann.cc> | 2018-05-03 21:10:44 +0200 |
---|---|---|
committer | Andreas Baumann <mail@andreasbaumann.cc> | 2018-05-03 21:10:44 +0200 |
commit | ceb0ac628872d9d20539c802b3917225a9e50cb5 (patch) | |
tree | e9102c13099ba294f9adea87a6078342bb1432b9 | |
parent | c936919ace6c6cbd3ba2bf2c230ee242b716efdf (diff) | |
download | packages-ceb0ac628872d9d20539c802b3917225a9e50cb5.tar.xz |
core/file: removed seccomp patch and disabling seccomp completly
-rw-r--r-- | core/file/PKGBUILD | 15 | ||||
-rw-r--r-- | core/file/file-5.33-seccomp-32bit.patch | 31 |
2 files changed, 11 insertions, 35 deletions
diff --git a/core/file/PKGBUILD b/core/file/PKGBUILD index ab132fd5..ba1e0f05 100644 --- a/core/file/PKGBUILD +++ b/core/file/PKGBUILD @@ -1,5 +1,12 @@ -# seccomp doesn't add rules for 64-bit filesystem function on 32-bit -# systems (e.g. fstat64) +# file doesn't add seccomp rules for 64-bit filesystem function on 32-bit +# systems (e.g. fstat64), in allmost all functions of file +# various sycalls like fork, pipe, wait4 have no ALLOW_RULE, somehow +# works on 64-bit, not on 32-bit. (-z option) +# Hence: disabling seccomp support completly! -source+=('file-5.33-seccomp-32bit.patch') -md5sums+=('5e0c3072ad745b55c8560425e6bb904c') +eval "$( + declare -f build | \ + sed ' + s/configure/configure --disable-libseccomp/ + ' +)" diff --git a/core/file/file-5.33-seccomp-32bit.patch b/core/file/file-5.33-seccomp-32bit.patch deleted file mode 100644 index 27987266..00000000 --- a/core/file/file-5.33-seccomp-32bit.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff -rauN file-5.33/src/seccomp.c file-5.33-seccomp-32bit-patch/src/seccomp.c ---- file-5.33/src/seccomp.c 2017-11-04 02:14:25.000000000 +0100 -+++ file-5.33-seccomp-32bit-patch/src/seccomp.c 2018-05-03 13:49:51.826498606 +0200 -@@ -168,13 +168,18 @@ - ALLOW_RULE(dup2); - ALLOW_RULE(exit); - ALLOW_RULE(exit_group); -- ALLOW_RULE(fcntl); -+ ALLOW_RULE(fcntl); -+ ALLOW_RULE(fcntl64); - ALLOW_RULE(fstat); -+ ALLOW_RULE(fstat64); - ALLOW_RULE(getdents); -+ ALLOW_RULE(getdents64); - ALLOW_RULE(ioctl); - ALLOW_RULE(lseek); - ALLOW_RULE(lstat); -+ ALLOW_RULE(lstat64); - ALLOW_RULE(mmap); -+ ALLOW_RULE(mmap2); - ALLOW_RULE(mprotect); - ALLOW_RULE(mremap); - ALLOW_RULE(munmap); -@@ -188,6 +193,7 @@ - ALLOW_RULE(rt_sigreturn); - ALLOW_RULE(select); - ALLOW_RULE(stat); -+ ALLOW_RULE(stat64); - ALLOW_RULE(sysinfo); - ALLOW_RULE(unlink); - ALLOW_RULE(write); |