summaryrefslogtreecommitdiff
path: root/system/bubblewrap/APKBUILD
diff options
context:
space:
mode:
authorA. Wilcox <awilcox@wilcox-tech.com>2020-03-28 21:20:16 +0000
committerA. Wilcox <awilcox@wilcox-tech.com>2020-03-28 21:20:16 +0000
commitd5a2d4b0847392305e7de2bca65d30987bd0ca7e (patch)
tree6abd9673142dfece523ff5e5379b862080aa0e65 /system/bubblewrap/APKBUILD
parent2e865b057fa79fa5f65240dd6634c91824f3f480 (diff)
parent29d357bdc4c7296befb3b35cd3ac3d17aa561bdb (diff)
downloadpackages-d5a2d4b0847392305e7de2bca65d30987bd0ca7e.tar.gz
packages-d5a2d4b0847392305e7de2bca65d30987bd0ca7e.tar.bz2
packages-d5a2d4b0847392305e7de2bca65d30987bd0ca7e.tar.xz
packages-d5a2d4b0847392305e7de2bca65d30987bd0ca7e.zip
Merge branch 'bump/misc/2020.03.23' into 'master'
Miscellaneous bumps for 2020.03.23 See merge request adelie/packages!417
Diffstat (limited to 'system/bubblewrap/APKBUILD')
-rw-r--r--system/bubblewrap/APKBUILD33
1 files changed, 17 insertions, 16 deletions
diff --git a/system/bubblewrap/APKBUILD b/system/bubblewrap/APKBUILD
index c4ae4fa31..d51d14ae7 100644
--- a/system/bubblewrap/APKBUILD
+++ b/system/bubblewrap/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Timo Teräs <timo.teras@iki.fi>
# Maintainer: Max Rees <maxcrees@me.com>
pkgname=bubblewrap
-pkgver=0.3.3
+pkgver=0.4.0
pkgrel=0
pkgdesc="Unprivileged sandboxing tool"
url="https://github.com/projectatomic/bubblewrap"
@@ -9,21 +9,21 @@ arch="all"
options="!check suid" # requires suid to already be set in order to check
license="LGPL-2.0+"
makedepends="autoconf automake libcap-dev docbook-xsl"
-checkdepends="sudo"
+checkdepends="python3 sudo"
subpackages="$pkgname-nosuid $pkgname-doc
$pkgname-bash-completion:bashcomp:noarch"
-source="bubblewrap-$pkgver.tar.gz::https://github.com/projectatomic/bubblewrap/archive/v$pkgver.tar.gz
+source="bubblewrap-$pkgver.tar.gz::https://github.com/containers/bubblewrap/archive/v$pkgver.tar.gz
realpath-workaround.patch
- musl-fixes.patch
- tests.patch"
+ tests.patch
+ "
# secfixes:
# 0.3.3-r0:
-# - CVE-2019-12439
+# - CVE-2019-12439
prepare() {
- srcdir= NOCONFIGURE=1 ./autogen.sh
default_prepare
+ NOCONFIGURE=1 ./autogen.sh
}
build() {
@@ -39,14 +39,16 @@ build() {
}
check() {
- # Uses sudo to chown root and setuid $builddir/test-bwrap
+ # 1. chown root and chmod u+s $builddir/test-bwrap
+ # 2. Run abuild check (suid test)
+ # 3. Unset permissions on test-bwrap
+ # 4. Run abuild check again (nosuid test)
#
- # As of 0.3.3-r0, all tests pass on ppc64 except those relating
- # to bind mounts over symlinks. Those tests fail because musl's
- # realpath depends on the availability of /proc, which is not
- # available in the middle of the setup procedure since pivot_root
- # has been performed at least once. They have been patched to be
- # skipped.
+ # As of 0.4.0, all tests pass except those relating to bind mounts
+ # over symlinks. Those tests fail because musl's realpath depends on
+ # the availability of /proc, which is not available in the middle of
+ # the setup procedure since pivot_root has been performed at least
+ # once. They have been patched to be skipped.
make check
}
@@ -72,7 +74,6 @@ bashcomp() {
mv "$pkgdir"/usr/share/bash-completion/ "$subpkgdir"/usr/share/
}
-sha512sums="b1c38fad90ddaa23a5f2dd49f9ec3f9d9af7426af321ae9f7c43dd64f11a448b3502942a42112a1c6ebf8a4dea2e1196b17c31cca9c2f119dc2e0c1674c345ae bubblewrap-0.3.3.tar.gz
+sha512sums="1957126e13900bbb1c9c885802f513006313836826938555899a8ad0e6c3ba47478eae0cc90f4aceff228663379b45203dce4fa57d6bfc489984670571232b97 bubblewrap-0.4.0.tar.gz
400a0446670ebf80f16739f1a7a2878aadc3099424f957ba09ec3df780506c23a11368f0578c9e352d7ca6473fa713df826fad7a20c50338aa5f9fa9ac6b84a4 realpath-workaround.patch
-f59cda3b09dd99db9ca6d97099a15bb2523e054063d677502317ae3165ba2e32105a0ae8f877afc3827bd28d093c9d9d413270f4c87d9fe5f26f3eee670d916e musl-fixes.patch
d572a6296729ab192dd4f04707e0271df600d565897ce089b7f00b9ae6c62e71a087e864b4c4972e0a64aeb222a337ff4ed95560620c200cc44534db1ca79efd tests.patch"