kcgi: update to 0.10.12.
This commit is contained in:
Duncaen
parent
3c45d65422
commit
7610c68289
2 changed files with 63 additions and 6 deletions
61
srcpkgs/kcgi/patches/seccomp.patch
Normal file
61
srcpkgs/kcgi/patches/seccomp.patch
Normal file
|
|
@ -0,0 +1,61 @@
|
||||||
|
--- sandbox-seccomp-filter.c.orig
|
||||||
|
+++ sandbox-seccomp-filter.c
|
||||||
|
@@ -89,7 +89,12 @@
|
||||||
|
/* Load the syscall number for checking. */
|
||||||
|
BPF_STMT(BPF_LD+BPF_W+BPF_ABS,
|
||||||
|
offsetof(struct seccomp_data, nr)),
|
||||||
|
+#ifdef __NR_open
|
||||||
|
SC_DENY(open, EACCES),
|
||||||
|
+#endif
|
||||||
|
+#ifdef __NR_openat
|
||||||
|
+ SC_DENY(openat, EACCES),
|
||||||
|
+#endif
|
||||||
|
SC_ALLOW(getpid),
|
||||||
|
SC_ALLOW(gettimeofday),
|
||||||
|
SC_ALLOW(clock_gettime),
|
||||||
|
@@ -121,12 +126,16 @@
|
||||||
|
#ifdef __NR_ppoll
|
||||||
|
SC_ALLOW(ppoll),
|
||||||
|
#endif
|
||||||
|
+#ifdef __NR_poll
|
||||||
|
SC_ALLOW(poll),
|
||||||
|
+#endif
|
||||||
|
#ifdef __NR__newselect
|
||||||
|
SC_ALLOW(_newselect),
|
||||||
|
#else
|
||||||
|
+#ifdef __NR_select
|
||||||
|
SC_ALLOW(select),
|
||||||
|
#endif
|
||||||
|
+#endif
|
||||||
|
SC_ALLOW(madvise),
|
||||||
|
#ifdef __NR_mmap2 /* EABI ARM only has mmap2() */
|
||||||
|
SC_ALLOW(mmap2),
|
||||||
|
@@ -159,7 +168,12 @@
|
||||||
|
/* Load the syscall number for checking. */
|
||||||
|
BPF_STMT(BPF_LD+BPF_W+BPF_ABS,
|
||||||
|
offsetof(struct seccomp_data, nr)),
|
||||||
|
+#ifdef __NR_open
|
||||||
|
SC_DENY(open, EACCES),
|
||||||
|
+#endif
|
||||||
|
+#ifdef __NR_openat
|
||||||
|
+ SC_DENY(openat, EACCES),
|
||||||
|
+#endif
|
||||||
|
SC_ALLOW(getpid),
|
||||||
|
#ifdef __NR_getrandom
|
||||||
|
SC_ALLOW(getrandom),
|
||||||
|
@@ -184,11 +198,15 @@
|
||||||
|
#ifdef __NR_ppoll
|
||||||
|
SC_ALLOW(ppoll),
|
||||||
|
#endif
|
||||||
|
+#ifdef __NR_poll
|
||||||
|
SC_ALLOW(poll),
|
||||||
|
+#endif
|
||||||
|
#ifdef __NR__newselect
|
||||||
|
SC_ALLOW(_newselect),
|
||||||
|
#else
|
||||||
|
+#ifdef __NR_select
|
||||||
|
SC_ALLOW(select),
|
||||||
|
+#endif
|
||||||
|
#endif
|
||||||
|
SC_ALLOW(madvise),
|
||||||
|
#ifdef __NR_mmap2 /* EABI ARM only has mmap2() */
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
# Template file for 'kcgi'
|
# Template file for 'kcgi'
|
||||||
pkgname=kcgi
|
pkgname=kcgi
|
||||||
version=0.10.11
|
version=0.10.12
|
||||||
revision=1
|
revision=1
|
||||||
build_style=configure
|
build_style=configure
|
||||||
configure_args="PREFIX=/usr MANDIR=/usr/share/man SBINDIR=/usr/bin"
|
configure_args="PREFIX=/usr MANDIR=/usr/share/man SBINDIR=/usr/bin"
|
||||||
|
|
@ -13,11 +13,7 @@ maintainer="Duncaen <duncaen@voidlinux.org>"
|
||||||
license="ISC"
|
license="ISC"
|
||||||
homepage="http://kristaps.bsd.lv/kcgi/"
|
homepage="http://kristaps.bsd.lv/kcgi/"
|
||||||
distfiles="http://kristaps.bsd.lv/kcgi/snapshots/kcgi-${version}.tgz"
|
distfiles="http://kristaps.bsd.lv/kcgi/snapshots/kcgi-${version}.tgz"
|
||||||
checksum=a5bb5e96552603af1e67bd90589c7308a0a5f81286b8b741de4099f969a1ecf1
|
checksum=e836275c52f9464d50b8d564cb73338e8c47221fba086274d068a202cbc2df51
|
||||||
|
|
||||||
case "$XBPS_TARGET_MACHINE" in
|
|
||||||
aarch64*) broken="sandbox-seccomp-filter.c:76:34: error: initializer element is not constant"
|
|
||||||
esac
|
|
||||||
|
|
||||||
seccomp_audit_get_suffix() {
|
seccomp_audit_get_suffix() {
|
||||||
case "$1" in
|
case "$1" in
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue