[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     3ddaca746855efb229595738f33a9ba00e8f001b
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Mon Oct 18 06:33:10 2021 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Mon Oct 18 06:33:10 2021 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=3ddaca74

libsbutil: add assert to testing code path

This makes it more obvious when the env is (incorrectly) partially setup.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/get_sandbox_conf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libsbutil/get_sandbox_conf.c b/libsbutil/get_sandbox_conf.c
index af0140e..1178f8a 100644
--- a/libsbutil/get_sandbox_conf.c
+++ b/libsbutil/get_sandbox_conf.c
@@ -19,6 +19,7 @@ char *get_sandbox_conf(void)
 	save_errno();
 	if (is_env_on(ENV_SANDBOX_TESTING)) {
 		char *abs = getenv("abs_top_srcdir");
+		sb_assert(abs != NULL);
 		ret = xmalloc(strlen(abs) + strlen(LOCAL_SANDBOX_CONF_FILE) + 1);
 		sprintf(ret, "%s%s", abs, LOCAL_SANDBOX_CONF_FILE);
 	}

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Gilbert]

commit:     6a6a6a6c9680e5868544887a7ab4d141833abfb6
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Mon Jul 17 13:43:51 2023 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Mon Jul 17 13:43:51 2023 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=6a6a6a6c

sb_exists: drop use of faccessat

faccessat appears to perform quite poorly under certain conditions.
Go back to using fstatat until this can be debugged.

Bug: https://bugs.gentoo.org/910273
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 libsbutil/sb_exists.c | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/libsbutil/sb_exists.c b/libsbutil/sb_exists.c
index 9ec7730..d34f0cc 100644
--- a/libsbutil/sb_exists.c
+++ b/libsbutil/sb_exists.c
@@ -10,15 +10,5 @@
 int sb_exists(int dirfd, const char *pathname, int flags)
 {
 	struct stat64 buf;
-
-	if (faccessat(dirfd, pathname, F_OK, flags) == 0)
-		return 0;
-
-	/* musl's faccessat gives EINVAL when the kernel does not support
-	 * faccessat2 and AT_SYMLINK_NOFOLLOW is set.
-	 * https://www.openwall.com/lists/musl/2023/06/19/1 */
-	if (errno != EINVAL)
-		return -1;
-
 	return fstatat64(dirfd, pathname, &buf, flags);
 }

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     f4872fb69fe16fc416e4211d12811da61e8738b2
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Fri Nov  5 09:47:58 2021 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Fri Nov  5 09:47:58 2021 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=f4872fb6

Revert "Force sandbox-internal functions to use 64bit file interface"

This reverts commit 19c215f245faf9a453e7171bddccc690c03f7b72.

We do not want different LFS interfaces being used in different modules
as it makes debugging a nightmare when different functions think basic
structures have different layouts & sizes.

This also doesn't address the LFS issues sandbox has when code still
crashes in libsandbox itself when checking accesses.

Bug: https://bugs.gentoo.org/681892
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/local.mk | 1 -
 1 file changed, 1 deletion(-)

diff --git a/libsbutil/local.mk b/libsbutil/local.mk
index bede5bf..126c7ce 100644
--- a/libsbutil/local.mk
+++ b/libsbutil/local.mk
@@ -2,7 +2,6 @@ noinst_LTLIBRARIES += %D%/libsbutil.la
 
 %C%_libsbutil_la_CPPFLAGS = \
 	$(AM_CPPFLAGS) \
-	-D_FILE_OFFSET_BITS=64 \
 	-I$(top_srcdir)/%D% \
 	-I$(top_srcdir)/%D%/include
 %C%_libsbutil_la_LDFLAGS = -no-undefined

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Andreas K. Hüttel]

commit:     19c215f245faf9a453e7171bddccc690c03f7b72
Author:     Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
AuthorDate: Wed Nov  3 21:05:53 2021 +0000
Commit:     Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
CommitDate: Wed Nov  3 21:05:53 2021 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=19c215f2

Force sandbox-internal functions to use 64bit file interface

This works around problems when a 64bit qemu is emulating a 32bit
architecture.

LFS has been present since glibc-2.2 and kernel 2.4.

Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org>

 libsbutil/local.mk | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libsbutil/local.mk b/libsbutil/local.mk
index 126c7ce..bede5bf 100644
--- a/libsbutil/local.mk
+++ b/libsbutil/local.mk
@@ -2,6 +2,7 @@ noinst_LTLIBRARIES += %D%/libsbutil.la
 
 %C%_libsbutil_la_CPPFLAGS = \
 	$(AM_CPPFLAGS) \
+	-D_FILE_OFFSET_BITS=64 \
 	-I$(top_srcdir)/%D% \
 	-I$(top_srcdir)/%D%/include
 %C%_libsbutil_la_LDFLAGS = -no-undefined

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     7c92fad8b8e613ada5b4ce951829ed420a4aaac7
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Wed Nov  3 04:56:17 2021 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Wed Nov  3 04:56:17 2021 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=7c92fad8

libsbutil: drop fsync when logging

This was added as part of running multiple tracers in parallel in the
hopes (hack) it would make logs less intermingled.  Unfortunately, it
didn't really accomplish that, and it upsets `file` when verbose output
is enabled due to file's own seccomp filter (which doesn't have fsync).
We could add this to file's seccomp filter (since it's a pretty benign
syscall), but easier to just drop it at this point since it's not all
that useful.

Bug: https://bugs.gentoo.org/821403
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/sb_efuncs.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/libsbutil/sb_efuncs.c b/libsbutil/sb_efuncs.c
index 1283784..7ded90d 100644
--- a/libsbutil/sb_efuncs.c
+++ b/libsbutil/sb_efuncs.c
@@ -52,7 +52,6 @@ static void sb_vefunc(const char *prog, const char *color, const char *format, v
 		sb_fdprintf(fd, " %s*%s ", color, COLOR_NORMAL);
 	sb_vfdprintf(fd, format, args);
 
-	fsync(fd);
 	if (opened)
 		close(fd);
 }

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     87d6537245b6f7cbf028e4c0e187cda7484729f0
Author:     Guenther Brunthaler <gb_about_gnu <AT> gmx <DOT> net>
AuthorDate: Sun Nov 27 18:30:36 2016 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Sun Nov 27 18:30:36 2016 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=87d65372

libsbutil: elide sb_maybe_gdb when -DNDEBUG is used

Since sb_maybe_gdb is set up as a stub macro, make sure we don't define
the function either to cut down on size and build failures (when the
macro tries to expand the function prototype).

URL: https://bugs.gentoo.org/600550

 libsbutil/sb_gdb.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libsbutil/sb_gdb.c b/libsbutil/sb_gdb.c
index 6112379..021a3c4 100644
--- a/libsbutil/sb_gdb.c
+++ b/libsbutil/sb_gdb.c
@@ -62,6 +62,7 @@ void sb_gdb(void)
 	}
 }
 
+#ifndef NDEBUG
 void sb_maybe_gdb(void)
 {
 	if (is_env_on("SANDBOX_GDB")) {
@@ -69,3 +70,4 @@ void sb_maybe_gdb(void)
 		sb_gdb();
 	}
 }
+#endif

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     1ec4f132c73bbf52104f84a95d168f8f609a5d14
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 18 06:16:54 2016 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Mon Jan 18 06:16:54 2016 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=1ec4f132

libsbutil: clean up same.h distdir usage

In commit 7a923f646ce10b7dec3c7ae5fe2079c10aa21752, we dropped the same.h
header, but the build still listed it.  Drop it from the distdir list.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/Makefile.am | 1 -
 1 file changed, 1 deletion(-)

diff --git a/libsbutil/Makefile.am b/libsbutil/Makefile.am
index 0c41500..684d126 100644
--- a/libsbutil/Makefile.am
+++ b/libsbutil/Makefile.am
@@ -61,7 +61,6 @@ libsbutil_la_SOURCES =                        \
 	gnulib/hash-triple.c                  \
 	gnulib/hash-triple.h                  \
 	gnulib/pathmax.h                      \
-	gnulib/same.h                         \
 	gnulib/same-inode.h                   \
 	gnulib/xalloc.h                       \
 	gnulib/xalloc-oversized.h             \

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     a60b397d75e121232b8066db7333b82a6f9a951c
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 20 01:11:13 2015 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Sun Dec 20 01:11:13 2015 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=a60b397d

sb_efuncs: avoid pointless stdio indirection

We were setting up a FILE* from a file descriptor to pass to sb_fprintf
which is a simple macro that calls fileno(fp) to pass the fd down.  We
can call the fd funcs directly and avoid the whole stdio business.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/sb_efuncs.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/libsbutil/sb_efuncs.c b/libsbutil/sb_efuncs.c
index c855257..2de3116 100644
--- a/libsbutil/sb_efuncs.c
+++ b/libsbutil/sb_efuncs.c
@@ -35,8 +35,8 @@ static void sbio_init(void)
  */
 static void sb_vefunc(const char *prog, const char *color, const char *format, va_list args)
 {
+	bool opened;
 	int fd;
-	FILE *fp;
 
 	if (likely(sbio_message_path))
 		fd = sbio_open(sbio_message_path, O_WRONLY|O_APPEND|O_CLOEXEC, 0);
@@ -44,15 +44,15 @@ static void sb_vefunc(const char *prog, const char *color, const char *format, v
 		fd = -1;
 	if (fd == -1)
 		fd = sbio_open(sbio_fallback_path, O_WRONLY|O_CLOEXEC, 0);
-	fp = fd == -1 ? NULL : fdopen(fd, "ae");
-	if (!fp)
-		fp = stderr;
+	opened = (fd != -1);
+	if (fd == -1)
+		fd = fileno(stderr);
 
-	sb_fprintf(fp, " %s*%s ", color, COLOR_NORMAL);
-	sb_vfprintf(fp, format, args);
+	sb_fdprintf(fd, " %s*%s ", color, COLOR_NORMAL);
+	sb_vfdprintf(fd, format, args);
 
-	if (fp != stderr)
-		fclose(fp);
+	if (opened)
+		close(fd);
 }
 
 void sb_einfo(const char *format, ...)

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     7e7a7a025dd2d43daf0b8ca14135e14bcaf871ce
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sun Sep 20 06:35:25 2015 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Sun Sep 20 06:35:25 2015 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=7e7a7a02

libsbutil: undef memory redirect calls

Sometimes the C library will redirect a call to strdup to __strdup which
breaks when we're using the libsandbox memory allocator.  This was fixed
in libsandbox in commit d7801453aced46a6f31d8455877edeb31a5211cc, but we
didn't notice in libsbutil as no calls to strdup happened to come up.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/sb_memory.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/libsbutil/sb_memory.c b/libsbutil/sb_memory.c
index bdc054f..ebc1c8e 100644
--- a/libsbutil/sb_memory.c
+++ b/libsbutil/sb_memory.c
@@ -11,6 +11,12 @@
 #include "headers.h"
 #include "sbutil.h"
 
+/* Make sure the C library doesn't rewrite calls to funcs libsandbox provides. */
+#undef calloc
+#undef malloc
+#undef realloc
+#undef strdup
+
 void *
 __xcalloc(size_t nmemb, size_t size, const char *file, const char *func, size_t line)
 {

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     9ea6140984ba4e18ce2aaedb7ebc21466b60c433
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sun Mar  3 10:34:09 2013 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Sun Mar  3 10:34:09 2013 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=9ea61409

sandbox: accept SANDBOX_LOG vars whatever their values

Commit 40abb498ca4a24495fe34e133379382ce8c3eaca subtly broke the sandbox
with portage.  It changed how the sandbox log env var was accessed by
moving from getenv() to get_sandbox_log().  The latter has path checking
and will kick out values that contain a slash.  That means every time a
new process starts, a new sandbox log path will be generated, and when a
program triggers a violation, it'll write to the new file.  Meanwhile,
portage itself watches the original one which never gets updated.

This code has been around forever w/out documentation, and I can't think
of a reason we need it.  So punt it.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/get_sandbox_log.c | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/libsbutil/get_sandbox_log.c b/libsbutil/get_sandbox_log.c
index a79b399..bdb4278 100644
--- a/libsbutil/get_sandbox_log.c
+++ b/libsbutil/get_sandbox_log.c
@@ -21,17 +21,13 @@ static void _get_sb_log(char *path, const char *tmpdir, const char *env, const c
 
 	sandbox_log_env = getenv(env);
 
-	if (sandbox_log_env && is_env_on(ENV_SANDBOX_TESTING)) {
-		/* When testing, just use what the env says to */
+	if (sandbox_log_env) {
+		/* If the env is viable, roll with it.  We aren't really
+		 * about people breaking the security of the sandbox by
+		 * exporting SANDBOX_LOG=/dev/null.
+		 */
 		strncpy(path, sandbox_log_env, SB_PATH_MAX);
 	} else {
-		/* THIS CHUNK BREAK THINGS BY DOING THIS:
-		 * SANDBOX_LOG=/tmp/sandbox-app-admin/superadduser-1.0.7-11063.log
-		 */
-		if ((NULL != sandbox_log_env) &&
-		    (NULL != strchr(sandbox_log_env, '/')))
-		    sandbox_log_env = NULL;
-
 		/* If running as a user w/out write access to /var/log, don't
 		 * shit ourselves.
 		 */

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     1a018e80058697408ce95142ffc292a5929fcc2b
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sun Mar  3 10:33:13 2013 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Sun Mar  3 10:33:13 2013 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=1a018e80

sb_efuncs: fix thinko in message patch

Forgot to assign the fallback open to the fd.  Whee.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/sb_efuncs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libsbutil/sb_efuncs.c b/libsbutil/sb_efuncs.c
index 80064c6..c855257 100644
--- a/libsbutil/sb_efuncs.c
+++ b/libsbutil/sb_efuncs.c
@@ -43,7 +43,7 @@ static void sb_vefunc(const char *prog, const char *color, const char *format, v
 	else
 		fd = -1;
 	if (fd == -1)
-		sbio_open(sbio_fallback_path, O_WRONLY|O_CLOEXEC, 0);
+		fd = sbio_open(sbio_fallback_path, O_WRONLY|O_CLOEXEC, 0);
 	fp = fd == -1 ? NULL : fdopen(fd, "ae");
 	if (!fp)
 		fp = stderr;

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     2469bbf7607b7544d5df4b0645a0798a226bb5d6
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sat Feb 23 04:58:44 2013 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Sat Feb 23 04:58:44 2013 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=2469bbf7

environ: add set variants to env_is_{on,off}

In some situations, we want to know the tristate of "is on", "is off", and
"is set" instead of just lumping the "is not set" case in with "is off".
Add some helpers for that.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsbutil/environment.c | 26 +++++++++++++++++++-------
 libsbutil/sbutil.h      |  2 ++
 2 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/libsbutil/environment.c b/libsbutil/environment.c
index b24189f..70fdb72 100644
--- a/libsbutil/environment.c
+++ b/libsbutil/environment.c
@@ -10,15 +10,17 @@
 #include "headers.h"
 #include "sbutil.h"
 
-static bool env_is_in(const char *env, const char *values[])
+static bool env_is_in(const char *env, const char *values[], bool *set)
 {
 	size_t i = 0;
 	const char *val;
 
 	if (unlikely(!env))
-		return false;
+		return (*set = false);
+
 	val = getenv(env);
-	if (unlikely(!val))
+	*set = (val != NULL);
+	if (unlikely(!*set))
 		return false;
 
 	while (values[i])
@@ -28,18 +30,28 @@ static bool env_is_in(const char *env, const char *values[])
 	return false;
 }
 
-bool is_env_on(const char *env)
+bool is_env_set_on(const char *env, bool *set)
 {
 	static const char *values[] = {
 		"1", "true", "yes", NULL,
 	};
-	return env_is_in(env, values);
+	return env_is_in(env, values, set);
+}
+bool is_env_on(const char *env)
+{
+	bool set;
+	return is_env_set_on(env, &set);
 }
 
-bool is_env_off(const char *env)
+bool is_env_set_off(const char *env, bool *set)
 {
 	static const char *values[] = {
 		"0", "false", "no", NULL,
 	};
-	return env_is_in(env, values);
+	return env_is_in(env, values, set);
+}
+bool is_env_off(const char *env)
+{
+	bool set;
+	return is_env_set_off(env, &set);
 }

diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h
index 993d7ad..02b88cb 100644
--- a/libsbutil/sbutil.h
+++ b/libsbutil/sbutil.h
@@ -75,6 +75,8 @@ void get_sandbox_message_path(char *path);
 int get_tmp_dir(char *path);
 bool is_env_on(const char *);
 bool is_env_off(const char *);
+bool is_env_set_on(const char *, bool *);
+bool is_env_set_off(const char *, bool *);
 static inline bool is_env_var(const char *env, const char *var, size_t vlen)
 {
 	return !strncmp(env, var, vlen) && env[vlen] == '=';

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     f0dbd58bcb7b20ef681e7635f9d4b580816ad5ef
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Thu Dec 27 03:47:11 2012 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Mon Feb 25 04:05:05 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=f0dbd58b

environ: merge is_env_{on,off} into a single file

Start a centralized place for environment related helper funcs.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

---
 libsbutil/Makefile.am   |    3 +--
 libsbutil/environment.c |   45 +++++++++++++++++++++++++++++++++++++++++++++
 libsbutil/is_env_off.c  |   22 ----------------------
 libsbutil/is_env_on.c   |   22 ----------------------
 4 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/libsbutil/Makefile.am b/libsbutil/Makefile.am
index f1fed76..39a5ab6 100644
--- a/libsbutil/Makefile.am
+++ b/libsbutil/Makefile.am
@@ -18,8 +18,7 @@ libsbutil_la_SOURCES =                        \
 	get_sandbox_rc.c                      \
 	get_sandbox_log.c                     \
 	get_tmp_dir.c                         \
-	is_env_on.c                           \
-	is_env_off.c                          \
+	environment.c                         \
 	sb_backtrace.c                        \
 	sb_efuncs.c                           \
 	sb_gdb.c                              \

diff --git a/libsbutil/environment.c b/libsbutil/environment.c
new file mode 100644
index 0000000..b24189f
--- /dev/null
+++ b/libsbutil/environment.c
@@ -0,0 +1,45 @@
+/*
+ * environment.c
+ *
+ * Environment utility functions.
+ *
+ * Copyright 1999-2012 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+#include "headers.h"
+#include "sbutil.h"
+
+static bool env_is_in(const char *env, const char *values[])
+{
+	size_t i = 0;
+	const char *val;
+
+	if (unlikely(!env))
+		return false;
+	val = getenv(env);
+	if (unlikely(!val))
+		return false;
+
+	while (values[i])
+		if (!strcasecmp(val, values[i++]))
+			return true;
+
+	return false;
+}
+
+bool is_env_on(const char *env)
+{
+	static const char *values[] = {
+		"1", "true", "yes", NULL,
+	};
+	return env_is_in(env, values);
+}
+
+bool is_env_off(const char *env)
+{
+	static const char *values[] = {
+		"0", "false", "no", NULL,
+	};
+	return env_is_in(env, values);
+}

diff --git a/libsbutil/is_env_off.c b/libsbutil/is_env_off.c
deleted file mode 100644
index 3536ee7..0000000
--- a/libsbutil/is_env_off.c
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * is_env_off.c
- *
- * Util functions.
- *
- * Copyright 1999-2008 Gentoo Foundation
- * Licensed under the GPL-2
- */
-
-#include "headers.h"
-#include "sbutil.h"
-
-bool is_env_off (const char *env)
-{
-	if ((NULL != env) && (NULL != getenv(env)) &&
-	    ((0 == strncasecmp(getenv(env), "0", 1)) ||
-	     (0 == strncasecmp(getenv(env), "false", 5)) ||
-	     (0 == strncasecmp(getenv(env), "no", 2))))
-		return true;
-
-	return false;
-}

diff --git a/libsbutil/is_env_on.c b/libsbutil/is_env_on.c
deleted file mode 100644
index 18a8cc0..0000000
--- a/libsbutil/is_env_on.c
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * is_env_on.c
- *
- * Util functions.
- *
- * Copyright 1999-2008 Gentoo Foundation
- * Licensed under the GPL-2
- */
-
-#include "headers.h"
-#include "sbutil.h"
-
-bool is_env_on (const char *env)
-{
-	if ((NULL != env) && (NULL != getenv(env)) &&
-	    ((0 == strncasecmp(getenv(env), "1", 1)) ||
-	     (0 == strncasecmp(getenv(env), "true", 4)) ||
-	     (0 == strncasecmp(getenv(env), "yes", 3))))
-		return true;
-
-	return false;
-}

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     9adf0645e69835f1f39c8857939209b6842fa5ee
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Mon Dec  3 04:55:40 2012 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Mon Dec 24 05:23:50 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=9adf0645

sb_efuncs: fix usage of portage handlers

The previous change forgot to actually enable the portage helpers.  This
meant violation output would always get sent to /dev/tty rather than to
portage's logging facilities.

Enable the helper logic while also fixing a logic error with va_args
(you can't re-use the same va_args).

Also, in order to use these with code that watches over SIGCHLD via
sigaction, we need to use sigaction ourselves to ignore that signal.

This might be racy with threaded apps that fork & watch SIGCHLD.
Testing in the larger world will show whether we need to revisit
how we communicate with the PM.

URL: http://bugs.gentoo.org/431638
Reported-by: Michael Weiser <michael <AT> weiser.dinsnail.net>
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

---
 libsbutil/sb_efuncs.c |   24 +++++++++++++++++-------
 1 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/libsbutil/sb_efuncs.c b/libsbutil/sb_efuncs.c
index 6a7a09b..64ac82f 100644
--- a/libsbutil/sb_efuncs.c
+++ b/libsbutil/sb_efuncs.c
@@ -26,7 +26,7 @@ static void sbio_init(void)
 	}
 }
 
-static bool try_portage_helpers = false;
+static bool try_portage_helpers = true;
 
 /*
  * First try to use the helper programs from portage so that it can sanely
@@ -39,17 +39,20 @@ static void sb_vefunc(const char *prog, const char *color, const char *format, v
 {
 	char shellcode[128];
 	FILE *fp;
-	sighandler_t oldsig;
+	struct sigaction sa, old_sa;
 	bool is_pipe = false;
+	va_list retry_args;
 
 	if (try_portage_helpers) {
 		/* If popen() fails, then writes to it will trigger SIGPIPE */
-		/* XXX: convert this to sigaction */
-		oldsig = signal(SIGPIPE, SIG_IGN);
+		sa.sa_flags = SA_RESTART;
+		sa.sa_handler = SIG_IGN;
+		sigaction(SIGCHLD, &sa, &old_sa);
 
 		sprintf(shellcode, "xargs %s 2>/dev/null", prog);
 		fp = sbio_popen(shellcode, "we");
 		is_pipe = true;
+		va_copy(retry_args, args);
 	} else
 		fp = NULL;
 
@@ -68,13 +71,20 @@ static void sb_vefunc(const char *prog, const char *color, const char *format, v
 
 	if (is_pipe) {
 		int status = pclose(fp);
-		if (WEXITSTATUS(status))
+		if (WEXITSTATUS(status)) {
+			args = retry_args;
 			goto do_tty;
+		}
 	} else if (fp != stderr)
 		fclose(fp);
 
-	if (try_portage_helpers)
-		signal(SIGPIPE, oldsig);
+	if (try_portage_helpers) {
+		sigaction(SIGCHLD, &old_sa, NULL);
+		va_end(retry_args);
+		if (!is_pipe)
+			/* If we failed once, we'll fail again */
+			try_portage_helpers = false;
+	}
 }
 
 void sb_einfo(const char *format, ...)

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     5aee0f89c31cbf64a605bdb8783fa7a74b900989
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 23 06:53:38 2012 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Mon Dec 24 05:19:24 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=5aee0f89

sb_efunc: delete

Completely unused.  GOOD BYE.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

---
 libsbutil/sb_efuncs.c |   25 -------------------------
 1 files changed, 0 insertions(+), 25 deletions(-)

diff --git a/libsbutil/sb_efuncs.c b/libsbutil/sb_efuncs.c
index 5a86d25..6a7a09b 100644
--- a/libsbutil/sb_efuncs.c
+++ b/libsbutil/sb_efuncs.c
@@ -10,31 +10,6 @@
 #include "headers.h"
 #include "sbutil.h"
 
-static bool nocolor, init_color = false;
-void sb_efunc(const char *color, const char *hilight, const char *format, ...)
-{
-	save_errno();
-
-	int fd = STDERR_FILENO;
-
-	if (!init_color) {
-		nocolor = is_env_on(ENV_NOCOLOR);
-		init_color = true;
-	}
-
-	if (!nocolor)
-		sb_fdprintf(fd, "%s%s%s", color, hilight, COLOR_NORMAL);
-	else
-		sb_fdprintf(fd, "%s", hilight);
-
-	va_list args;
-	va_start(args, format);
-	sb_vfdprintf(fd, format, args);
-	va_end(args);
-
-	restore_errno();
-}
-
 const char *colors[] = {
 	"\033[0m",
 	"\033[32;01m",

[gentoo-commits] proj/sandbox:master commit in: libsbutil/

[Mike Frysinger]

commit:     38241c15b80790efb11b1c128a3277900a89191b
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 23 06:27:17 2012 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Fri Nov 23 06:33:04 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=38241c15

sb_efuncs: fix NOCOLOR handling

Need to set the colors to "" rather than NULL so we don't print out
"(null)" where the colors normally would be.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

---
 libsbutil/sb_efuncs.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/libsbutil/sb_efuncs.c b/libsbutil/sb_efuncs.c
index 248c2bd..5a86d25 100644
--- a/libsbutil/sb_efuncs.c
+++ b/libsbutil/sb_efuncs.c
@@ -44,8 +44,11 @@ const char *colors[] = {
 __attribute__((constructor))
 static void sbio_init(void)
 {
-	if (is_env_on(ENV_NOCOLOR))
-		memset(colors, 0, sizeof(colors));
+	if (is_env_on(ENV_NOCOLOR)) {
+		size_t i;
+		for (i = 0; i < ARRAY_SIZE(colors); ++i)
+			colors[i] = "";
+	}
 }
 
 static bool try_portage_helpers = false;