commit: d2430d853843b0df847c132ef2e1e1d34bbb1150
Author: Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Tue Feb 11 03:16:50 2025 +0000
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sat Feb 15 01:43:11 2025 +0000
URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=d2430d85
Improve SANDBOX_TESTING overrides
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
configure.ac | 1 +
libsbutil/get_sandbox_conf.c | 11 ++---------
libsbutil/get_sandbox_confd.c | 6 +++---
libsbutil/get_sandbox_rc.c | 4 ++--
localdecls.h | 11 +++++++++++
src/sandbox.sh.in | 7 ++++---
6 files changed, 23 insertions(+), 17 deletions(-)
diff --git a/configure.ac b/configure.ac
index 3db9441..6317233 100644
--- a/configure.ac
+++ b/configure.ac
@@ -220,6 +220,7 @@ AC_CHECK_FUNCS_ONCE(m4_flatten([
strchr
strdup
strerror
+ strlcpy
strndup
strrchr
strspn
diff --git a/libsbutil/get_sandbox_conf.c b/libsbutil/get_sandbox_conf.c
index 1178f8a..20e3472 100644
--- a/libsbutil/get_sandbox_conf.c
+++ b/libsbutil/get_sandbox_conf.c
@@ -10,19 +10,12 @@
#include "headers.h"
#include "sbutil.h"
-/* Where the file exists in our source tree */
-#define LOCAL_SANDBOX_CONF_FILE "/etc/sandbox.conf"
-
char *get_sandbox_conf(void)
{
char *ret = SANDBOX_CONF_FILE;
save_errno();
- if (is_env_on(ENV_SANDBOX_TESTING)) {
- char *abs = getenv("abs_top_srcdir");
- sb_assert(abs != NULL);
- ret = xmalloc(strlen(abs) + strlen(LOCAL_SANDBOX_CONF_FILE) +
1);
- sprintf(ret, "%s%s", abs, LOCAL_SANDBOX_CONF_FILE);
- }
+ if (is_env_on(ENV_SANDBOX_TESTING))
+ ret = getenv("__SANDBOX_CONF_FILE");
restore_errno();
return ret;
}
diff --git a/libsbutil/get_sandbox_confd.c b/libsbutil/get_sandbox_confd.c
index ffe3021..871af9b 100644
--- a/libsbutil/get_sandbox_confd.c
+++ b/libsbutil/get_sandbox_confd.c
@@ -13,9 +13,9 @@
char *get_sandbox_confd(char *path)
{
save_errno();
- if (is_env_on(ENV_SANDBOX_TESTING))
- snprintf(path, SB_PATH_MAX, "%s/etc/sandbox.d/",
- getenv("abs_top_srcdir"));
+ char *p;
+ if (is_env_on(ENV_SANDBOX_TESTING) && (p =
getenv("__SANDBOX_CONFD_DIR")))
+ strlcpy(path, p, SB_PATH_MAX);
else
strcpy(path, SANDBOX_CONFD_DIR);
restore_errno();
diff --git a/libsbutil/get_sandbox_rc.c b/libsbutil/get_sandbox_rc.c
index 402ea9d..a02f6f0 100644
--- a/libsbutil/get_sandbox_rc.c
+++ b/libsbutil/get_sandbox_rc.c
@@ -17,8 +17,8 @@ void get_sandbox_rc(char *path)
{
save_errno();
if (is_env_on(ENV_SANDBOX_TESTING))
- snprintf(path, SB_PATH_MAX, "%s/data/%s",
- getenv("abs_top_srcdir"), BASHRC_NAME);
+ snprintf(path, SB_PATH_MAX, "%s/%s",
+ getenv("__SANDBOX_BASHRC_PATH"), BASHRC_NAME);
else
snprintf(path, SB_PATH_MAX, "%s/%s",
SANDBOX_BASHRC_PATH, BASHRC_NAME);
diff --git a/localdecls.h b/localdecls.h
index 043696f..74e5049 100644
--- a/localdecls.h
+++ b/localdecls.h
@@ -125,6 +125,17 @@ typedef struct user_regs_struct trace_regs;
# define dlvsym(_lib, _sym, _ver) dlsym(_lib, _sym)
#endif
+#ifndef HAVE_STRLCPY
+static size_t strlcpy(char *dst, const char *src, size_t size)
+{
+ size_t srclen = strlen(src);
+ size_t copylen = (srclen < size ? srclen : size - 1);
+ memcpy(dst, src, copylen);
+ dst[copylen] = '\0';
+ return srclen;
+}
+#endif
+
/* Taken from glibc */
# define strong_alias(_name, _aliasname) \
extern __typeof (_name) _aliasname __attribute__ ((alias (#_name)));
diff --git a/src/sandbox.sh.in b/src/sandbox.sh.in
index 9324d20..5292dea 100644
--- a/src/sandbox.sh.in
+++ b/src/sandbox.sh.in
@@ -1,9 +1,10 @@
#!/bin/sh
# quick wrapper to run local sandbox with local libsandbox
dir=${0%/*}
-export abs_top_srcdir="@abs_top_srcdir@"
-export abs_top_builddir="@abs_top_builddir@"
-export LD_LIBRARY_PATH="${abs_top_builddir}/libsandbox/.libs"
+export LD_LIBRARY_PATH="@abs_top_builddir@/libsandbox/.libs"
+export __SANDBOX_BASHRC_PATH="@abs_top_srcdir@/data"
+export __SANDBOX_CONF_FILE="@abs_top_srcdir@/etc/sandbox.conf"
+export __SANDBOX_CONFD_DIR="@abs_top_builddir@/etc/sandbox.d"
export __SANDBOX_TESTING=yes
if [ -x "${dir}"/sandbox ] ; then
exec "${dir}"/sandbox "$@"
