commit: 89207aec09bf4c82c8dc1abbc4feb11792ed5400 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Wed Oct 4 17:44:06 2017 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Wed Oct 4 20:25:38 2017 +0000 URL: https://gitweb.gentoo.org/proj/pms.git/commit/?id=89207aec
EAPI 7 has sandbox directory removal functions. Bug: https://bugs.gentoo.org/630422 eapi-differences.tex | 4 ++++ pkg-mgr-commands.tex | 29 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/eapi-differences.tex b/eapi-differences.tex index 441de70..0055070 100644 --- a/eapi-differences.tex +++ b/eapi-differences.tex @@ -41,6 +41,9 @@ of this document for a complete table of previous EAPIs. \bottomrule \endlastfoot +\t{rm*} sandbox functions & \compactfeatureref{sandbox-rm} & + No & No & No & No & Yes \\ + \t{IUSE_RUNTIME} & \compactfeatureref{iuse-runtime} & No & No & No & No & Yes \\ @@ -475,6 +478,7 @@ EAPI 7 is EAPI 6 with the following changes: \item automatic enforcing of \t{REQUIRED_USE} is supported, \featureref{auto-req-use}. \item binding leftmost-of (\t{||=}) dependency group is supported, \featureref{binding-leftmost-of}. \item runtime-modifiable USE flags (\t{IUSE_RUNTIME}) are supported, \featureref{iuse-runtime}. +\item sandbox path removal flags (\t{rm*}) are supported, \featureref{sandbox-rm}. \end{compactitem} \ChangeWhenAddingAnEAPI{7} diff --git a/pkg-mgr-commands.tex b/pkg-mgr-commands.tex index eac9bc8..70f4d5b 100644 --- a/pkg-mgr-commands.tex +++ b/pkg-mgr-commands.tex @@ -88,6 +88,35 @@ argument. Ebuilds must not run any of these commands once the current phase func \item[adddeny] Add a directory to the deny list. \end{description} +\featurelabel{sandbox-rm} Additionally, in EAPIs listed in table~\ref{tab:sandbox-command-table} +as supporting the respective commands, the following commands are available: +\begin{description} +\item[rmread] Remove a directory from the permitted read list. +\item[rmwrite] Remove a directory from the permitted write list. +\item[rmpredict] Remove a directory from the predict list. +\item[rmdeny] Remove a directory from the deny list. +\end{description} + +All of those commands match paths exactly. Removing a directory that is not present on the list +is silently ignored. + +\ChangeWhenAddingAnEAPI{7} +\begin{centertable}{Additional sandbox commands by EAPI} + \label{tab:sandbox-command-table} + \begin{tabular}{lllll} + \toprule + \multicolumn{1}{c}{\textbf{EAPI}} & + \multicolumn{1}{c}{\textbf{\t{rmread}?}} & + \multicolumn{1}{c}{\textbf{\t{rmwrite}?}} & + \multicolumn{1}{c}{\textbf{\t{rmpredict}?}} & + \multicolumn{1}{c}{\textbf{\t{rmdeny}?}} \\ + \midrule + 0, 1, 2, 3, 4, 5, 6 & No & No & No & No \\ + 7 & Yes & Yes & Yes & Yes \\ + \bottomrule + \end{tabular} +\end{centertable} + \subsubsection{Package manager query commands} These commands are used to extract information about the system. Ebuilds must not run any of these commands in parallel with any other package manager command. Ebuilds must not run any of
