commit: 58a7ba247d84e26c60697127dcc0490cd59aa8f4 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Wed Oct 4 17:44:06 2017 +0000 Commit: Ulrich Müller <ulm <AT> gentoo <DOT> org> CommitDate: Mon Oct 9 17:22:19 2017 +0000 URL: https://gitweb.gentoo.org/proj/pms.git/commit/?id=58a7ba24
EAPI 7 has sandbox directory removal functions. Bug: https://bugs.gentoo.org/630422 eapi-differences.tex | 4 ++++ pkg-mgr-commands.tex | 29 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/eapi-differences.tex b/eapi-differences.tex index d08d461..beba23f 100644 --- a/eapi-differences.tex +++ b/eapi-differences.tex @@ -41,6 +41,9 @@ of this document for a complete table of previous EAPIs. \bottomrule \endlastfoot +\t{rm*} sandbox functions & \compactfeatureref{sandbox-rm} & + No & No & No & No & Yes \\ + \t{IUSE_RUNTIME} & \compactfeatureref{iuse-runtime} & No & No & No & No & Yes \\ @@ -475,6 +478,7 @@ EAPI 7 is EAPI 6 with the following changes: \item automatic enforcing of \t{REQUIRED_USE} is supported, \featureref{auto-req-use}. \item binding leftmost-of (\t{||=}) dependency group is supported, \featureref{binding-leftmost-of}. \item runtime-modifiable USE flags (\t{IUSE_RUNTIME}) are supported, \featureref{iuse-runtime}. +\item sandbox path removal flags (\t{rm*}) are supported, \featureref{sandbox-rm}. \end{compactitem} \ChangeWhenAddingAnEAPI{7} diff --git a/pkg-mgr-commands.tex b/pkg-mgr-commands.tex index 287c71d..ff54d69 100644 --- a/pkg-mgr-commands.tex +++ b/pkg-mgr-commands.tex @@ -88,6 +88,35 @@ argument. Ebuilds must not run any of these commands once the current phase func \item[adddeny] Add a directory to the deny list. \end{description} +\featurelabel{sandbox-rm} Additionally, in EAPIs listed in table~\ref{tab:sandbox-command-table} +as supporting the respective commands, the following commands are available: +\begin{description} +\item[rmread] Remove a directory from the permitted read list. +\item[rmwrite] Remove a directory from the permitted write list. +\item[rmpredict] Remove a directory from the predict list. +\item[rmdeny] Remove a directory from the deny list. +\end{description} + +All of those commands match paths exactly. Removing a directory that is not present on the list +is silently ignored. + +\ChangeWhenAddingAnEAPI{7} +\begin{centertable}{Additional sandbox commands by EAPI} + \label{tab:sandbox-command-table} + \begin{tabular}{lllll} + \toprule + \multicolumn{1}{c}{\textbf{EAPI}} & + \multicolumn{1}{c}{\textbf{\t{rmread}?}} & + \multicolumn{1}{c}{\textbf{\t{rmwrite}?}} & + \multicolumn{1}{c}{\textbf{\t{rmpredict}?}} & + \multicolumn{1}{c}{\textbf{\t{rmdeny}?}} \\ + \midrule + 0, 1, 2, 3, 4, 5, 6 & No & No & No & No \\ + 7 & Yes & Yes & Yes & Yes \\ + \bottomrule + \end{tabular} +\end{centertable} + \subsection{Package manager query commands} These commands are used to extract information about the system. Ebuilds must not run any of these commands in parallel with any other package manager command. Ebuilds must not run any of
