commit: 6c4a2260413acf81287324697379dfbe335a6518 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Wed Oct 4 17:44:06 2017 +0000 Commit: Ulrich Müller <ulm <AT> gentoo <DOT> org> CommitDate: Sun Feb 18 13:35:54 2018 +0000 URL: https://gitweb.gentoo.org/proj/pms.git/commit/?id=6c4a2260
EAPI 7 has sandbox directory removal functions. Bug: https://bugs.gentoo.org/630422 eapi-differences.tex | 4 ++++ pkg-mgr-commands.tex | 29 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/eapi-differences.tex b/eapi-differences.tex index 7bddf41..96e0c0c 100644 --- a/eapi-differences.tex +++ b/eapi-differences.tex @@ -230,6 +230,9 @@ Most utilities die & \compactfeatureref{die-on-failure} & \t{libopts} & \compactfeatureref{banned-commands} & Yes & Yes & Yes & Yes & Banned \\ +Sandbox \t{rm*} commands & \compactfeatureref{sandbox-rm} & + No & No & No & No & Yes \\ + Query command options & \compactfeatureref{pm-query-options} & None & None & \t{-{}-host-root} & \t{-{}-host-root} & \t{-b}, \t{-d}, \t{-r} \\ @@ -457,6 +460,7 @@ EAPI 7 is EAPI 6 with the following changes: \item \t{nonfatal} is both a shell function and an external command, \featureref{nonfatal}. \item \t{dohtml} banned, \featureref{banned-commands}. \item \t{dolib} and \t{libopts} banned, \featureref{banned-commands}. +\item Sandbox path removal commands, \featureref{sandbox-rm}. \end{compactitem} \ChangeWhenAddingAnEAPI{7} diff --git a/pkg-mgr-commands.tex b/pkg-mgr-commands.tex index ea002f2..2d23075 100644 --- a/pkg-mgr-commands.tex +++ b/pkg-mgr-commands.tex @@ -87,6 +87,35 @@ argument. Ebuilds must not run any of these commands once the current phase func \item[adddeny] Add a directory to the deny list. \end{description} +\featurelabel{sandbox-rm} Additionally, in EAPIs listed in table~\ref{tab:sandbox-command-table} +as supporting the respective commands, the following commands are available: +\begin{description} +\item[rmread] Remove a directory from the permitted read list. +\item[rmwrite] Remove a directory from the permitted write list. +\item[rmpredict] Remove a directory from the predict list. +\item[rmdeny] Remove a directory from the deny list. +\end{description} + +All of these commands match paths exactly. Removing a directory that is not present on the list +is silently ignored. + +\ChangeWhenAddingAnEAPI{7} +\begin{centertable}{Additional sandbox commands in EAPIs} + \label{tab:sandbox-command-table} + \begin{tabular}{lllll} + \toprule + \multicolumn{1}{c}{\textbf{EAPI}} & + \multicolumn{1}{c}{\textbf{\t{rmread}?}} & + \multicolumn{1}{c}{\textbf{\t{rmwrite}?}} & + \multicolumn{1}{c}{\textbf{\t{rmpredict}?}} & + \multicolumn{1}{c}{\textbf{\t{rmdeny}?}} \\ + \midrule + 0, 1, 2, 3, 4, 5, 6 & No & No & No & No \\ + 7 & Yes & Yes & Yes & Yes \\ + \bottomrule + \end{tabular} +\end{centertable} + \subsection{Package manager query commands} These commands are used to extract information about the system. Ebuilds must not run any of these commands in parallel with any other package manager command. Ebuilds must not run any of
