commit: 34a7b3903ba14f05b7702784d83e3ef7ae1dc5f1 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Wed Oct 4 17:44:06 2017 +0000 Commit: Ulrich Müller <ulm <AT> gentoo <DOT> org> CommitDate: Sat Feb 24 12:55:24 2018 +0000 URL: https://gitweb.gentoo.org/proj/pms.git/commit/?id=34a7b390
EAPI 7 has sandbox directory removal functions. Bug: https://bugs.gentoo.org/630422 eapi-differences.tex | 4 ++++ pkg-mgr-commands.tex | 29 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/eapi-differences.tex b/eapi-differences.tex index 7bddf41..96e0c0c 100644 --- a/eapi-differences.tex +++ b/eapi-differences.tex @@ -230,6 +230,9 @@ Most utilities die & \compactfeatureref{die-on-failure} & \t{libopts} & \compactfeatureref{banned-commands} & Yes & Yes & Yes & Yes & Banned \\ +Sandbox \t{rm*} commands & \compactfeatureref{sandbox-rm} & + No & No & No & No & Yes \\ + Query command options & \compactfeatureref{pm-query-options} & None & None & \t{-{}-host-root} & \t{-{}-host-root} & \t{-b}, \t{-d}, \t{-r} \\ @@ -457,6 +460,7 @@ EAPI 7 is EAPI 6 with the following changes: \item \t{nonfatal} is both a shell function and an external command, \featureref{nonfatal}. \item \t{dohtml} banned, \featureref{banned-commands}. \item \t{dolib} and \t{libopts} banned, \featureref{banned-commands}. +\item Sandbox path removal commands, \featureref{sandbox-rm}. \end{compactitem} \ChangeWhenAddingAnEAPI{7} diff --git a/pkg-mgr-commands.tex b/pkg-mgr-commands.tex index 7b01ab8..db871c3 100644 --- a/pkg-mgr-commands.tex +++ b/pkg-mgr-commands.tex @@ -87,6 +87,35 @@ argument. Ebuilds must not run any of these commands once the current phase func \item[adddeny] Add a directory to the deny list. \end{description} +\featurelabel{sandbox-rm} Additionally, in EAPIs listed in table~\ref{tab:sandbox-command-table} +as supporting the respective commands, the following commands are available: +\begin{description} +\item[rmread] Remove a directory from the permitted read list. +\item[rmwrite] Remove a directory from the permitted write list. +\item[rmpredict] Remove a directory from the predict list. +\item[rmdeny] Remove a directory from the deny list. +\end{description} + +All of these commands match paths exactly. Removing a directory that is not present on the list +is silently ignored. + +\ChangeWhenAddingAnEAPI{7} +\begin{centertable}{Additional sandbox commands in EAPIs} + \label{tab:sandbox-command-table} + \begin{tabular}{lllll} + \toprule + \multicolumn{1}{c}{\textbf{EAPI}} & + \multicolumn{1}{c}{\textbf{\t{rmread}?}} & + \multicolumn{1}{c}{\textbf{\t{rmwrite}?}} & + \multicolumn{1}{c}{\textbf{\t{rmpredict}?}} & + \multicolumn{1}{c}{\textbf{\t{rmdeny}?}} \\ + \midrule + 0, 1, 2, 3, 4, 5, 6 & No & No & No & No \\ + 7 & Yes & Yes & Yes & Yes \\ + \bottomrule + \end{tabular} +\end{centertable} + \subsection{Package manager query commands} These commands are used to extract information about the system. Ebuilds must not run any of these commands in parallel with any other package manager command. Ebuilds must not run any of
