From ceb0ac628872d9d20539c802b3917225a9e50cb5 Mon Sep 17 00:00:00 2001 From: Andreas Baumann Date: Thu, 3 May 2018 21:10:44 +0200 Subject: core/file: removed seccomp patch and disabling seccomp completly --- core/file/PKGBUILD | 15 +++++++++++---- core/file/file-5.33-seccomp-32bit.patch | 31 ------------------------------- 2 files changed, 11 insertions(+), 35 deletions(-) delete mode 100644 core/file/file-5.33-seccomp-32bit.patch (limited to 'core/file') diff --git a/core/file/PKGBUILD b/core/file/PKGBUILD index ab132fd5..ba1e0f05 100644 --- a/core/file/PKGBUILD +++ b/core/file/PKGBUILD @@ -1,5 +1,12 @@ -# seccomp doesn't add rules for 64-bit filesystem function on 32-bit -# systems (e.g. fstat64) +# file doesn't add seccomp rules for 64-bit filesystem function on 32-bit +# systems (e.g. fstat64), in allmost all functions of file +# various sycalls like fork, pipe, wait4 have no ALLOW_RULE, somehow +# works on 64-bit, not on 32-bit. (-z option) +# Hence: disabling seccomp support completly! -source+=('file-5.33-seccomp-32bit.patch') -md5sums+=('5e0c3072ad745b55c8560425e6bb904c') +eval "$( + declare -f build | \ + sed ' + s/configure/configure --disable-libseccomp/ + ' +)" diff --git a/core/file/file-5.33-seccomp-32bit.patch b/core/file/file-5.33-seccomp-32bit.patch deleted file mode 100644 index 27987266..00000000 --- a/core/file/file-5.33-seccomp-32bit.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff -rauN file-5.33/src/seccomp.c file-5.33-seccomp-32bit-patch/src/seccomp.c ---- file-5.33/src/seccomp.c 2017-11-04 02:14:25.000000000 +0100 -+++ file-5.33-seccomp-32bit-patch/src/seccomp.c 2018-05-03 13:49:51.826498606 +0200 -@@ -168,13 +168,18 @@ - ALLOW_RULE(dup2); - ALLOW_RULE(exit); - ALLOW_RULE(exit_group); -- ALLOW_RULE(fcntl); -+ ALLOW_RULE(fcntl); -+ ALLOW_RULE(fcntl64); - ALLOW_RULE(fstat); -+ ALLOW_RULE(fstat64); - ALLOW_RULE(getdents); -+ ALLOW_RULE(getdents64); - ALLOW_RULE(ioctl); - ALLOW_RULE(lseek); - ALLOW_RULE(lstat); -+ ALLOW_RULE(lstat64); - ALLOW_RULE(mmap); -+ ALLOW_RULE(mmap2); - ALLOW_RULE(mprotect); - ALLOW_RULE(mremap); - ALLOW_RULE(munmap); -@@ -188,6 +193,7 @@ - ALLOW_RULE(rt_sigreturn); - ALLOW_RULE(select); - ALLOW_RULE(stat); -+ ALLOW_RULE(stat64); - ALLOW_RULE(sysinfo); - ALLOW_RULE(unlink); - ALLOW_RULE(write); -- cgit v1.2.3