Allan McRae pushed to branch master at Pacman / Pacman Commits: 3a5ae573 by Allan McRae at 2025-10-10T19:05:23+10:00 Revert commits providing a default sandboxuser Reverts commits 7ccf316ceb767ddbd2c967a529551a8c1a78a53e and 692f7a2cfec0eb8e96e682d536631034abea4d61. - - - - - 25b64206 by Allan McRae at 2025-10-10T19:05:23+10:00 Record calling user ID in handle This will be used to check for permissions when deciding to enable features that require root access (e.g. sandboxing). Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 18e96ca3 by Allan McRae at 2025-10-10T19:05:23+10:00 Add utility function to check whether the sandbox should be used Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 2ae63606 by Allan McRae at 2025-10-10T19:05:23+10:00 Only use temporary directories for downloading when in the sandbox Completely separating the sandbox and non-sandbox download setup provides more flexibility for non-root users of libalpm, and provides a proper "fix" for leftover download directories with interupted downloads when not using the sandbox. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 0fd09020 by morganamilo at 2025-10-10T19:05:23+10:00 libalpm: set errno and log when setting up temp download dir Before: % pacman -Syy :: Synchronising package databases... error: failed to synchronize all databases (unexpected error) After: % pacman -Syy :: Synchronising package databases... error: failed to create temporary download directory /var/lib/pacman/sync/download-P77oXs: Permission denied error: failed to synchronize all databases (failed to retrieve some files) Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - c18e472e by morganamilo at 2025-10-10T19:05:23+10:00 libalpm: add new errno for download initialization The error string "failed to retrieve some files" implies that the download may have begun and some files may have been partially downloaded. If we know no download actually took place we can be more clear about this. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 77611e7f by Remi Gacogne at 2025-10-10T19:05:23+10:00 libalpm: Better error messages when landlock setup fails As suggested by @l0kod in the comments of #167. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 4f1561c3 by Remi Gacogne at 2025-10-10T19:05:23+10:00 libalpm: Capitalize "Landlock" Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 12a4efa0 by Remi Gacogne at 2025-10-10T19:05:23+10:00 libalpm: Failure to setup Landlock is an error Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - ba95143b by Remi Gacogne at 2025-10-10T19:05:23+10:00 libalpm: Add an error message for seccomp setup failures Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 46461dc6 by Allan McRae at 2025-10-10T19:05:23+10:00 Remove sandbox "tests" Landlock and syscall filtering never worked under fakeroot, so we were effectively only testing the download directory creation with these tests. Remove these tests so that we can make sandbox setup failures into errors. While this reduced CI on that code path, it is also likely the primary code path used by pacman developers, so will have limited impact. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 933cd290 by Allan McRae at 2025-10-10T19:05:23+10:00 Remove old TESTS file Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - eede4c36 by Remi Gacogne at 2025-10-10T19:05:23+10:00 libalpm: Failure to enable Landlock or seccomp is a download error Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - ee9a2d88 by Remi Gacogne at 2025-10-10T19:05:23+10:00 Add finegrained configuration and CLI options to control sandboxing Add the "DisableSandboxFilesystem" and "DisableSandboxSyscalls" configuration options to disable Landlock and syscall filtering respectively. The "DisableSandbox" option becomes an alias for disabling both the finegrained options. Also add similar command line options. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 25 changed files: - doc/pacman.8.asciidoc - doc/pacman.conf.5.asciidoc - etc/pacman.conf.in - lib/libalpm/alpm.c - lib/libalpm/alpm.h - lib/libalpm/be_sync.c - lib/libalpm/dload.c - lib/libalpm/error.c - lib/libalpm/handle.c - lib/libalpm/handle.h - lib/libalpm/sandbox.c - lib/libalpm/sandbox.h - lib/libalpm/sandbox_fs.c - lib/libalpm/sandbox_syscalls.c - lib/libalpm/sync.c - lib/libalpm/util.c - lib/libalpm/util.h - src/pacman/conf.c - src/pacman/conf.h - src/pacman/pacman-conf.c - src/pacman/pacman.c - test/pacman/meson.build - − test/pacman/tests/TESTS - − test/pacman/tests/sandbox-download-basic.py - − test/pacman/tests/sandbox-download-upgrade.py View it on GitLab: https://gitlab.archlinux.org/pacman/pacman/-/compare/94df6f26b2cfefea5ec10aa... -- View it on GitLab: https://gitlab.archlinux.org/pacman/pacman/-/compare/94df6f26b2cfefea5ec10aa... You're receiving this email because of your account on gitlab.archlinux.org.