[pacman-dev] [PATCH] RFC: support file with seccomp enabled

Allan McRae allan at archlinux.org
Tue Aug 13 01:47:01 UTC 2019

On 12/8/19 1:46 pm, Eli Schwartz wrote:
> Not all compression types can be detected in the seccomp sandbox, so we
> need to disable it. This requires either configuring makepkg to know the
> sandbox is available, or checking for file >= 5.38 in which the sandbox
> option is a no-op even when seccomp is disabled.
> - Requires autoconf-archive for autotools version compare macro.
> - meson version comparison could be made a lot simpler using meson-git.
> Fixes FS#58626
> Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>

This looks good to me.  Before file is called by makepkg, we have
downloaded and check the source with signatures/checksums, so we should
trust the source by this stage.

I don't mind the extra autoconf-archive dependency for generating
tarballs for the current release.


More information about the pacman-dev mailing list