[pacman-dev] [PATCH] RFC: support file with seccomp enabled
Allan McRae
allan at archlinux.org
Tue Aug 13 01:47:01 UTC 2019
On 12/8/19 1:46 pm, Eli Schwartz wrote:
> Not all compression types can be detected in the seccomp sandbox, so we
> need to disable it. This requires either configuring makepkg to know the
> sandbox is available, or checking for file >= 5.38 in which the sandbox
> option is a no-op even when seccomp is disabled.
>
> - Requires autoconf-archive for autotools version compare macro.
> - meson version comparison could be made a lot simpler using meson-git.
>
> Fixes FS#58626
>
> Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
This looks good to me. Before file is called by makepkg, we have
downloaded and check the source with signatures/checksums, so we should
trust the source by this stage.
I don't mind the extra autoconf-archive dependency for generating
tarballs for the current release.
A
More information about the pacman-dev
mailing list