# the global environment though, in case the user wants to repeat
# this phase (like with FEATURES=noauto and the ebuild command).
unset S
-
- save_ebuild_env > environment
+ save_ebuild_env | filter_readonly_variables --filter-sandbox > environment
)
bzip2 -f9 environment
PORTAGE_BIN_PATH PORTAGE_PYM_PATH PORTAGE_TMPDIR T WORKDIR"
# @FUNCTION: filter_readonly_variables
-# @DESCRIPTION:
+# @DESCRIPTION: [--filter-sandbox]
# Read an environment from stdin and echo to stdout while filtering readonly
# variables.
#
+# --filter-sandbox causes all SANDBOX_* variables to be filtered, which
+# is only desired in certain cases, such as during preprocessing or when
+# saving environment.bz2 for a binary or installed package.
+#
# In bash-3.2_p20+ an attempt to assign BASH_*, FUNCNAME, GROUPS or any
# readonly variable cause the shell to exit while executing the "source"
# builtin command. To avoid this problem, this function filters those
# variables out and discards them. See bug #190128.
filter_readonly_variables() {
+ local var_prefixes="BASH"
+ hasq --filter-sandbox $* && var_prefixes="${var_prefixes} SANDBOX"
local x var_grep=""
- for x in BASH SANDBOX ; do
+ for x in ${var_prefixes} ; do
var_grep="${var_grep}|(^|^declare[[:space:]]+-[^[:space:]]+[[:space:]]+)${x}_[_[:alnum:]]*=.*"
done
local readonly_bash_vars="DIRSTACK EUID FUNCNAME GROUPS
# interfering with the current environment. This is useful when an existing
# environment needs to be loaded from a binary or installed package.
preprocess_ebuild_env() {
- filter_readonly_variables < "${T}"/environment > "${T}"/environment.filtered
+ filter_readonly_variables --filter-sandbox < "${T}"/environment \
+ > "${T}"/environment.filtered
mv "${T}"/environment.filtered "${T}"/environment
(
source "${T}"/environment
# Rely on save_ebuild_env() to filter out any remaining variables
# and functions that could interfere with the current environment.
- save_ebuild_env > "${T}"/environment
+ save_ebuild_env | filter_readonly_variables > "${T}"/environment
)
}
set
export
- ) | filter_readonly_variables
+ )
}
# === === === === === === === === === === === === === === === === === ===
# always preprocess the environment when ${PN} == portage.
preprocess_ebuild_env
fi
+ # Colon separated SANDBOX_* variables need to be cumulative.
+ for x in SANDBOX_DENY SANDBOX_READ SANDBOX_PREDICT SANDBOX_WRITE ; do
+ eval PORTAGE_${x}="${!x}"
+ done
source "${T}"/environment
+ for x in SANDBOX_DENY SANDBOX_PREDICT SANDBOX_READ SANDBOX_WRITE ; do
+ eval y=\${PORTAGE_${x}}
+ if [ "${y}" != "${!x}" ] ; then
+ eval export ${x}=$(echo -n "${y}:${!x}" | tr ":" "\0" | \
+ sort -z -u | tr "\0" ":")
+ fi
+ unset PORTAGE_${x}
+ done
+ unset x y
source_all_bashrcs
else
! hasq ${EBUILD_SH_ARGS} clean help info; then
# Save current environment and touch a success file. (echo for success)
umask 002
- save_ebuild_env > "${T}/environment"
+ save_ebuild_env | filter_readonly_variables > "${T}/environment"
chown portage:portage "${T}/environment" &>/dev/null
chmod g+w "${T}/environment" &>/dev/null
fi
projects / portage.git / commitdiff