LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="mpfr nls readline"
+IUSE="forced-sandbox mpfr nls readline"
RDEPEND="
dev-libs/gmp:0=
-e '/\<_XOPEN_SOURCE_EXTENDED\>/s/1//' \
extension/inplace.c || die
fi
+
+ if use forced-sandbox ; then
+ # Upstream doesn't want to add a configure flag for this.
+ # https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
+ sed -i \
+ -e '/^int do_flags = false;/s:false:DO_SANDBOX:' \
+ main.c || die
+ # Make sure the sed took.
+ grep -q '^int do_flags = DO_SANDBOX;' main.c || die "forcing sandbox failed"
+ fi
}
src_configure() {
rm "${ED%/}"/usr/include/awk/config.h || die
}
+src_test() {
+ if use forced-sandbox ; then
+ ewarn "Tests disabled as they don't account for this mode."
+ return
+ fi
+ default
+}
+
pkg_postinst() {
# symlink creation here as the links do not belong to gawk, but to any awk
if has_version app-admin/eselect \
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha amd64 ~arm ~arm64 hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="mpfr nls readline"
+IUSE="forced-sandbox mpfr nls readline"
RDEPEND="
dev-libs/gmp:0=
-e '/\<_XOPEN_SOURCE_EXTENDED\>/s/1//' \
extension/inplace.c || die
fi
+
+ if use forced-sandbox ; then
+ # Upstream doesn't want to add a configure flag for this.
+ # https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
+ sed -i \
+ -e '/^int do_flags = false;/s:false:DO_SANDBOX:' \
+ main.c || die
+ # Make sure the sed took.
+ grep -q '^int do_flags = DO_SANDBOX;' main.c || die "forcing sandbox failed"
+ fi
}
src_configure() {
rm "${ED}"/usr/include/awk/config.h || die
}
+src_test() {
+ if use forced-sandbox ; then
+ ewarn "Tests disabled as they don't account for this mode."
+ return
+ fi
+ default
+}
+
pkg_postinst() {
# symlink creation here as the links do not belong to gawk, but to any awk
if has_version app-admin/eselect && has_version app-eselect/eselect-awk ; then
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="mpfr nls readline"
+IUSE="forced-sandbox mpfr nls readline"
RDEPEND="
dev-libs/gmp:0=
-e '/\<_XOPEN_SOURCE_EXTENDED\>/s/1//' \
extension/inplace.c || die
fi
+
+ if use forced-sandbox ; then
+ # Upstream doesn't want to add a configure flag for this.
+ # https://lists.gnu.org/archive/html/bug-sed/2018-03/msg00001.html
+ sed -i \
+ -e '/^int do_flags = false;/s:false:DO_SANDBOX:' \
+ main.c || die
+ # Make sure the sed took.
+ grep -q '^int do_flags = DO_SANDBOX;' main.c || die "forcing sandbox failed"
+ fi
}
src_configure() {
rm "${ED}"/usr/include/awk/config.h || die
}
+src_test() {
+ if use forced-sandbox ; then
+ ewarn "Tests disabled as they don't account for this mode."
+ return
+ fi
+ default
+}
+
pkg_postinst() {
# symlink creation here as the links do not belong to gawk, but to any awk
if has_version app-admin/eselect && has_version app-eselect/eselect-awk ; then
<name>Gentoo Base System</name>
</maintainer>
<use>
+ <flag name="forced-sandbox">Always enable --sandbox mode for simpler/secure runtime (disables e/r/w commands)</flag>
<flag name="mpfr">use mpfr for high precision arithmetic (-M / --bignum)</flag>
</use>
</pkgmetadata>