From 7f2280ce8ee4e6bc9bebb57258a0ff9dab7001fd Mon Sep 17 00:00:00 2001 From: Andreas Baumann Date: Thu, 22 Nov 2018 16:41:51 +0100 Subject: extra/ctags: hotfix for seccomp sandbox --- extra/ctags/PKGBUILD | 13 +++++++++++++ extra/ctags/ctags-seccomp32.patch | 16 ++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 extra/ctags/PKGBUILD create mode 100644 extra/ctags/ctags-seccomp32.patch diff --git a/extra/ctags/PKGBUILD b/extra/ctags/PKGBUILD new file mode 100644 index 00000000..e6235180 --- /dev/null +++ b/extra/ctags/PKGBUILD @@ -0,0 +1,13 @@ +# See https://github.com/universal-ctags/ctags/issues/1937 and +# https://github.com/universal-ctags/ctags/pull/1938 + +source+=('ctags-seccomp32.patch') +sha512sums+=('749f3db52c17a6af85a725a76e625c06ecf9bd1fd785e1c268800fb882a88f6229cbbab3c9af01a1e4a01ed00de5d887f8616942f77322c1bdc3b626b9165ba0') + +eval "$( + declare -f prepare | \ + sed ' + /}/ i \ + patch -Np1 < ${srcdir}/ctags-seccomp32.patch + ' +)" diff --git a/extra/ctags/ctags-seccomp32.patch b/extra/ctags/ctags-seccomp32.patch new file mode 100644 index 00000000..f371b969 --- /dev/null +++ b/extra/ctags/ctags-seccomp32.patch @@ -0,0 +1,16 @@ +diff -rauN ctags/main/seccomp.c ctags-seccomp32-patch/main/seccomp.c +--- ctags/main/seccomp.c 2018-11-22 16:36:35.366666457 +0100 ++++ ctags-seccomp32-patch/main/seccomp.c 2018-11-22 16:37:05.683333126 +0100 +@@ -41,10 +41,12 @@ + + // The bowels of stdio want to know the size of a file, even for stdout. + seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS (fstat), 0); ++ seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS (fstat64), 0); + + // seems unnecessary, but this comes from + // main/parse.c:2764 : tagFilePosition (&tagfpos); + seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS (lseek), 0); ++ seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS (_llseek), 0); + + // libxml2 uses pthread_once, which in turn uses a futex + seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS (futex), 0); -- cgit v1.2.3-70-g09d2