<pre style='margin:0'>
Rainer Müller (raimue) pushed a commit to branch master
in repository macports-base.
</pre>
<p><a href="https://github.com/macports/macports-base/commit/1b2ea687bbe84b55c7f8cb3d4da55c94f5aa0064">https://github.com/macports/macports-base/commit/1b2ea687bbe84b55c7f8cb3d4da55c94f5aa0064</a></p>
<pre style="white-space: pre; background: #F8F8F8"><span style='display:block; white-space:pre;color:#808000;'>commit 1b2ea687bbe84b55c7f8cb3d4da55c94f5aa0064
</span>Author: Rainer Müller <raimue@macports.org>
AuthorDate: Tue Mar 27 03:22:50 2018 +0200
<span style='display:block; white-space:pre;color:#404040;'> portsandbox: Fix trace mode with network sandbox
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> In trace mode we also have to allow access to the FIFO that is used to
</span><span style='display:block; white-space:pre;color:#404040;'> communicate between processes.
</span>---
src/port1.0/portsandbox.tcl | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/src/port1.0/portsandbox.tcl b/src/port1.0/portsandbox.tcl
</span><span style='display:block; white-space:pre;color:#808080;'>index 7008f8a..5d759a9 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/src/port1.0/portsandbox.tcl
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/src/port1.0/portsandbox.tcl
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -28,6 +28,7 @@
</span> # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
package provide portsandbox 1.0
<span style='display:block; white-space:pre;background:#e0ffe0;'>+package require porttrace 1.0
</span>
namespace eval portsandbox {
}
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -43,7 +44,7 @@ default portsandbox_profile {}
</span> proc portsandbox::set_profile {target} {
global os.major portsandbox_profile workpath distpath \
package.destpath configure.ccache ccache_dir \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- sandbox_network configure.distcc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ sandbox_network configure.distcc porttrace
</span>
switch $target {
activate -
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -111,6 +112,11 @@ proc portsandbox::set_profile {target} {
</span> ui_warn "Sandbox will not deny network access due to distcc"
} else {
append portsandbox_profile " (deny network*)"
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ if {$porttrace} {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # allow accessing the darwintrace fifo in trace mode
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set template [string trimright ${porttrace::fifo_mktemp_template} "X"]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ append portsandbox_profile " (allow network-outbound (to unix-socket) (regex #\"^${template}\"))"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span> }
}
}
</pre><pre style='margin:0'>
</pre>