Are macports builds prevented from accessing /dev/random ?
Joshua Root
jmr at macports.org
Tue Jun 13 21:42:57 UTC 2017
On 2017-6-14 07:05 , Daniel J. Luke wrote:
> On Jun 13, 2017, at 4:57 PM, Christopher Jones <jonesc at hep.phy.cam.ac.uk> wrote:
>> :info:build open('/dev/random'): Operation not permitted
>>
>> Now, this works outside. So I suspect the build is in some way prevent the build process from accessing this. Is this possible ? If so, more to the point, is there a way I can get this to work… ?
>
> I suspect the sandbox doesn't include access to /dev/random (Macports started using sandbox-exec with version 2.2.0)
>
> As a temporary workaround (or to test this theory) you can add "sandbox_enable no" to your macports.conf
Our sandbox only restricts writes. Seems like the program is opening
/dev/random with O_RDWR? Writing to it is technically allowed (though I
don't know that it does anything on darwin), so we should probably add
it to the sandbox exceptions, but I'm not sure why it would be needed.
- Josh
More information about the macports-dev
mailing list