[117010] trunk/dports/net/openssh/Portfile

Daniel J. Luke dluke at geeklair.net
Wed Feb 12 12:09:05 PST 2014 

On Feb 12, 2014, at 3:04 PM, Clemens Lang <cal at macports.org> wrote:
> 
>> Revision: 117010
>>          https://trac.macports.org/changeset/117010
>> Author:   dluke at macports.org
>> Date:     2014-02-12 11:36:37 -0800 (Wed, 12 Feb 2014)
>> Log Message:
>> -----------
>> openssh: don't use our sandbox defs on 10.5
>> 
>> Modified Paths:
>> --------------
>>    trunk/dports/net/openssh/Portfile
>> 
>> Modified: trunk/dports/net/openssh/Portfile
>> ===================================================================
>> --- trunk/dports/net/openssh/Portfile	2014-02-12 19:34:32 UTC (rev 117009)
>> +++ trunk/dports/net/openssh/Portfile	2014-02-12 19:36:37 UTC (rev 117010)
>> @@ -5,7 +5,7 @@
>> 
>> name                openssh
>> version             6.5p1
>> -revision            2
>> +revision            3
>> 
>> categories          net
>> platforms           darwin
>> @@ -184,6 +184,11 @@
>>     }
>> }
>> 
>> +platform darwin 9 {
>> +    # 10.5/ppc doesn't like the sandbox file we supply
>> +    configure.cppflags-delete -D__APPLE_SANDBOX_NAMED_EXTERNAL__
>> +}
>> +
>> startupitem.create  yes
>> startupitem.name    OpenSSH
>> startupitem.start   \
> 
> I don't think this will work, because it moves the call to sandbox_init(3) behind a call to chroot(2), which cases the dlopen(libsandbox.1.dylib) executed by sandbox_init() to fail because the library isn't available in the chroot.

I'm not seeing any failure on the box I'm running it on (and anyway there is no libsandbox on my 10.5 machine). If I'm reading the diffs right, the changes in patch-sandbox-darwin.c-apple-sandbox-named-external.diff and patch-sshd.c-apple-sandbox-named-external.diff are protected by __APPLE_SANDBOX_NAMED_EXTERNAL__, so unsetting it just makes it like they weren't applied in the first place.

... but maybe I'm missing something?
--
Daniel J. Luke                                                                   
+========================================================+                        
| *---------------- dluke at geeklair.net ----------------* |                          
| *-------------- http://www.geeklair.net -------------* |                          
+========================================================+                        
|   Opinions expressed are mine and do not necessarily   |                          
|          reflect the opinions of my employer.          |                          
+========================================================+

More information about the macports-dev mailing list