summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortnn <tnn@pkgsrc.org>2008-02-10 11:43:20 +0000
committertnn <tnn@pkgsrc.org>2008-02-10 11:43:20 +0000
commitd91ec324820c4d8023d83a29d25c494f0a0befb1 (patch)
tree266666676361d034fbf2da40600a58efbcdb7796
parent0f1f94115c56e374f36306cd8201abcecf10b506 (diff)
downloadpkgsrc-d91ec324820c4d8023d83a29d25c494f0a0befb1.tar.gz
Enable fake home directory support. Also add a wrkref check because an
embedded path to the HOME directory can be a security problem if, say, the package looks in the HOME directory of an unprivileged user for configuration files. Note that this has the potential to cause some short-term fallout.
Diffstat
-rw-r--r--mk/bsd.pkg.mk11
-rw-r--r--mk/check/check-wrkref.mk8
2 files changed, 15 insertions, 4 deletions
diff --git a/mk/bsd.pkg.mk b/mk/bsd.pkg.mk
index 4244561da1f..84dc7fa2bd6 100644
--- a/mk/bsd.pkg.mk
+++ b/mk/bsd.pkg.mk
@@ -1,4 +1,4 @@
-# $NetBSD: bsd.pkg.mk,v 1.1936 2008/02/07 21:36:13 rillig Exp $
+# $NetBSD: bsd.pkg.mk,v 1.1937 2008/02/10 11:43:20 tnn Exp $
#
# This file is in the public domain.
#
@@ -453,6 +453,15 @@ USE_LANGUAGES?= # empty
#
.include "compiler.mk"
+#Fake up a home directory
+WRAPPER_TARGETS+= fake-home
+FAKEHOMEDIR= ${WRKDIR}/.home
+ALL_ENV+= HOME=${FAKEHOMEDIR}
+.PHONY: fake-home
+fake-home: ${FAKEHOMEDIR}
+${FAKEHOMEDIR}:
+ ${RUN} ${MKDIR} ${.TARGET}
+
.include "wrapper/bsd.wrapper.mk"
.if defined(ABI_DEPENDS) || defined(BUILD_ABI_DEPENDS)
diff --git a/mk/check/check-wrkref.mk b/mk/check/check-wrkref.mk
index 44a846cbcdc..020e7cf28f7 100644
--- a/mk/check/check-wrkref.mk
+++ b/mk/check/check-wrkref.mk
@@ -1,4 +1,4 @@
-# $NetBSD: check-wrkref.mk,v 1.16 2008/02/07 21:36:13 rillig Exp $
+# $NetBSD: check-wrkref.mk,v 1.17 2008/02/10 11:43:20 tnn Exp $
#
# This file checks that the installed files don't contain any strings
# that point to the directory where the package had been built, to make
@@ -11,6 +11,7 @@
# The list of directory names that must not appear in installed files.
#
# * "tools" for the tool wrapper directory
+# * "home" for FAKEHOMEDIR
# * "wrksrc" for WRKSRC
# * "work" for WRKDIR
# * "wrkobjdir" for WRKOBJDIR
@@ -37,7 +38,7 @@ _USER_VARS.check-wrkref= CHECK_WRKREF
_PKG_VARS.check-wrkref= CHECK_WRKREF_SKIP
.if defined(PKG_DEVELOPER)
-CHECK_WRKREF?= tools
+CHECK_WRKREF?= tools home
.endif
CHECK_WRKREF?= no
CHECK_WRKREF_SKIP?= # none
@@ -47,6 +48,7 @@ _CHECK_WRKREF_FILELIST_CMD?= ${PKG_FILELIST_CMD}
_CHECK_WRKREF_DIR.no= # none
_CHECK_WRKREF_DIR.work= ${WRKDIR}
_CHECK_WRKREF_DIR.tools= ${TOOLS_DIR}
+_CHECK_WRKREF_DIR.home= ${FAKEHOMEDIR}
_CHECK_WRKREF_DIR.wrkobjdir= ${WRKOBJDIR}
_CHECK_WRKREF_DIR.wrksrc= ${WRKSRC}
_CHECK_WRKREF_DIR.pkgsrc= ${PKGSRCDIR}
@@ -56,7 +58,7 @@ _CHECK_WRKREF_DIRS= # none
.for d in ${CHECK_WRKREF}
. if !defined(_CHECK_WRKREF_DIR.${d})
PKG_FAIL_REASON+= "[check-wrkref.mk] Invalid value "${d:Q}" for CHECK_WRKREF."
-PKG_FAIL_REASON+= "[check-wrkref.mk] Try one of { tools wrksrc work objwrkdir } instead."
+PKG_FAIL_REASON+= "[check-wrkref.mk] Try one of { tools home wrksrc work objwrkdir } instead."
. else
_CHECK_WRKREF_DIRS+= ${_CHECK_WRKREF_DIR.${d}}
. endif
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-04 22:33:01 +0000