diff options
author | tnn <tnn@pkgsrc.org> | 2008-02-10 11:43:20 +0000 |
---|---|---|
committer | tnn <tnn@pkgsrc.org> | 2008-02-10 11:43:20 +0000 |
commit | d91ec324820c4d8023d83a29d25c494f0a0befb1 (patch) | |
tree | 266666676361d034fbf2da40600a58efbcdb7796 /mk | |
parent | 0f1f94115c56e374f36306cd8201abcecf10b506 (diff) | |
download | pkgsrc-d91ec324820c4d8023d83a29d25c494f0a0befb1.tar.gz |
Enable fake home directory support. Also add a wrkref check because an
embedded path to the HOME directory can be a security problem if, say,
the package looks in the HOME directory of an unprivileged user for
configuration files.
Note that this has the potential to cause some short-term fallout.
Diffstat (limited to 'mk')
-rw-r--r-- | mk/bsd.pkg.mk | 11 | ||||
-rw-r--r-- | mk/check/check-wrkref.mk | 8 |
2 files changed, 15 insertions, 4 deletions
diff --git a/mk/bsd.pkg.mk b/mk/bsd.pkg.mk index 4244561da1f..84dc7fa2bd6 100644 --- a/mk/bsd.pkg.mk +++ b/mk/bsd.pkg.mk @@ -1,4 +1,4 @@ -# $NetBSD: bsd.pkg.mk,v 1.1936 2008/02/07 21:36:13 rillig Exp $ +# $NetBSD: bsd.pkg.mk,v 1.1937 2008/02/10 11:43:20 tnn Exp $ # # This file is in the public domain. # @@ -453,6 +453,15 @@ USE_LANGUAGES?= # empty # .include "compiler.mk" +#Fake up a home directory +WRAPPER_TARGETS+= fake-home +FAKEHOMEDIR= ${WRKDIR}/.home +ALL_ENV+= HOME=${FAKEHOMEDIR} +.PHONY: fake-home +fake-home: ${FAKEHOMEDIR} +${FAKEHOMEDIR}: + ${RUN} ${MKDIR} ${.TARGET} + .include "wrapper/bsd.wrapper.mk" .if defined(ABI_DEPENDS) || defined(BUILD_ABI_DEPENDS) diff --git a/mk/check/check-wrkref.mk b/mk/check/check-wrkref.mk index 44a846cbcdc..020e7cf28f7 100644 --- a/mk/check/check-wrkref.mk +++ b/mk/check/check-wrkref.mk @@ -1,4 +1,4 @@ -# $NetBSD: check-wrkref.mk,v 1.16 2008/02/07 21:36:13 rillig Exp $ +# $NetBSD: check-wrkref.mk,v 1.17 2008/02/10 11:43:20 tnn Exp $ # # This file checks that the installed files don't contain any strings # that point to the directory where the package had been built, to make @@ -11,6 +11,7 @@ # The list of directory names that must not appear in installed files. # # * "tools" for the tool wrapper directory +# * "home" for FAKEHOMEDIR # * "wrksrc" for WRKSRC # * "work" for WRKDIR # * "wrkobjdir" for WRKOBJDIR @@ -37,7 +38,7 @@ _USER_VARS.check-wrkref= CHECK_WRKREF _PKG_VARS.check-wrkref= CHECK_WRKREF_SKIP .if defined(PKG_DEVELOPER) -CHECK_WRKREF?= tools +CHECK_WRKREF?= tools home .endif CHECK_WRKREF?= no CHECK_WRKREF_SKIP?= # none @@ -47,6 +48,7 @@ _CHECK_WRKREF_FILELIST_CMD?= ${PKG_FILELIST_CMD} _CHECK_WRKREF_DIR.no= # none _CHECK_WRKREF_DIR.work= ${WRKDIR} _CHECK_WRKREF_DIR.tools= ${TOOLS_DIR} +_CHECK_WRKREF_DIR.home= ${FAKEHOMEDIR} _CHECK_WRKREF_DIR.wrkobjdir= ${WRKOBJDIR} _CHECK_WRKREF_DIR.wrksrc= ${WRKSRC} _CHECK_WRKREF_DIR.pkgsrc= ${PKGSRCDIR} @@ -56,7 +58,7 @@ _CHECK_WRKREF_DIRS= # none .for d in ${CHECK_WRKREF} . if !defined(_CHECK_WRKREF_DIR.${d}) PKG_FAIL_REASON+= "[check-wrkref.mk] Invalid value "${d:Q}" for CHECK_WRKREF." -PKG_FAIL_REASON+= "[check-wrkref.mk] Try one of { tools wrksrc work objwrkdir } instead." +PKG_FAIL_REASON+= "[check-wrkref.mk] Try one of { tools home wrksrc work objwrkdir } instead." . else _CHECK_WRKREF_DIRS+= ${_CHECK_WRKREF_DIR.${d}} . endif |