Evolinx/bottle
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
upstream
bottle/lib/libalpm
History
Chih-Hsuan Yen e80569f5da Correctly configure landlock for older ABIs 
For example, with landlock ABI < 3, LANDLOCK_ACCESS_FS_TRUNCATE is not
set in ruleset_attr.handled_access_fs, so it should not be set in
path_beneath.allowed_access either. Otherwise, landlock_add_rule fails
with -EINVAL, and pacman complains:

> error: restricting filesystem access failed because the landlock rule for the temporary download directory could not be added!

The change is tested on Debian Bookworm kernel
linux-image-6.1.0-25-cloud-amd64 6.1.106-3.
2024-09-28 00:35:10 +00:00
..
po Update translations for release 2024-07-14 19:11:18 +10:00
.gitignore libalpm: add pkg-config file 2012-04-25 20:02:36 -04:00
add.c Update copyright years 2024-02-24 18:40:44 +10:00
add.h Update copyright years 2024-02-24 18:40:44 +10:00
alpm_list.c Update copyright years 2024-02-24 18:40:44 +10:00
alpm_list.h Update copyright years 2024-02-24 18:40:44 +10:00
alpm.c use snprintf instead of sprintf 2024-03-25 13:24:41 +10:00
alpm.h Restrict syscalls for the download process whenever possible 2024-08-02 00:39:45 +00:00
backup.c Update copyright years 2024-02-24 18:40:44 +10:00
backup.h Update copyright years 2024-02-24 18:40:44 +10:00
base64.c base64.c: comment out unused variable 2014-01-15 15:54:56 +10:00
base64.h Do not #define _RESERVED_IDENTIFIERS 2016-09-25 18:04:57 +10:00
be_local.c use snprintf instead of sprintf 2024-03-25 13:24:41 +10:00
be_package.c Update copyright years 2024-02-24 18:40:44 +10:00
be_sync.c Download to a temporary directory owned by the Download user 2024-04-01 20:52:55 +00:00
conflict.c use snprintf instead of sprintf 2024-03-25 13:24:41 +10:00
conflict.h Update copyright years 2024-02-24 18:40:44 +10:00
db.c use snprintf instead of sprintf 2024-03-25 13:24:41 +10:00
db.h Update copyright years 2024-02-24 18:40:44 +10:00
deps.c Update copyright years 2024-02-24 18:40:44 +10:00
deps.h Update copyright years 2024-02-24 18:40:44 +10:00
diskspace.c Update copyright years 2024-02-24 18:40:44 +10:00
diskspace.h Update copyright years 2024-02-24 18:40:44 +10:00
dload.c libalpm: only chown downloaded files when running as root 2024-09-08 11:49:21 +10:00
dload.h Fix up-to-date repo databases being redownloaded when sandboxed 2024-06-10 19:48:20 +10:00
error.c Update copyright years 2024-02-24 18:40:44 +10:00
filelist.c Do not pass NULL paramenter to bsearch with empty filelist 2024-04-05 00:35:08 +00:00
filelist.h Update copyright years 2024-02-24 18:40:44 +10:00
graph.c Update copyright years 2024-02-24 18:40:44 +10:00
graph.h Update copyright years 2024-02-24 18:40:44 +10:00
group.c Update copyright years 2024-02-24 18:40:44 +10:00
group.h Update copyright years 2024-02-24 18:40:44 +10:00
handle.c Add --disable-sandbox and DisableSandbox 2024-06-17 11:01:42 +10:00
handle.h Add --disable-sandbox and DisableSandbox 2024-06-17 11:01:42 +10:00
hook.c Update copyright years 2024-02-24 18:40:44 +10:00
hook.h Update copyright years 2024-02-24 18:40:44 +10:00
libarchive-compat.h Update copyright years 2024-02-24 18:40:44 +10:00
log.c Update copyright years 2024-02-24 18:40:44 +10:00
log.h Update copyright years 2024-02-24 18:40:44 +10:00
meson.build Restrict syscalls for the download process whenever possible 2024-08-02 00:39:45 +00:00
package.c Update copyright years 2024-02-24 18:40:44 +10:00
package.h Update copyright years 2024-02-24 18:40:44 +10:00
pkghash.c Update copyright years 2024-02-24 18:40:44 +10:00
pkghash.h Update copyright years 2024-02-24 18:40:44 +10:00
rawstr.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
remove.c unlink_file: restore trailing slash on directory before checking mountpoint 2024-04-05 00:51:13 +00:00
remove.h Update copyright years 2024-02-24 18:40:44 +10:00
sandbox_fs.c Correctly configure landlock for older ABIs 2024-09-28 00:35:10 +00:00
sandbox_fs.h Restrict filesystem access to the download process whenever possible 2024-06-14 09:30:20 +02:00
sandbox_syscalls.c Restrict syscalls for the download process whenever possible 2024-08-02 00:39:45 +00:00
sandbox_syscalls.h Restrict syscalls for the download process whenever possible 2024-08-02 00:39:45 +00:00
sandbox.c Ensure that the download process cannot get new privileges 2024-08-02 00:39:45 +00:00
sandbox.h Add callbacks for sandboxed operations 2024-04-01 20:52:55 +00:00
signing.c use snprintf instead of sprintf 2024-03-25 13:24:41 +10:00
signing.h Update copyright years 2024-02-24 18:40:44 +10:00
sync.c Fix calculation of space needed for download package 2024-06-19 17:33:36 +10:00
sync.h Update copyright years 2024-02-24 18:40:44 +10:00
trans.c Prevent buffer overflow when using a scriptlet shell with a long path 2024-06-19 07:41:11 +10:00
trans.h Update copyright years 2024-02-24 18:40:44 +10:00
util.c Revert "_alpm_archive_fgets(): bail early if reached end of block" 2024-07-13 22:06:10 +10:00
util.h Download to a temporary directory owned by the Download user 2024-04-01 20:52:55 +00:00
version.c Update copyright years 2024-02-24 18:40:44 +10:00