diff options
author | William Di Luigi | 2015-09-02 15:42:21 +0200 |
---|---|---|
committer | William Di Luigi | 2015-09-02 15:44:22 +0200 |
commit | e6c7cffef8c44f474d038af3c2d839b103808715 (patch) | |
tree | b9a0c710ba9165e827fb845cf58a68a458a6a229 | |
parent | 24cb838488b636e35861954b1e4d62cbea8e94cb (diff) | |
download | aur-e6c7cffef8c44f474d038af3c2d839b103808715.tar.gz |
Add support for isolate group
-rw-r--r-- | PKGBUILD | 8 | ||||
-rw-r--r-- | isolate.install | 22 |
2 files changed, 28 insertions, 2 deletions
@@ -1,8 +1,11 @@ # Maintainer: William Di Luigi <williamdiluigi@gmail.com> +# chosen at random +ISOLATE_GID=29267 + pkgname=isolate pkgver=r58.e8894c4 -pkgrel=1 +pkgrel=2 pkgdesc="Sandbox for securely executing untrusted programs" arch=('any') url="https://github.com/ioi/isolate" @@ -16,6 +19,7 @@ makedepends=( 'asciidoc' ) provides=('isolate') +install=$pkgname.install source=( 'git://github.com/ioi/isolate.git' @@ -36,5 +40,5 @@ build() { package() { mkdir -p $pkgdir/usr/bin - cp $pkgname/isolate $pkgdir/usr/bin/isolate + install -D -m4750 -g$ISOLATE_GID $pkgname/isolate $pkgdir/usr/bin/isolate } diff --git a/isolate.install b/isolate.install new file mode 100644 index 000000000000..b9c5ae0f9f05 --- /dev/null +++ b/isolate.install @@ -0,0 +1,22 @@ +# chosen at random +ISOLATE_GID=29267 + +post_install() { + if ! getent group isolate >/dev/null; then + groupadd -g $ISOLATE_GID isolate + + echo + echo ">>> If you want to run the isolate command without sudo, you should add" + echo ">>> yourself to the isolate group, like this:" + echo ">>> # sudo usermod -a -G isolate <your user>" + echo ">>> However, keep in mind that:" + echo ">>> 1. You will need to logout, in order to make the change effective" + echo ">>> 2. No untrusted user should ever be allowed in the isolate group," + echo ">>> as they may exploit the isolate command to gain root access" + echo + fi +} + +post_remove() { + groupdel isolate +} |