diff options
| author | Adrian Perez de Castro | 2016-09-22 05:13:39 +0300 |
|---|---|---|
| committer | Adrian Perez de Castro | 2016-09-22 05:16:25 +0300 |
| commit | 9b610f3aec349e599588a35b383d6a48a2ed6d8d (patch) | |
| tree | 3d08ce63f19231ccda42c903da4ea9eb509e3219 /PKGBUILD | |
| parent | 6861b4279d674e6f7843d7ba10c744d6bb62e6bc (diff) | |
| download | aur-9b610f3aec349e599588a35b383d6a48a2ed6d8d.tar.gz | |
Detect whether capabilities can be used, falling back to setuid mode
If CONFIG_USER_NS is not enabled in the (running) kernel, install the
binary setuid root. Otherwise use capabilities.
Diffstat (limited to 'PKGBUILD')
| -rw-r--r-- | PKGBUILD | 18 |
1 files changed, 15 insertions, 3 deletions
@@ -2,16 +2,26 @@ pkgname='bubblewrap-git' pkgdesc='Unprivileged sandboxing tool' url='https://github.com/projectatomic/bubblewrap' license=('LGPL') -pkgver=r139.bf6e356 +pkgver=0.1.2.r0.g089327d pkgrel=1 arch=('x86_64' 'i686') makedepends=('autoconf' 'automake' 'libxslt') -install='bubblewrap.install' conflicts=('bubblewrap') provides=('bubblewrap') source=("${pkgname}::git+${url}") sha512sums=('SKIP') +_privmode='setuid' +_set_privmode () { + if [[ -r /proc/config.gz ]] ; then + eval "$(zgrep '^CONFIG_USER_NS=' /proc/config.gz)" + if [[ -n ${CONFIG_USER_NS} && ${CONFIG_USER_NS} != n ]] ; then + install='bubblewrap.install' + _privmode='caps' + fi + fi +} + pkgver () { cd "${pkgname}" ( @@ -27,12 +37,14 @@ prepare () { } build () { + _set_privmode cd "${pkgname}" - ./configure --prefix=/usr --with-bash-completion-dir=/usr/share/bash-completion + ./configure --prefix=/usr --with-bash-completion-dir=/usr/share/bash-completion --with-priv-mode=${_privmode} make } package () { + _set_privmode cd "${pkgname}" make install DESTDIR="${pkgdir}" } |