diff options
-rw-r--r-- | PKGBUILD | 8 | ||||
-rw-r--r-- | isolate.install | 22 |
2 files changed, 28 insertions, 2 deletions
@@ -1,8 +1,11 @@ # Maintainer: William Di Luigi <williamdiluigi@gmail.com> +# chosen at random +ISOLATE_GID=29267 + pkgname=isolate pkgver=r58.e8894c4 -pkgrel=1 +pkgrel=2 pkgdesc="Sandbox for securely executing untrusted programs" arch=('any') url="https://github.com/ioi/isolate" @@ -16,6 +19,7 @@ makedepends=( 'asciidoc' ) provides=('isolate') +install=$pkgname.install source=( 'git://github.com/ioi/isolate.git' @@ -36,5 +40,5 @@ build() { package() { mkdir -p $pkgdir/usr/bin - cp $pkgname/isolate $pkgdir/usr/bin/isolate + install -D -m4750 -g$ISOLATE_GID $pkgname/isolate $pkgdir/usr/bin/isolate } diff --git a/isolate.install b/isolate.install new file mode 100644 index 000000000000..b9c5ae0f9f05 --- /dev/null +++ b/isolate.install @@ -0,0 +1,22 @@ +# chosen at random +ISOLATE_GID=29267 + +post_install() { + if ! getent group isolate >/dev/null; then + groupadd -g $ISOLATE_GID isolate + + echo + echo ">>> If you want to run the isolate command without sudo, you should add" + echo ">>> yourself to the isolate group, like this:" + echo ">>> # sudo usermod -a -G isolate <your user>" + echo ">>> However, keep in mind that:" + echo ">>> 1. You will need to logout, in order to make the change effective" + echo ">>> 2. No untrusted user should ever be allowed in the isolate group," + echo ">>> as they may exploit the isolate command to gain root access" + echo + fi +} + +post_remove() { + groupdel isolate +} |