Browse Source

Re-disable seccomp support, not feasible yet. Closes: #932480, #932481, #932762, #932947

Christoph Biedl 4 years ago
parent
commit
9094a01200

+ 0 - 1
debian/control

@@ -7,7 +7,6 @@ Vcs-Git: https://git.in-ulm.de/cbiedl/file.git
 Build-Depends: debhelper-compat (= 11),
     libbz2-dev,
     liblzma-dev,
-    libseccomp-dev [amd64 arm64 armel armhf hppa i386 mips mips64el mipsel powerpc powerpcspe ppc64 ppc64el s390x x32],
     zlib1g-dev,
 Priority: standard
 Section: utils

+ 0 - 34
debian/patches/local.allow-syscalls-by-fakeroot.patch

@@ -1,34 +0,0 @@
-Subject: Allow syscalls make by libfakeroot
-Upstream-Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
-Last-Update: 2019-07-22
-Bug-Debian: https://bugs.debian.org/932762
-
---- a/src/seccomp.c
-+++ b/src/seccomp.c
-@@ -181,6 +181,7 @@
- #ifdef __NR_getdents64
- 	ALLOW_RULE(getdents64);
- #endif
-+	ALLOW_RULE(getpid);
- #ifdef FIONREAD
- 	// called in src/compress.c under sread
- 	ALLOW_IOCTL_RULE(FIONREAD);
-@@ -198,6 +199,9 @@
-  	ALLOW_RULE(mmap2);
- 	ALLOW_RULE(mprotect);
- 	ALLOW_RULE(mremap);
-+	ALLOW_RULE(msgget);
-+	ALLOW_RULE(msgrcv);
-+	ALLOW_RULE(msgsnd);
- 	ALLOW_RULE(munmap);
- #ifdef __NR_newfstatat
- 	ALLOW_RULE(newfstatat);
-@@ -211,6 +215,8 @@
- 	ALLOW_RULE(rt_sigprocmask);
- 	ALLOW_RULE(rt_sigreturn);
- 	ALLOW_RULE(select);
-+	ALLOW_RULE(semget);
-+	ALLOW_RULE(semop);
- 	ALLOW_RULE(stat);
- 	ALLOW_RULE(stat64);
- 	ALLOW_RULE(sysinfo);

+ 18 - 0
debian/patches/local.manpage-seccomp-is-disabled.patch

@@ -0,0 +1,18 @@
+Subject: Clarify manpage: seccomp is disabled for the time being
+Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
+Date: 2019-01-11
+Bug-Debian: https://bugs.debian.org/917930
+
+--- a/doc/file.man
++++ b/doc/file.man
+@@ -368,6 +368,10 @@
+ i.e. when the
+ .Fl z
+ flag is specified and the built-in decompressors are not available.
++.Pp
++.Em Note:
++This Debian version of file was built without seccomp support, so this option
++has no effect.
+ .It Fl v , Fl Fl version
+ Print the version of the program and exit.
+ .It Fl z , Fl Fl uncompress

+ 1 - 1
debian/patches/series

@@ -16,4 +16,4 @@ local.mention-posixly-correct-dependent-behaviour-in-usage-message.patch
 local.disable-detection-of-vax-coff-executables.patch
 local.disable-algol68-detection.patch
 local.extra-magic.patch
-local.allow-syscalls-by-fakeroot.patch
+local.manpage-seccomp-is-disabled.patch