[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[nongnu] elpa-admin 48e4ccf 388/439: * elpa-admin.el: Don't pass non-exi
From: |
Philip Kaludercic |
Subject: |
[nongnu] elpa-admin 48e4ccf 388/439: * elpa-admin.el: Don't pass non-existing dirs to `bwrap` |
Date: |
Sun, 17 Oct 2021 15:48:42 -0400 (EDT) |
branch: elpa-admin
commit 48e4ccf3b6de1f23f67c7373d72164b0b0956331
Author: Stefan Monnier <monnier@iro.umontreal.ca>
Commit: Stefan Monnier <monnier@iro.umontreal.ca>
* elpa-admin.el: Don't pass non-existing dirs to `bwrap`
(elpaa--bwrap-args): Remove ro-binds.
(elpaa--sandboxed-ro-binds): Rename from `elpaa--sandboxed-extra-ro-dirs`.
Add dirs removed from `elpaa--bwrap-args`.
(elpaa--call-sandboxed): Pass `elpaa--sandboxed-ro-binds` in reverse order
and `expand-file-name` them.
(elpaa--make): Adjust accordingly.
(elpaa--batch-fetch-and): Preliminary support for syncing only
some packages.
---
elpa-admin.el | 41 ++++++++++++++++++++++-------------------
1 file changed, 22 insertions(+), 19 deletions(-)
diff --git a/elpa-admin.el b/elpa-admin.el
index be43f54..4581333 100644
--- a/elpa-admin.el
+++ b/elpa-admin.el
@@ -560,32 +560,31 @@ The INFILE and DISPLAY arguments are fixed as nil."
(defconst elpaa--bwrap-args
'("--unshare-all"
- "--ro-bind" "/lib" "/lib"
- "--ro-bind" "/lib64" "/lib64"
- "--ro-bind" "/usr" "/usr"
- "--ro-bind" "/etc/alternatives" "/etc/alternatives"
- "--ro-bind" "/etc/emacs" "/etc/emacs"
"--dev" "/dev"
"--proc" "/proc"
"--tmpfs" "/tmp"))
-(defvar elpaa--sandboxed-extra-ro-dirs nil)
+(defvar elpaa--sandboxed-ro-binds
+ '("/lib" "/lib64" "/usr" "/etc/alternatives" "/etc/emacs"))
(defun elpaa--call-sandboxed (destination &rest args)
"Like ‘elpaa--call’ but sandboxed.
More specifically, uses Bubblewrap such that the command is
-confined to write to the is writable.
+confined to only have write access to the `default-directory'.
Signal an error if the command did not finish with exit code 0."
(if (not elpaa--sandbox)
(apply #'elpaa--call destination args)
(elpaa--message "call-sandboxed %S" args)
+ (let ((dd (expand-file-name default-directory))) ;No `~' allowed!
+ (setq args (nconc `("--bind" ,dd ,dd) args)))
+ ;; Add read-only dirs in reverse order.
+ (dolist (b elpaa--sandboxed-ro-binds)
+ (when (file-exists-p b) ;`brwap' burps on binds that don't exist!
+ (setq b (expand-file-name b))
+ (setq args (nconc `("--ro-bind" ,b ,b) args))))
(let ((exitcode
(apply #'elpaa--call destination "bwrap"
- (append elpaa--bwrap-args
- (cl-mapcan (lambda (d) `("--ro-bind" ,d ,d))
- elpaa--sandboxed-extra-ro-dirs)
- `("--bind" ,default-directory ,default-directory)
- args))))
+ (append elpaa--bwrap-args args))))
(unless (eq exitcode 0)
(if (eq destination t)
(error "Error-indicating exit code in elpaa--call-sandboxed:\n%s"
@@ -1478,9 +1477,8 @@ More at " (elpaa--default-url pkgname))
(let ((target (elpaa--spec-get pkg-spec :make)))
(when target
(with-temp-buffer
- (let ((elpaa--sandboxed-extra-ro-dirs
- (cons (expand-file-name default-directory)
- elpaa--sandboxed-extra-ro-dirs))
+ (let ((elpaa--sandboxed-ro-binds
+ (cons default-directory elpaa--sandboxed-ro-binds))
(default-directory (elpaa--dirname dir)))
(apply #'elpaa--call-sandboxed t "make"
(if (consp target) target (list target)))
@@ -1575,15 +1573,20 @@ More at " (elpaa--default-url pkgname))
(defun elpaa--batch-fetch-and (k)
(let ((specs (elpaa--get-specs))
- (pkgs command-line-args-left))
+ (pkgs command-line-args-left)
+ (clal command-line-args-left))
(setq command-line-args-left nil)
- (if (equal pkgs '("-")) (setq pkgs (mapcar #'car specs)))
+ (if (member pkgs '(("-") ("?"))) (setq pkgs (mapcar #'car specs)))
(dolist (pkg pkgs)
(let* ((pkg-spec (assoc pkg specs)))
- (if (not pkg-spec) (message "Unknown package: %s" pkg)
+ (cond
+ ((not pkg-spec) (message "Unknown package: %s" pkg))
+ ((and (equal clal '("?")) (not (elpaa--spec-get pkg-spec :auto-sync)))
+ nil)
+ (t
;; (unless (file-directory-p (expand-file-name pkg "packages"))
;; (elpaa--worktree-sync pkg-spec))
- (elpaa--fetch pkg-spec k))))))
+ (elpaa--fetch pkg-spec k)))))))
(defun elpaa-batch-fetch-and-show (&rest _)
(elpaa--batch-fetch-and #'ignore))
- [nongnu] elpa-admin ceb7580 390/439: * elpa-admin.el (elpaa--sandboxed-ro-binds): Add `/bin`, (continued)
- [nongnu] elpa-admin ceb7580 390/439: * elpa-admin.el (elpaa--sandboxed-ro-binds): Add `/bin`, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 995404d 401/439: * elpa-admin.el: Allow generating autoloads for "unlisted" packages, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 7d65683 356/439: * admin/archive-contents.el: Fix wrong cgit links and support :core somewhat, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 4ade74d 346/439: * README.org: Add license and an introduction., Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 922d625 389/439: * GNUmakefile (EMACS): Split out EMACSBIN for convenience, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin bcacdba 361/439: * elpa-admin.el: Add `:readme` and `:news` properties to specifications, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 311d819 357/439: * GNUmakefile: Fix `-l` args to `emacs` which require an actual file name, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 802b866 394/439: * GNUmakefile (sync-some): New target, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin b3e663b 353/439: Rename ELisp files, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 4b508ad 364/439: * elpa-admin.el: Allow site-local config, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 48e4ccf 388/439: * elpa-admin.el: Don't pass non-existing dirs to `bwrap`,
Philip Kaludercic <=
- [nongnu] elpa-admin 12cd68f 386/439: * README.org: Update according to comments from RMS., Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin d56a357 416/439: * elpa-admin.el: Don't hide the log of diverged packages in `fetch/<pkg>`, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin e79cce6 382/439: * elpa-admin.el (elpaa--get-section): Fix fetching from main file, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 2b93ca3 363/439: * elpa-admin.el: Add support for building Texi from Org., Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin b776ff9 408/439: * elpa-admin.el (elpaa--prune-old-tarballs): Move the .sig files as well, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 911fbf6 370/439: * GNUmakefile: Try and unbreak "make packages/foo". Still not perfect, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin bdb17b6 409/439: * elpa-admin.el (elpaa--get-devel-version): Don't remove *all* zeroes!, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 0fe87ad 380/439: * elpa-admin.el (elpaa--release-email): Usual last minute typo, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 1ee6e0e 383/439: * elpa-admin.el (elpaa--get-section): Use the whole section, Philip Kaludercic, 2021/10/17
- [nongnu] elpa-admin 68c0d47 414/439: * elpa-admin.el (elpaa--fetch): Don't show the log if branches diverged, Philip Kaludercic, 2021/10/17