summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorZac Medico <zmedico@gentoo.org>2007-11-24 04:21:43 +0000
committerZac Medico <zmedico@gentoo.org>2007-11-24 04:21:43 +0000
commit748af6ce22dae92ca0e18f2d24fab6f19763e32a (patch)
tree86b679c7ddae334e4d105eb3aef1f46c2ce1d340
parentc56d3851326a53b5b31f5f26250780f229a66cb5 (diff)
downloadportage-748af6ce22dae92ca0e18f2d24fab6f19763e32a.tar.gz
portage-748af6ce22dae92ca0e18f2d24fab6f19763e32a.tar.bz2
portage-748af6ce22dae92ca0e18f2d24fab6f19763e32a.zip
Unconditionally filter some of the SANDBOX_* variables from the
environment in order to avoid potential interference problems. For example, having an invalid value for SANDBOX_LOG prevents the sandbox from killing the ebuild when a violation occurs. svn path=/main/trunk/; revision=8636
-rwxr-xr-xbin/ebuild.sh8
1 files changed, 7 insertions, 1 deletions
diff --git a/bin/ebuild.sh b/bin/ebuild.sh
index 6d38e57b4..ab663d028 100755
--- a/bin/ebuild.sh
+++ b/bin/ebuild.sh
@@ -1384,10 +1384,16 @@ filter_readonly_variables() {
local x filtered_vars var_grep
local readonly_bash_vars="DIRSTACK EUID FUNCNAME GROUPS
PIPESTATUS PPID SHELLOPTS UID"
+ local filtered_sandbox_vars="SANDBOX_ACTIVE SANDBOX_BASHRC
+ SANDBOX_DEBUG_LOG SANDBOX_DISABLED SANDBOX_LIB
+ SANDBOX_LOG"
filtered_vars="${readonly_bash_vars} ${READONLY_PORTAGE_VARS}
BASH_[_[:alnum:]]*"
- hasq --filter-sandbox $* && \
+ if hasq --filter-sandbox $* ; then
filtered_vars="${filtered_vars} SANDBOX_[_[:alnum:]]*"
+ else
+ filtered_vars="${filtered_vars} ${filtered_sandbox_vars}"
+ fi
set -f
for x in ${filtered_vars} ; do
var_grep="${var_grep}|${x}"