![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / sysutils / sandboxctl
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Pullup ticket #6950 - requested by schmonz
sysutils/sandboxctl: Runtime fix for older NetBSD
Revisions pulled up:
- sysutils/sandboxctl/Makefile 1.6
- sysutils/sandboxctl/distinfo 1.7
- sysutils/sandboxctl/patches/patch-modules_netbsd__release.subr 1.2
---
Module Name: pkgsrc
Committed By: schmonz
Date: Sun Mar 30 16:23:58 UTC 2025
Modified Files:
pkgsrc/sysutils/sandboxctl: Makefile distinfo
pkgsrc/sysutils/sandboxctl/patches: patch-modules_netbsd__release.subr
Log Message:
sandboxctl: don't fail when certctl is not present. Bump PKGREVISION.
>From mlelstv@ on netbsd-users@ (thanks!).
sandboxctl: don't fail when certctl is not present. Bump PKGREVISION. From mlelstv@ on netbsd-users@ (thanks!).
*: reset MAINTAINER (became observer)
sandboxctl: run certctl if available. Bump PKGREVISION.
sandboxctl: don't use tar -e on netbsd. it's not supported by the newly default libarchive tar. From Robert Nestor on pkgsrc-users. bump PKGREVISION
Update sandboxctl to 1.1: Changes in version 1.1 ====================== **Released on 2019-01-14.** * Fixed the `darwin-native` type to allow accessing the Oracle JRE from within the sandbox. * Expose `/usr/local` in `darwin-native` so that third-party software installed on the host, such as OSXFUSE, can be found. * Expose an empty `/private/var/mail` directory within the `darwin-native` sandbox so that programs that expect the directory to exist can work. * Issue 2: Fixed access to the system keychain on `darwin-native` sandboxes, which allows, among other things, for HTTPS downloads to work properly. * Issue 4: Fixed the `netbsd-native` type to recognize a `/boot` directory and to ignore the lack of `/netbsd`, as is the case for NetBSD/evbarm-earmv7hf 7.1 Raspberry Pi images. * Issue 5: Fixed DNS resolution in `darwin-native` sandboxes, which apparently got broken in the macOS Sierra 10.12.4 update because SIP now prevents modifying the running mDNSResponder instance. * Issue 7: Fixed execution of compilers and other Xcode tools within a `darwin-native` sandbox starting with High Sierra. Unfortunately, we now require SIP to be disabled for these tools to work. * Added support for XZ-compressed files to `sandbox_extract`. * Added support for XZ-compressed release sets to `netbsd-native` and `netbsd-release`. As a side-effect of this change, the `NETBSD_RELEASE_SETS` setting in `netbsd-release` now takes a list of set names *without* their extension.
Initial addition of sandboxctl 1.0: sandboxctl is a tool to interact with chroot-based sandboxes. The sandboxctl tool provides an automated mechanism to create and interact with chroot-based sandboxes. These sandboxes can be transient (e.g. to run a single command within them) or long-lived (e.g. to run a system service in a safe manner). Sandboxes can be created using multiple mechanisms, which range from extracting fresh distribution sets to bind-mounting the outer file systems inside the sandbox. The specific mechanism depends on the features supported by the underlying operating system and the chosen sandbox type. Currently, sandboxctl includes support for FreeBSD, Linux, macOS (Darwin), and NetBSD. Each sandbox is defined via a configuration file provided by the user and a system-specific template provided by this package. The user configuration is simple and semantically-rich, allowing the system administrator to not worry about the environment-specific details. This package is primarily targetted at supporting pkgtools/pkg_comp but is provided as a standalone tool for flexibility.