file 5.37-4 (x86_64;aarch64;i686;armv7hnl;znver1) 2019-7507
9999

Submitter nobodydead [@T] gmail.com
Platform rolling
Repository main
URL https://abf.openmandriva.org/build_lists/615788
Packages
file-5.37-4.x86_64.binary
file-5.37-4.x86_64.source
file-debuginfo-5.37-4.x86_64.debuginfo
lib64magic1-5.37-4.x86_64.binary
lib64magic1-debuginfo-5.37-4.x86_64.debuginfo
lib64magic-devel-5.37-4.x86_64.binary
lib64magic-static-devel-5.37-4.x86_64.binary
python2-magic-5.37-4.x86_64.binary
python-magic-5.37-4.x86_64.binary
file-5.37-4.aarch64.binary
file-5.37-4.aarch64.source
file-debuginfo-5.37-4.aarch64.debuginfo
lib64magic1-5.37-4.aarch64.binary
lib64magic1-debuginfo-5.37-4.aarch64.debuginfo
lib64magic-devel-5.37-4.aarch64.binary
lib64magic-static-devel-5.37-4.aarch64.binary
python2-magic-5.37-4.aarch64.binary
python-magic-5.37-4.aarch64.binary
file-5.37-4.i686.source
file-5.37-4.i686.binary
file-debuginfo-5.37-4.i686.debuginfo
libmagic1-5.37-4.i686.binary
libmagic1-debuginfo-5.37-4.i686.debuginfo
libmagic-devel-5.37-4.i686.binary
libmagic-static-devel-5.37-4.i686.binary
python2-magic-5.37-4.i686.binary
python-magic-5.37-4.i686.binary
file-5.37-4.armv7hnl.binary
file-5.37-4.armv7hnl.source
file-debuginfo-5.37-4.armv7hnl.debuginfo
libmagic1-5.37-4.armv7hnl.binary
libmagic1-debuginfo-5.37-4.armv7hnl.debuginfo
libmagic-devel-5.37-4.armv7hnl.binary
libmagic-static-devel-5.37-4.armv7hnl.binary
python2-magic-5.37-4.armv7hnl.binary
python-magic-5.37-4.armv7hnl.binary
file-5.37-4.znver1.binary
file-5.37-4.znver1.source
file-debuginfo-5.37-4.znver1.debuginfo
lib64magic1-5.37-4.znver1.binary
lib64magic1-debuginfo-5.37-4.znver1.debuginfo
lib64magic-devel-5.37-4.znver1.binary
lib64magic-static-devel-5.37-4.znver1.binary
python2-magic-5.37-4.znver1.binary
python-magic-5.37-4.znver1.binary
Build Date 2019-10-11 19:15:14 +0000 UTC
Last Updated 2019-10-12 10:49:04.852312472 +0000 UTC
$ git show --format=fuller --patch-with-stat --summary 32a18195bb258e31d671c2e6a6a4fcf7e59d0e28

commit 32a18195bb258e31d671c2e6a6a4fcf7e59d0e28
Author:     tpgxyz <tpgxyz@gmail.com>
AuthorDate: Fri Oct 11 20:43:07 2019 +0200
Commit:     tpgxyz <tpgxyz@gmail.com>
CommitDate: Fri Oct 11 20:43:07 2019 +0200

    sync patches with ClearLinux
---
 0003-Whitelist-more-syscalls-for-seccomp.patch | 50 ++++++++++++++++++++++++++
 0003-Whitelist-syscall-futex-for-seccomp.patch | 25 -------------
 0004-allow-madvise.patch                       | 10 ------
 file.spec                                      |  5 ++-
 4 files changed, 52 insertions(+), 38 deletions(-)
 create mode 100644 0003-Whitelist-more-syscalls-for-seccomp.patch
 delete mode 100644 0003-Whitelist-syscall-futex-for-seccomp.patch
 delete mode 100644 0004-allow-madvise.patch

diff --git a/0003-Whitelist-more-syscalls-for-seccomp.patch b/0003-Whitelist-more-syscalls-for-seccomp.patch
new file mode 100644
index 0000000..43d60ce
--- /dev/null
+++ b/0003-Whitelist-more-syscalls-for-seccomp.patch
@@ -0,0 +1,50 @@
+From 336e21c87ddf170cb09bff77084df5f0300b13a2 Mon Sep 17 00:00:00 2001
+From: Patrick McCarty <patrick.mccarty@intel.com>
+Date: Tue, 6 Aug 2019 12:30:59 -0700
+Subject: [PATCH] Whitelist more syscalls for seccomp
+
+Linking to libpthread directly has the side-effect of futex() getting
+called, so it needs to be whitelisted.
+
+Signed-off-by: Patrick McCarty <patrick.mccarty@intel.com>
+Signed-off-by: Thiago Macieira <thiago.macieira@intel.com>
+---
+ src/seccomp.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/seccomp.c b/src/seccomp.c
+index 1b9d9b85..250e3662 100644
+--- a/src/seccomp.c
++++ b/src/seccomp.c
+@@ -167,10 +167,12 @@ enable_sandbox_full(void)
+  	ALLOW_RULE(fcntl64);
+ 	ALLOW_RULE(fstat);
+  	ALLOW_RULE(fstat64);
++	ALLOW_RULE(futex);
+ 	ALLOW_RULE(getdents);
+ #ifdef __NR_getdents64
+ 	ALLOW_RULE(getdents64);
+ #endif
++	ALLOW_RULE(getpid);
+ 	ALLOW_RULE(ioctl);
+ 	ALLOW_RULE(lseek);
+  	ALLOW_RULE(_llseek);
+@@ -197,6 +199,7 @@ enable_sandbox_full(void)
+ 	ALLOW_RULE(stat);
+ 	ALLOW_RULE(stat64);
+ 	ALLOW_RULE(sysinfo);
++	ALLOW_RULE(umask);
+ 	ALLOW_RULE(unlink);
+ 	ALLOW_RULE(write);
+ 
+@@ -204,7 +207,6 @@ enable_sandbox_full(void)
+ #if 0
+ 	// needed by valgrind
+ 	ALLOW_RULE(gettid);
+-	ALLOW_RULE(getpid);
+ 	ALLOW_RULE(rt_sigtimedwait);
+ #endif
+ 
+-- 
+2.23.0
+
diff --git a/0003-Whitelist-syscall-futex-for-seccomp.patch b/0003-Whitelist-syscall-futex-for-seccomp.patch
deleted file mode 100644
index f47e9a9..0000000
--- a/0003-Whitelist-syscall-futex-for-seccomp.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Patrick McCarty <patrick.mccarty@intel.com>
-Date: Tue, 6 Aug 2019 12:30:59 -0700
-Subject: [PATCH] Whitelist syscall futex() for seccomp
-
-Linking to libpthread directly has the side-effect of futex() getting
-called, so it needs to be whitelisted.
-
-Signed-off-by: Patrick McCarty <patrick.mccarty@intel.com>
----
- src/seccomp.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/seccomp.c b/src/seccomp.c
-index 1b9d9b8..54ea144 100644
---- a/src/seccomp.c
-+++ b/src/seccomp.c
-@@ -167,6 +167,7 @@ enable_sandbox_full(void)
-  	ALLOW_RULE(fcntl64);
- 	ALLOW_RULE(fstat);
-  	ALLOW_RULE(fstat64);
-+	ALLOW_RULE(futex);
- 	ALLOW_RULE(getdents);
- #ifdef __NR_getdents64
- 	ALLOW_RULE(getdents64);
diff --git a/0004-allow-madvise.patch b/0004-allow-madvise.patch
deleted file mode 100644
index 5f0ba7d..0000000
--- a/0004-allow-madvise.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/src/seccomp.c	2018-09-10 17:35:40.000000000 -0700
-+++ b/src/seccomp.c	2019-02-21 12:53:06.114685404 -0800
-@@ -179,6 +179,7 @@
- 	ALLOW_RULE(mmap);
-  	ALLOW_RULE(mmap2);
- 	ALLOW_RULE(mprotect);
-+	ALLOW_RULE(madvise);
- 	ALLOW_RULE(mremap);
- 	ALLOW_RULE(munmap);
- #ifdef __NR_newfstatat
diff --git a/file.spec b/file.spec
index 50c9130..ddd9c51 100644
--- a/file.spec
+++ b/file.spec
@@ -6,7 +6,7 @@
 Summary:	A utility for determining file types
 Name:		file
 Version:	5.37
-Release:	3
+Release:	4
 License:	BSD
 Group:		File tools
 Url:		http://www.darwinsys.com/file/
@@ -25,8 +25,7 @@ Patch103:	file-4.17-rpm-name.patch
 Patch104:	file-5.04-volume_key.patch
 
 # ClearLinux patches
-Patch111:	0004-allow-madvise.patch
-Patch113:	0003-Whitelist-syscall-futex-for-seccomp.patch
+Patch113:	0003-Whitelist-more-syscalls-for-seccomp.patch
 BuildRequires:	pkgconfig(python2)
 BuildRequires:	python2-pkg-resources
 BuildRequires:	pkgconfig(python3)
Not Available
benbullard79 [@T] cox.netThese look ready to move, need to get them out of way of Qt/KF36d 13hrs
benbullard79 [@T] cox.netNo Comment.36d 12hrs
benbullard79 [@T] cox.netNo Comment.36d 12hrs
benbullard79 [@T] cox.netNo Comment.36d 11hrs