From 8bb8cf2ad488151879b1d7e5ec7436d38553b1b5 Mon Sep 17 00:00:00 2001 From: Omar Polo Date: Fri, 2 Jul 2021 09:26:59 +0000 Subject: [PATCH] configure: add --disable-sandbox Calling `configure' with --disable-sandbox will disable the sandbox support *completely* at compile time. gmid will still complain at compile time and during the startup. Users shouldn't disable the sandbox if possible, but instead report problem upstream so they get fixed (hopefully.) #4 related --- configure | 9 +++++++++ sandbox.c | 25 ++++++++++++++++++++++++- 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/configure b/configure index d5f4035..707ef3d 100755 --- a/configure +++ b/configure @@ -43,6 +43,8 @@ LD_IMSG= STATIC= YACC=yacc +DISABLE_SANDBOX=0 + NEED_GNU_SOURCE=0 NEED_OPENBSD_SOURCE=0 @@ -88,6 +90,11 @@ which ${YACC} 2>/dev/null 1>&2 || { # allow certain variables to be overridden on the command line for keyvals in "$@"; do + if [ "$keyvals" = "--disable-sandbox" ]; then + DISABLE_SANDBOX=1 + continue + fi + key=`echo $keyvals | cut -s -d '=' -f1` if [ -z "$key" ]; then echo "$0: invalid key-value: $keyvals" 1>&2 @@ -275,6 +282,8 @@ echo "#include " cat <<__HEREDOC__ +#define DISABLE_SANDBOX ${DISABLE_SANDBOX} + #define HAVE_ERR ${HAVE_ERR} #define HAVE_EXPLICIT_BZERO ${HAVE_EXPLICIT_BZERO} #define HAVE_FREEZERO ${HAVE_FREEZERO} diff --git a/sandbox.c b/sandbox.c index 3f99f08..8b1244b 100644 --- a/sandbox.c +++ b/sandbox.c @@ -16,7 +16,30 @@ #include "gmid.h" -#if defined(__FreeBSD__) +#if DISABLE_SANDBOX + +#warning "Sandbox disabled! Please report issues upstream instead of disabling the sandbox." + +void +sandbox_server_process(void) +{ + return; +} + +void +sandbox_executor_process(void) +{ + log_notice(NULL, "Sandbox disabled! " + "Please report issues upstream instead of disabling the sandbox."); +} + +void +sandbox_logger_process(void) +{ + return; +} + +#elif defined(__FreeBSD__) #include