Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix macos sandbox script incorrectly assuming that getconf doesn't exist #5780

Merged
merged 1 commit into from
Jan 22, 2024
Merged

Fix macos sandbox script incorrectly assuming that getconf doesn't exist #5780

merged 1 commit into from
Jan 22, 2024

Conversation

ElectreAAS
Copy link
Collaborator

@ElectreAAS ElectreAAS commented Jan 12, 2024
edited
Loading

As noted in #5778, this is a proper bugfix:

  • [ -z /usr/bin/getconf ] tests if the literal string "/usr/bin/getconf" is empty - which is always false - and doesn't probe the filesystem at all.
  • command -v getconf >/dev/null actually asks the system if that command exists. The place where it is defined (/usr/bin or anything else) doesn't matter since we call it directly below.

It should be noted that if $TMPDIR is not set and getconf doesn't exist, we carry on the program silently. Is that intended?

I do not have a macos machine on hand and cannot test this, but this could be related to #4958

@ElectreAAS ElectreAAS mentioned this pull request Jan 12, 2024
Open
kit-ty-kate
kit-ty-kate reviewed Jan 12, 2024
View reviewed changes
Copy link
Member

@kit-ty-kate kit-ty-kate left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that by default macOS already defines TMPDIR during startup so this code is almost never executed in practice (i think the only way would be if you manually unset that variable or if you start your shell with env -i, which is definetely possible but unlikely)

src/state/shellscripts/sandbox_exec.sh Outdated Show resolved Hide resolved
@dra27 dra27 merged commit 285bf78 into ocaml:master Jan 22, 2024
29 checks passed
@ElectreAAS ElectreAAS deleted the sandbox-shellfix branch January 22, 2024 13:15
@rjbou rjbou added this to the 2.2.0~beta2 milestone Apr 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kit-ty-kate kit-ty-kate kit-ty-kate approved these changes

Assignees
No one assigned
Labels
AREA: SANDBOX
Projects
None yet
Milestone
2.2.0~beta2
Development

Successfully merging this pull request may close these issues.
4 participants
@ElectreAAS @kit-ty-kate @dra27 @rjbou