diff options
| author |   Mike Gilbert <floppym@gentoo.org> | 2024-11-06 14:01:52 -0500 |
|---|---|---|
| committer | Mike Gilbert <floppym@gentoo.org> | 2024-11-06 14:01:52 -0500 |
| commit | f583425b1b4bb47028bedf14ae72d375705b02d4 (patch) | |
| tree | 960fc6aa74af786dccf23250b86856fdf797d051 /net-vpn | |
| parent | profiles: Mask xf86-video-vboxvideo for removal (diff) | |
| download | gentoo-f583425b1b4bb47028bedf14ae72d375705b02d4.tar.gz gentoo-f583425b1b4bb47028bedf14ae72d375705b02d4.tar.bz2 gentoo-f583425b1b4bb47028bedf14ae72d375705b02d4.zip | |
net-vpn/ocserv: fix tests on arm64
Closes: https://bugs.gentoo.org/942899
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
Diffstat (limited to 'net-vpn')
| -rw-r--r-- | net-vpn/ocserv/files/ocserv-1.3.0-seccomp-readlinkat.patch | 31 | ||||
| -rw-r--r-- | net-vpn/ocserv/ocserv-1.3.0-r1.ebuild (renamed from net-vpn/ocserv/ocserv-1.3.0.ebuild) | 4 |
2 files changed, 35 insertions, 0 deletions
diff --git a/net-vpn/ocserv/files/ocserv-1.3.0-seccomp-readlinkat.patch b/net-vpn/ocserv/files/ocserv-1.3.0-seccomp-readlinkat.patch new file mode 100644 index 000000000000..e26e93140ccc --- /dev/null +++ b/net-vpn/ocserv/files/ocserv-1.3.0-seccomp-readlinkat.patch @@ -0,0 +1,31 @@ +https://gitlab.com/openconnect/ocserv/-/merge_requests/444 +https://bugs.gentoo.org/942899 + +From e58139e49752dffb6983b3ccc5455d612912dd66 Mon Sep 17 00:00:00 2001 +From: Mike Gilbert <floppym@gentoo.org> +Date: Wed, 6 Nov 2024 13:53:51 -0500 +Subject: [PATCH] Allow the readlinkat syscall when socket_wrapper is in use + +On arm64, the realpath function calls readlinkat instead of readlink. + +Fixes: https://gitlab.com/openconnect/ocserv/-/issues/627 +Signed-off-by: Mike Gilbert <floppym@gentoo.org> +--- + src/worker-privs.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/worker-privs.c b/src/worker-privs.c +index 54985999b..6e0762780 100644 +--- a/src/worker-privs.c ++++ b/src/worker-privs.c +@@ -105,6 +105,7 @@ int disable_system_calls(struct worker_st *ws) + * them when socket wrapper is active */ + if (getenv("SOCKET_WRAPPER_DIR") != NULL) { + ADD_SYSCALL(readlink, 0); ++ ADD_SYSCALL(readlinkat, 0); + } + + /* we use quite some system calls here, and in the end +-- +GitLab + diff --git a/net-vpn/ocserv/ocserv-1.3.0.ebuild b/net-vpn/ocserv/ocserv-1.3.0-r1.ebuild index c354d7bae7ad..ddfef2cd45cc 100644 --- a/net-vpn/ocserv/ocserv-1.3.0.ebuild +++ b/net-vpn/ocserv/ocserv-1.3.0-r1.ebuild @@ -59,6 +59,10 @@ DEPEND=" " RDEPEND="${DEPEND}" +PATCHES=( + "${FILESDIR}"/ocserv-1.3.0-seccomp-readlinkat.patch +) + src_prepare() { default if [[ ${PV} == 9999 ]]; then |