Class: Sandbox Private

Inherits:
Object
  • Object
show all
Extended by:
T::Sig
Defined in:
sandbox.rb

Overview

This class is part of a private API. This class may only be used in the Homebrew/brew repository. Third parties should avoid using this class if possible, as it may be removed or changed without warning.

Helper class for running a sub-process inside of a sandboxed environment.

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializevoid

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



22
23
24
# File 'sandbox.rb', line 22

def initialize
  @profile = SandboxProfile.new
end

Class Method Details

.available?Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


17
18
19
# File 'sandbox.rb', line 17

def self.available?
  OS.mac? && File.executable?(SANDBOX_EXEC)
end

Instance Method Details

#add_rule(rule) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



30
31
32
# File 'sandbox.rb', line 30

def add_rule(rule)
  @profile.add_rule(rule)
end

#allow_cvsObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



58
59
60
# File 'sandbox.rb', line 58

def allow_cvs
  allow_write_path "#{Dir.home(ENV.fetch("USER"))}/.cvspass"
end

#allow_fossilObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



62
63
64
65
# File 'sandbox.rb', line 62

def allow_fossil
  allow_write_path "#{Dir.home(ENV.fetch("USER"))}/.fossil"
  allow_write_path "#{Dir.home(ENV.fetch("USER"))}/.fossil-journal"
end

#allow_write(path, options = {}) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



34
35
36
# File 'sandbox.rb', line 34

def allow_write(path, options = {})
  add_rule allow: true, operation: "file-write*", filter: path_filter(path, options[:type])
end

#allow_write_cellar(formula) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



67
68
69
70
71
# File 'sandbox.rb', line 67

def allow_write_cellar(formula)
  allow_write_path formula.rack
  allow_write_path formula.etc
  allow_write_path formula.var
end

#allow_write_log(formula) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



78
79
80
# File 'sandbox.rb', line 78

def allow_write_log(formula)
  allow_write_path formula.logs
end

#allow_write_path(path) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



42
43
44
# File 'sandbox.rb', line 42

def allow_write_path(path)
  allow_write path, type: :subpath
end

#allow_write_temp_and_cacheObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



50
51
52
53
54
55
56
# File 'sandbox.rb', line 50

def allow_write_temp_and_cache
  allow_write_path "/private/tmp"
  allow_write_path "/private/var/tmp"
  allow_write "^/private/var/folders/[^/]+/[^/]+/[C,T]/", type: :regex
  allow_write_path HOMEBREW_TEMP
  allow_write_path HOMEBREW_CACHE
end

#allow_write_xcodeObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Xcode projects expect access to certain cache/archive dirs.



74
75
76
# File 'sandbox.rb', line 74

def allow_write_xcode
  allow_write_path "#{Dir.home(ENV.fetch("USER"))}/Library/Developer"
end

#deny_write(path, options = {}) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



38
39
40
# File 'sandbox.rb', line 38

def deny_write(path, options = {})
  add_rule allow: false, operation: "file-write*", filter: path_filter(path, options[:type])
end

#deny_write_homebrew_repositoryObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



82
83
84
85
86
87
88
89
90
# File 'sandbox.rb', line 82

def deny_write_homebrew_repository
  deny_write HOMEBREW_BREW_FILE
  if HOMEBREW_PREFIX.to_s == HOMEBREW_REPOSITORY.to_s
    deny_write_path HOMEBREW_LIBRARY
    deny_write_path HOMEBREW_REPOSITORY/".git"
  else
    deny_write_path HOMEBREW_REPOSITORY
  end
end

#deny_write_path(path) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



46
47
48
# File 'sandbox.rb', line 46

def deny_write_path(path)
  deny_write path, type: :subpath
end

#exec(*args) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# File 'sandbox.rb', line 92

def exec(*args)
  seatbelt = Tempfile.new(["homebrew", ".sb"], HOMEBREW_TEMP)
  seatbelt.write(@profile.dump)
  seatbelt.close
  @start = Time.now

  begin
    T.unsafe(self).safe_system SANDBOX_EXEC, "-f", seatbelt.path, *args
  rescue
    @failed = true
    raise
  ensure
    seatbelt.unlink
    sleep 0.1 # wait for a bit to let syslog catch up the latest events.
    syslog_args = %W[
      -F $((Time)(local))\ $(Sender)[$(PID)]:\ $(Message)
      -k Time ge #{@start.to_i}
      -k Message S deny
      -k Sender kernel
      -o
      -k Time ge #{@start.to_i}
      -k Message S deny
      -k Sender sandboxd
    ]
    logs = Utils.popen_read("syslog", *syslog_args)

    # These messages are confusing and non-fatal, so don't report them.
    logs = logs.lines.reject { |l| l.match(/^.*Python\(\d+\) deny file-write.*pyc$/) }.join

    unless logs.empty?
      if @logfile
        File.open(@logfile, "w") do |log|
          log.write logs
          log.write "\nWe use time to filter sandbox log. Therefore, unrelated logs may be recorded.\n"
        end
      end

      if @failed && Homebrew::EnvConfig.verbose?
        ohai "Sandbox Log", logs
        $stdout.flush # without it, brew test-bot would fail to catch the log
      end
    end
  end
end

#record_log(file) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



26
27
28
# File 'sandbox.rb', line 26

def record_log(file)
  @logfile = file
end