diff --git a/CHANGES b/CHANGES
index ee057144537..e6b1987af36 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,28 @@ Changes prefixed with "(*)" are potentially breaking to scripts or existing
repositories (changes that are automatically handled by the format upgrade tools
are not marked).
+2.0.8:
+* Add colon for fish MANPATH fix. [#4084 @rjbou - fix #4078]
+* No error when linked directory doesn't exist (e.g. XDG defined)
+ [#4278 @kit-ty-kate]
+* Add quotes to avoid space unwanted behaviors [#4278 @kit-ty-kate]
+* Handle `CCACHE_DIR` environment variable in sandbox script.
+ [#4087 @rjbou - fix #4079]
+* Follow links of `~/.cache` & `~/.cache/dune` for bwrap call.
+ [#4087 @rjbou - fix #4086]
+* Don't overwrite user's sandbow script modification. [#4020 #4092 @rjbou]
+* On MacOS sandbox script, always read write mount `/tmp`
+ [#3742 @rjbou - fix ocaml/opam-repository#13339]
+* Use version var in opam file instead of equal current version number in
+ opamlib dependencies [#4178 @rjbou]
+* Opam file build using dune [#4178 @rjbou #4229 @kit-ty-kate - fix #4173]
+* Update opam file to 2.0 [#4371 @AltGr]
+* Fix `arch` detection when using 32bit mode on ARM64 [#4462 @kit-ty-kate]
+* Fix `arch` detection of i486 [#4462 @kit-ty-kate]
+* The stdout of pre- and post-session hooks is now propagated to the user
+ [#4382 @AltGr - fix #4359]
+* Run switch pre/post sessions hooks [#4476 @rjbou - fix #4472]
+
2.0.7:
* Properly escape Windows paths on manpages [#4129 @AltGr @rjbou]
diff --git a/configure b/configure
index 444252e6230..636d772b800 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for opam 2.0.7.
+# Generated by GNU Autoconf 2.69 for opam 2.0.8.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -578,8 +578,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='opam'
PACKAGE_TARNAME='opam'
-PACKAGE_VERSION='2.0.7'
-PACKAGE_STRING='opam 2.0.7'
+PACKAGE_VERSION='2.0.8'
+PACKAGE_STRING='opam 2.0.8'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -1265,7 +1265,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures opam 2.0.7 to adapt to many kinds of systems.
+\`configure' configures opam 2.0.8 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1327,7 +1327,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of opam 2.0.7:";;
+ short | recursive ) echo "Configuration of opam 2.0.8:";;
esac
cat <<\_ACEOF
@@ -1431,7 +1431,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-opam configure 2.0.7
+opam configure 2.0.8
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1526,7 +1526,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by opam $as_me 2.0.7, which was
+It was created by opam $as_me 2.0.8, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -6083,7 +6083,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by opam $as_me 2.0.7, which was
+This file was extended by opam $as_me 2.0.8, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -6136,7 +6136,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-opam config.status 2.0.7
+opam config.status 2.0.8
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index d5b37cc5e9a..f4db5665591 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,5 +1,5 @@
dnl The line below must be formatted AC_INIT(opam,VERSION) with no extra spaces
-AC_INIT(opam,2.0.7)
+AC_INIT(opam,2.0.8)
AC_COPYRIGHT(Copyright 2012-2017 OcamlPro SAS)
AC_CONFIG_MACRO_DIR([m4])
diff --git a/doc/pages/Manual.md b/doc/pages/Manual.md
index dd70ef87dc4..2182026ecd9 100644
--- a/doc/pages/Manual.md
+++ b/doc/pages/Manual.md
@@ -1388,6 +1388,10 @@ for opam.
- `hooks`: the directory where scripts created using `opamrc`'s
[`init-scripts:`](#opamrcfield-init-scripts) field are created.
+ In addition, the output of these hooks is printed to the user, so
+ `post-session-commands` may be used to output extra information upon session
+ completion.
+
- `repository-validation-command: [ { } ... ]`:
defines a command to run on the upstream repositories to validate their
authenticity. When this is specified, and for repositories that define
diff --git a/opam-client.opam b/opam-client.opam
index fd2e0486b08..eb8ad18244c 100644
--- a/opam-client.opam
+++ b/opam-client.opam
@@ -1,5 +1,9 @@
-opam-version: "1.2"
-version: "2.0.7"
+opam-version: "2.0"
+version: "2.0.8"
+synopsis: "opam 2.0 development libraries (client)"
+description: """
+Actions on the opam root, switches, installations, and front-end.
+"""
maintainer: "opam-devel@lists.ocaml.org"
authors: [
"Vincent Bernardoff "
@@ -15,16 +19,16 @@ authors: [
]
homepage: "https://opam.ocaml.org/"
bug-reports: "https://github.com/ocaml/opam/issues"
-dev-repo: "https://github.com/ocaml/opam.git"
+dev-repo: "git+https://github.com/ocaml/opam.git"
build: [
["./configure" "--disable-checks" "--prefix" prefix]
- [make "%{name}%.install"]
+ ["dune" "build" "-p" name "-j" jobs]
]
depends: [
- "opam-state" {= "2.0.7"}
- "opam-solver" {= "2.0.7"}
+ "ocaml" {>= "4.02.3"}
+ "opam-state" {= version}
+ "opam-solver" {= version}
"re" {>= "1.7.2"}
"cmdliner" {>= "0.9.8"}
"dune" {build & >= "1.2.1"}
]
-available: ocaml-version >= "4.02.3"
diff --git a/opam-core.opam b/opam-core.opam
index 90b1b339f72..6ed64286eb1 100644
--- a/opam-core.opam
+++ b/opam-core.opam
@@ -1,5 +1,9 @@
-opam-version: "1.2"
-version: "2.0.7"
+opam-version: "2.0"
+version: "2.0.8"
+synopsis: "opam 2.0 development libraries (core)"
+description: """
+Small standard library extensions, and generic system interaction modules used by opam.
+"""
maintainer: "opam-devel@lists.ocaml.org"
authors: [
"Vincent Bernardoff "
@@ -15,12 +19,13 @@ authors: [
]
homepage: "https://opam.ocaml.org/"
bug-reports: "https://github.com/ocaml/opam/issues"
-dev-repo: "https://github.com/ocaml/opam.git"
+dev-repo: "git+https://github.com/ocaml/opam.git"
build: [
["./configure" "--disable-checks" "--prefix" prefix]
- [make "%{name}%.install"]
+ ["dune" "build" "-p" name "-j" jobs]
]
depends: [
+ "ocaml" {>= "4.02.3"}
"base-unix"
"base-bigarray"
"ocamlgraph"
@@ -29,4 +34,3 @@ depends: [
"cppo" {build}
]
conflicts: "extlib-compat"
-available: ocaml-version >= "4.02.3"
diff --git a/opam-devel.opam b/opam-devel.opam
index c0fb081fde0..50cf03a78e2 100644
--- a/opam-devel.opam
+++ b/opam-devel.opam
@@ -1,5 +1,9 @@
-opam-version: "1.2"
-version: "2.0.7"
+opam-version: "2.0"
+version: "2.0.8"
+synopsis: "opam 2.0 bootstrapped binary"
+description: """
+This package compiles (bootstraps) opam. For consistency and safety of the installation, the binaries are not installed into the PATH, but into lib/opam-devel, from where the user can manually install them system-wide.
+"""
maintainer: "opam-devel@lists.ocaml.org"
authors: [
"Vincent Bernardoff "
@@ -15,14 +19,15 @@ authors: [
]
homepage: "https://opam.ocaml.org"
bug-reports: "https://github.com/ocaml/opam/issues"
-dev-repo: "https://github.com/ocaml/opam.git"
+dev-repo: "git+https://github.com/ocaml/opam.git"
build: [
["./configure" "--disable-checks" "--prefix" prefix]
[make "%{name}%.install"]
+ [make "tests"] {with-test}
]
-build-test: [make "tests"]
depends: [
- "opam-client" {= "2.0.7"}
+ "ocaml" {>= "4.02.3"}
+ "opam-client" {= version}
"cmdliner" {>= "0.9.8"}
"dune" {build & >= "1.2.1"}
]
@@ -34,4 +39,3 @@ If you just want to give it a try without altering your current installation, yo
alias opam2=\"OPAMROOT=~/.opam2 %{lib}%/%{name}%/opam\""
{success}
]
-available: ocaml-version >= "4.02.3"
diff --git a/opam-format.opam b/opam-format.opam
index 0eb66ce35c1..9e11b5805aa 100644
--- a/opam-format.opam
+++ b/opam-format.opam
@@ -1,5 +1,9 @@
-opam-version: "1.2"
-version: "2.0.7"
+opam-version: "2.0"
+version: "2.0.8"
+synopsis: "opam 2.0 development libraries (format)"
+description: """
+Definition of opam datastructures and its file interface.
+"""
maintainer: "opam-devel@lists.ocaml.org"
authors: [
"Vincent Bernardoff "
@@ -15,14 +19,14 @@ authors: [
]
homepage: "https://opam.ocaml.org/"
bug-reports: "https://github.com/ocaml/opam/issues"
-dev-repo: "https://github.com/ocaml/opam.git"
+dev-repo: "git+https://github.com/ocaml/opam.git"
build: [
["./configure" "--disable-checks" "--prefix" prefix]
- [make "%{name}%.install"]
+ ["dune" "build" "-p" name "-j" jobs]
]
depends: [
- "opam-core" {= "2.0.7"}
+ "ocaml" {>= "4.02.3"}
+ "opam-core" {= version}
"opam-file-format" {>= "2.0.0~rc2" & <= "2.1.0"}
"dune" {build & >= "1.2.1"}
]
-available: ocaml-version >= "4.02.3"
diff --git a/opam-installer.opam b/opam-installer.opam
index 8f36264ecbd..0e07032ba4c 100644
--- a/opam-installer.opam
+++ b/opam-installer.opam
@@ -1,5 +1,11 @@
-opam-version: "1.2"
-version: "2.0.7"
+opam-version: "2.0"
+version: "2.0.8"
+synopsis: "Installation of files to a prefix, following opam conventions"
+description: """
+opam-installer is a small tool that can read *.install files, as defined by opam [1], and execute them to install or remove package files without going through opam.
+
+[1] http://opam.ocaml.org/doc/2.0/Manual.html#lt-pkgname-gt-install
+"""
maintainer: "opam-devel@lists.ocaml.org"
authors: [
"Vincent Bernardoff "
@@ -15,14 +21,14 @@ authors: [
]
homepage: "https://opam.ocaml.org/"
bug-reports: "https://github.com/ocaml/opam/issues"
-dev-repo: "https://github.com/ocaml/opam.git"
+dev-repo: "git+https://github.com/ocaml/opam.git"
build: [
["./configure" "--disable-checks" "--prefix" prefix]
- [make "%{name}%.install"]
+ ["dune" "build" "-p" name "-j" jobs]
]
depends: [
- "opam-format" {= "2.0.7"}
+ "ocaml" {>= "4.02.3"}
+ "opam-format" {= version}
"cmdliner" {>= "0.9.8"}
"dune" {build & >= "1.2.1"}
]
-available: ocaml-version >= "4.02.3"
diff --git a/opam-repository.opam b/opam-repository.opam
index fd1bcb663ba..b5e1476225e 100644
--- a/opam-repository.opam
+++ b/opam-repository.opam
@@ -1,5 +1,9 @@
-opam-version: "1.2"
-version: "2.0.7"
+opam-version: "2.0"
+version: "2.0.8"
+synopsis: "opam 2.0 development libraries (repository)"
+description: """
+This library includes repository and remote sources handling, including curl/wget, rsync, git, mercurial, darcs backends.
+"""
maintainer: "opam-devel@lists.ocaml.org"
authors: [
"Vincent Bernardoff "
@@ -15,13 +19,13 @@ authors: [
]
homepage: "https://opam.ocaml.org/"
bug-reports: "https://github.com/ocaml/opam/issues"
-dev-repo: "https://github.com/ocaml/opam.git"
+dev-repo: "git+https://github.com/ocaml/opam.git"
build: [
["./configure" "--disable-checks" "--prefix" prefix]
- [make "%{name}%.install"]
+ ["dune" "build" "-p" name "-j" jobs]
]
depends: [
- "opam-format" {= "2.0.7"}
+ "ocaml" {>= "4.02.3"}
+ "opam-format" {= version}
"dune" {build & >= "1.2.1"}
]
-available: ocaml-version >= "4.02.3"
diff --git a/opam-solver.opam b/opam-solver.opam
index 58c87e5c313..c40ccf9da1e 100644
--- a/opam-solver.opam
+++ b/opam-solver.opam
@@ -1,5 +1,9 @@
-opam-version: "1.2"
-version: "2.0.7"
+opam-version: "2.0"
+version: "2.0.8"
+synopsis: "opam 2.0 development libraries (solver)"
+description: """
+Solver and Cudf interaction. This library is based on the Cudf and Dose libraries, and handles calls to the external solver from opam.
+"""
maintainer: "opam-devel@lists.ocaml.org"
authors: [
"Vincent Bernardoff "
@@ -15,16 +19,16 @@ authors: [
]
homepage: "https://opam.ocaml.org/"
bug-reports: "https://github.com/ocaml/opam/issues"
-dev-repo: "https://github.com/ocaml/opam.git"
+dev-repo: "git+https://github.com/ocaml/opam.git"
build: [
["./configure" "--disable-checks" "--prefix" prefix]
- [make "%{name}%.install"]
+ ["dune" "build" "-p" name "-j" jobs]
]
depends: [
- "opam-format" {= "2.0.7"}
+ "ocaml" {>= "4.02.3"}
+ "opam-format" {= version}
"mccs" {>= "1.1+9"}
"dose3" {>= "5"}
"cudf" {>= "0.7"}
"dune" {build & >= "1.2.1"}
]
-available: ocaml-version >= "4.02.3"
diff --git a/opam-state.opam b/opam-state.opam
index 21106ab1888..9a2753e3faf 100644
--- a/opam-state.opam
+++ b/opam-state.opam
@@ -1,5 +1,9 @@
-opam-version: "1.2"
-version: "2.0.7"
+opam-version: "2.0"
+version: "2.0.8"
+synopsis: "opam 2.0 development libraries (state)"
+description: """
+Handling of the ~/.opam hierarchy, repository and switch states.
+"""
maintainer: "opam-devel@lists.ocaml.org"
authors: [
"Vincent Bernardoff "
@@ -15,13 +19,13 @@ authors: [
]
homepage: "https://opam.ocaml.org/"
bug-reports: "https://github.com/ocaml/opam/issues"
-dev-repo: "https://github.com/ocaml/opam.git"
+dev-repo: "git+https://github.com/ocaml/opam.git"
build: [
["./configure" "--disable-checks" "--prefix" prefix]
- [make "%{name}%.install"]
+ ["dune" "build" "-p" name "-j" jobs]
]
depends: [
- "opam-repository" {= "2.0.7"}
+ "ocaml" {>= "4.02.3"}
+ "opam-repository" {= version}
"dune" {build & >= "1.2.1"}
]
-available: ocaml-version >= "4.02.3"
diff --git a/shell/bundle.sh b/shell/bundle.sh
index 7aebe72205a..92bc05b6cec 100755
--- a/shell/bundle.sh
+++ b/shell/bundle.sh
@@ -2,7 +2,7 @@
set -ue
OCAMLV=4.04.1
-OPAMV=2.0.7
+OPAMV=2.0.8
OPAM_REPO=https://opam.ocaml.org/2.0
DEBUG=
MAKESELF=
diff --git a/src/client/opamConfigCommand.ml b/src/client/opamConfigCommand.ml
index e56a792005e..ffa9fa077cb 100644
--- a/src/client/opamConfigCommand.ml
+++ b/src/client/opamConfigCommand.ml
@@ -165,13 +165,8 @@ let print_sexp_env env =
OpamConsole.msg ")\n"
let rec print_fish_env env =
- let set_arr_cmd k v =
- let v =
- OpamStd.String.split v ':'
- |> function
- | x::v' -> (":"^x)::v'
- | v -> v
- in
+ let set_arr_cmd ?(modf=fun x -> x) k v =
+ let v = modf @@ OpamStd.String.split v ':' in
OpamConsole.msg "set -gx %s %s;\n" k
(OpamStd.List.concat_map " "
(fun v ->
@@ -189,7 +184,8 @@ let rec print_fish_env env =
* stderr if `grep' does not exist. *)
"builtin -n | /bin/sh -c 'grep -q \\'^argparse$\\'' 1>/dev/null 2>/dev/null; and "
) ;
- set_arr_cmd "MANPATH" v in
+ let modf = function | x::v' -> (":"^x)::v' | v -> v in
+ set_arr_cmd ~modf "MANPATH" v in
match env with
| [] -> ()
| (k, v, _) :: r ->
diff --git a/src/client/opamSolution.ml b/src/client/opamSolution.ml
index 2cdaf209fe6..b93f02b0405 100644
--- a/src/client/opamSolution.ml
+++ b/src/client/opamSolution.ml
@@ -755,7 +755,7 @@ let confirmation ?ask requested solution =
OpamPackage.Name.Set.equal requested solution_packages
|| OpamConsole.confirm "Do you want to continue?"
-let run_hook_job t name ?(local=[]) w =
+let run_hook_job t name ?(local=[]) ?(allow_stdout=false) w =
let shell_env = OpamEnv.get_full ~force_path:true t in
let mk_cmd = function
| cmd :: args ->
@@ -772,9 +772,18 @@ let run_hook_job t name ?(local=[]) w =
try Some (List.assoc v local)
with Not_found -> OpamPackageVar.resolve_switch t v
in
- OpamProcess.Job.of_fun_list
- (OpamStd.List.filter_map (fun cmd -> mk_cmd cmd)
- (OpamFilter.commands env w))
+ let rec iter_commands = function
+ | [] -> Done None
+ | None :: commands -> iter_commands commands
+ | Some cmdf :: commands ->
+ let cmd = cmdf () in
+ cmd @@> fun result ->
+ if allow_stdout then
+ List.iter (OpamConsole.msg "%s\n") result.r_stdout;
+ if OpamProcess.is_success result then iter_commands commands
+ else Done (Some (cmd, result))
+ in
+ iter_commands (List.map mk_cmd (OpamFilter.commands env w))
@@+ function
| Some (cmd, _err) ->
OpamConsole.error "The %s hook failed at %S"
@@ -855,6 +864,11 @@ let apply ?ask t action ~requested ?add_roots ?(assume_built=false) solution =
(OpamSwitchState.depexts t nv))
new_state.installed OpamStd.String.Set.empty
in
+ let wrappers =
+ OpamFile.Wrappers.add
+ ~outer:(OpamFile.Config.wrappers t.switch_global.config)
+ ~inner:(OpamFile.Switch_config.wrappers t.switch_config)
+ in
let pre_session =
let open OpamPackage.Set.Op in
let local = [
@@ -864,9 +878,8 @@ let apply ?ask t action ~requested ?add_roots ?(assume_built=false) solution =
var_def "depexts" (OpamStd.String.Set.elements depexts);
] in
run_job @@
- run_hook_job t "pre-session" ~local
- (OpamFile.Wrappers.pre_session
- (OpamFile.Config.wrappers t.switch_global.config))
+ run_hook_job t "pre-session" ~local ~allow_stdout:true
+ (OpamFile.Wrappers.pre_session wrappers)
in
if not pre_session then
OpamStd.Sys.exit_because `Configuration_error;
@@ -885,9 +898,8 @@ let apply ?ask t action ~requested ?add_roots ?(assume_built=false) solution =
OpamVariable.Full.of_string "failure", B (not success);
] in
run_job @@
- run_hook_job t "post-session" ~local
- (OpamFile.Wrappers.post_session
- (OpamFile.Config.wrappers t.switch_global.config))
+ run_hook_job t "post-session" ~local ~allow_stdout:true
+ (OpamFile.Wrappers.post_session wrappers)
in
if not post_session then
OpamStd.Sys.exit_because `Configuration_error;
diff --git a/src/state/opamEnv.ml b/src/state/opamEnv.ml
index 025d07fa169..f8080e1cd53 100644
--- a/src/state/opamEnv.ml
+++ b/src/state/opamEnv.ml
@@ -544,9 +544,26 @@ let write_static_init_scripts root ?completion ?env_hook () =
update_scripts env_hook_file env_hook_script env_hook
let write_custom_init_scripts root custom =
+ let hookdir = OpamPath.hooks_dir root in
+ let kind = `MD5 in
List.iter (fun (name, script) ->
- write_script (OpamPath.hooks_dir root) (name, script);
- OpamFilename.chmod (OpamPath.hooks_dir root // name) 0o777
+ let script_file = hookdir // name in
+ let hash = OpamHash.compute_from_string ~kind script in
+ let hash_name = name ^ ".hash" in
+ let hash_file = hookdir // hash_name in
+ if not (OpamFilename.exists hash_file)
+ || (let same_hash =
+ OpamHash.of_string_opt (OpamFilename.read hash_file) =
+ Some (OpamHash.compute ~kind (OpamFilename.to_string script_file))
+ in
+ same_hash
+ || not same_hash
+ && OpamConsole.confirm ~default:false
+ "%s contains local modification, overwrite ?"
+ (OpamFilename.to_string script_file)) then
+ (write_script hookdir (name, script);
+ OpamFilename.chmod script_file 0o777;
+ write_script hookdir (hash_name, OpamHash.to_string hash))
) custom
let write_dynamic_init_scripts st =
diff --git a/src/state/opamSysPoll.ml b/src/state/opamSysPoll.ml
index 989d58842a3..0e2148bd30b 100644
--- a/src/state/opamSysPoll.ml
+++ b/src/state/opamSysPoll.ml
@@ -25,12 +25,12 @@ let norm s = if s = "" then None else Some (String.lowercase_ascii s)
let normalise_arch raw =
match String.lowercase_ascii raw with
- | "x86" | "i386" | "i586" | "i686" -> "x86_32"
+ | "x86" | "i386" | "i486" | "i586" | "i686" -> "x86_32"
| "x86_64" | "amd64" -> "x86_64"
| "powerpc" | "ppc" | "ppcle" -> "ppc32"
| "ppc64" | "ppc64le" -> "ppc64"
- | "aarch64_be" | "aarch64" | "armv8b" | "armv8l" -> "arm64"
- | a when List.exists (fun prefix -> OpamStd.String.starts_with ~prefix a)
+ | "aarch64_be" | "aarch64" -> "arm64"
+ | a when a = "armv8b" || a = "armv8l" || List.exists (fun prefix -> OpamStd.String.starts_with ~prefix a)
["armv5"; "armv6"; "earmv6"; "armv7"; "earmv7"] -> "arm32"
| s -> s
diff --git a/src/state/shellscripts/bwrap.sh b/src/state/shellscripts/bwrap.sh
index 1021d2eb909..c8aa382dcb1 100755
--- a/src/state/shellscripts/bwrap.sh
+++ b/src/state/shellscripts/bwrap.sh
@@ -61,23 +61,29 @@ add_sys_mounts /usr /bin /lib /lib32 /lib64 /etc /opt /home /var
# that remain writeable. ccache seems widespread in some Fedora systems.
add_ccache_mount() {
if command -v ccache > /dev/null; then
- CCACHE_DIR=$HOME/.ccache
ccache_dir_regex='cache_dir = (.*)$'
local IFS=$'\n'
- for f in $(ccache --print-config 2>/dev/null); do
+ for f in $(ccache -p 2>/dev/null); do
if [[ $f =~ $ccache_dir_regex ]]; then
- CCACHE_DIR=${BASH_REMATCH[1]}
+ ccache_dir=${BASH_REMATCH[1]}
+ break
fi
done
- add_mounts rw $CCACHE_DIR
+ CCACHE_DIR=${CCACHE_DIR-$HOME/.ccache}
+ ccache_dir=${ccache_dir-$CCACHE_DIR}
+ add_mounts rw "$ccache_dir"
fi
}
add_dune_cache_mount() {
- DUNE_CACHE=${XDG_CACHE_HOME:-$HOME/.cache}/dune
- mkdir -p ${DUNE_CACHE}
- add_mounts rw $DUNE_CACHE
- }
+ u_cache=${XDG_CACHE_HOME:-$HOME/.cache}
+ u_dune_cache=$u_cache/dune
+ cache=$(readlink -m "$u_cache")
+ dune_cache=$cache/dune
+ dune_cache=$(readlink -m "$u_dune_cache")
+ mkdir -p "${dune_cache}"
+ add_mount rw "$u_dune_cache" "$dune_cache"
+}
# This case-switch should remain identical between the different sandbox implems
COMMAND="$1"; shift
@@ -85,7 +91,7 @@ case "$COMMAND" in
build)
# mount unusual path in ro
if [ -n "${OPAM_USER_PATH_RO-}" ]; then
- add_mounts ro $(echo ${OPAM_USER_PATH_RO} | sed 's|:| |g')
+ add_mounts ro $(echo "${OPAM_USER_PATH_RO}" | sed 's|:| |g')
fi
add_mounts ro "$OPAM_SWITCH_PREFIX"
add_mounts rw "$PWD"
@@ -95,7 +101,7 @@ case "$COMMAND" in
install)
# mount unusual path in ro
if [ -n "${OPAM_USER_PATH_RO-}" ]; then
- add_mounts ro $(echo ${OPAM_USER_PATH_RO} | sed 's|:| |g')
+ add_mounts ro $(echo "${OPAM_USER_PATH_RO}" | sed 's|:| |g')
fi
add_mounts rw "$OPAM_SWITCH_PREFIX"
add_mounts ro "$OPAM_SWITCH_PREFIX/.opam-switch"
@@ -104,7 +110,7 @@ case "$COMMAND" in
remove)
# mount unusual path in ro
if [ -n "${OPAM_USER_PATH_RO-}" ]; then
- add_mounts ro $(echo ${OPAM_USER_PATH_RO} | sed 's|:| |g')
+ add_mounts ro $(echo "${OPAM_USER_PATH_RO}" | sed 's|:| |g')
fi
add_mounts rw "$OPAM_SWITCH_PREFIX"
add_mounts ro "$OPAM_SWITCH_PREFIX/.opam-switch"
diff --git a/src/state/shellscripts/sandbox_exec.sh b/src/state/shellscripts/sandbox_exec.sh
index 6019d78f562..decacd69929 100644
--- a/src/state/shellscripts/sandbox_exec.sh
+++ b/src/state/shellscripts/sandbox_exec.sh
@@ -15,41 +15,43 @@ add_mounts() {
fi
}
+# Even if TMPDIR is set, some applications uses /tmp directly
+add_mounts rw /tmp
+
if [ -z ${TMPDIR+x} ]; then
- # If $TMPDIR is not set, some applications use /tmp, so
- # /tmp must be made readable/writable
- add_mounts rw /tmp
- # However, others applications obtain the per-user temporary
+ # Others applications obtain the per-user temporary
# directory differently; the latter should be made readable/writable
# too and getconf seems to be a robust way to get it
if [ -z /usr/bin/getconf ]; then
- TMP=`getconf DARWIN_USER_TEMP_DIR`
- add_mounts rw $TMP
+ TMP=$(getconf DARWIN_USER_TEMP_DIR)
+ add_mounts rw "$TMP"
fi
else
- add_mounts rw $TMPDIR
+ add_mounts rw "$TMPDIR"
fi
# C compilers using `ccache` will write to a shared cache directory
# that remain writeable. ccache seems widespread in some Fedora systems.
add_ccache_mount() {
if command -v ccache > /dev/null; then
- CCACHE_DIR=$HOME/.ccache
ccache_dir_regex='cache_dir = (.*)$'
local IFS=$'\n'
- for f in $(ccache --print-config 2>/dev/null); do
+ for f in $(ccache -p 2>/dev/null); do
if [[ $f =~ $ccache_dir_regex ]]; then
- CCACHE_DIR=${BASH_REMATCH[1]}
+ ccache_dir=${BASH_REMATCH[1]}
+ break
fi
done
- add_mounts rw $CCACHE_DIR
+ CCACHE_DIR=${CCACHE_DIR-$HOME/.ccache}
+ ccache_dir=${ccache_dir-$CCACHE_DIR}
+ add_mounts rw "$ccache_dir"
fi
}
add_dune_cache_mount() {
DUNE_CACHE=${XDG_CACHE_HOME:-$HOME/.cache}/dune
- mkdir -p ${DUNE_CACHE}
- add_mounts rw $DUNE_CACHE
+ mkdir -p "${DUNE_CACHE}"
+ add_mounts rw "$DUNE_CACHE"
}
# This case-switch should remain identical between the different sandbox implems