Add --disable-sandbox and DisableSandbox

Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>

10 files changed, 47 insertions, 2 deletions

diff --git a/doc/pacman.8.asciidoc b/doc/pacman.8.asciidoc
index 345405d4..3ea1fef1 100644
--- a/doc/pacman.8.asciidoc
+++ b/doc/pacman.8.asciidoc
@@ -200,6 +200,10 @@ Options
 	beginning with `file://`.  Any paths or URLs passed as targets will not be
 	modified.  This allows mounted guest systems to be properly operated on.
 
+*\--disable-sandbox*::
+	Disable the default sandbox applied to the process downloading files on Linux
+	systems. Useful if experiencing landlock related failues while downloading
+	files when running a Linux kernel that does not support this feature.
 
 Transaction Options (apply to '-S', '-R' and '-U')
 --------------------------------------------------
diff --git a/doc/pacman.conf.5.asciidoc b/doc/pacman.conf.5.asciidoc
index 9c46ce6e..b462169b 100644
--- a/doc/pacman.conf.5.asciidoc
+++ b/doc/pacman.conf.5.asciidoc
@@ -211,6 +211,10 @@ Options
 	Specifies the user to switch to for downloading files. If this config
 	option is not set then the downloads are done as the user running pacman.
 
+*DisableSandbox*::
+	Disable the default sandbox applied to the process downloading files on Linux
+	systems. Useful if experiencing landlock related failues while downloading
+	files when running a Linux kernel that does not support this feature.
 
 Repository Sections
 -------------------
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index 43d45198..1759a9a2 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -2300,6 +2300,20 @@ int alpm_option_set_parallel_downloads(alpm_handle_t *handle, unsigned int num_s
 /* End of parallel_downloads accessors */
 /** @} */
 
+/** @name Accessors for sandbox
+ *
+ * By default, libalpm will sandbox the downloader process.
+ * @{
+ */
+
+/** Enables/disables the sandbox.
+ * @param handle the context handle
+ * @param disable_sandbox 0 for enabled, 1 for disabled
+ * @return 0 on success, -1 on error (pm_errno is set accordingly)
+ */
+int alpm_option_set_disable_sandbox(alpm_handle_t *handle, unsigned short disable_sandbox);
+/* End of disable_sandbox accessors */
+/** @} */
 
 /* End of libalpm_options */
 /** @} */
diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c
index 2d360f46..e2f919f6 100644
--- a/lib/libalpm/handle.c
+++ b/lib/libalpm/handle.c
@@ -951,3 +951,11 @@ int SYMEXPORT alpm_option_set_parallel_downloads(alpm_handle_t *handle,
 	handle->parallel_downloads = num_streams;
 	return 0;
 }
+
+int SYMEXPORT alpm_option_set_disable_sandbox(alpm_handle_t *handle,
+		unsigned short disable_sandbox)
+{
+	CHECK_HANDLE(handle, return -1);
+	handle->disable_sandbox = disable_sandbox;
+	return 0;
+}
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h
index 63efc3d0..37724344 100644
--- a/lib/libalpm/handle.h
+++ b/lib/libalpm/handle.h
@@ -65,6 +65,7 @@ struct _alpm_handle_t {
 #endif
 
 	unsigned short disable_dl_timeout;
+	unsigned short disable_sandbox;
 	unsigned int parallel_downloads; /* number of download streams */
 
 #ifdef HAVE_LIBGPGME
diff --git a/lib/libalpm/sandbox.c b/lib/libalpm/sandbox.c
index fd3b8c45..d8e01e44 100644
--- a/lib/libalpm/sandbox.c
+++ b/lib/libalpm/sandbox.c
@@ -36,7 +36,7 @@ int SYMEXPORT alpm_sandbox_setup_child(alpm_handle_t *handle, const char* sandbo
 	ASSERT(sandboxuser != NULL, return -1);
 	ASSERT(getuid() == 0, return -1);
 	ASSERT((pw = getpwnam(sandboxuser)), return -1);
-	if(sandbox_path != NULL) {
+	if(sandbox_path != NULL && !handle->disable_sandbox) {
 		_alpm_sandbox_fs_restrict_writes_to(handle, sandbox_path);
 	}
 	ASSERT(setgid(pw->pw_gid) == 0, return -1);
diff --git a/src/pacman/conf.c b/src/pacman/conf.c
index 9529aefc..d0966eea 100644
--- a/src/pacman/conf.c
+++ b/src/pacman/conf.c
@@ -629,6 +629,8 @@ static int _parse_options(const char *key, char *value,
 			config->noprogressbar = 1;
 		} else if(strcmp(key, "DisableDownloadTimeout") == 0) {
 			config->disable_dl_timeout = 1;
+		} else if(strcmp(key, "DisableSandbox") == 0) {
+			config->disable_sandbox = 1;
 		} else {
 			pm_printf(ALPM_LOG_WARNING,
 					_("config file %s, line %d: directive '%s' in section '%s' not recognized.\n"),
@@ -937,6 +939,7 @@ static int setup_libalpm(void)
 	alpm_option_set_checkspace(handle, config->checkspace);
 	alpm_option_set_usesyslog(handle, config->usesyslog);
 	alpm_option_set_sandboxuser(handle, config->sandboxuser);
+	alpm_option_set_disable_sandbox(handle, config->disable_sandbox);
 
 	alpm_option_set_ignorepkgs(handle, config->ignorepkg);
 	alpm_option_set_ignoregroups(handle, config->ignoregrp);
diff --git a/src/pacman/conf.h b/src/pacman/conf.h
index e9f17123..5bffd187 100644
--- a/src/pacman/conf.h
+++ b/src/pacman/conf.h
@@ -58,6 +58,7 @@ typedef struct __config_t {
 	unsigned short usesyslog;
 	unsigned short color;
 	unsigned short disable_dl_timeout;
+	unsigned short disable_sandbox;
 	char *print_format;
 	/* unfortunately, we have to keep track of paths both here and in the library
 	 * because they can come from both the command line or config file, and we
@@ -212,7 +213,8 @@ enum {
 	OP_DOWNLOADONLY,
 	OP_REFRESH,
 	OP_ASSUMEINSTALLED,
-	OP_DISABLEDLTIMEOUT
+	OP_DISABLEDLTIMEOUT,
+	OP_DISABLESANDBOX
 };
 
 /* clean method */
diff --git a/src/pacman/pacman-conf.c b/src/pacman/pacman-conf.c
index d73d6c4c..92e68003 100644
--- a/src/pacman/pacman-conf.c
+++ b/src/pacman/pacman-conf.c
@@ -280,6 +280,7 @@ static void dump_config(void)
 	show_bool("DisableDownloadTimeout", config->disable_dl_timeout);
 	show_bool("ILoveCandy", config->chomp);
 	show_bool("NoProgressBar", config->noprogressbar);
+	show_bool("DisableSandbox", config->disable_sandbox);
 
 	show_int("ParallelDownloads", config->parallel_downloads);
 
@@ -397,6 +398,8 @@ static int list_directives(void)
 			show_bool("ILoveCandy", config->chomp);
 		} else if(strcasecmp(i->data, "NoProgressBar") == 0) {
 			show_bool("NoProgressBar", config->noprogressbar);
+		} else if(strcasecmp(i->data, "DisableSandbox") == 0) {
+			show_bool("DisableSandbox", config->disable_sandbox);
 
 		} else if(strcasecmp(i->data, "ParallelDownloads") == 0) {
 			show_int("ParallelDownloads", config->parallel_downloads);
diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c
index 6b64ffc7..90d37b16 100644
--- a/src/pacman/pacman.c
+++ b/src/pacman/pacman.c
@@ -226,6 +226,8 @@ static void usage(int op, const char * const myname)
 		addlist(_("      --confirm        always ask for confirmation\n"));
 		addlist(_("      --disable-download-timeout\n"
 		          "                       use relaxed timeouts for download\n"));
+		addlist(_("      --disable-sandbox\n"
+		          "                       disable the sandbox used for the downloader process\n"));
 	}
 	list = alpm_list_msort(list, alpm_list_count(list), options_cmp);
 	for(i = list; i; i = alpm_list_next(i)) {
@@ -490,6 +492,9 @@ static int parsearg_global(int opt)
 		case OP_DISABLEDLTIMEOUT:
 			config->disable_dl_timeout = 1;
 			break;
+		case OP_DISABLESANDBOX:
+			config->disable_sandbox = 1;
+			break;
 		case OP_VERBOSE:
 		case 'v':
 			(config->verbose)++;
@@ -976,6 +981,7 @@ static int parseargs(int argc, char *argv[])
 		{"dbonly",     no_argument,       0, OP_DBONLY},
 		{"color",      required_argument, 0, OP_COLOR},
 		{"disable-download-timeout", no_argument, 0, OP_DISABLEDLTIMEOUT},
+		{"disable-sandbox", no_argument, 0, OP_DISABLESANDBOX},
 		{0, 0, 0, 0}
 	};