SLFO-pool/gswrap
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main gswrap revision 93cb9304d812e8caf649f6eb257e8228

Browse Source
This commit is contained in:
Adrian Schröter 2025-01-13 12:33:29 +01:00
commit 53adb87c4f
4 changed files with 558 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

373
gswrap Normal file
View File

@ -0,0 +1,373 @@
#!/bin/bash
#
# Copyright (c) 2019 SUSE GmbH Nuernberg, Germany.
# Copyright (c) 2021 SUSE Software Solutions Germany GmbH.
# Copyright (c) 2023 SUSE Software Solutions Germany GmbH.
# Copyright (c) 2019,2021,2023 Werner Fink
#
# Wrapper script for ghostscript based on bwrap, the container setup
# utility, which does use e.g. unshare(2) system call to create a
# safe container environment.
#
# Please report bugfixes or comments at https://www.suse.com/feedback/
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
#
ghostscript=@@GS@@
for prog in fuser realpath
do
type $prog >& /dev/null && continue
echo "GS: No $prog found in path" 1>&2
exit 1
done
user=nobody
home="/home/$user"
uid=$(id -u "$user")
gid=$(id -g "$user")
lock=$(mktemp "${TMPDIR:-/tmp}/.gswrap-XXXXXXXXXX") || exit 1
unlock ()
{
test -e "$lock" || return
fuser -TERM "$lock"
rm -f "$lock"
}
finish ()
{
# Used with trap to copy output files back to original cwd or directory
# to be able to hide the original cwd or directory from ghostscript process
local dir="$1"
local tmp="$2"
if test -d "$tmp"
then
for ps in "$tmp/"*
do
test -e "$ps" || continue
test -p "$ps" && continue
test -d "$dir" || continue
mv -f "$ps" "$dir"
done
rm -rf "$tmp"
fi
unlock
}
trap 'unlock' EXIT SIGINT SIGHUP
typeset -i safer=0
typeset pipecmd=""
typeset -i pipepos
typeset -a opts=()
typeset -i o=0
for lib in $(ldd $ghostscript | sed -rn 's|.*=>[[:blank:]]+||;s|[[:blank:]]*(/[^[:blank:]]+)[[:blank:]]+.*|\1|p')
do
opts[o++]=--ro-bind
opts[o++]="$lib"
opts[o++]="$lib"
done
arch=$(uname -i)
for dir in /lib/tls /lib64/tls /lib64/${arch} /usr/lib/ghostscript /usr/lib64/ghostscript /etc/ghostscript /lib64/glibc-hwcaps/${arch/_/[_-]}-v*
do
test -d "$dir" || continue
opts[o++]=--ro-bind
opts[o++]="$dir"
opts[o++]="$dir"
done
typeset -a argv=("$@")
typeset -i c=0 argc=${#argv[@]}
for ((c=0; c < argc; c++))
do
arg="${argv[c]}"
case "$arg" in
-dSAFER)
let safer++
;;
-o)
if ((c+1 >= argc))
then
echo "GS: found -o without argument" 1>&2
exit 1
else
unset argv[c]
argv[c+1]=-sOutputFile="${argv[c+1]}"
fi
;;
-sOutputFile=*)
case "${arg#-sOutputFile=}" in
%stdout%|%stderr%|%stdout|%stderr|-|"")
continue ;;
%pipe%*)
pipecmd="${arg#-sOutputFile=%pipe%}"
let pipepos=c
;;
esac
file="${arg#-sOutputFile=}"
dir="${file%/*}"
file="${file##*/}"
if test -n "$file"
then
if test -n "$dir" -a "$dir" = "/dev"
then
# Only /dev/null or /dev/zero allowed
if test "$file" != null -a "$file" != zero
then
echo "GS: only /dev/null or /dev/zero allowed" 1>&2
exit 1
fi
opts[o++]=--dir
opts[o++]="$home/out"
elif test -n "$dir" -a -d "$dir"
then
tmp=$(mktemp -d "$dir/.gswrap-XXXXXXXXXX") || exit 1
trap "finish '$dir' '$tmp'" EXIT SIGINT SIGHUP
opts[o++]=--bind
opts[o++]="${tmp+"$tmp"}"
opts[o++]="$home/out"
else
tmp=$(mktemp -d "$PWD/.gswrap-XXXXXXXXXX") || exit 1
trap "finish '$PWD' '$tmp'" EXIT SIGINT SIGHUP
opts[o++]=--bind
opts[o++]="${tmp+"$tmp"}"
opts[o++]="$home/out"
fi
fi
argv[c]="-sOutputFile=$home/out/${file}"
continue
;;
-sDEVICE=*)
case "${arg#-sDEVICE=}" in
x11*)
;;
*)
unset DISPLAY
;;
esac
continue
;;
@*)
opts[o++]=--ro-bind
opts[o++]="${arg#@}"
opts[o++]="$home/${arg#@}"
continue
;;
-*)
continue
;;
esac
test -e "$arg" || continue
if test "${arg##*/}" = "$arg"
then
opts[o++]=--ro-bind
opts[o++]="$arg"
opts[o++]="$home/$arg"
else
arg="$(realpath "$arg")" || exit 1
argv[c]="$arg"
test "$arg" != / || continue
test "$arg" != /home || continue
test "$arg" != $home || continue
opts[o++]=--ro-bind
opts[o++]="$arg"
opts[o++]="$arg"
fi
done
# If no -dSAFER then execute the orignal ghostscript program now
if ((safer == 0))
then
exec -a ${0} $ghostscript ${1+"$@"}
fi
if test -n "$pipecmd"
then
mkfifo -m 666 "${tmp}/fd"
fd="${tmp}/fd"
exec "$pipecmd" < $fd &
argv[pipepos]="-sOutputFile=$home/fifo"
opts[o++]=--bind
opts[o++]="$fd"
opts[o++]="$home/fifo"
fi
# User might have some own font configurations as well
if test -d /var/cache/fontconfig
then
opts[o++]=--ro-bind
opts[o++]="/var/cache/fontconfig"
opts[o++]="/var/cache/fontconfig"
fi
if test -s "$HOME/.fonts.conf"
then
opts[o++]=--ro-bind
opts[o++]="${HOME+"$HOME"}/.fonts.conf"
opts[o++]="$home/.fonts.conf"
fi
for dir in "$HOME/.fontconfig" "$HOME/.config/fontconfig" "$HOME/.cache/fontconfig"
do
test -d "$dir" || continue
opts[o++]=--ro-bind
opts[o++]="$dir"
opts[o++]="${home}${dir#$HOME}"
done
# Display
if test -n "$DISPLAY"
then
: ${XAUTHORITY:="$HOME/.Xauthority"}
for dir in /usr/lib/ghostscript /usr/lib64/ghostscript
do
test -d "$dir" || continue
for x11 in $dir/*/X11.so
do
test -e "$x11" || continue
for lib in $(ldd "$x11" | sed -rn 's|.*=>[[:blank:]]+||;s|[[:blank:]]*(/[^[:blank:]]+)[[:blank:]]+.*|\1|p')
do
case "${opts[@]}" in
*[:blank:]${lib}[:blank:]*) continue ;;
esac
opts[o++]=--ro-bind
opts[o++]="$lib"
opts[o++]="$lib"
done
done
done
# for x11 in /tmp/.X11-unix /tmp/.XIM-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/.X${DISPLAY##*:}-lock
for x11 in /tmp/.X11-unix
do
test -e "${x11}" || continue
opts[o++]=--ro-bind
opts[o++]="${x11}"
opts[o++]="${x11}"
done
opts[o++]=--ro-bind
opts[o++]="${XAUTHORITY+"$XAUTHORITY"}"
opts[o++]="$home/.Xauthority"
opts[o++]=--setenv
opts[o++]=XAUTHORITY
opts[o++]="$home/.Xauthority"
opts[o++]=--setenv
opts[o++]=DISPLAY
opts[o++]="${DISPLAY+"$DISPLAY"}"
if test -n "${DISPLAY%:*}"
then
# For display over e.g. local network as with slogin -X skip --unshare-net
# and allow hostname resolution via running nscd (that is nscd should be up)
opts[o++]=--ro-bind
opts[o++]="/var/run/nscd/socket"
opts[o++]="/var/run/nscd/socket"
opts[o++]=--unshare-user-try
opts[o++]=--unshare-ipc
opts[o++]=--unshare-pid
opts[o++]=--unshare-uts
opts[o++]=--unshare-cgroup-try
else
opts[o++]=--unshare-all
fi
for so in /tmp/.X11-unix/*
do
test -s $so && continue
# Abstract sockets only
opts[o++]=--share-net
done
if test -n "${WAYLAND_DISPLAY}"
then
opts[o++]=--ro-bind
opts[o++]="$XDG_RUNTIME_DIR/$WAYLAND_DISPLAY"
opts[o++]="/run/user/$uid/$WAYLAND_DISPLAY"
fi
if test -n "${GHOSTVIEW}"
then
opts[o++]=--setenv
opts[o++]=GHOSTVIEW
opts[o++]="{GHOSTVIEW+"$GHOSTVIEW"}"
fi
if test -n "${GHOSTVIEW_COLORS}"
then
opts[o++]=--setenv
opts[o++]=GHOSTVIEW_COLORS
opts[o++]="${GHOSTVIEW+"$GHOSTVIEW_COLORS"}"
fi
else
opts[o++]=--unshare-all
fi
if test -e /proc/$$/uid_map
then
opts[o++]=--uid
opts[o++]="$uid"
fi
if test -e /proc/$$/gid_map
then
opts[o++]=--gid
opts[o++]="$gid"
fi
# This is for debugging only
# add you binary like /bin/ls or /usr/bin/strace for further usage
# as replacement or prefix of ghostscript in the last line.
# Clearly the `false´ should then changed to `true´
if false
then
for bin in /usr/bin/strace /bin/ls
do
opts[o++]=--ro-bind
opts[o++]="$bin"
opts[o++]="$bin"
for lib in $(ldd "$bin" | sed -rn 's|.*=>[[:blank:]]+||;s|[[:blank:]]*(/[^[:blank:]]+)[[:blank:]]+.*|\1|p')
do
case "${opts[@]}" in
*[:blank:]${lib}[:blank:]*) continue ;;
esac
opts[o++]=--ro-bind
opts[o++]="$lib"
opts[o++]="$lib"
done
done
fi
unset o c argc arg
set -- "${argv[@]}"
set -euo pipefail
(exec -c -a gs /usr/bin/bwrap \
--dev /dev \
--proc /proc \
--tmpfs /run \
--tmpfs /tmp \
--dir /var \
--ro-bind /bin/false /bin/false \
--ro-bind $ghostscript /usr/bin/gs \
--ro-bind /usr/share/ghostscript /usr/share/ghostscript \
--ro-bind /usr/share/xml/fontconfig /usr/share/xml/fontconfig \
--ro-bind /usr/share/fontconfig /usr/share/fontconfig \
--ro-bind /usr/share/fonts /usr/share/fonts \
--ro-bind /var/cache/fontconfig /var/cache/fontconfig \
--ro-bind /etc/fonts /etc/fonts \
--ro-bind "$lock" /tmp/.lock \
--lock-file /tmp/.lock \
--dir "/run/user/$uid" \
--symlink ../run var/run \
--symlink ../tmp var/tmp \
--dir "$home" \
--chdir "$home" \
"${opts[@]}" \
--new-session \
--sync-fd 2 \
--setenv XDG_RUNTIME_DIR "/run/user/$uid" \
--setenv USER "$user" \
--setenv LOGNAME "$user" \
--setenv SHELL /bin/false \
--setenv HOME "$home" \
--setenv PATH /bin:/usr/bin \
--setenv MAIL /dev/null \
--die-with-parent \
/usr/bin/gs ${1+"$@"})
rm -f "$lock"

88
gswrap.changes Normal file
View File

@ -0,0 +1,88 @@
-------------------------------------------------------------------
Fri Feb 9 12:00:28 UTC 2024 - Dr. Werner Fink <werner@suse.de>
- Allow also abstract X11 socket
-------------------------------------------------------------------
Thu Sep 14 11:56:38 UTC 2023 - Dr. Werner Fink <werner@suse.de>
- Make it work even with different hwcaps versions
-------------------------------------------------------------------
Wed Dec 8 07:00:33 UTC 2021 - Dr. Werner Fink <werner@suse.de>
- Use this version for new package in SLE-12-SP5 (jsc#SLE-21704)
and SLE-15 (jsc#SLE-21705 and jsc#SLE-21706)
-------------------------------------------------------------------
Fri Nov 19 14:11:05 UTC 2021 - Dr. Werner Fink <werner@suse.de>
- Fix bugs introduced by last change
which was ad646933d3b9ec6d767842535414b4af1020c2f7 (boo#1191683)
-------------------------------------------------------------------
Fri Oct 15 10:34:50 UTC 2021 - Dr. Werner Fink <werner@suse.de>
- Quote all variable which might include space
-------------------------------------------------------------------
Fri Oct 15 09:20:56 UTC 2021 - Dr. Werner Fink <werner@suse.de>
- Allow spaces in path, file, and user names
as well as check if all used programs are found.
-------------------------------------------------------------------
Tue Oct 12 13:26:59 UTC 2021 - Dr. Werner Fink <werner@suse.de>
- Use TERM instead of KILL to let bwrap do its work
- Enable bwrap to execute its option --die-with-parent
-------------------------------------------------------------------
Mon Sep 20 07:40:46 UTC 2021 - Dr. Werner Fink <werner@suse.de>
- Map -o with its argument to -sOutputFile= (boo#1190614)
-------------------------------------------------------------------
Wed Oct 7 14:06:36 UTC 2020 - Dr. Werner Fink <werner@suse.de>
- Handle gv and gsview
-------------------------------------------------------------------
Wed May 20 15:29:06 UTC 2020 - Dr. Werner Fink <werner@suse.de>
- Allow option files as well
-------------------------------------------------------------------
Fri Jan 10 10:51:59 UTC 2020 - Dr. Werner Fink <werner@suse.de>
- Handle relative paths more gracefully
-------------------------------------------------------------------
Fri Jan 10 08:53:48 UTC 2020 - Dr. Werner Fink <werner@suse.de>
- Allow %stdout as well as %stdout% for -sOutputFile=
-------------------------------------------------------------------
Wed Aug 28 11:17:46 UTC 2019 - Dr. Werner Fink <werner@suse.de>
- Fix spelling of coreutils
-------------------------------------------------------------------
Mon Aug 26 22:04:24 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Fix grammar of description.
-------------------------------------------------------------------
Tue Aug 20 13:50:55 UTC 2019 - Dr. Werner Fink <werner@suse.de>
- Update upstream to https://github.com/bitstreamout/ghostscriptwrap
-------------------------------------------------------------------
Wed Aug 14 08:09:11 UTC 2019 - Dr. Werner Fink <werner@suse.de>
- Bind the temporary FIFO below home in container
-------------------------------------------------------------------
Tue Aug 13 10:25:59 UTC 2019 - Dr. Werner Fink <werner@suse.de>
- Initial package gswrap to wrap ghostscript within a container

74
gswrap.spec Normal file
View File

@ -0,0 +1,74 @@
#
# spec file for package gswrap
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: gswrap
Version: 0.1
Release: 0
Summary: The ghostscript container to wrap ghostscript within
License: LGPL-2.1-or-later
Group: Productivity/Security
URL: https://github.com/bitstreamout/ghostscriptwrap
Source0: gswrap
Requires: /usr/bin/gs.bin
Requires: bubblewrap
Requires: coreutils
Requires: sed
BuildRequires: sed
BuildRequires: update-alternatives
Requires(post): update-alternatives
Requires(preun):update-alternatives
BuildArch: noarch
%define debug_package %nil
%description
If the option -dSAFER is used with gswrap, this script uses bwrap
from the "bubblewrap" package to embbedd the final ghostscript
command within a minimal container. For this, a new, completely empty
filesystem namespace on a tmpfs is populated with the required
libraries and files to run the ghostscript command.
%prep
%setup -q -c -T
%build
sed -r '/ghostscript=@@GS@@/{s^@@GS@@^/usr/bin/gs.bin^}' < %{S:0} > gs.wrap
%install
install -d %buildroot%{_bindir}
install -d %buildroot%{_sysconfdir}/alternatives
install -m 755 gs.wrap %buildroot%{_bindir}/gs.wrap
ln -sf %{_bindir}/gs.wrap %{buildroot}%{_sysconfdir}/alternatives/gs
ln -sf %{_sysconfdir}/alternatives/gs %{buildroot}%{_bindir}/gs
%post
%{_sbindir}/update-alternatives \
--install %{_bindir}/gs gs %{_bindir}/gs.wrap 100
%preun
if test $1 -eq 0 ; then
%{_sbindir}/update-alternatives \
--remove gs %{_bindir}/gs.wrap
fi
%files
%defattr(-,root,root)
%_bindir/gs.wrap
%_bindir/gs
%ghost %config %{_sysconfdir}/alternatives/gs
%changelog